Hi everyone,
I have configured Consul as a backend for remote Terraform state file and everything works well , however, this is also keeping the partial information in local terraform.tfstate file under .terraform folder.
Even though local terraform.tfstate does not have any credentials, however, it contains the Consul access_token and remote state path which can be used to read credentials and other information from remote state file.
Is it working as designed , was it not supposed to not keeping any local sensitive data or may be I am doing something wrong ? At least consul access_token should have been hidden from local file.
Here is my Consul backend block :
backend “consul” {
address = “127.0.0.1:8500”
lock = true
gzip = false
datacenter = “dc1”
}
Thanks