Skip to content

Commit 5eddfdd

Browse files
ammarioammario
committed
improve English
1 parent fab6fa9 commit 5eddfdd

File tree

1 file changed

+4
-4
lines changed

1 file changed

+4
-4
lines changed

docs/secrets.md

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -87,14 +87,14 @@ For most, this workflow is simply:
8787

8888
<a href="./templates#parameters">Template parameters</a> are a dangerous way to accept secrets.
8989
We show parameters in cleartext around the product. Assume anyone with view
90-
access to your workspace can also see parameters.
90+
access to a workspace can also see its parameters.
9191

9292
## Dynamic Secrets
9393

9494
Dynamic secrets are attached to the workspace lifecycle and require no setup by
9595
the end user.
9696

97-
They can be implemented in native Terraform like so:
97+
They can be implemented in your template code like so:
9898

9999
```hcl
100100
resource "twilio_iam_api_key" "api_key" {
@@ -105,7 +105,7 @@ resource "twilio_iam_api_key" "api_key" {
105105
resource "coder_agent" "dev" {
106106
# ...
107107
env = {
108-
# Let users access the secret via #TWILIO_API_SECRET
108+
# Let users access the secret via $TWILIO_API_SECRET
109109
TWILIO_API_SECRET = "${twilio_iam_api_key.api_key.secret}"
110110
}
111111
}
@@ -114,7 +114,7 @@ resource "coder_agent" "dev" {
114114
This method is limited to [services with Terraform providers](https://registry.terraform.io/browse/providers).
115115

116116
A catch-all variation of this approach is dynamically provisioning a cloud service account (e.g [GCP](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_service_account_key#private_key))
117-
for each workspace and then make the relevant secrets available via the cloud's secret management
117+
for each workspace and then making the relevant secrets available via the cloud's secret management
118118
system.
119119

120120
## Coder SSH Key

0 commit comments

Comments
 (0)