We are configuring the genesyscloud_platform_org resource for a new tenant. The documentation suggests using the oauth_client_id and oauth_client_secret, but storing these directly in the Terraform state file poses a security risk. We have tried using environment variables, yet the sensitive values still appear in the raw state file output. Is there a recommended pattern for handling these credentials without exposing them in the state?