Protection of sensitive data

Care must be taken with sensitive data in the Terraform code, such as passwords and accesses permissions. We have already seen that, for access authentication to Azure, it is not necessary to leave them in the code. Also, in our example concerning the administrator account of the VM, we can notice that the password of the admin account of the virtual machine is specified clearly in this Terraform code. To remedy this, we can use a strong password chest to store passwords, such as Azure Key Vault or HashiCorp Vault, and recover them via Terraform.