Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TFE agents logs sensitive data #125

Open
Nikhil-Pallavali opened this issue Dec 10, 2024 · 0 comments
Open

TFE agents logs sensitive data #125

Nikhil-Pallavali opened this issue Dec 10, 2024 · 0 comments

Comments

@Nikhil-Pallavali
Copy link

Nikhil-Pallavali commented Dec 10, 2024

Description

Sensitive data, specifically agent token values, are being logged in the Terraform agent logs with log level as INFO. This poses a security risk as these tokens can be exploited if accessed by unauthorized users.

Steps to Reproduce

  1. Run the Terraform scripts using the image hashicorp/tfc-agent:1.15.4 that include agent configurations with default log level of INFO.
  2. Check the logs generated by the Terraform agent.
  3. Observed that the agent token values are visible in the logs.
Screenshot 2024-12-05 at 11 03 03 AM

Expected Behavior

Agent token values should be masked or not logged at all to prevent exposure of sensitive information. As per the docs, INFO logs shouldn't contain any sensitive data.

Actual Behavior

Agent token values are currently visible in the logs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant