├── .changes ├── 3.4.3.md ├── 3.5.0.md ├── 3.5.1.md ├── 3.6.0.md ├── 3.6.1.md ├── 3.6.2.md ├── 3.6.3.md ├── 3.7.0-alpha1.md ├── 3.7.0.md ├── 3.7.1.md ├── 3.7.2.md └── unreleased │ └── .gitkeep ├── .changie.yaml ├── .copywrite.hcl ├── .github ├── CODEOWNERS ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── ISSUE_TEMPLATE │ ├── Bug_Report.yml │ ├── Feature_Request.yml │ └── config.yml ├── SUPPORT.md ├── dependabot.yml ├── labeler-issue-triage.yml ├── labeler-pull-request-triage.yml ├── pull_request_template.md └── workflows │ ├── build.yml │ ├── ci-changie.yml │ ├── compliance.yml │ ├── issue-comment-triage.yml │ ├── issue-opened.yml │ ├── lock.yml │ ├── pull-request.yml │ └── test.yml ├── .gitignore ├── .golangci.yml ├── .release ├── ci.hcl ├── release-metadata.hcl ├── security-scan.hcl └── terraform-provider-random-artifacts.hcl ├── CHANGELOG.md ├── DESIGN.md ├── GNUmakefile ├── LICENSE ├── META.d └── _summary.yaml ├── README.md ├── docs ├── cdktf │ ├── python │ │ ├── ephemeral-resources │ │ │ └── password.md │ │ ├── index.md │ │ └── resources │ │ │ ├── bytes.md │ │ │ ├── id.md │ │ │ ├── integer.md │ │ │ ├── password.md │ │ │ ├── pet.md │ │ │ ├── shuffle.md │ │ │ ├── string.md │ │ │ └── uuid.md │ └── typescript │ │ ├── ephemeral-resources │ │ └── password.md │ │ ├── index.md │ │ └── resources │ │ ├── bytes.md │ │ ├── id.md │ │ ├── integer.md │ │ ├── password.md │ │ ├── pet.md │ │ ├── shuffle.md │ │ ├── string.md │ │ └── uuid.md ├── ephemeral-resources │ └── password.md ├── index.md └── resources │ ├── bytes.md │ ├── id.md │ ├── integer.md │ ├── password.md │ ├── pet.md │ ├── shuffle.md │ ├── string.md │ └── uuid.md ├── examples ├── ephemeral-resources │ └── random_password │ │ └── ephemeral-resource.tf ├── provider │ └── provider.tf └── resources │ ├── random_bytes │ ├── import.sh │ └── resource.tf │ ├── random_id │ ├── import.sh │ └── resource.tf │ ├── random_integer │ ├── import.sh │ └── resource.tf │ ├── random_password │ ├── import.sh │ └── resource.tf │ ├── random_pet │ └── resource.tf │ ├── random_shuffle │ └── resource.tf │ ├── random_string │ ├── import.sh │ └── resource.tf │ └── random_uuid │ ├── import.sh │ └── resource.tf ├── go.mod ├── go.sum ├── internal ├── diagnostics │ └── diagnostics.go ├── planmodifiers │ ├── bool │ │ └── boolplanmodifiers.go │ ├── map │ │ └── mapplanmodifiers.go │ └── string │ │ └── stringplanmodifier.go ├── provider │ ├── ephemeral_password.go │ ├── ephemeral_password_test.go │ ├── provider.go │ ├── provider_test.go │ ├── resource_bytes.go │ ├── resource_bytes_test.go │ ├── resource_id.go │ ├── resource_id_test.go │ ├── resource_integer.go │ ├── resource_integer_test.go │ ├── resource_password.go │ ├── resource_password_test.go │ ├── resource_pet.go │ ├── resource_pet_test.go │ ├── resource_shuffle.go │ ├── resource_shuffle_test.go │ ├── resource_string.go │ ├── resource_string_test.go │ ├── resource_uuid.go │ ├── resource_uuid_test.go │ └── tftypes_test.go ├── random │ ├── seed.go │ └── string.go ├── randomtest │ ├── bcrypt_hash_match.go │ ├── bcrypt_hash_mismatch.go │ ├── expect_no_attribute.go │ ├── string_length_exact.go │ └── string_length_min.go └── validators │ └── boolvalidator.go ├── main.go ├── templates ├── index.md.tmpl └── resources │ ├── password.md.tmpl │ └── string.md.tmpl ├── terraform-registry-manifest.json ├── tools ├── go.mod ├── go.sum └── tools.go └── version └── VERSION /.changes/3.5.0.md: -------------------------------------------------------------------------------- 1 | ## 3.5.0 (April 11, 2023) 2 | 3 | NOTES: 4 | 5 | * This Go module has been updated to Go 1.19 per the [Go support policy](https://golang.org/doc/devel/release.html#policy). Any consumers building on earlier Go versions may experience errors. ([#378](https://github.com/hashicorp/terraform-provider-random/issues/378)) 6 | 7 | -------------------------------------------------------------------------------- /.changes/3.5.1.md: -------------------------------------------------------------------------------- 1 | ## 3.5.1 (April 12, 2023) 2 | 3 | BUG FIXES: 4 | 5 | * resource/random_password: Prevent error with `bcrypt` by truncating the bytes that are hashed to a maximum length of 72 ([#397](https://github.com/hashicorp/terraform-provider-random/issues/397)) 6 | 7 | -------------------------------------------------------------------------------- /.changes/3.6.0.md: -------------------------------------------------------------------------------- 1 | ## 3.6.0 (December 04, 2023) 2 | 3 | FEATURES: 4 | 5 | * resource/random_bytes: New resource that generates an array of random bytes intended to be used as key or secret ([#272](https://github.com/hashicorp/terraform-provider-random/issues/272)) 6 | 7 | -------------------------------------------------------------------------------- /.changes/3.6.1.md: -------------------------------------------------------------------------------- 1 | ## 3.6.1 (April 16, 2024) 2 | 3 | BUG FIXES: 4 | 5 | * all: Prevent `keepers` from triggering an in-place update following import ([#385](https://github.com/hashicorp/terraform-provider-random/issues/385)) 6 | * resource/random_shuffle: Prevent inconsistent result after apply when result_count is set to 0 ([#409](https://github.com/hashicorp/terraform-provider-random/issues/409)) 7 | * provider/random_password: Fix bug which causes panic when special, upper, lower and number/numeric are all false ([#551](https://github.com/hashicorp/terraform-provider-random/issues/551)) 8 | * provider/random_string: Fix bug which causes panic when special, upper, lower and number/numeric are all false ([#551](https://github.com/hashicorp/terraform-provider-random/issues/551)) 9 | 10 | -------------------------------------------------------------------------------- /.changes/3.6.2.md: -------------------------------------------------------------------------------- 1 | ## 3.6.2 (May 21, 2024) 2 | 3 | NOTES: 4 | 5 | * resource/random_pet: Results have been updated to the latest upstream petname data ([#581](https://github.com/hashicorp/terraform-provider-random/issues/581)) 6 | 7 | -------------------------------------------------------------------------------- /.changes/3.6.3.md: -------------------------------------------------------------------------------- 1 | ## 3.6.3 (September 11, 2024) 2 | 3 | NOTES: 4 | 5 | * all: This release introduces no functional changes. It does however include dependency updates which address upstream CVEs. ([#604](https://github.com/hashicorp/terraform-provider-random/issues/604)) 6 | 7 | -------------------------------------------------------------------------------- /.changes/3.7.0-alpha1.md: -------------------------------------------------------------------------------- 1 | ## 3.7.0-alpha1 (February 13, 2025) 2 | 3 | NOTES: 4 | 5 | * all: This release is being used to test new build and release actions. 6 | 7 | -------------------------------------------------------------------------------- /.changes/3.7.0.md: -------------------------------------------------------------------------------- 1 | ## 3.7.0 (February 25, 2025) 2 | 3 | NOTES: 4 | 5 | * New [ephemeral resource](https://developer.hashicorp.com/terraform/language/resources/ephemeral) `random_password` now supports [ephemeral values](https://developer.hashicorp.com/terraform/language/values/variables#exclude-values-from-state). ([#625](https://github.com/hashicorp/terraform-provider-random/issues/625)) 6 | 7 | FEATURES: 8 | 9 | * ephemeral/random_password: New ephemeral resource that generates a password string. When used in combination with a managed resource write-only attribute, Terraform will not store the password in the plan or state file. ([#625](https://github.com/hashicorp/terraform-provider-random/issues/625)) 10 | 11 | -------------------------------------------------------------------------------- /.changes/3.7.1.md: -------------------------------------------------------------------------------- 1 | ## 3.7.1 (February 25, 2025) 2 | 3 | NOTES: 4 | 5 | * New [ephemeral resource](https://developer.hashicorp.com/terraform/language/resources/ephemeral) `random_password` now supports [ephemeral values](https://developer.hashicorp.com/terraform/language/values/variables#exclude-values-from-state). ([#625](https://github.com/hashicorp/terraform-provider-random/issues/625)) 6 | 7 | FEATURES: 8 | 9 | * ephemeral/random_password: New ephemeral resource that generates a password string. When used in combination with a managed resource write-only attribute, Terraform will not store the password in the plan or state file. ([#625](https://github.com/hashicorp/terraform-provider-random/issues/625)) 10 | 11 | -------------------------------------------------------------------------------- /.changes/3.7.2.md: -------------------------------------------------------------------------------- 1 | ## 3.7.2 (April 22, 2025) 2 | 3 | NOTES: 4 | 5 | * Update dependencies ([#683](https://github.com/hashicorp/terraform-provider-random/issues/683)) 6 | -------------------------------------------------------------------------------- /.changes/unreleased/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hashicorp/terraform-provider-random/1ec3acbbb93adeeb637efc8347bc71773fea2e4d/.changes/unreleased/.gitkeep -------------------------------------------------------------------------------- /.changie.yaml: -------------------------------------------------------------------------------- 1 | # DO NOT EDIT - This GitHub Workflow is managed by automation 2 | # https://github.com/hashicorp/terraform-devex-repos 3 | changesDir: .changes 4 | unreleasedDir: unreleased 5 | changelogPath: CHANGELOG.md 6 | versionExt: md 7 | versionFormat: '## {{.Version}} ({{.Time.Format "January 02, 2006"}})' 8 | kindFormat: '{{.Kind}}:' 9 | changeFormat: '* {{.Body}} ([#{{.Custom.Issue}}](https://github.com/hashicorp/terraform-provider-random/issues/{{.Custom.Issue}}))' 10 | custom: 11 | - key: Issue 12 | label: Issue/PR Number 13 | type: int 14 | minInt: 1 15 | kinds: 16 | - label: BREAKING CHANGES 17 | - label: NOTES 18 | - label: FEATURES 19 | - label: ENHANCEMENTS 20 | - label: BUG FIXES 21 | newlines: 22 | afterKind: 1 23 | beforeKind: 1 24 | endOfVersion: 2 25 | -------------------------------------------------------------------------------- /.copywrite.hcl: -------------------------------------------------------------------------------- 1 | schema_version = 1 2 | 3 | project { 4 | license = "MPL-2.0" 5 | copyright_year = 2017 6 | 7 | 8 | header_ignore = [ 9 | # internal catalog metadata (prose) 10 | "META.d/**/*.yaml", 11 | 12 | # changie tooling configuration and CHANGELOG entries (prose) 13 | ".changes/unreleased/*.yaml", 14 | ".changie.yaml", 15 | 16 | # examples used within documentation (prose) 17 | "examples/**", 18 | 19 | # GitHub issue template configuration 20 | ".github/ISSUE_TEMPLATE/*.yml", 21 | 22 | # GitHub Actions workflow-specific configurations 23 | ".github/labeler-*.yml", 24 | 25 | # golangci-lint tooling configuration 26 | ".golangci.yml", 27 | 28 | # Release Engineering tooling configuration 29 | ".release/*.hcl", 30 | ] 31 | } 32 | -------------------------------------------------------------------------------- /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @hashicorp/terraform-devex 2 | -------------------------------------------------------------------------------- /.github/CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | # Code of Conduct 2 | 3 | HashiCorp Community Guidelines apply to you when interacting with the community here on GitHub and contributing code. 4 | 5 | Please read the full text at https://www.hashicorp.com/community-guidelines 6 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/Bug_Report.yml: -------------------------------------------------------------------------------- 1 | name: Bug Report 2 | description: Something is incorrect or not working as expected. 