This PR is currently in draft as an ephemeral random password is not particularly useful until managed resources are updated to allow interaction with ephemeral data (via write-only attributes, earliest that will be available is Terraform v1.11.0)
This PR introduces a new random_password ephemeral resource which is functionally similar to the managed resource, minus the keepers and id attributes. Once write-only attribute are introduced in Terraform v1.11, this resource can be used to generate a random password while avoiding storing that password in state.
Notes
keepers are not relevant because ephemeral resources do not produce a plan and are never stored in state. Triggers for producing an ephemeral password will eventually be the responsibility of the module author.
id is not relevant because the new testing framework doesn't require this information and the practitioner doesn't benefit from the duplication with result.
Remaining TODOs on this PR
Changelogs
Update documentation + examples to indicate a sample use-case (i.e. generate random password, pass to AWS DB instance write-only attribute)
Remove --tf-version 1.10-beta1 flag from doc generator once Terraform 1.10 is GA
This PR introduces a new
random_passwordephemeral resource which is functionally similar to the managed resource, minus thekeepersandidattributes. Once write-only attribute are introduced in Terraformv1.11, this resource can be used to generate a random password while avoiding storing that password in state.Notes
keepersare not relevant because ephemeral resources do not produce a plan and are never stored in state. Triggers for producing an ephemeral password will eventually be the responsibility of the module author.idis not relevant because the newtestingframework doesn't require this information and the practitioner doesn't benefit from the duplication withresult.Remaining TODOs on this PR
--tf-version 1.10-beta1flag from doc generator once Terraform 1.10 is GA