Secrets Management

Store and manage encrypted key-value secrets using the NetActuate Terraform provider v2. Secret lists provide a centralized way to manage sensitive configuration values for your infrastructure.

Repository

git clone https://github.com/netactuate/netactuate-terraform-secrets
cd netactuate-terraform-secrets

Secret List

Create a named secret list to organize related secrets:

resource "netactuate_secret_list" "app_config" {
  name = "app-production-secrets"
}

Secret Values

Add key-value pairs to the secret list:

resource "netactuate_secret_list_value" "db_password" {
  secret_list_id = netactuate_secret_list.app_config.id
  secret_key     = "DB_PASSWORD"
  secret_value   = var.db_password
}

resource "netactuate_secret_list_value" "api_token" {
  secret_list_id = netactuate_secret_list.app_config.id
  secret_key     = "API_TOKEN"
  secret_value   = var.api_token
}

Sensitive Value Handling

Secret values are marked as sensitive in Terraform state. Define your input variables with sensitive = true to prevent them from appearing in plan output:

variable "db_password" {
  type      = string
  sensitive = true
}

variable "api_token" {
  type      = string
  sensitive = true
}

Note: While Terraform marks these values as sensitive in output, they are still stored in the Terraform state file. Use a remote backend with encryption (such as S3 with server-side encryption) to protect your state file.

Need Help?

If you need assistance with secrets management, visit our support page.

Repository​

Secret List​

Secret Values​

Sensitive Value Handling​

Need Help?​

Repository

Secret List

Secret Values

Sensitive Value Handling

Need Help?