3 | labels: ["bug"] 4 | body: 5 | - type: markdown 6 | attributes: 7 | value: | 8 | Thank you for taking the time to fill out this bug report! Please note that this issue tracker is only used for bug reports and feature requests. Other issues will be closed. 9 | 10 | If you have a configuration, workflow, or other question, please go back to the issue chooser and select one of the question links. 11 | - type: textarea 12 | id: versions 13 | attributes: 14 | label: Terraform CLI and Provider Versions 15 | description: What versions of Terraform CLI and the provider? 16 | placeholder: Output of `terraform version` from configuration directory 17 | validations: 18 | required: true 19 | - type: textarea 20 | id: terraform-configuration 21 | attributes: 22 | label: Terraform Configuration 23 | description: Please copy and paste any relevant Terraform configuration. This will be automatically formatted into code, so no need for backticks. 24 | render: terraform 25 | validations: 26 | required: true 27 | - type: textarea 28 | id: expected-behavior 29 | attributes: 30 | label: Expected Behavior 31 | description: What did you expect to happen? 32 | placeholder: Description of what should have happened. 33 | validations: 34 | required: true 35 | - type: textarea 36 | id: actual-behavior 37 | attributes: 38 | label: Actual Behavior 39 | description: What actually happened? 40 | placeholder: Description of what actually happened. 41 | validations: 42 | required: true 43 | - type: textarea 44 | id: reproduction-steps 45 | attributes: 46 | label: Steps to Reproduce 47 | description: List of steps to reproduce the issue. 48 | value: | 49 | 1. `terraform apply` 50 | validations: 51 | required: true 52 | - type: dropdown 53 | id: impact 54 | attributes: 55 | label: How much impact is this issue causing? 56 | description: High represents completely not able to use the provider or unexpected destruction of data/infrastructure. Medium represents unable to upgrade provider version or an issue with potential workaround. Low represents minor provider code, configuration, or documentation issues. 57 | options: 58 | - High 59 | - Medium 60 | - Low 61 | validations: 62 | required: true 63 | - type: input 64 | id: logs 65 | attributes: 66 | label: Logs 67 | description: Please provide a link to a [GitHub Gist](https://gist.github.com) containing TRACE log output. [Terraform Debugging Documentation](https://www.terraform.io/internals/debugging) 68 | placeholder: https://gist.github.com/example/12345678 69 | validations: 70 | required: false 71 | - type: textarea 72 | id: additional-information 73 | attributes: 74 | label: Additional Information 75 | description: Are there any additional details about your environment, workflow, or recent changes that might be relevant? Have you discovered a workaround? Are there links to other related issues? 76 | validations: 77 | required: false 78 | - type: checkboxes 79 | id: terms 80 | attributes: 81 | label: Code of Conduct 82 | description: By submitting this issue, you agree to follow our [Community Guidelines](https://www.hashicorp.com/community-guidelines). 83 | options: 84 | - label: I agree to follow this project's Code of Conduct 85 | required: true 86 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/Feature_Request.yml: -------------------------------------------------------------------------------- 1 | name: Feature Request 2 | description: Something is missing or could be improved. 3 | labels: ["enhancement"] 4 | body: 5 | - type: markdown 6 | attributes: 7 | value: | 8 | Thank you for taking the time to fill out this feature request! Please note that this issue tracker is only used for bug reports and feature requests. Other issues will be closed. 9 | 10 | If you have a configuration, workflow, or other question, please go back to the issue chooser and select one of the question links. 11 | - type: textarea 12 | id: versions 13 | attributes: 14 | label: Terraform CLI and Provider Versions 15 | description: What versions of Terraform CLI and the provider? 16 | placeholder: Output of `terraform version` from configuration directory 17 | validations: 18 | required: true 19 | - type: textarea 20 | id: use-case 21 | attributes: 22 | label: Use Cases or Problem Statement 23 | description: What use cases or problems are you trying to solve? 24 | placeholder: Description of use cases or problems. 25 | validations: 26 | required: true 27 | - type: textarea 28 | id: proposal 29 | attributes: 30 | label: Proposal 31 | description: What solutions would you prefer? 32 | placeholder: Description of proposed solutions. 33 | validations: 34 | required: true 35 | - type: dropdown 36 | id: impact 37 | attributes: 38 | label: How much impact is this issue causing? 39 | description: High represents completely not able to use the provider without this. Medium represents unable to solve a specific problem or understand something. Low represents minor provider code, configuration, or documentation issues. 40 | options: 41 | - High 42 | - Medium 43 | - Low 44 | validations: 45 | required: true 46 | - type: textarea 47 | id: additional-information 48 | attributes: 49 | label: Additional Information 50 | description: Are there any additional details about your environment, workflow, or recent changes that might be relevant? Have you discovered a workaround? Are there links to other related issues? 51 | validations: 52 | required: false 53 | - type: checkboxes 54 | id: terms 55 | attributes: 56 | label: Code of Conduct 57 | description: By submitting this issue, you agree to follow our [Community Guidelines](https://www.hashicorp.com/community-guidelines). 58 | options: 59 | - label: I agree to follow this project's Code of Conduct 60 | required: true 61 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/config.yml: -------------------------------------------------------------------------------- 1 | blank_issues_enabled: false 2 | contact_links: 3 | - name: Terraform Provider Questions 4 | url: https://discuss.hashicorp.com/c/terraform-providers/31 5 | about: GitHub issues in this repository are only intended for bug reports and feature requests. Other issues will be closed. Please ask and answer questions through the Terraform Provider section of HashiCorp Discuss. 6 | - name: Terraform Language or Workflow Questions 7 | url: https://discuss.hashicorp.com/c/terraform-core 8 | about: Please ask and answer language or workflow related questions through the Terraform Core section of HashiCorp Discuss. 9 | -------------------------------------------------------------------------------- /.github/SUPPORT.md: -------------------------------------------------------------------------------- 1 | # Support 2 | 3 | * Project [README](../README.md) 4 | * Official [Documentation](https://registry.terraform.io/providers/hashicorp/random/latest/docs) 5 | * Providers [Discuss forums](https://discuss.hashicorp.com/c/terraform-providers/31) 6 | * Terraform [Community](https://www.terraform.io/community.html) page 7 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | # See GitHub's docs for more information on this file: 2 | # https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/configuration-options-for-dependency-updates 3 | version: 2 4 | updates: 5 | # Maintain dependencies for Go modules 6 | - package-ecosystem: "gomod" 7 | directory: "/" 8 | schedule: 9 | # Check for updates to Go modules every weekday 10 | interval: "daily" 11 | - package-ecosystem: "gomod" 12 | directory: "/tools" 13 | schedule: 14 | interval: "daily" 15 | - package-ecosystem: "github-actions" 16 | directory: "/" 17 | schedule: 18 | interval: "daily" 19 | -------------------------------------------------------------------------------- /.github/labeler-issue-triage.yml: -------------------------------------------------------------------------------- 1 | bug: 2 | - 'panic:' 3 | crash: 4 | - 'panic:' 5 | -------------------------------------------------------------------------------- /.github/labeler-pull-request-triage.yml: -------------------------------------------------------------------------------- 1 | dependencies: 2 | - changed-files: 3 | - any-glob-to-any-file: .github/dependabot.yml 4 | - any-glob-to-any-file: go.mod 5 | - any-glob-to-any-file: go.sum 6 | documentation: 7 | - changed-files: 8 | - any-glob-to-any-file: website/**/* 9 | -------------------------------------------------------------------------------- /.github/pull_request_template.md: -------------------------------------------------------------------------------- 1 | ## Related Issue 2 | 3 | Fixes # 4 | 5 | ## Description 6 | 7 | In plain English, describe your approach to addressing the issue linked above. For example, if you made a particular design decision, let us know why you chose this path instead of another solution. 8 | 9 | 10 | ## Rollback Plan 11 | 12 | - [ ] If a change needs to be reverted, we will roll out an update to the code within 7 days. 13 | 14 | ## Changes to Security Controls 15 | 16 | Are there any changes to security controls (access controls, encryption, logging) in this pull request? If so, explain. 