Question 1

How do I use terrahelp to mask sensitive data in terraform apply output?

Accepted Answer

Pipe the terraform apply output into the terrahelp mask command. For example, 'terraform apply | terrahelp mask' will replace sensitive values with asterisks. More examples are in the project's examples directory.

Question 2

Terrahelp vs using Terraform's sensitive variables?

Accepted Answer

Terrahelp provides encryption and masking for state files and command outputs, while Terraform's sensitive variables only hide values in the UI. Terrahelp is better for securing persisted data like .tfstate files.

Question 3

Can terrahelp encrypt terraform state with AWS KMS?

Accepted Answer

Terrahelp currently supports simple encryption or HashiCorp Vault providers. There's no built-in support for AWS KMS, so you'd need to integrate it through Vault or use a custom provider if possible.

Question 4

How to install terrahelp on Ubuntu?

Accepted Answer

Download the pre-built Linux binary from the releases page, set execute permissions with 'chmod +x terrahelp', and add it to your PATH. Alternatively, use the AUR package for Arch-based systems.

Question 5

Does terrahelp work with terraform cloud?

Accepted Answer

Terrahelp is a CLI tool that can be integrated into CI/CD pipelines, but it's not directly supported by Terraform Cloud. You may need to manually incorporate it into build steps.

Question 6

What encryption algorithms does terrahelp use?

Accepted Answer

The README doesn't specify algorithms; it depends on the configured provider. For simple encryption, it uses Go's standard cryptography, while Vault uses its own encryption methods.

terrahelp

What is terrahelp?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions