Add functions for sha384

[pascal-hofmann]

Current Terraform Version

v0.12.25

Use-cases

A service that I want to provision on an EC2 instance expects secret tokens stored as sha384 hashes. I need a way to generate this sha384 hash in terraform, as the plain token should not be available to the EC2 instance.

Attempted Solutions

I know there are functions for md5, sha1, sha256 and sha512. Unfortunately the counterpart(s) for sha384 do(es) not exist.

Proposal

I propose to add functions for sha384 similar to the existing sha256/sha512 functions.

I just need sha384 in my use-case, but think that it makes sense to add

• base64sha384
• filebase64sha384
• filesha384

too.

Existing, similar functions:

• base64sha256, base64sha256
• filebase64sha512, filebase64sha512
• filesha256, filesha512

I understand that you are hesitant to add new functions, because it adds new surface area to maintain and for people to learn. The suggested additions do not introduce any new, hard to grasp concept though. Maintenance should be negligible due to their similarity to the existing functions.

References

• My PR that implements the suggested functions with tests and documentation.

[crw]

Thank you for your continued interest in this issue.

Terraform version 1.8 launches with support of provider-defined functions. It is now possible to implement your own functions! We would love to see this implemented as a provider-defined function.

Please see the provider-defined functions documentation to learn how to implement functions in your providers. If you are new to provider development, learn how to create a new provider with the Terraform Plugin Framework. If you have any questions, please visit the Terraform Plugin Development category in our official forum.

We hope this feature unblocks future function development and provides more flexibility for the Terraform community. Thank you for your continued support of Terraform!