17 | -------------------------------------------------------------------------------- /.github/workflows/ci-changie.yml: -------------------------------------------------------------------------------- 1 | # DO NOT EDIT - This GitHub Workflow is managed by automation 2 | # https://github.com/hashicorp/terraform-devex-repos 3 | 4 | # Continuous integration handling for changie 5 | name: ci-changie 6 | 7 | on: 8 | pull_request: 9 | paths: 10 | - .changes/unreleased/*.yaml 11 | - .changie.yaml 12 | - .github/workflows/ci-changie.yml 13 | 14 | permissions: 15 | contents: read 16 | 17 | jobs: 18 | check: 19 | runs-on: ubuntu-latest 20 | steps: 21 | # Ensure terraform-devex-repos is updated on version changes. 22 | - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 23 | # Ensure terraform-devex-repos is updated on version changes. 24 | - uses: miniscruff/changie-action@6dcc2533cac0495148ed4046c438487e4dceaa23 # v2.0.0 25 | with: 26 | version: latest 27 | args: batch patch --dry-run 28 | -------------------------------------------------------------------------------- /.github/workflows/compliance.yml: -------------------------------------------------------------------------------- 1 | name: compliance 2 | 3 | on: 4 | pull_request: 5 | 6 | permissions: 7 | contents: read 8 | 9 | jobs: 10 | # Reference: ENGSRV-059 11 | copywrite: 12 | runs-on: ubuntu-latest 13 | steps: 14 | - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 15 | - uses: hashicorp/setup-copywrite@32638da2d4e81d56a0764aa1547882fc4d209636 # v1.1.3 16 | - run: copywrite headers --plan 17 | - run: copywrite license --plan 18 | -------------------------------------------------------------------------------- /.github/workflows/issue-comment-triage.yml: -------------------------------------------------------------------------------- 1 | # DO NOT EDIT - This GitHub Workflow is managed by automation 2 | # https://github.com/hashicorp/terraform-devex-repos 3 | name: Issue Comment Triage 4 | 5 | on: 6 | issue_comment: 7 | types: [created] 8 | 9 | jobs: 10 | issue_comment_triage: 11 | runs-on: ubuntu-latest 12 | env: 13 | # issue_comment events are triggered by comments on issues and pull requests. Checking the 14 | # value of github.event.issue.pull_request tells us whether the issue is an issue or is 15 | # actually a pull request, allowing us to dynamically set the gh subcommand: 16 | # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#issue_comment-on-issues-only-or-pull-requests-only 17 | COMMAND: ${{ github.event.issue.pull_request && 'pr' || 'issue' }} 18 | GH_TOKEN: ${{ github.token }} 19 | steps: 20 | - name: 'Remove waiting-response on comment' 21 | run: gh ${{ env.COMMAND }} edit ${{ github.event.issue.html_url }} --remove-label waiting-response 22 | -------------------------------------------------------------------------------- /.github/workflows/issue-opened.yml: -------------------------------------------------------------------------------- 1 | name: Issue Opened Triage 2 | 3 | on: 4 | issues: 5 | types: [opened] 6 | 7 | jobs: 8 | issue_triage: 9 | runs-on: ubuntu-latest 10 | steps: 11 | - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 12 | - uses: github/issue-labeler@c1b0f9f52a63158c4adc09425e858e87b32e9685 # v3.4 13 | with: 14 | repo-token: "${{ secrets.GITHUB_TOKEN }}" 15 | configuration-path: .github/labeler-issue-triage.yml 16 | enable-versioned-regex: 0 17 | -------------------------------------------------------------------------------- /.github/workflows/lock.yml: -------------------------------------------------------------------------------- 1 | # DO NOT EDIT - This GitHub Workflow is managed by automation 2 | # https://github.com/hashicorp/terraform-devex-repos 3 | name: 'Lock Threads' 4 | 5 | on: 6 | schedule: 7 | - cron: '43 9 * * *' 8 | 9 | jobs: 10 | lock: 11 | runs-on: ubuntu-latest 12 | steps: 13 | # NOTE: When TSCCR updates the GitHub action version, update the template workflow file to avoid drift: 14 | # https://github.com/hashicorp/terraform-devex-repos/blob/main/modules/repo/workflows/lock.tftpl 15 | - uses: dessant/lock-threads@1bf7ec25051fe7c00bdd17e6a7cf3d7bfb7dc771 # v5.0.1 16 | with: 17 | github-token: ${{ github.token }} 18 | issue-inactive-days: '30' 19 | issue-lock-reason: resolved 20 | pr-inactive-days: '30' 21 | pr-lock-reason: resolved 22 | -------------------------------------------------------------------------------- /.github/workflows/pull-request.yml: -------------------------------------------------------------------------------- 1 | name: "Pull Request Triage" 2 | 3 | on: [pull_request_target] 4 | 5 | permissions: 6 | # CodelyTV/pr-size-labeler uses issues URL for labeling 7 | issues: write 8 | pull-requests: write 9 | 10 | jobs: 11 | triage: 12 | runs-on: ubuntu-latest 13 | steps: 14 | - uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5.0.0 15 | with: 16 | configuration-path: .github/labeler-pull-request-triage.yml 17 | repo-token: "${{ secrets.GITHUB_TOKEN }}" 18 | - uses: CodelyTV/pr-size-labeler@4ec67706cd878fbc1c8db0a5dcd28b6bb412e85a # v1.10.3 19 | with: 20 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 21 | xs_label: 'size/XS' 22 | xs_max_size: '30' 23 | s_label: 'size/S' 24 | s_max_size: '60' 25 | m_label: 'size/M' 26 | m_max_size: '150' 27 | l_label: 'size/L' 28 | l_max_size: '300' 29 | xl_label: 'size/XL' 30 | message_if_xl: '' 31 | files_to_ignore: 'go.sum' 32 | -------------------------------------------------------------------------------- /.github/workflows/test.yml: -------------------------------------------------------------------------------- 1 | name: Test 2 | 3 | on: 4 | pull_request: 5 | branches: [ main ] 6 | paths-ignore: 7 | - 'README.md' 8 | - 'CHANGELOG.md' 9 | - 'website/*' 10 | push: 11 | branches: [ main ] 12 | paths-ignore: 13 | - 'README.md' 14 | - 'CHANGELOG.md' 15 | - 'website/*' 16 | 17 | jobs: 18 | build: 19 | name: Build 20 | runs-on: ubuntu-latest 21 | timeout-minutes: 5 22 | steps: 23 | 24 | - name: Check out code into the Go module directory 25 | uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 26 | 27 | - name: Set up Go 28 | uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 29 | with: 30 | go-version-file: 'go.mod' 31 | id: go 32 | 33 | - name: Run linters 34 | uses: golangci/golangci-lint-action@4afd733a84b1f43292c63897423277bb7f4313a9 # v8.0.0 35 | with: 36 | version: latest 37 | 38 | # We need the latest version of Terraform for our documentation generation to use 39 | - name: Set up Terraform 40 | uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2 41 | with: 42 | terraform_wrapper: false 43 | 44 | - name: Generate 45 | run: make generate 46 | 47 | - name: Confirm no diff 48 | run: | 49 | git diff --compact-summary --exit-code || \ 50 | (echo "*** Unexpected differences after code generation. Run 'make generate' and commit."; exit 1) 51 | 52 | - name: Build 53 | run: make build 54 | 55 | test: 56 | name: 'Acc. Tests (OS: ${{ matrix.os }} / TF: ${{ matrix.terraform }})' 57 | needs: build 58 | runs-on: ${{ matrix.os }} 59 | timeout-minutes: 20 60 | strategy: 61 | fail-fast: false 62 | matrix: 63 | os: 64 | - macos-latest 65 | - windows-latest 66 | - ubuntu-latest 67 | terraform: ${{ fromJSON(vars.TF_VERSIONS_PROTOCOL_V5) }} 68 | steps: 69 | 70 | - name: Check out code 71 | uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 72 | 73 | - name: Setup Go 74 | uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 75 | with: 76 | go-version-file: 'go.mod' 77 | check-latest: true 78 | 79 | - name: Setup Terraform ${{ matrix.terraform }} 80 | uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2 81 | with: 82 | terraform_version: ${{ matrix.terraform }} 83 | terraform_wrapper: false 84 | 85 | - name: Run acceptance test 86 | run: make testacc 87 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | *.dll 2 | *.exe 3 | .DS_Store 4 | example.tf 5 | terraform.tfplan 6 | terraform.tfstate 7 | bin/ 8 | modules-dev/ 9 | /pkg/ 10 | website/.vagrant 11 | website/.bundle 12 | website/build 13 | website/node_modules 14 | .vagrant/ 15 | *.backup 16 | ./*.tfstate 17 | .terraform/ 18 | *.log 19 | *.bak 20 | *~ 21 | .*.swp 22 | .idea 23 | *.iml 24 | *.test 25 | *.iml 26 | .vscode 27 | 28 | website/vendor 29 | 30 | # Test exclusions 31 | !command/test-fixtures/**/*.tfstate 32 | !command/test-fixtures/**/.terraform/ 33 | -------------------------------------------------------------------------------- /.golangci.yml: -------------------------------------------------------------------------------- 1 | version: "2" 2 | linters: 3 | default: none 4 | enable: 5 | - copyloopvar 6 | - durationcheck 7 | - errcheck 8 | - forcetypeassert 9 | - godot 10 | - govet 11 | - ineffassign 12 | - makezero 13 | - misspell 14 | - nilerr 15 | - predeclared 16 | - staticcheck 17 | - unconvert 18 | - unparam 19 | - unused 20 | - usetesting 21 | exclusions: 22 | generated: lax 23 | presets: 24 | - comments 25 | - common-false-positives 26 | - legacy 27 | - std-error-handling 28 | paths: 29 | - third_party$ 30 | - builtin$ 31 | - examples$ 32 | issues: 33 | max-issues-per-linter: 0 34 | max-same-issues: 0 35 | formatters: 36 | enable: 37 | - gofmt 38 | exclusions: 39 | generated: lax 40 | paths: 41 | - third_party$ 42 | - builtin$ 43 | - examples$ 44 | -------------------------------------------------------------------------------- /.release/ci.hcl: -------------------------------------------------------------------------------- 1 | # Reference: https://github.com/hashicorp/crt-core-helloworld/blob/main/.release/ci.hcl (private repository) 2 | 3 | schema = "2" 4 | 5 | project "terraform-provider-random" { 6 | // team is currently unused and has no meaning 7 | // but is required to be non-empty by CRT orchestator 8 | team = "_UNUSED_" 9 | 10 | slack { 11 | notification_channel = "C02BASDVCDT" // #feed-terraform-sdk 12 | } 13 | 14 | github { 15 | organization = "hashicorp" 16 | repository = "terraform-provider-random" 17 | release_branches = ["main", "release/**"] 18 | } 19 | } 20 | 21 | event "merge" { 22 | } 23 | 24 | event "build" { 25 | action "build" { 26 | depends = ["merge"] 27 | 28 | organization = "hashicorp" 29 | repository = "terraform-provider-random" 30 | workflow = "build" 31 | } 32 | } 33 | 34 | event "prepare" { 35 | # `prepare` is the Common Release Tooling (CRT) artifact processing workflow. 36 | # It prepares artifacts for potential promotion to staging and production. 37 | # For example, it scans and signs artifacts. 38 | 39 | depends = ["build"] 40 | 41 | action "prepare" { 42 | organization = "hashicorp" 43 | repository = "crt-workflows-common" 44 | workflow = "prepare" 45 | depends = ["build"] 46 | } 47 | 48 | notification { 49 | on = "fail" 50 | } 51 | } 52 | 53 | event "trigger-staging" { 54 | } 55 | 56 | event "promote-staging" { 57 | action "promote-staging" { 58 | organization = "hashicorp" 59 | repository = "crt-workflows-common" 60 | workflow = "promote-staging" 61 | depends = null 62 | config = "release-metadata.hcl" 63 | } 64 | 65 | depends = ["trigger-staging"] 66 | 67 | notification { 68 | on = "always" 69 | } 70 | } 71 | 72 | event "trigger-production" { 73 | } 74 | 75 | event "promote-production" { 76 | action "promote-production" { 77 | organization = "hashicorp" 78 | repository = "crt-workflows-common" 79 | workflow = "promote-production" 80 | depends = null 81 | config = "" 82 | } 83 | 84 | depends = ["trigger-production"] 85 | 86 | notification { 87 | on = "always" 88 | } 89 | } 90 | -------------------------------------------------------------------------------- /.release/release-metadata.hcl: -------------------------------------------------------------------------------- 1 | url_source_repository = "https://github.com/hashicorp/terraform-provider-random" 2 | url_project_website = "https://registry.terraform.io/providers/hashicorp/random" 3 | url_license = "https://github.com/hashicorp/terraform-provider-random/blob/main/LICENSE" 4 | url_release_notes = "https://github.com/hashicorp/terraform-provider-random/blob/main/CHANGELOG.md" 5 | -------------------------------------------------------------------------------- /.release/security-scan.hcl: -------------------------------------------------------------------------------- 1 | # Reference: https://github.com/hashicorp/security-scanner/blob/main/CONFIG.md#binary (private repository) 2 | 3 | binary { 4 | secrets { 5 | all = true 6 | } 7 | go_modules = true 8 | osv = true 9 | oss_index = false 10 | nvd = false 11 | } 12 | -------------------------------------------------------------------------------- /.release/terraform-provider-random-artifacts.hcl: -------------------------------------------------------------------------------- 1 | schema = 1 2 | artifacts { 3 | zip = [ 4 | "terraform-provider-random_${version}_darwin_amd64.zip", 5 | "terraform-provider-random_${version}_darwin_arm64.zip", 6 | "terraform-provider-random_${version}_freebsd_386.zip", 7 | "terraform-provider-random_${version}_freebsd_amd64.zip", 8 | "terraform-provider-random_${version}_freebsd_arm.zip", 9 | "terraform-provider-random_${version}_linux_386.zip", 10 | "terraform-provider-random_${version}_linux_amd64.zip", 11 | "terraform-provider-random_${version}_linux_arm.zip", 12 | "terraform-provider-random_${version}_linux_arm64.zip", 13 | "terraform-provider-random_${version}_windows_386.zip", 14 | "terraform-provider-random_${version}_windows_amd64.zip", 15 | ] 16 | } -------------------------------------------------------------------------------- /DESIGN.md: -------------------------------------------------------------------------------- 1 | # Random Provider Design 2 | 3 | The Random Provider offers focussed functionality specifically geared towards the generation of random values for use 4 | within Terraform configurations. Specifically, the provider resources generate random values at the time they are 5 | created and then maintain these values unless the resource inputs are altered. 6 | 7 | Below we have a collection of _Goals_ and _Patterns_: they represent the guiding principles applied during the 8 | development of this provider. Some are in place, others are ongoing processes, others are still just inspirational. 9 | 10 | ## Goals 11 | 12 | * [_Stability over features_](.github/CONTRIBUTING.md) 13 | * Provide managed resources to generate random values for use within Terraform configurations. 14 | * Support the underlying use of a cryptographic random number generator for 15 | [id](docs/resources/id.md), [password](docs/resources/id.md) and 16 | [string](docs/resources/string.md). 17 | * Support the use of "[keepers](docs/index.md)" for all resources. 18 | * Support the use of encoding [id](docs/resources/id.md) as: 19 | * [base64](https://www.rfc-editor.org/rfc/rfc4648.html#section-4) 20 | * [base64 URL](https://www.rfc-editor.org/rfc/rfc4648.html#section-5) 21 | * [decimal](https://pkg.go.dev/math/big#Int.String) 22 | * [hex](https://pkg.go.dev/math/big#Int.String) 23 | 24 | ## Patterns 25 | 26 | Specific to this provider: 27 | 28 | * The generation of [password](docs/resources/password.md) and 29 | [string](docs/resources/string.md) use exactly the same underlying code, the only 30 | difference is that the output from *password* is treated as 31 | [sensitive](https://www.terraform.io/language/state/sensitive-data). 32 | 33 | General to development: 34 | 35 | * **Avoid repetition**: the entities managed can sometimes require similar pieces of logic and/or schema to be realised. 36 | When this happens it's important to keep the code shared in communal sections, so to avoid having to modify code in 37 | multiple places when they start changing. 38 | * **Test expectations as well as bugs**: While it's typical to write tests to exercise a new functionality, it's key to 39 | also provide tests for issues that get identified and fixed, so to prove resolution as well as avoid regression. 40 | * **Automate boring tasks**: Processes that are manual, repetitive and can be automated, should be. In addition to be a 41 | time-saving practice, this ensures consistency and reduces human error (ex. static code analysis). 42 | * **Semantic versioning**: Adhering to HashiCorp's own 43 | [Versioning Specification](https://www.terraform.io/plugin/sdkv2/best-practices/versioning#versioning-specification) 44 | ensures we provide a consistent practitioner experience, and a clear process to deprecation and decommission. 45 | -------------------------------------------------------------------------------- /GNUmakefile: -------------------------------------------------------------------------------- 1 | default: build 2 | 3 | build: 4 | go build -v ./... 5 | 6 | install: build 7 | go install -v ./... 8 | 9 | # See https://golangci-lint.run/ 10 | lint: 11 | golangci-lint run 12 | 13 | # Generate docs and copywrite headers 14 | generate: 15 | cd tools; go generate ./... 16 | 17 | fmt: 18 | gofmt -s -w -e . 19 | 20 | test: 21 | go test -v -cover -timeout=120s -parallel=4 ./... 22 | 23 | testacc: 24 | TF_ACC=1 go test -v -cover -timeout 120m ./... 25 | 26 | .PHONY: build install lint generate fmt test testacc 27 | -------------------------------------------------------------------------------- /META.d/_summary.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | schema: 1.1 3 | 4 | partition: tf-ecosystem 5 | 6 | summary: 7 | owner: team-tf-core-plugins 8 | description: | 9 | Utility provider that supports the use of randomness within Terraform configurations. 10 | visibility: public -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Terraform Provider: Random 2 | 3 | The Random provider supports the use of randomness within Terraform configurations. The 4 | provider resources can be used to generate a random [id](docs/resources/id.md), 5 | [integer](docs/resources/integer.md), [password](docs/resources/password.md), 6 | [pet](docs/resources/pet.md), [shuffle](docs/resources/shuffle.md) (random permutation 7 | of a list of strings), [string](docs/resources/string.md) or 8 | [uuid](docs/resources/uuid.md). 9 | 10 | ## Documentation, questions and discussions 11 | 12 | Official documentation on how to use this provider can be found on the 13 | [Terraform Registry](https://registry.terraform.io/providers/hashicorp/random/latest/docs). 14 | In case of specific questions or discussions, please use the 15 | HashiCorp [Terraform Providers Discuss forums](https://discuss.hashicorp.com/c/terraform-providers/31), 16 | in accordance with HashiCorp [Community Guidelines](https://www.hashicorp.com/community-guidelines). 17 | 18 | We also provide: 19 | 20 | * [Support](.github/SUPPORT.md) page for help when using the provider 21 | * [Contributing](.github/CONTRIBUTING.md) guidelines in case you want to help this project 22 | * [Design](DESIGN.md) documentation to understand the scope and maintenance decisions 23 | 24 | The remainder of this document will focus on the development aspects of the provider. 25 | 26 | ## Requirements 27 | 28 | * [Terraform](https://www.terraform.io/downloads) (>= 0.12) 29 | * [Go](https://go.dev/doc/install) (1.23) 30 | * [GNU Make](https://www.gnu.org/software/make/) 31 | * [golangci-lint](https://golangci-lint.run/usage/install/#local-installation) (optional) 32 | 33 | ## Development 34 | 35 | ### Building 36 | 37 | 1. `git clone` this repository and `cd` into its directory 38 | 2. `make build` will trigger the Golang build 39 | 40 | The provided `GNUmakefile` defines additional commands generally useful during development, 41 | like for running tests, generating documentation, code formatting and linting. 42 | Taking a look at it's content is recommended. 43 | 44 | ### Testing 45 | 46 | In order to test the provider, you can run 47 | 48 | * `make test` to run provider tests 49 | * `make testacc` to run provider acceptance tests 50 | 51 | It's important to note that acceptance tests (`testacc`) will actually spawn 52 | `terraform` and the provider. Read more about they work on the 53 | [official page](https://www.terraform.io/plugin/sdkv2/testing/acceptance-tests). 54 | 55 | ### Generating documentation 56 | 57 | This provider uses [terraform-plugin-docs](https://github.com/hashicorp/terraform-plugin-docs/) 58 | to generate documentation and store it in the `docs/` directory. 59 | Once a release is cut, the Terraform Registry will download the documentation from `docs/` 60 | and associate it with the release version. Read more about how this works on the 61 | [official page](https://www.terraform.io/registry/providers/docs). 62 | 63 | Use `make generate` to ensure the documentation is regenerated with any changes. 64 | 65 | ### Using a development build 66 | 67 | If [running tests and acceptance tests](#testing) isn't enough, it's possible to set up a local terraform configuration 68 | to use a development builds of the provider. This can be achieved by leveraging the Terraform CLI 69 | [configuration file development overrides](https://www.terraform.io/cli/config/config-file#development-overrides-for-provider-developers). 70 | 71 | First, use `make install` to place a fresh development build of the provider in your [`${GOBIN}`](https://pkg.go.dev/cmd/go#hdr-Compile_and_install_packages_and_dependencies) (defaults to `${GOPATH}/bin` or `${HOME}/go/bin` if `${GOPATH}` is not set). Repeat 72 | this every time you make changes to the provider locally. 