jprdonnelly/opentf
1
0
Fork 0
mirror of https://github.com/opentffoundation/opentf.git synced 2026-01-07 01:00:44 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
a978d4ee99048967895eb48a208e731e5b00a36f
opentf/website/docs/language/functions/sensitive.html.md
Martin Atkins 89b2405080 lang/funcs: "sensitive" and "nonsensitive" functions 
These aim to allow hinting to Terraform about situations where it's not
able to automatically infer value sensitivity.

"nonsensitive" is for situations where Terraform's behavior is too
conservative, such as when a new value is derived from a sensitive value
in such a way that all of the sensitive content is removed.

"sensitive", on the other hand, is for situations where Terraform can't
otherwise infer that a value is sensitive. These situations should be
pretty rare in a module that's making effective use of sensitive input
variables and output values, but the documentation shows one example of
an uncommon situation where a more direct hint via this function would
be needed.

Both of these functions are aimed at only occasional use in unusual
situations. They are here for reasons of pragmatism, not because we
expect them to be used routinely or recommend their use.
2021-03-16 16:26:22 -07:00

1.5 KiB
Raw Blame History

layout, page_title, sidebar_current, description
layout page_title sidebar_current description
language sensitive - Functions - Configuration Language docs-funcs-conversion-sensitive The sensitive function marks a value as being sensitive.

sensitive Function

-> Note: This function is only available in Terraform v0.14 and later.

sensitive takes any value and returns a copy of it marked so that Terraform will treat it as sensitive, with the same meaning and behavior as for sensitive input variables.

Whereever possible we recommend marking your input variable and/or output value declarations as sensitive directly, instead of using this function, because in that case you can be sure that there is no way to refer to those values without Terraform automatically considering them as sensitive.

The sensitive function might be useful in some less-common situations where a sensitive value arises from a definition within your module, such as if you've loaded sensitive data from a file on disk as part of your configuration:

locals {
  sensitive_content = sensitive(file("${path.module}/sensitive.txt"))
}

However, we generally don't recommend writing sensitive values directly within your module any of the files you distribute statically as part of that module, because they may be exposed in other ways outside of Terraform's control.

Examples

> sensitive(1)
(sensitive)
> sensitive("hello")
(sensitive)
> sensitive([])
(sensitive)
Reference in New Issue View Git Blame Copy Permalink