We already know the current workaround for having conditional resources in Terraform, we use the count attribute. resource "null_resource" "foo" { count = var.is_enabled ? 1 : 0 } There’s sadly no other way of doing this with Terraform at the moment, but there are some instances where you’ll need the resource but not part of it. Let’s say you have an IAM assume role policy that you need to create only if you pass a certain principal (maybe you don’t always create the resource the principal points to, the role creation will fail)
How to keep your environment variables safe
Benefits of using the Keychain macOS has this thing called the Keychain and iCloud Keychain (the only difference between them is that one syncs with your iCloud account and the other doesn’t), the Keychain is secure by design, your computer has to be unlocked and it’s encrypted using device-based encryption, it also asks you for administrator and Keychain password when reading from it. We are going to leverage the security of the Keychain to store our sensitive environment variables to keep them safe at rest and from remote attacks (mostly).