73 | 74 | Then, in your `${HOME}/.terraformrc` (Unix) / `%APPDATA%\terraform.rc` (Windows), a `provider_installation` that contains 75 | the following `dev_overrides`: 76 | 77 | ```hcl 78 | provider_installation { 79 | dev_overrides { 80 | "hashicorp/random" = "${GOBIN}" //< replace `${GOBIN}` with the actual path on your system 81 | } 82 | 83 | direct {} 84 | } 85 | ``` 86 | 87 | Note that it's also possible to use a dedicated Terraform configuration file and invoke `terraform` while setting 88 | the environment variable `TF_CLI_CONFIG_FILE=my_terraform_config_file`. 89 | 90 | Once the `dev_overrides` are in place, any local execution of `terraform plan` and `terraform apply` will 91 | use the version of the provider found in the given `${GOBIN}` directory, 92 | instead of the one indicated in your terraform configuration. 93 | 94 | ### Testing GitHub Actions 95 | 96 | This project uses [GitHub Actions](https://docs.github.com/en/actions/automating-builds-and-tests) to realize its CI. 97 | 98 | Sometimes it might be helpful to locally reproduce the behaviour of those actions, 99 | and for this we use [act](https://github.com/nektos/act). Once installed, you can _simulate_ the actions executed 100 | when opening a PR with: 101 | 102 | ```shell 103 | # List of workflows for the 'pull_request' action 104 | $ act -l pull_request 105 | 106 | # Execute the workflows associated with the `pull_request' action 107 | $ act pull_request 108 | ``` 109 | 110 | ## Releasing 111 | 112 | The releasable builds are generated from the [build GH workflow](./.github/workflows/build.yml) and the release/promotion process 113 | is completed via internal HashiCorp deployment tooling. Prior to release, the changelog should be updated in `main` with 114 | the changie tool, example: 115 | 116 | ```sh 117 | changie batch 3.7.2 && changie merge 118 | ``` 119 | 120 | ## License 121 | 122 | [Mozilla Public License v2.0](./LICENSE) 123 | -------------------------------------------------------------------------------- /docs/cdktf/python/ephemeral-resources/password.md: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | 4 | # generated by https://github.com/hashicorp/terraform-plugin-docs 5 | page_title: "random_password Ephemeral Resource - terraform-provider-random" 6 | subcategory: "" 7 | description: |- 8 | -> If the managed resource doesn't have a write-only argument available for the password (first introduced in Terraform 1.11), then the password can only be created with the managed resource variant of random_password https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password. 9 | Generates an ephemeral password string using a cryptographic random number generator. 10 | The primary use-case for generating an ephemeral random password is to be used in combination with a write-only argument in a managed resource, which will avoid Terraform storing the password string in the plan or state file. 11 | --- 12 | 13 | # random_password (Ephemeral Resource) 14 | 15 | -> If the managed resource doesn't have a write-only argument available for the password (first introduced in Terraform 1.11), then the password can only be created with the managed resource variant of [`random_password`](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password). 16 | 17 | Generates an ephemeral password string using a cryptographic random number generator. 18 | 19 | The primary use-case for generating an ephemeral random password is to be used in combination with a write-only argument in a managed resource, which will avoid Terraform storing the password string in the plan or state file. 20 | 21 | ## Example Usage 22 | 23 | ```python 24 | # DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 25 | from constructs import Construct 26 | from cdktf import TerraformStack 27 | class MyConvertedCode(TerraformStack): 28 | def __init__(self, scope, name): 29 | super().__init__(scope, name) 30 | ``` 31 | 32 | 33 | ## Schema 34 | 35 | ### Required 36 | 37 | - `length` (Number) The length of the string desired. The minimum value for length is 1 and, length must also be >= (`min_upper` + `min_lower` + `min_numeric` + `min_special`). 38 | 39 | ### Optional 40 | 41 | - `lower` (Boolean) Include lowercase alphabet characters in the result. Default value is `true`. 42 | - `min_lower` (Number) Minimum number of lowercase alphabet characters in the result. Default value is `0`. 43 | - `min_numeric` (Number) Minimum number of numeric characters in the result. Default value is `0`. 44 | - `min_special` (Number) Minimum number of special characters in the result. Default value is `0`. 45 | - `min_upper` (Number) Minimum number of uppercase alphabet characters in the result. Default value is `0`. 46 | - `numeric` (Boolean) Include numeric characters in the result. Default value is `true`. If `numeric`, `upper`, `lower`, and `special` are all configured, at least one of them must be set to `true`. 47 | - `override_special` (String) Supply your own list of special characters to use for string generation. This overrides the default character list in the special argument. The `special` argument must still be set to true for any overwritten characters to be used in generation. 48 | - `special` (Boolean) Include special characters in the result. These are `!@#$%&*()-_=+[]{}<>:?`. Default value is `true`. 49 | - `upper` (Boolean) Include uppercase alphabet characters in the result. Default value is `true`. 50 | 51 | ### Read-Only 52 | 53 | - `bcrypt_hash` (String, Sensitive) A bcrypt hash of the generated random string. **NOTE**: If the generated random string is greater than 72 bytes in length, `bcrypt_hash` will contain a hash of the first 72 bytes. 54 | - `result` (String, Sensitive) The generated random string. 55 | 56 | -------------------------------------------------------------------------------- /docs/cdktf/python/index.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "Provider: Random" 3 | description: |- 4 | The Random provider is used to generate randomness. 5 | --- 6 | 7 | 8 | 9 | # Random Provider 10 | 11 | The "random" provider allows the use of randomness within Terraform 12 | configurations. This is a *logical provider*, which means that it works 13 | entirely within Terraform's logic, and doesn't interact with any other 14 | services. 15 | 16 | Unconstrained randomness within a Terraform configuration would not be very 17 | useful, since Terraform's goal is to converge on a fixed configuration by 18 | applying a diff. Because of this, the "random" provider provides an idea of 19 | *managed randomness*: it provides resources that generate random values during 20 | their creation and then hold those values steady until the inputs are changed. 21 | 22 | Even with these resources, it is advisable to keep the use of randomness within 23 | Terraform configuration to a minimum, and retain it for special cases only; 24 | Terraform works best when the configuration is well-defined, since its behavior 25 | can then be more readily predicted. 26 | 27 | Unless otherwise stated within the documentation of a specific resource, this 28 | provider's results are **not** sufficiently random for cryptographic use. 29 | 30 | For more information on the specific resources available, see the links in the 31 | navigation bar. Read on for information on the general patterns that apply 32 | to this provider's resources. 33 | 34 | ## Resource "Keepers" 35 | 36 | As noted above, the random resources generate randomness only when they are 37 | created; the results produced are stored in the Terraform state and re-used 38 | until the inputs change, prompting the resource to be recreated. 39 | 40 | The resources all provide a map argument called `keepers` that can be populated 41 | with arbitrary key/value pairs that should be selected such that they remain 42 | the same until new random values are desired. 43 | 44 | For example: 45 | 46 | ```python 47 | # DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 48 | from constructs import Construct 49 | from cdktf import Fn, Token, TerraformStack 50 | # 51 | # Provider bindings are generated by running `cdktf get`. 52 | # See https://cdk.tf/provider-generation for more details. 53 | # 54 | from imports.aws.instance import Instance 55 | from imports.random.id import Id 56 | class MyConvertedCode(TerraformStack): 57 | def __init__(self, scope, name): 58 | super().__init__(scope, name) 59 | server = Id(self, "server", 60 | byte_length=8, 61 | keepers={ 62 | "ami_id": ami_id.string_value 63 | } 64 | ) 65 | aws_instance_server = Instance(self, "server_1", 66 | ami=Token.as_string(Fn.lookup_nested(server, ["keepers", "ami_id"])), 67 | tags={ 68 | "Name": "web-server ${" + server.hex + "}" 69 | } 70 | ) 71 | # This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match. 72 | aws_instance_server.override_logical_id("server") 73 | ``` 74 | 75 | Resource "keepers" are optional. The other arguments to each resource must 76 | *also* remain constant in order to retain a random result. 77 | 78 | `keepers` are *not* treated as sensitive attributes; a value used for `keepers` will be displayed in Terraform UI output as plaintext. 79 | 80 | To force a random result to be replaced, the `taint` command can be used to 81 | produce a new result on the next run. 82 | -------------------------------------------------------------------------------- /docs/cdktf/python/resources/bytes.md: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | 4 | # generated by https://github.com/hashicorp/terraform-plugin-docs 5 | page_title: "random_bytes Resource - terraform-provider-random" 6 | subcategory: "" 7 | description: |- 8 | The resource random_bytes generates random bytes that are intended to be used as a secret, or key. Use this in preference to random_id when the output is considered sensitive, and should not be displayed in the CLI. 9 | This resource does use a cryptographic random number generator. 10 | --- 11 | 12 | # random_bytes (Resource) 13 | 14 | The resource `random_bytes` generates random bytes that are intended to be used as a secret, or key. Use this in preference to `random_id` when the output is considered sensitive, and should not be displayed in the CLI. 15 | 16 | This resource *does* use a cryptographic random number generator. 17 | 18 | ## Example Usage 19 | 20 | ```python 21 | # DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 22 | from constructs import Construct 23 | from cdktf import TerraformStack 24 | # 25 | # Provider bindings are generated by running `cdktf get`. 26 | # See https://cdk.tf/provider-generation for more details. 27 | # 28 | from imports.azurerm.key_vault_secret import KeyVaultSecret 29 | from imports.random.bytes import Bytes 30 | class MyConvertedCode(TerraformStack): 31 | def __init__(self, scope, name): 32 | super().