-
Notifications
You must be signed in to change notification settings - Fork 64
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Option to mark data as NOT Sensitive. #65
Comments
I have similar issue
throws an error with terraform plan
The map keys are not sensitive but I cannot iterate over them because the values are marked as sensitive. I don't think there is any workaround for this. Would you mind removing the sensitive flag from the output map? I can submit a PR. Thanks! |
The Terraform Function nonsensitive() does exactly what you want, mark the input as non-sensitive. dynamic "env" {
for_each = nonsensitive(var.env_vars)
content {
name = env.key
value = env.value
}
}
|
@tobwuen it works! <3 thanks a lot! I was looking for such a function and couldn't find it. |
The only concern here is if this is used in a for_each to fill a parameter store then the values will be saved to your state file as non-sensitive (clear text). If you are saving your state file to a repo then don't use this method. |
Being able to add a sensitive = true/false in the provider block would be really helpful here, I'm going to have to add hundreds of nonsensitives() today to work around this. |
I am struggling with adding the
Username and Password of RDS AWS resource in sops encrypted file.
I am Using
https://registry.terraform.io/modules/terraform-aws-modules/rds/aws/latest
RDS module for creating my Postgres DB'sBut because the way the modules are constructed they attempt to output the Username.
And because the username is marked as Sensitive from the decryption module
terraform plan
crashes.I know this error is not related to your module at first glance.
But the error occurs because you tag each value as sensitive.
If we get a way to have control over that i would be super grateful.
In my case my sub modules control what is sensitive or not.
So i would prefer them to do the control.
/Peter
The text was updated successfully, but these errors were encountered: