Looking for a "best-practices" kind of answer when it comes to storing private SSH keys.
Scenario: VMs are deployed to the cloud using Terraform, they use a single public key. Now the corresponding private key needs to be stored somewhere - where should it be kept? Cloud key management service (like Azure Key Vault, Hashicorp Vault)? It would be used for Ansible.
Should these private keys be added to the Vault using terraform or should it be done manually (to avoid listing them in .tfstate files)?