__init__(scope, name) 33 | # The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm. 34 | # For a more precise conversion please use the --provider flag in convert. 35 | jwt_secret = Bytes(self, "jwt_secret", 36 | length=64 37 | ) 38 | azurerm_key_vault_secret_jwt_secret = KeyVaultSecret(self, "jwt_secret_1", 39 | key_vault_id="some-azure-key-vault-id", 40 | name="JwtSecret", 41 | value=jwt_secret.base64 42 | ) 43 | # This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match. 44 | azurerm_key_vault_secret_jwt_secret.override_logical_id("jwt_secret") 45 | ``` 46 | 47 | 48 | ## Schema 49 | 50 | ### Required 51 | 52 | - `length` (Number) The number of bytes requested. The minimum value for length is 1. 53 | 54 | ### Optional 55 | 56 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 57 | 58 | ### Read-Only 59 | 60 | - `base64` (String, Sensitive) The generated bytes presented in base64 string format. 61 | - `hex` (String, Sensitive) The generated bytes presented in lowercase hexadecimal string format. The length of the encoded string is exactly twice the `length` parameter. 62 | 63 | ## Import 64 | 65 | Import is supported using the following syntax: 66 | 67 | ```shell 68 | # Random bytes can be imported by specifying the value as base64 string. 69 | terraform import random_bytes.basic "8/fu3q+2DcgSJ19i0jZ5Cw==" 70 | ``` 71 | 72 | -------------------------------------------------------------------------------- /docs/cdktf/python/resources/id.md: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | 4 | # generated by https://github.com/hashicorp/terraform-plugin-docs 5 | page_title: "random_id Resource - terraform-provider-random" 6 | subcategory: "" 7 | description: |- 8 | The resource random_id generates random numbers that are intended to be 9 | used as unique identifiers for other resources. If the output is considered 10 | sensitive, and should not be displayed in the CLI, use random_bytes 11 | instead. 12 | This resource does use a cryptographic random number generator in order 13 | to minimize the chance of collisions, making the results of this resource 14 | when a 16-byte identifier is requested of equivalent uniqueness to a 15 | type-4 UUID. 16 | This resource can be used in conjunction with resources that have 17 | the create_before_destroy lifecycle flag set to avoid conflicts with 18 | unique names during the brief period where both the old and new resources 19 | exist concurrently. 20 | --- 21 | 22 | # random_id (Resource) 23 | 24 | The resource `random_id` generates random numbers that are intended to be 25 | used as unique identifiers for other resources. If the output is considered 26 | sensitive, and should not be displayed in the CLI, use `random_bytes` 27 | instead. 28 | 29 | This resource *does* use a cryptographic random number generator in order 30 | to minimize the chance of collisions, making the results of this resource 31 | when a 16-byte identifier is requested of equivalent uniqueness to a 32 | type-4 UUID. 33 | 34 | This resource can be used in conjunction with resources that have 35 | the `create_before_destroy` lifecycle flag set to avoid conflicts with 36 | unique names during the brief period where both the old and new resources 37 | exist concurrently. 38 | 39 | ## Example Usage 40 | 41 | ```python 42 | # DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 43 | from constructs import Construct 44 | from cdktf import Fn, Token, TerraformStack 45 | # 46 | # Provider bindings are generated by running `cdktf get`. 47 | # See https://cdk.tf/provider-generation for more details. 48 | # 49 | from imports.aws.instance import Instance 50 | from imports.random.id import Id 51 | class MyConvertedCode(TerraformStack): 52 | def __init__(self, scope, name): 53 | super().__init__(scope, name) 54 | server = Id(self, "server", 55 | byte_length=8, 56 | keepers={ 57 | "ami_id": ami_id.string_value 58 | } 59 | ) 60 | aws_instance_server = Instance(self, "server_1", 61 | ami=Token.as_string(Fn.lookup_nested(server, ["keepers", "ami_id"])), 62 | tags={ 63 | "Name": "web-server ${" + server.hex + "}" 64 | } 65 | ) 66 | # This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match. 67 | aws_instance_server.override_logical_id("server") 68 | ``` 69 | 70 | 71 | ## Schema 72 | 73 | ### Required 74 | 75 | - `byte_length` (Number) The number of random bytes to produce. The minimum value is 1, which produces eight bits of randomness. 76 | 77 | ### Optional 78 | 79 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 80 | - `prefix` (String) Arbitrary string to prefix the output value with. This string is supplied as-is, meaning it is not guaranteed to be URL-safe or base64 encoded. 81 | 82 | ### Read-Only 83 | 84 | - `b64_std` (String) The generated id presented in base64 without additional transformations. 85 | - `b64_url` (String) The generated id presented in base64, using the URL-friendly character set: case-sensitive letters, digits and the characters `_` and `-`. 86 | - `dec` (String) The generated id presented in non-padded decimal digits. 87 | - `hex` (String) The generated id presented in padded hexadecimal digits. This result will always be twice as long as the requested byte length. 88 | - `id` (String) The generated id presented in base64 without additional transformations or prefix. 89 | 90 | ## Import 91 | 92 | Import is supported using the following syntax: 93 | 94 | ```shell 95 | # Random IDs can be imported using the b64_url with an optional prefix. This 96 | # can be used to replace a config value with a value interpolated from the 97 | # random provider without experiencing diffs. 98 | 99 | # Example with no prefix: 100 | terraform import random_id.server p-9hUg 101 | 102 | # Example with prefix (prefix is separated by a ,): 103 | $ terraform import random_id.server my-prefix-,p-9hUg 104 | ``` 105 | 106 | -------------------------------------------------------------------------------- /docs/cdktf/python/resources/integer.md: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | 4 | # generated by https://github.com/hashicorp/terraform-plugin-docs 5 | page_title: "random_integer Resource - terraform-provider-random" 6 | subcategory: "" 7 | description: |- 8 | The resource random_integer generates random values from a given range, described by the min and max attributes of a given resource. 9 | This resource can be used in conjunction with resources that have the create_before_destroy lifecycle flag set, to avoid conflicts with unique names during the brief period where both the old and new resources exist concurrently. 10 | --- 11 | 12 | # random_integer (Resource) 13 | 14 | The resource `random_integer` generates random values from a given range, described by the `min` and `max` attributes of a given resource. 15 | 16 | This resource can be used in conjunction with resources that have the `create_before_destroy` lifecycle flag set, to avoid conflicts with unique names during the brief period where both the old and new resources exist concurrently. 17 | 18 | ## Example Usage 19 | 20 | ```python 21 | # DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 22 | from constructs import Construct 23 | from cdktf import Fn, Token, TerraformStack 24 | # 25 | # Provider bindings are generated by running `cdktf get`. 26 | # See https://cdk.tf/provider-generation for more details. 27 | # 28 | from imports.aws.alb_listener_rule import AlbListenerRule 29 | from imports.random.integer import Integer 30 | class MyConvertedCode(TerraformStack): 31 | def __init__(self, scope, name, *, condition): 32 | super().__init__(scope, name) 33 | priority = Integer(self, "priority", 34 | keepers={ 35 | "listener_arn": listener_arn.string_value 36 | }, 37 | max=50000, 38 | min=1 39 | ) 40 | AlbListenerRule(self, "main", 41 | action=[AlbListenerRuleAction( 42 | target_group_arn=target_group_arn.string_value, 43 | type="forward" 44 | ) 45 | ], 46 | listener_arn=Token.as_string( 47 | Fn.lookup_nested(priority, ["keepers", "listener_arn"])), 48 | priority=priority.result, 49 | condition=condition 50 | ) 51 | ``` 52 | 53 | 54 | ## Schema 55 | 56 | ### Required 57 | 58 | - `max` (Number) The maximum inclusive value of the range. 59 | - `min` (Number) The minimum inclusive value of the range. 60 | 61 | ### Optional 62 | 63 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 64 | - `seed` (String) A custom seed to always produce the same value. 65 | 66 | ### Read-Only 67 | 68 | - `id` (String) The string representation of the integer result. 69 | - `result` (Number) The random integer result. 70 | 71 | ## Import 72 | 73 | Import is supported using the following syntax: 74 | 75 | ```shell 76 | # Random integers can be imported using the result, min, and max, with an 77 | # optional seed. This can be used to replace a config value with a value 78 | # interpolated from the random provider without experiencing diffs. 79 | 80 | # Example (values are separated by a ,): 81 | terraform import random_integer.priority 15390,1,50000 82 | ``` 83 | 84 | -------------------------------------------------------------------------------- /docs/cdktf/python/resources/pet.md: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | 4 | # generated by https://github.com/hashicorp/terraform-plugin-docs 5 | page_title: "random_pet Resource - terraform-provider-random" 6 | subcategory: "" 7 | description: |- 8 | The resource random_pet generates random pet names that are intended to be used as unique identifiers for other resources. 9 | This resource can be used in conjunction with resources that have the create_before_destroy lifecycle flag set, to avoid conflicts with unique names during the brief period where both the old and new resources exist concurrently. 10 | --- 11 | 12 | # random_pet (Resource) 13 | 14 | The resource `random_pet` generates random pet names that are intended to be used as unique identifiers for other resources. 15 | 16 | This resource can be used in conjunction with resources that have the `create_before_destroy` lifecycle flag set, to avoid conflicts with unique names during the brief period where both the old and new resources exist concurrently. 17 | 18 | ## Example Usage 19 | 20 | ```python 21 | # DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 22 | from constructs import Construct 23 | from cdktf import Fn, Token, TerraformStack 24 | # 25 | # Provider bindings are generated by running `cdktf get`. 26 | # See https://cdk.tf/provider-generation for more details. 