how to keep passwords out of terraform code file

I am creating an azure sql server in azure: I have a variables.tf file which currently has the admin password: variable “sql_server_admin_password” { description = “admin password” default = “xxxx” } I then reference that in the main file: resource “azurerm_sql_server” “main” { name = var.sql_server_name resource_group_name = azurerm_resource_group.main.name location = azurerm_resource_group.main.location version = “12.0”…

Microsoft AD – Negative OU= LDAP filter

I am trying to produce a LDAP Filter for MS AD which filters users based on some OUs (in my case excluding a specific OU but also including does not work): (&(cn=Testuser1)(|(ou:dn:=Included1)(ou:dn:=Included1))) (&(cn=Testuser1)(!(ou:dn:=Excluded))) does not work. I tested (ou:dn:=Included1) which lists the actual “folder” objects (marked with * below) but not the users below (with…

Should an admin enforce HTTPS inside kubernetes network, or just for outside traffic (via ingress)?

In a microservices scenario, each web-api container should serve itself through HTTPS or is it ok to internally work through HTTP and have all ingresses configured with certificates and redirecting to port 80 of the containers? I think the easiest approach is to protect only the outside traffic, because to configure an Asp.Net Core WebAPI…

Troubleshooting “traps: proces_name[pid] general protection” memory issue on Linux

I’m trying to troubleshoot a memory issue on one of my servers. Some time ago a daemon my company is developing crashed with segmentation errors. All would be somewhat fine, but seconds later other services (Nginx, postgress, syslog, ssh) also started crashing, also with segmentation errors. This looks to me like either environmental/HW issue or…