maksimu
commented
1 month ago Thank you for bringing this to our attention. We will be releasing new version soon with this error message being redacted.
Open Theragus opened 1 month ago
maksimu
commented
1 month ago Thank you for bringing this to our attention. We will be releasing new version soon with this error message being redacted.
We tried to set up Keeper Secrets Manager terraform provider within Terraform Cloud (HCP Terraform). We first tried it with a One-Time Token which did not work until we realized we had to use the config file offered by Keeper Secrets Manager. During the tests with the One-Time Token the provider discloses the sensitive value stored in the env variable during plan errors and in logs. (Output token redacted)
The provider should not disclose this information and should only tell that the value is wrong and maybe some additionol documentation.