27 | # 28 | from imports.aws.instance import Instance 29 | from imports.random.pet import Pet 30 | class MyConvertedCode(TerraformStack): 31 | def __init__(self, scope, name): 32 | super().__init__(scope, name) 33 | server = Pet(self, "server", 34 | keepers={ 35 | "ami_id": ami_id.string_value 36 | } 37 | ) 38 | aws_instance_server = Instance(self, "server_1", 39 | ami=Token.as_string(Fn.lookup_nested(server, ["keepers", "ami_id"])), 40 | tags={ 41 | "Name": "web-server-${" + server.id + "}" 42 | } 43 | ) 44 | # This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match. 45 | aws_instance_server.override_logical_id("server") 46 | ``` 47 | 48 | 49 | ## Schema 50 | 51 | ### Optional 52 | 53 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 54 | - `length` (Number) The length (in words) of the pet name. Defaults to 2 55 | - `prefix` (String) A string to prefix the name with. 56 | - `separator` (String) The character to separate words in the pet name. Defaults to "-" 57 | 58 | ### Read-Only 59 | 60 | - `id` (String) The random pet name. 61 | 62 | -------------------------------------------------------------------------------- /docs/cdktf/python/resources/shuffle.md: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | 4 | # generated by https://github.com/hashicorp/terraform-plugin-docs 5 | page_title: "random_shuffle Resource - terraform-provider-random" 6 | subcategory: "" 7 | description: |- 8 | The resource random_shuffle generates a random permutation of a list of strings given as an argument. 9 | --- 10 | 11 | # random_shuffle (Resource) 12 | 13 | The resource `random_shuffle` generates a random permutation of a list of strings given as an argument. 14 | 15 | ## Example Usage 16 | 17 | ```python 18 | # DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 19 | from constructs import Construct 20 | from cdktf import Token, TerraformStack 21 | # 22 | # Provider bindings are generated by running `cdktf get`. 23 | # See https://cdk.tf/provider-generation for more details. 24 | # 25 | from imports.aws.elb import Elb 26 | from imports.random.shuffle import Shuffle 27 | class MyConvertedCode(TerraformStack): 28 | def __init__(self, scope, name, *, listener): 29 | super().__init__(scope, name) 30 | az = Shuffle(self, "az", 31 | input=["us-west-1a", "us-west-1c", "us-west-1d", "us-west-1e"], 32 | result_count=2 33 | ) 34 | Elb(self, "example", 35 | availability_zones=Token.as_list(az.result), 36 | listener=listener 37 | ) 38 | ``` 39 | 40 | 41 | ## Schema 42 | 43 | ### Required 44 | 45 | - `input` (List of String) The list of strings to shuffle. 46 | 47 | ### Optional 48 | 49 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 50 | - `result_count` (Number) The number of results to return. Defaults to the number of items in the `input` list. If fewer items are requested, some elements will be excluded from the result. If more items are requested, items will be repeated in the result but not more frequently than the number of items in the input list. 51 | - `seed` (String) Arbitrary string with which to seed the random number generator, in order to produce less-volatile permutations of the list. 52 | 53 | **Important:** Even with an identical seed, it is not guaranteed that the same permutation will be produced across different versions of Terraform. This argument causes the result to be *less volatile*, but not fixed for all time. 54 | 55 | ### Read-Only 56 | 57 | - `id` (String) A static value used internally by Terraform, this should not be referenced in configurations. 58 | - `result` (List of String) Random permutation of the list of strings given in `input`. The number of elements is determined by `result_count` if set, or the number of elements in `input`. 59 | 60 | -------------------------------------------------------------------------------- /docs/cdktf/python/resources/string.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "random_string Resource - terraform-provider-random" 3 | subcategory: "" 4 | description: |- 5 | The resource random_string generates a random permutation of alphanumeric characters and optionally special characters. 6 | This resource does use a cryptographic random number generator. 7 | Historically this resource's intended usage has been ambiguous as the original example used it in a password. For backwards compatibility it will continue to exist. For unique ids please use random_id id.html, for sensitive random values please use random_password password.html. 8 | --- 9 | 10 | 11 | 12 | # random_string (Resource) 13 | 14 | The resource `random_string` generates a random permutation of alphanumeric characters and optionally special characters. 15 | 16 | This resource *does* use a cryptographic random number generator. 17 | 18 | Historically this resource's intended usage has been ambiguous as the original example used it in a password. For backwards compatibility it will continue to exist. For unique ids please use [random_id](id.html), for sensitive random values please use [random_password](password.html). 19 | 20 | ## Example Usage 21 | 22 | ```python 23 | # DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 24 | from constructs import Construct 25 | from cdktf import TerraformStack 26 | # 27 | # Provider bindings are generated by running `cdktf get`. 28 | # See https://cdk.tf/provider-generation for more details. 29 | # 30 | from imports.random.string_resource import StringResource 31 | class MyConvertedCode(TerraformStack): 32 | def __init__(self, scope, name): 33 | super().__init__(scope, name) 34 | StringResource(self, "random", 35 | length=16, 36 | override_special="/@£$", 37 | special=True 38 | ) 39 | ``` 40 | 41 | 42 | ## Schema 43 | 44 | ### Required 45 | 46 | - `length` (Number) The length of the string desired. The minimum value for length is 1 and, length must also be >= (`min_upper` + `min_lower` + `min_numeric` + `min_special`). 47 | 48 | ### Optional 49 | 50 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 51 | - `lower` (Boolean) Include lowercase alphabet characters in the result. Default value is `true`. 52 | - `min_lower` (Number) Minimum number of lowercase alphabet characters in the result. Default value is `0`. 53 | - `min_numeric` (Number) Minimum number of numeric characters in the result. Default value is `0`. 54 | - `min_special` (Number) Minimum number of special characters in the result. Default value is `0`. 55 | - `min_upper` (Number) Minimum number of uppercase alphabet characters in the result. Default value is `0`. 56 | - `number` (Boolean, Deprecated) Include numeric characters in the result. Default value is `true`. If `number`, `upper`, `lower`, and `special` are all configured, at least one of them must be set to `true`. **NOTE**: This is deprecated, use `numeric` instead. 57 | - `numeric` (Boolean) Include numeric characters in the result. Default value is `true`. If `numeric`, `upper`, `lower`, and `special` are all configured, at least one of them must be set to `true`. 58 | - `override_special` (String) Supply your own list of special characters to use for string generation. This overrides the default character list in the special argument. The `special` argument must still be set to true for any overwritten characters to be used in generation. 59 | - `special` (Boolean) Include special characters in the result. These are `!@#$%&*()-_=+[]{}<>:?`. Default value is `true`. 60 | - `upper` (Boolean) Include uppercase alphabet characters in the result. Default value is `true`. 61 | 62 | ### Read-Only 63 | 64 | - `id` (String) The generated random string. 65 | - `result` (String) The generated random string. 66 | 67 | ## Import 68 | 69 | Import is supported using the following syntax: 70 | 71 | ```shell 72 | terraform import random_string.test test 73 | ``` 74 | 75 | ### Limitations of Import 76 | 77 | Any attribute values that are specified within Terraform config will be 78 | ignored during import and all attributes that have defaults defined within 79 | the schema will have the default assigned. 80 | 81 | For instance, using the following config during import: 82 | ```python 83 | # DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 84 | from constructs import Construct 85 | from cdktf import TerraformStack 86 | # 87 | # Provider bindings are generated by running `cdktf get`. 88 | # See https://cdk.tf/provider-generation for more details. 89 | # 90 | from imports.random.string_resource import StringResource 91 | class MyConvertedCode(TerraformStack): 92 | def __init__(self, scope, name): 93 | super().__init__(scope, name) 94 | StringResource(self, "test", 95 | length=16, 96 | lower=False 97 | ) 98 | ``` 99 | 100 | Then importing the resource using `terraform import random_string.test test`, 101 | would result in the triggering of a replacement (i.e., destroy-create) during 102 | the next `terraform apply`. 103 | 104 | ### Avoiding Replacement 105 | 106 | If the resource were imported using `terraform import random_string.test test`, 107 | replacement can be avoided by using: 108 | 109 | 1. Attribute values that match the imported ID and defaults: 110 | ```python 111 | # DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 112 | from constructs import Construct 113 | from cdktf import TerraformStack 114 | # 115 | # Provider bindings are generated by running `cdktf get`. 116 | # See https://cdk.tf/provider-generation for more details. 117 | # 118 | from imports.random.string_resource import StringResource 119 | class MyConvertedCode(TerraformStack): 120 | def __init__(self, scope, name): 121 | super().__init__(scope, name) 122 | StringResource(self, "test", 123 | length=4, 124 | lower=True 125 | ) 126 | ``` 127 | 128 | 2. Attribute values that match the imported ID and omit the attributes with defaults: 129 | ```python 130 | # DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 131 | from constructs import Construct 132 | from cdktf import TerraformStack 133 | # 134 | # Provider bindings are generated by running `cdktf get`. 135 | # See https://cdk.tf/provider-generation for more details. 136 | # 137 | from imports.random.string_resource import StringResource 138 | class MyConvertedCode(TerraformStack): 139 | def __init__(self, scope, name): 140 | super().__init__(scope, name) 141 | StringResource(self, "test", 142 | length=4 143 | ) 144 | ``` 145 | 146 | 3. `ignore_changes` specifying the attributes to ignore: 147 | ```python 148 | # DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 149 | from cdktf import TerraformResourceLifecycle 150 | from constructs import Construct 151 | from cdktf import TerraformStack 152 | # 153 | # Provider bindings are generated by running `cdktf get`. 