The release's major highlight is the introduction of end-to-end state encryption, ensuring that a state file remains shielded from unauthorized access across any storage backend.
You can secure encryption passphrases through environment variables or opt for robust key management systems such as AWS Key Management Service (KMS), GCP KMS, or OpenBao, the open-source Vault fork.
OpenTofu-exclusive feature lets providers dynamically create custom functions based on user configurations, fostering a seamless integration of other resources within the infrastructure.
[
add
]
[
|
|
...
]