From a03af7809ce5f44fd07d8d5f6aae2b4d7ab42c55 Mon Sep 17 00:00:00 2001 From: Mitchell Hashimoto Date: Fri, 25 Jul 2014 21:42:06 -0700 Subject: [PATCH] website: warning that plan files are insecure --- website/source/docs/commands/plan.html.markdown | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/website/source/docs/commands/plan.html.markdown b/website/source/docs/commands/plan.html.markdown index a515e129e..1435d97c3 100644 --- a/website/source/docs/commands/plan.html.markdown +++ b/website/source/docs/commands/plan.html.markdown @@ -25,7 +25,10 @@ The command-line flags are all optional. The list of available flags are: * `-no-color` - Disables output with coloring. -* `-out=path` - The path to save the generated execution plan. +* `-out=path` - The path to save the generated execution plan. This plan + can then be used with `terraform apply` to be certain that only the + changes shown in this plan are applied. Read the warning on saved + plans below. * `-refresh=true` - Update the state prior to checking for differences. @@ -38,3 +41,15 @@ The command-line flags are all optional. The list of available flags are: a file. If "terraform.tfvars" is present, it will be automatically loaded if this flag is not specified. +## Security Warning + +Saved plan files (with the `-out` flag) encode the configuration, +state, diff, and _variables_. Variables are often used to store secrets. +Therefore, the plan file can potentially store secrets. + +Terraform itself does not encrypt the plan file. It is highly +recommended to encrypt the plan file if you intend to transfer it +or keep it at rest for an extended priod of time. + +Future versions of Terraform will make plan files more +secure.