This repository has been archived by the owner on Dec 15, 2022. It is now read-only.
Sensitive data leaks at status.atProvider and the "tf.crossplane.io/state" annotation
#65
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
What happened?
When testing provider-tf-azure's
KubernetesClusterMR, we have observed that provisioned cluster's credentials, e.g. KubeConfig, are available in the Teffaform state as regular fields. An example is:{ "version": 4, "terraform_version": "1.0.5", "serial": 3, "lineage": "365fcd38-09a3-e30a-cb02-df3117306af0", "outputs": {}, "resources": [ { "mode": "managed", "type": "azurerm_kubernetes_cluster", "name": "example", "provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]", "instances": [ { "schema_version": 0, "attributes": { ... "kube_config": [ { "client_certificate":Because these attributes are resource dependent, we need to be able to treat them as credentials in a resource specific manner. It looks like in the Terraform provider resource schema, such fields are marked as
sensitive, like kube_config_raw, or kube_config.password.Those fields that are marked as
sensitiveare also good candidates for being part of the connection secrets.How can we reproduce it?
Provisioning a
KubernetesClusterusing https://github.com/crossplane-contrib/provider-tf-azure/blob/258830e0bc0627f2749bcd7e285e3c831849a04a/examples/kubernetes/kubernetescluster.yaml reveals the issue.The text was updated successfully, but these errors were encountered: