From 9781123a11fcd6871b5c2a8f9c34a56193c17cdc Mon Sep 17 00:00:00 2001 From: jpragyaj-svg Date: Fri, 20 Feb 2026 06:50:23 +0000 Subject: [PATCH] security concerns: adding password placeholders instead of a value, adding sensitive to variables, Signed-off-by: jpragyaj-svg --- aws/deploy_and_config/simple_lb/variables.tf | 1 + aws/deploy_and_config/simple_lb_across_az/variables.tf | 1 + aws/deployments/cloud_native/cic_deployment/variable.tf | 1 + aws/deployments/cloud_native/citrix_adc_variables.tf | 1 + aws/deployments/cloud_native/variables.tf | 2 ++ .../ha_across_az/for_external_apps/example.tfvars | 4 ++-- aws/deployments/ha_across_az/for_external_apps/variables.tf | 2 ++ .../ha_across_az/for_internal_apps/example.tfvars | 4 ++-- aws/deployments/ha_across_az/for_internal_apps/variables.tf | 2 ++ .../ha_across_az/ha_across_az_prerequisites/variables.tf | 1 + .../ha_same_az/ha_same_az_new_deployment/example.tfvars | 4 ++-- .../ha_same_az/ha_same_az_new_deployment/variables.tf | 2 ++ .../standalone_3nic_new_deployment/provider_variables.tf | 2 ++ .../standalone_3nic_prerequisites/provider_variables.tf | 2 ++ aws/modules/aws_citrixadc/variables.tf | 1 + azure/deploy_and_config/simple_lb/variables.tf | 1 + azure/deploy_and_config/simple_lb_ha/variables.tf | 1 + .../cloud_native/azure_internal_lb_nsip/variables.tf | 1 + .../deployments/cloud_native/azure_route_table/variable.tf | 1 + azure/deployments/cloud_native/variables.tf | 1 + azure/deployments/deploy_adm_agent/examples.tfvars | 2 +- azure/deployments/deploy_adm_agent/variables.tf | 1 + .../deploy_adm_agent_on_existing_vnet/variables.tf | 1 + azure/deployments/ha_availability_set/examples.tfvars | 4 ++-- azure/deployments/ha_availability_set/variables.tf | 2 ++ azure/deployments/ha_availability_zones/examples.tfvars | 4 ++-- azure/deployments/ha_availability_zones/variables.tf | 2 ++ azure/deployments/ha_inc_mode/examples.tfvars | 4 ++-- azure/deployments/ha_inc_mode/variables.tf | 1 + azure/deployments/provision_two_vpx/examples.tfvars | 4 ++-- azure/deployments/provision_two_vpx/variables.tf | 2 ++ .../deployments/standalone_3nic/sample_input_variables.txt | 2 +- azure/deployments/standalone_3nic/variables.tf | 1 + .../standalone_3nic_on_existing_vnet/examples.tfvars | 2 +- .../standalone_3nic_on_existing_vnet/variables.tf | 1 + esxi/deployments/ha_noninc/examples.tfvars | 6 +++--- esxi/deployments/provision_two_vpx/terraform.tfvars | 2 +- .../ha_pair_external_ip_additional_setup/variables.tf | 1 + .../ha_pair_private_ip_additional_setup/variables.tf | 1 + .../step1_configure_ha/example.tfvars | 2 +- 40 files changed, 58 insertions(+), 22 deletions(-) diff --git a/aws/deploy_and_config/simple_lb/variables.tf b/aws/deploy_and_config/simple_lb/variables.tf index a8eb9c1..f2ff677 100644 --- a/aws/deploy_and_config/simple_lb/variables.tf +++ b/aws/deploy_and_config/simple_lb/variables.tf @@ -40,6 +40,7 @@ variable "aws_access_key" { variable "aws_secret_key" { description = "The AWS secret key" + sensitive = true } # Citrix ADC Provider Configuration diff --git a/aws/deploy_and_config/simple_lb_across_az/variables.tf b/aws/deploy_and_config/simple_lb_across_az/variables.tf index 81e7d17..8bc7392 100644 --- a/aws/deploy_and_config/simple_lb_across_az/variables.tf +++ b/aws/deploy_and_config/simple_lb_across_az/variables.tf @@ -40,6 +40,7 @@ variable "aws_access_key" { variable "aws_secret_key" { description = "The AWS secret key" + sensitive = true } # Citrix ADC Provider Configuration diff --git a/aws/deployments/cloud_native/cic_deployment/variable.tf b/aws/deployments/cloud_native/cic_deployment/variable.tf index fecdf8d..25dbd4b 100644 --- a/aws/deployments/cloud_native/cic_deployment/variable.tf +++ b/aws/deployments/cloud_native/cic_deployment/variable.tf @@ -4,6 +4,7 @@ variable "adc_login_secret_name" { variable "new_password" { description = "Provide the New Password for Citrix ADC" + sensitive = true } variable "cic_config_snip" { diff --git a/aws/deployments/cloud_native/citrix_adc_variables.tf b/aws/deployments/cloud_native/citrix_adc_variables.tf index 658674c..9b5e43f 100644 --- a/aws/deployments/cloud_native/citrix_adc_variables.tf +++ b/aws/deployments/cloud_native/citrix_adc_variables.tf @@ -91,4 +91,5 @@ variable "reset_password" { variable "new_password" { description = "The new ADC password that will replace the default one on both ADC instances. Applicable only when reset_password variable is set to `true`" + sensitive = true } diff --git a/aws/deployments/cloud_native/variables.tf b/aws/deployments/cloud_native/variables.tf index e7419e6..3df0755 100644 --- a/aws/deployments/cloud_native/variables.tf +++ b/aws/deployments/cloud_native/variables.tf @@ -34,10 +34,12 @@ variable "aws_region" { variable "aws_access_key" { description = "The AWS access key" + sensitive = true } variable "aws_secret_key" { description = "The AWS secret key" + sensitive = true } variable "naming_prefix" { diff --git a/aws/deployments/ha_across_az/for_external_apps/example.tfvars b/aws/deployments/ha_across_az/for_external_apps/example.tfvars index a205a3a..a68a18f 100644 --- a/aws/deployments/ha_across_az/for_external_apps/example.tfvars +++ b/aws/deployments/ha_across_az/for_external_apps/example.tfvars @@ -11,8 +11,8 @@ new_keypair_required = true aws_ssh_keypair_name = "test-keypair-ap-southeast-1" # If the above `new_keypair_required` is `false`, then this keypair name should be existing in the `aws_region` ssh_public_key_filename = "~/.ssh/test.pub" citrixadc_management_access_cidr = "11.11.0.0/16" -citrixadc_management_password = "verystrongpassword" -citrixadc_rpc_node_password = "newrpcnodepassword" +citrixadc_management_password = "<>" +citrixadc_rpc_node_password = "<>" citrixadc_instance_type = "m5.xlarge" citrixadc_product_name = "Citrix ADC VPX - Customer Licensed" citrixadc_product_version = "13.1" diff --git a/aws/deployments/ha_across_az/for_external_apps/variables.tf b/aws/deployments/ha_across_az/for_external_apps/variables.tf index 60d18cc..1301923 100644 --- a/aws/deployments/ha_across_az/for_external_apps/variables.tf +++ b/aws/deployments/ha_across_az/for_external_apps/variables.tf @@ -63,10 +63,12 @@ variable "ssh_public_key_filename" { variable "citrixadc_management_password" { type = string description = "The new ADC password that will replace the default one on both ADC instances." + sensitive = true } variable "citrixadc_rpc_node_password" { type = string + sensitive = true description = "The new ADC RPC node password that will replace the default one on both ADC instances. [Learn More about RPCNode](https://docs.citrix.com/en-us/citrix-adc/current-release/getting-started-with-citrix-adc/change-rpc-node-password.html)" } diff --git a/aws/deployments/ha_across_az/for_internal_apps/example.tfvars b/aws/deployments/ha_across_az/for_internal_apps/example.tfvars index 2e7e543..67ae631 100644 --- a/aws/deployments/ha_across_az/for_internal_apps/example.tfvars +++ b/aws/deployments/ha_across_az/for_internal_apps/example.tfvars @@ -11,8 +11,8 @@ new_keypair_required = true aws_ssh_keypair_name = "test-keypair-ap-southeast-1" # If the above `new_keypair_required` is `false`, then this keypair name should be existing in the `aws_region` ssh_public_key_filename = "~/.ssh/test.pub" citrixadc_management_access_cidr = "11.11.0.0/16" -citrixadc_management_password = "verystrongpassword" -citrixadc_rpc_node_password = "newrpcnodepassword" +citrixadc_management_password = "<>" +citrixadc_rpc_node_password = "<>" citrixadc_instance_type = "m5.xlarge" citrixadc_product_name = "Citrix ADC VPX - Customer Licensed" citrixadc_product_version = "13.1" diff --git a/aws/deployments/ha_across_az/for_internal_apps/variables.tf b/aws/deployments/ha_across_az/for_internal_apps/variables.tf index 66475f5..61913fb 100644 --- a/aws/deployments/ha_across_az/for_internal_apps/variables.tf +++ b/aws/deployments/ha_across_az/for_internal_apps/variables.tf @@ -62,11 +62,13 @@ variable "ssh_public_key_filename" { variable "citrixadc_management_password" { type = string + sensitive = true description = "The new ADC password that will replace the default one on both ADC instances." } variable "citrixadc_rpc_node_password" { type = string + sensitive = true description = "The new ADC RPC node password that will replace the default one on both ADC instances. [Learn More about RPCNode](https://docs.citrix.com/en-us/citrix-adc/current-release/getting-started-with-citrix-adc/change-rpc-node-password.html)" } diff --git a/aws/deployments/ha_across_az/ha_across_az_prerequisites/variables.tf b/aws/deployments/ha_across_az/ha_across_az_prerequisites/variables.tf index 9015239..59076e5 100644 --- a/aws/deployments/ha_across_az/ha_across_az_prerequisites/variables.tf +++ b/aws/deployments/ha_across_az/ha_across_az_prerequisites/variables.tf @@ -43,4 +43,5 @@ variable "aws_access_key" { variable "aws_secret_key" { description = "The AWS secret key" + sensitive = true } diff --git a/aws/deployments/ha_same_az/ha_same_az_new_deployment/example.tfvars b/aws/deployments/ha_same_az/ha_same_az_new_deployment/example.tfvars index d1dc9fd..faf203d 100644 --- a/aws/deployments/ha_same_az/ha_same_az_new_deployment/example.tfvars +++ b/aws/deployments/ha_same_az/ha_same_az_new_deployment/example.tfvars @@ -10,8 +10,8 @@ new_keypair_required = true aws_ssh_keypair_name = "test-keypair-ap-southeast-1" # If the above `new_keypair_required` is `false`, then this keypair name should be existing in the `aws_region` ssh_public_key_filename = "~/.ssh/test.pub" citrixadc_management_access_cidr = "15.10.0.0/16" -citrixadc_management_password = "verystrongpassword" -citrixadc_rpc_node_password = "newrpcnodepassword" +citrixadc_management_password = "<>" +citrixadc_rpc_node_password = "<>" citrixadc_instance_type = "m5.xlarge" citrixadc_product_version = "13.1" citrixadc_product_name = "Citrix ADC VPX - Customer Licensed" diff --git a/aws/deployments/ha_same_az/ha_same_az_new_deployment/variables.tf b/aws/deployments/ha_same_az/ha_same_az_new_deployment/variables.tf index 177c417..06a46fd 100644 --- a/aws/deployments/ha_same_az/ha_same_az_new_deployment/variables.tf +++ b/aws/deployments/ha_same_az/ha_same_az_new_deployment/variables.tf @@ -56,11 +56,13 @@ variable "citrixadc_instance_type" { variable "citrixadc_management_password" { type = string + sensitive = true description = "The new ADC password that will replace the default one on both ADC instances." } variable "citrixadc_rpc_node_password" { type = string + sensitive = true description = "The new ADC RPC node password that will replace the default one on both ADC instances. [Learn More about RPCNode](https://docs.citrix.com/en-us/citrix-adc/current-release/getting-started-with-citrix-adc/change-rpc-node-password.html)" } diff --git a/aws/deployments/standalone_3nic/standalone_3nic_new_deployment/provider_variables.tf b/aws/deployments/standalone_3nic/standalone_3nic_new_deployment/provider_variables.tf index 7422e96..b22982e 100644 --- a/aws/deployments/standalone_3nic/standalone_3nic_new_deployment/provider_variables.tf +++ b/aws/deployments/standalone_3nic/standalone_3nic_new_deployment/provider_variables.tf @@ -38,8 +38,10 @@ variable "aws_availability_zone" { variable "aws_access_key" { description = "The AWS access key" + sensitive = true } variable "aws_secret_key" { description = "The AWS secret key" + sensitive = true } diff --git a/aws/deployments/standalone_3nic/standalone_3nic_prerequisites/provider_variables.tf b/aws/deployments/standalone_3nic/standalone_3nic_prerequisites/provider_variables.tf index 7422e96..b22982e 100644 --- a/aws/deployments/standalone_3nic/standalone_3nic_prerequisites/provider_variables.tf +++ b/aws/deployments/standalone_3nic/standalone_3nic_prerequisites/provider_variables.tf @@ -38,8 +38,10 @@ variable "aws_availability_zone" { variable "aws_access_key" { description = "The AWS access key" + sensitive = true } variable "aws_secret_key" { description = "The AWS secret key" + sensitive = true } diff --git a/aws/modules/aws_citrixadc/variables.tf b/aws/modules/aws_citrixadc/variables.tf index 3e86b5e..29a2cfb 100644 --- a/aws/modules/aws_citrixadc/variables.tf +++ b/aws/modules/aws_citrixadc/variables.tf @@ -35,6 +35,7 @@ variable "aws_access_key" { variable "aws_secret_key" { type = string + sensitive = true description = "The AWS secret key. This can also be given as the environment variable `TF_VAR_aws_secret_key`." } diff --git a/azure/deploy_and_config/simple_lb/variables.tf b/azure/deploy_and_config/simple_lb/variables.tf index 4dd0ea8..d0a5bc9 100644 --- a/azure/deploy_and_config/simple_lb/variables.tf +++ b/azure/deploy_and_config/simple_lb/variables.tf @@ -58,5 +58,6 @@ variable "adc_admin_username" { } variable "adc_admin_password" { + sensitive = true description = "Password for the Citrix ADC admin user. Must be sufficiently complex to pass azurerm provider checks." } diff --git a/azure/deploy_and_config/simple_lb_ha/variables.tf b/azure/deploy_and_config/simple_lb_ha/variables.tf index c75918b..6c58176 100644 --- a/azure/deploy_and_config/simple_lb_ha/variables.tf +++ b/azure/deploy_and_config/simple_lb_ha/variables.tf @@ -58,6 +58,7 @@ variable "adc_admin_username" { } variable "adc_admin_password" { + sensitive = true description = "Password for the Citrix ADC admin user. Must be sufficiently complex to pass azurerm provider checks." } diff --git a/azure/deployments/cloud_native/azure_internal_lb_nsip/variables.tf b/azure/deployments/cloud_native/azure_internal_lb_nsip/variables.tf index 813154c..afff8d6 100644 --- a/azure/deployments/cloud_native/azure_internal_lb_nsip/variables.tf +++ b/azure/deployments/cloud_native/azure_internal_lb_nsip/variables.tf @@ -29,6 +29,7 @@ variable "adc_admin_username" { } variable "adc_admin_password" { + sensitive = true description = "Password for the Citrix ADC admin user. Must be sufficiently complex to pass azurerm provider checks." } diff --git a/azure/deployments/cloud_native/azure_route_table/variable.tf b/azure/deployments/cloud_native/azure_route_table/variable.tf index 42f47a3..56fa368 100644 --- a/azure/deployments/cloud_native/azure_route_table/variable.tf +++ b/azure/deployments/cloud_native/azure_route_table/variable.tf @@ -63,6 +63,7 @@ variable "adc_admin_username" { } variable "adc_admin_password" { + sensitive = true description = "Password for the Citrix ADC admin user. Must be sufficiently complex to pass azurerm provider checks." } diff --git a/azure/deployments/cloud_native/variables.tf b/azure/deployments/cloud_native/variables.tf index 28c7c32..ecdde78 100644 --- a/azure/deployments/cloud_native/variables.tf +++ b/azure/deployments/cloud_native/variables.tf @@ -37,6 +37,7 @@ variable "adc_admin_username" { } variable "adc_admin_password" { + sensitive = true description = "Password for the Citrix ADC admin user. Must be sufficiently complex to pass azurerm provider checks." } diff --git a/azure/deployments/deploy_adm_agent/examples.tfvars b/azure/deployments/deploy_adm_agent/examples.tfvars index 9cb8e4e..0658e2b 100644 --- a/azure/deployments/deploy_adm_agent/examples.tfvars +++ b/azure/deployments/deploy_adm_agent/examples.tfvars @@ -16,7 +16,7 @@ adm_agent_version_offer = "netscaler-ma-service-agent" # Don't use `nsroot` or `admin` as the username adm_agent_admin_username = "agent" -adm_agent_admin_password = "Verysecret@123" +adm_agent_admin_password = "<>" admin_ip_address = "10.10.10.10" # This ip address will have SSH permission to Manage ADM Agent diff --git a/azure/deployments/deploy_adm_agent/variables.tf b/azure/deployments/deploy_adm_agent/variables.tf index 8ee4639..5db8a49 100644 --- a/azure/deployments/deploy_adm_agent/variables.tf +++ b/azure/deployments/deploy_adm_agent/variables.tf @@ -41,6 +41,7 @@ variable "adm_agent_admin_username" { default = "agent" } variable "adm_agent_admin_password" { + sensitive = true description = "Password for the Citrix ADC admin user. Must be sufficiently complex to pass azurerm provider checks." } variable "admin_ip_address" { diff --git a/azure/deployments/deploy_adm_agent_on_existing_vnet/variables.tf b/azure/deployments/deploy_adm_agent_on_existing_vnet/variables.tf index 4df37f5..ee8e1ca 100644 --- a/azure/deployments/deploy_adm_agent_on_existing_vnet/variables.tf +++ b/azure/deployments/deploy_adm_agent_on_existing_vnet/variables.tf @@ -34,6 +34,7 @@ variable "adm_agent_admin_username" { default = "agent" } variable "adm_agent_admin_password" { + sensitive = true description = "Password for the Citrix ADC admin user. Must be sufficiently complex to pass azurerm provider checks." } variable "admin_ip_address" { diff --git a/azure/deployments/ha_availability_set/examples.tfvars b/azure/deployments/ha_availability_set/examples.tfvars index a73ed2b..07795db 100644 --- a/azure/deployments/ha_availability_set/examples.tfvars +++ b/azure/deployments/ha_availability_set/examples.tfvars @@ -4,7 +4,7 @@ management_subnet_address_prefix = "10.0.1.0/24" client_subnet_address_prefix = "10.0.2.0/24" server_subnet_address_prefix = "10.0.3.0/24" -citrixadc_rpc_node_password = "Secret@12345" -adc_admin_password = "Verysecret@123" +citrixadc_rpc_node_password = "<>" +adc_admin_password = "<>" controlling_subnet = "10.1.0.0/16" \ No newline at end of file diff --git a/azure/deployments/ha_availability_set/variables.tf b/azure/deployments/ha_availability_set/variables.tf index 9e28a7e..5c96a22 100644 --- a/azure/deployments/ha_availability_set/variables.tf +++ b/azure/deployments/ha_availability_set/variables.tf @@ -29,9 +29,11 @@ variable "adc_admin_username" { } variable "adc_admin_password" { + sensitive = true description = "Password for the Citrix ADC admin user. Must be sufficiently complex to pass azurerm provider checks." } variable "citrixadc_rpc_node_password" { + sensitive = true description = "The new ADC RPC node password that will replace the default one on both ADC instances. [Learn More about RPCNode](https://docs.citrix.com/en-us/citrix-adc/current-release/getting-started-with-citrix-adc/change-rpc-node-password.html)" } diff --git a/azure/deployments/ha_availability_zones/examples.tfvars b/azure/deployments/ha_availability_zones/examples.tfvars index d3f32bd..a975dc6 100644 --- a/azure/deployments/ha_availability_zones/examples.tfvars +++ b/azure/deployments/ha_availability_zones/examples.tfvars @@ -4,7 +4,7 @@ client_subnet_address_prefix = "10.0.2.0/24" server_subnet_address_prefix = "10.0.3.0/24" location = "centralindia" -citrixadc_rpc_node_password = "Secret@12345" -adc_admin_password = "Verysecret@123" +citrixadc_rpc_node_password = "<>" +adc_admin_password = "<>" controlling_subnet = "10.10.10.0/24" \ No newline at end of file diff --git a/azure/deployments/ha_availability_zones/variables.tf b/azure/deployments/ha_availability_zones/variables.tf index 233706f..4338992 100644 --- a/azure/deployments/ha_availability_zones/variables.tf +++ b/azure/deployments/ha_availability_zones/variables.tf @@ -29,9 +29,11 @@ variable "adc_admin_username" { } variable "adc_admin_password" { + sensitive = true description = "Password for the Citrix ADC admin user. Must be sufficiently complex to pass azurerm provider checks." } variable "citrixadc_rpc_node_password" { + sensitive = true description = "The new ADC RPC node password that will replace the default one on both ADC instances. [Learn More about RPCNode](https://docs.citrix.com/en-us/citrix-adc/current-release/getting-started-with-citrix-adc/change-rpc-node-password.html)" } diff --git a/azure/deployments/ha_inc_mode/examples.tfvars b/azure/deployments/ha_inc_mode/examples.tfvars index a6e06de..949ab6d 100644 --- a/azure/deployments/ha_inc_mode/examples.tfvars +++ b/azure/deployments/ha_inc_mode/examples.tfvars @@ -1,5 +1,5 @@ management_subnet_address_prefix = "10.0.1.0/24" client_subnet_address_prefix = "10.0.2.0/24" -citrixadc_rpc_node_password = "Secret@12345" -adc_admin_password = "Verysecret@123" \ No newline at end of file +citrixadc_rpc_node_password = "<>" +adc_admin_password = "<>" \ No newline at end of file diff --git a/azure/deployments/ha_inc_mode/variables.tf b/azure/deployments/ha_inc_mode/variables.tf index 8331ada..d0bada2 100644 --- a/azure/deployments/ha_inc_mode/variables.tf +++ b/azure/deployments/ha_inc_mode/variables.tf @@ -3,6 +3,7 @@ variable "adc_admin_username" { default = "nsroot" } variable "adc_admin_password" { + sensitive = true description = "Password for the Citrix ADC admin user. Must be sufficiently complex to pass azurerm provider checks." } variable "management_subnet_address_prefix" { diff --git a/azure/deployments/provision_two_vpx/examples.tfvars b/azure/deployments/provision_two_vpx/examples.tfvars index ae8f2c2..90ae07e 100644 --- a/azure/deployments/provision_two_vpx/examples.tfvars +++ b/azure/deployments/provision_two_vpx/examples.tfvars @@ -4,7 +4,7 @@ management_subnet_address_prefix = "10.0.1.0/24" client_subnet_address_prefix = "10.0.2.0/24" server_subnet_address_prefix = "10.0.3.0/24" -citrixadc_rpc_node_password = "Secret@12345" -adc_admin_password = "Verysecret@123" +citrixadc_rpc_node_password = "<>" +adc_admin_password = "<>" controlling_subnet = "10.1.0.0/16" \ No newline at end of file diff --git a/azure/deployments/provision_two_vpx/variables.tf b/azure/deployments/provision_two_vpx/variables.tf index 9e28a7e..5c96a22 100644 --- a/azure/deployments/provision_two_vpx/variables.tf +++ b/azure/deployments/provision_two_vpx/variables.tf @@ -29,9 +29,11 @@ variable "adc_admin_username" { } variable "adc_admin_password" { + sensitive = true description = "Password for the Citrix ADC admin user. Must be sufficiently complex to pass azurerm provider checks." } variable "citrixadc_rpc_node_password" { + sensitive = true description = "The new ADC RPC node password that will replace the default one on both ADC instances. [Learn More about RPCNode](https://docs.citrix.com/en-us/citrix-adc/current-release/getting-started-with-citrix-adc/change-rpc-node-password.html)" } diff --git a/azure/deployments/standalone_3nic/sample_input_variables.txt b/azure/deployments/standalone_3nic/sample_input_variables.txt index ccd31f8..c70b9b5 100644 --- a/azure/deployments/standalone_3nic/sample_input_variables.txt +++ b/azure/deployments/standalone_3nic/sample_input_variables.txt @@ -8,5 +8,5 @@ management_subnet_address_prefix = "10.22.1.0/24" client_subnet_address_prefix = "10.22.2.0/24" server_subnet_address_prefix = "10.22.3.0/24" -adc_admin_password = "VerySecret1234" +adc_admin_password = "<>" controlling_subnet = "1.2.3.4/32" diff --git a/azure/deployments/standalone_3nic/variables.tf b/azure/deployments/standalone_3nic/variables.tf index d81ca6e..d34e879 100644 --- a/azure/deployments/standalone_3nic/variables.tf +++ b/azure/deployments/standalone_3nic/variables.tf @@ -29,6 +29,7 @@ variable "adc_admin_username" { } variable "adc_admin_password" { + sensitive = true description = "Password for the Citrix ADC admin user. Must be sufficiently complex to pass azurerm provider checks." } diff --git a/azure/deployments/standalone_3nic_on_existing_vnet/examples.tfvars b/azure/deployments/standalone_3nic_on_existing_vnet/examples.tfvars