Transfer of sensitive data in terraform files over the network

Hello,I very recently started using open source version of terraform and currently exploring the various modes of securing my terraform infrastructure.

I failed to find information on transfer of sensitive data in terraform files over the network.

for ex. if the endpoint is vcenter and I am using vsphere provider, are the login credentials sent in plain text to vcenter server or does terraform encrypt them ?

or say, the passwords defined to connect to a database, how is it sent to the database over the network ?

Appreciate the guidance offered on this forum.

Thank you.

If your vCenter is using TLS and Terraform is configured to use that any credentials would be protected during transit. The same would be true if your database is using TLS with Terraform configured to use it.

If you configure Terraform to communicate with anything using plain HTTP or similar non encrypted protocol you would have no protection of passwords over the network.

This is not specific to Terraform. It is good practice to use TLS (e.g. https:// URLs) wherever possible to ensure data going over the network is protected.