You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
There is currently no way to properly use and store a secret securly while using the fivetran terraform provider. You have the next options currently as far as I know:
Store secret in code. This is obviously bad as the code will be stored in git/code as plain text.
Store secret as environment variable. This is already better than the previous option, but the secret is then still stored as plain text in the state. Which means everyone that has access to the state can see the secret.
Describe the solution you'd like
It would be interesting that Fivetran creates a new resource. This resource would be based (as inspiration) on GCP Secret Manager and AWS Secret Manager. E.g.
resource "fivetran_secret" "secret" {
id = "fivetran_secret"
}
resource "fivetran_connector" "connector" {
group_id = XXX
service = "oracle_hva"
....
config {
user = "test_user"
....
password = fivetran_secret.secret.id
}
}
The resource fivetran_secret would then make it possible to store a secret in Fivetran SAAS. The user can then manually fill in the secret via the fivetran UI, which makes sure it is securly stored (like now with the connector via the UI). Only e.g. admins would then have access to the secret. fivetran_connector would then store the fivetran_secret.secret.id in state and would fetch at run time the secret so that it is still stored securly.
Describe the use-cases if possible
Savely store secrets by using the fivetran provider.
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
There is currently no way to properly use and store a secret securly while using the fivetran terraform provider. You have the next options currently as far as I know:
Describe the solution you'd like
It would be interesting that Fivetran creates a new resource. This resource would be based (as inspiration) on GCP Secret Manager and AWS Secret Manager. E.g.
The resource fivetran_secret would then make it possible to store a secret in Fivetran SAAS. The user can then manually fill in the secret via the fivetran UI, which makes sure it is securly stored (like now with the connector via the UI). Only e.g. admins would then have access to the secret. fivetran_connector would then store the fivetran_secret.secret.id in state and would fetch at run time the secret so that it is still stored securly.
Describe the use-cases if possible
Savely store secrets by using the fivetran provider.
The text was updated successfully, but these errors were encountered: