CODEWITHSUNDEEP
terraformterraform-provider-azure
Arash
Arash

Reputation: 4260

Need to display sensitive data output variables in terraform

The following code snippet is my terraform configuration to create an Azure SignalR Service:

output "signalrserviceconnstring" {
  value = azurerm_signalr_service.mysignalrservice.primary_connection_string
  description = "signalR service's primary connection string"
  sensitive = true
}

I got an error when sensitive = true is not included but I still do not see the output results on the console. What's the solution or workaround for this problem?

Upvotes: 73

Views: 88174

Answers (3)

kolypto
kolypto

Reputation: 35523

If you want to get a sensitive value from the state rather than from the output, use this:

$ terraform show -json | \
  jq '.values.root_module.resources[] | select(.address == "tls_private_key.ssh_key")' 
{
  "address": "tls_private_key.server_ssh_key",
  "type": "tls_private_key",
  "name": "server_ssh_key",
  ...
  "values": {
    "algorithm": "ED25519",
    "private_key_openssh": "-----BEGIN OPENSSH PRIVATE KEY-----\n...",
    ...
  }
}

Upvotes: 9

O.G.
O.G.

Reputation: 1535

You could use function nonsensitive like this

    output "mysecret" {
      value = nonsensitive(var.mysecret)
    }

Upvotes: 86

Mark B
Mark B

Reputation: 201138

The entire point of sensitive = true is to prevent the values from being displayed on the console every time you run terraform apply. You have to output the sensitive value explicitly, like this:

terraform output signalrserviceconnstring

I highly suggest reading the documentation.

Upvotes: 117

Related Questions