Secure remote state sharing

When sharing information about resources created by Terraform, between different teams, the terraform_remote_state data source is a great way to do it. It is explicit in referring to a specific output, whereas using data sources to find the right resources is less explicit.

Exposing the state file to other teams in the organization, in order for Terraform to query the outputs from it, means I have to provide access to the entire state file if I am not mistaken. I am aware that Terraform will only handle the outputs, but technically a user with credentials to the remote state store could read the full file contents.

In stead of sharing information about resources directly through the state file, one could also opt for using some external data store, but it is more cumbersome to implement this and might not always be able to hold complex data structures or requires encode/decode to JSON etc.

It seems to me, splitting (or duplicating) outputs from the state file to an explicit output file, would provide the benefit to be able to limit the scope of file access between said teams. I am curious to understand how other people are dealing with this issue, or whether it is considered a non-issue? Or perhaps if there is wider support from the field to have a feature like splitting out or duplicating the outputs to a separate file.