page_title | subcategory | description |
---|---|---|
random_password Resource - terraform-provider-random |
Identical to random_string string.html with the exception that the result is treated as sensitive and, thus, not displayed in console output. Read more about sensitive data handling in the Terraform documentation https://www.terraform.io/docs/language/state/sensitive-data.html.
This resource does use a cryptographic random number generator. |
Identical to random_string with the exception that the result is treated as sensitive and, thus, not displayed in console output. Read more about sensitive data handling in the Terraform documentation.
This resource does use a cryptographic random number generator.
resource "random_password" "password" {
length = 16
special = true
override_special = "!#$%&*()-_=+[]{}<>:?"
}
resource "aws_db_instance" "example" {
instance_class = "db.t3.micro"
allocated_storage = 64
engine = "mysql"
username = "someone"
password = random_password.password.result
}
length
(Number) The length of the string desired. The minimum value for length is 1 and, length must also be >= (min_upper
+min_lower
+min_numeric
+min_special
).
keepers
(Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See the main provider documentation for more information.lower
(Boolean) Include lowercase alphabet characters in the result. Default value istrue
.min_lower
(Number) Minimum number of lowercase alphabet characters in the result. Default value is0
.min_numeric
(Number) Minimum number of numeric characters in the result. Default value is0
.min_special
(Number) Minimum number of special characters in the result. Default value is0
.min_upper
(Number) Minimum number of uppercase alphabet characters in the result. Default value is0
.number
(Boolean, Deprecated) Include numeric characters in the result. Default value istrue
. NOTE: This is deprecated, usenumeric
instead.numeric
(Boolean) Include numeric characters in the result. Default value istrue
.override_special
(String) Supply your own list of special characters to use for string generation. This overrides the default character list in the special argument. Thespecial
argument must still be set to true for any overwritten characters to be used in generation.special
(Boolean) Include special characters in the result. These are!@#$%&*()-_=+[]{}<>:?
. Default value istrue
.upper
(Boolean) Include uppercase alphabet characters in the result. Default value istrue
.
bcrypt_hash
(String, Sensitive) A bcrypt hash of the generated random string. NOTE: If the generated random string is greater than 72 bytes in length,bcrypt_hash
will contain a hash of the first 72 bytes.id
(String) A static value used internally by Terraform, this should not be referenced in configurations.result
(String, Sensitive) The generated random string.
Import is supported using the following syntax:
terraform import random_password.password securepassword
Any attribute values that are specified within Terraform config will be ignored during import and all attributes that have defaults defined within the schema will have the default assigned.
For instance, using the following config during import:
resource "random_password" "password" {
length = 16
lower = false
}
Then importing the resource using terraform import random_password.password securepassword
,
would result in the triggering of a replacement (i.e., destroy-create) during the next
terraform apply
.
If the resource were imported using terraform import random_password.password securepassword
,
replacement could be avoided by using:
-
Attribute values that match the imported ID and defaults:
resource "random_password" "password" { length = 14 lower = true }
-
Attribute values that match the imported ID and omit the attributes with defaults:
resource "random_password" "password" { length = 14 }
-
ignore_changes
specifying the attributes to ignore:resource "random_password" "password" { length = 16 lower = false lifecycle { ignore_changes = [ length, lower, ] } }
NOTE
ignore_changes
is only required until the resource is recreated after import, after which it will use the configuration values specified.