index d699734..82d5288 100644 --- a/azure/deployments/standalone_3nic_on_existing_vnet/examples.tfvars +++ b/azure/deployments/standalone_3nic_on_existing_vnet/examples.tfvars @@ -7,4 +7,4 @@ server_subnet_name = "terraform-server-subnet" location = "Central India" controlling_subnet = "1.2.3.4/32" -adc_admin_password = "VerySecret1234" \ No newline at end of file +adc_admin_password = "<>" \ No newline at end of file diff --git a/azure/deployments/standalone_3nic_on_existing_vnet/variables.tf b/azure/deployments/standalone_3nic_on_existing_vnet/variables.tf index e03841f..3f4350c 100644 --- a/azure/deployments/standalone_3nic_on_existing_vnet/variables.tf +++ b/azure/deployments/standalone_3nic_on_existing_vnet/variables.tf @@ -41,5 +41,6 @@ variable "adc_admin_username" { default = "nsroot" } variable "adc_admin_password" { + sensitive = true description = "Password for the Citrix ADC admin user. Must be sufficiently complex to pass azurerm provider checks." } \ No newline at end of file diff --git a/esxi/deployments/ha_noninc/examples.tfvars b/esxi/deployments/ha_noninc/examples.tfvars index 14eb155..dad5d7c 100644 --- a/esxi/deployments/ha_noninc/examples.tfvars +++ b/esxi/deployments/ha_noninc/examples.tfvars @@ -1,10 +1,10 @@ # NetScaler admin credentials # These should match the credentials that you want to set. -adc_admin_password = "" +adc_admin_password = "<>" #NetScaler Default password -adc_default_password = "" +adc_default_password = "<>" # RPC node password for secure HA communication # This will be set on both NetScaler nodes for secure HA synchronization -citrixadc_rpc_node_password = "" +citrixadc_rpc_node_password = "<>" diff --git a/esxi/deployments/provision_two_vpx/terraform.tfvars b/esxi/deployments/provision_two_vpx/terraform.tfvars index 4ca9ec7..77e1a12 100644 --- a/esxi/deployments/provision_two_vpx/terraform.tfvars +++ b/esxi/deployments/provision_two_vpx/terraform.tfvars @@ -14,7 +14,7 @@ subnetmask = "255.255.255.0" # vSphere/ESXi configuration vsphere_ip = "10.106.195.4" vsphere_username = "root" -vsphere_password = "Freebsd123$%^" +vsphere_password = "<>" # ESXi resource details # For standalone ESXi, these are typically the default values diff --git a/gcp/deployments/ha_pair_external_ip_additional_setup/variables.tf b/gcp/deployments/ha_pair_external_ip_additional_setup/variables.tf index e7c1790..05f7ef1 100644 --- a/gcp/deployments/ha_pair_external_ip_additional_setup/variables.tf +++ b/gcp/deployments/ha_pair_external_ip_additional_setup/variables.tf @@ -44,6 +44,7 @@ variable "secondary_snip_netmask" { variable "password" { description = "Password for the HA pair" + sensitive = true } variable "ipset_name" { diff --git a/gcp/deployments/ha_pair_private_ip_additional_setup/variables.tf b/gcp/deployments/ha_pair_private_ip_additional_setup/variables.tf index 781d9b9..1c3592a 100644 --- a/gcp/deployments/ha_pair_private_ip_additional_setup/variables.tf +++ b/gcp/deployments/ha_pair_private_ip_additional_setup/variables.tf @@ -35,6 +35,7 @@ variable "secondary_snip_netmask" { variable "password" { description = "Password for the HA pair" + sensitive = true } variable "backend_service_address" { diff --git a/on_prem/configure_on_prem_netscaler_adcs_in_high_availability/step1_configure_ha/example.tfvars b/on_prem/configure_on_prem_netscaler_adcs_in_high_availability/step1_configure_ha/example.tfvars index 0813876..ca0435c 100644 --- a/on_prem/configure_on_prem_netscaler_adcs_in_high_availability/step1_configure_ha/example.tfvars +++ b/on_prem/configure_on_prem_netscaler_adcs_in_high_availability/step1_configure_ha/example.tfvars @@ -1,4 +1,4 @@ netscaler1_nsip = "10.10.10.1" netscaler2_nsip = "10.10.10.2" -rpc_node_password = "verysecretrpcnodepassword" \ No newline at end of file +rpc_node_password = "<>" \ No newline at end of file