What are folks here using to automate the secrets ...
# general
v
What are folks here using to automate the secrets provisioning into AWS SSM when Terraform S3 backend for state files is not an option for compliance reasons?
p
I would try to work with your compliance team to find an acceptable permissions strategy for the secrets. You can create IAM roles for your engineers to prevent access to the buckets, only allowing administrators access. Thus should be acceptable for SOC 2 and ISO 27001 purposes
v
It doesnt work for them
They dont want to hear about state in S3 at all