154 | # See https://cdk.tf/provider-generation for more details. 155 | # 156 | from imports.random.string_resource import StringResource 157 | class MyConvertedCode(TerraformStack): 158 | def __init__(self, scope, name): 159 | super().__init__(scope, name) 160 | StringResource(self, "test", 161 | length=16, 162 | lifecycle=TerraformResourceLifecycle( 163 | ignore_changes=[length, lower] 164 | ), 165 | lower=False 166 | ) 167 | ``` 168 | 169 | **NOTE** `ignore_changes` is only required until the resource is recreated after import, 170 | after which it will use the configuration values specified. 171 | -------------------------------------------------------------------------------- /docs/cdktf/python/resources/uuid.md: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | 4 | # generated by https://github.com/hashicorp/terraform-plugin-docs 5 | page_title: "random_uuid Resource - terraform-provider-random" 6 | subcategory: "" 7 | description: |- 8 | The resource random_uuid generates a random uuid string that is intended to be used as a unique identifier for other resources. 9 | This resource uses hashicorp/go-uuid https://github.com/hashicorp/go-uuid to generate a UUID-formatted string for use with services needing a unique string identifier. 10 | --- 11 | 12 | # random_uuid (Resource) 13 | 14 | The resource `random_uuid` generates a random uuid string that is intended to be used as a unique identifier for other resources. 15 | 16 | This resource uses [hashicorp/go-uuid](https://github.com/hashicorp/go-uuid) to generate a UUID-formatted string for use with services needing a unique string identifier. 17 | 18 | ## Example Usage 19 | 20 | ```python 21 | # DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 22 | from constructs import Construct 23 | from cdktf import TerraformStack 24 | # 25 | # Provider bindings are generated by running `cdktf get`. 26 | # See https://cdk.tf/provider-generation for more details. 27 | # 28 | from imports.azurerm.resource_group import ResourceGroup 29 | from imports.random.uuid import Uuid 30 | class MyConvertedCode(TerraformStack): 31 | def __init__(self, scope, name): 32 | super().__init__(scope, name) 33 | # The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm. 34 | # For a more precise conversion please use the --provider flag in convert. 35 | test = Uuid(self, "test") 36 | azurerm_resource_group_test = ResourceGroup(self, "test_1", 37 | location="Central US", 38 | name="${" + test.result + "}-rg" 39 | ) 40 | # This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match. 41 | azurerm_resource_group_test.override_logical_id("test") 42 | ``` 43 | 44 | 45 | ## Schema 46 | 47 | ### Optional 48 | 49 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 50 | 51 | ### Read-Only 52 | 53 | - `id` (String) The generated uuid presented in string format. 54 | - `result` (String) The generated uuid presented in string format. 55 | 56 | ## Import 57 | 58 | Import is supported using the following syntax: 59 | 60 | ```shell 61 | # Random UUID's can be imported. This can be used to replace a config 62 | # value with a value interpolated from the random provider without 63 | # experiencing diffs. 64 | 65 | terraform import random_uuid.main aabbccdd-eeff-0011-2233-445566778899 66 | ``` 67 | 68 | -------------------------------------------------------------------------------- /docs/cdktf/typescript/ephemeral-resources/password.md: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | 4 | # generated by https://github.com/hashicorp/terraform-plugin-docs 5 | page_title: "random_password Ephemeral Resource - terraform-provider-random" 6 | subcategory: "" 7 | description: |- 8 | -> If the managed resource doesn't have a write-only argument available for the password (first introduced in Terraform 1.11), then the password can only be created with the managed resource variant of random_password https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password. 9 | Generates an ephemeral password string using a cryptographic random number generator. 10 | The primary use-case for generating an ephemeral random password is to be used in combination with a write-only argument in a managed resource, which will avoid Terraform storing the password string in the plan or state file. 11 | --- 12 | 13 | # random_password (Ephemeral Resource) 14 | 15 | -> If the managed resource doesn't have a write-only argument available for the password (first introduced in Terraform 1.11), then the password can only be created with the managed resource variant of [`randomPassword`](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password). 16 | 17 | Generates an ephemeral password string using a cryptographic random number generator. 18 | 19 | The primary use-case for generating an ephemeral random password is to be used in combination with a write-only argument in a managed resource, which will avoid Terraform storing the password string in the plan or state file. 20 | 21 | ## Example Usage 22 | 23 | ```typescript 24 | // DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 25 | import { Construct } from "constructs"; 26 | import { TerraformStack } from "cdktf"; 27 | class MyConvertedCode extends TerraformStack { 28 | constructor(scope: Construct, name: string) { 29 | super(scope, name); 30 | } 31 | } 32 | 33 | ``` 34 | 35 | 36 | ## Schema 37 | 38 | ### Required 39 | 40 | - `length` (Number) The length of the string desired. The minimum value for length is 1 and, length must also be >= (`minUpper` + `minLower` + `minNumeric` + `minSpecial`). 41 | 42 | ### Optional 43 | 44 | - `lower` (Boolean) Include lowercase alphabet characters in the result. Default value is `true`. 45 | - `minLower` (Number) Minimum number of lowercase alphabet characters in the result. Default value is `0`. 46 | - `minNumeric` (Number) Minimum number of numeric characters in the result. Default value is `0`. 47 | - `minSpecial` (Number) Minimum number of special characters in the result. Default value is `0`. 48 | - `minUpper` (Number) Minimum number of uppercase alphabet characters in the result. Default value is `0`. 49 | - `numeric` (Boolean) Include numeric characters in the result. Default value is `true`. If `numeric`, `upper`, `lower`, and `special` are all configured, at least one of them must be set to `true`. 50 | - `overrideSpecial` (String) Supply your own list of special characters to use for string generation. This overrides the default character list in the special argument. The `special` argument must still be set to true for any overwritten characters to be used in generation. 51 | - `special` (Boolean) Include special characters in the result. These are `!@#$%&*()-_=+[]{}<>:?`. Default value is `true`. 52 | - `upper` (Boolean) Include uppercase alphabet characters in the result. Default value is `true`. 53 | 54 | ### Read-Only 55 | 56 | - `bcryptHash` (String, Sensitive) A bcrypt hash of the generated random string. **NOTE**: If the generated random string is greater than 72 bytes in length, `bcryptHash` will contain a hash of the first 72 bytes. 57 | - `result` (String, Sensitive) The generated random string. 58 | 59 | -------------------------------------------------------------------------------- /docs/cdktf/typescript/index.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "Provider: Random" 3 | description: |- 4 | The Random provider is used to generate randomness. 5 | --- 6 | 7 | 8 | 9 | # Random Provider 10 | 11 | The "random" provider allows the use of randomness within Terraform 12 | configurations. This is a *logical provider*, which means that it works 13 | entirely within Terraform's logic, and doesn't interact with any other 14 | services. 15 | 16 | Unconstrained randomness within a Terraform configuration would not be very 17 | useful, since Terraform's goal is to converge on a fixed configuration by 18 | applying a diff. Because of this, the "random" provider provides an idea of 19 | *managed randomness*: it provides resources that generate random values during 20 | their creation and then hold those values steady until the inputs are changed. 21 | 22 | Even with these resources, it is advisable to keep the use of randomness within 23 | Terraform configuration to a minimum, and retain it for special cases only; 24 | Terraform works best when the configuration is well-defined, since its behavior 25 | can then be more readily predicted. 26 | 27 | Unless otherwise stated within the documentation of a specific resource, this 28 | provider's results are **not** sufficiently random for cryptographic use. 29 | 30 | For more information on the specific resources available, see the links in the 31 | navigation bar. Read on for information on the general patterns that apply 32 | to this provider's resources. 33 | 34 | ## Resource "Keepers" 35 | 36 | As noted above, the random resources generate randomness only when they are 37 | created; the results produced are stored in the Terraform state and re-used 38 | until the inputs change, prompting the resource to be recreated. 39 | 40 | The resources all provide a map argument called `keepers` that can be populated 41 | with arbitrary key/value pairs that should be selected such that they remain 42 | the same until new random values are desired. 43 | 44 | For example: 45 | 46 | ```typescript 47 | // DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 48 | import { Construct } from "constructs"; 49 | import { Fn, Token, TerraformStack } from "cdktf"; 50 | /* 51 | * Provider bindings are generated by running `cdktf get`. 52 | * See https://cdk.tf/provider-generation for more details. 53 | */ 54 | import { Instance } from "./.gen/providers/aws/instance"; 55 | import { Id } from "./.gen/providers/random/id"; 56 | class MyConvertedCode extends TerraformStack { 57 | constructor(scope: Construct, name: string) { 58 | super(scope, name); 59 | const server = new Id(this, "server", { 60 | byteLength: 8, 61 | keepers: { 62 | ami_id: amiId.stringValue, 63 | }, 64 | }); 65 | const awsInstanceServer = new Instance(this, "server_1", { 66 | ami: Token.asString(Fn.lookupNested(server, ["keepers", "ami_id"])), 67 | tags: { 68 | Name: "web-server ${" + server.hex + "}", 69 | }, 70 | }); 71 | /*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/ 72 | awsInstanceServer.overrideLogicalId("server"); 73 | } 74 | } 75 | 76 | ``` 77 | 78 | Resource "keepers" are optional. The other arguments to each resource must 79 | *also* remain constant in order to retain a random result. 80 | 81 | `keepers` are *not* treated as sensitive attributes; a value used for `keepers` will be displayed in Terraform UI output as plaintext. 82 | 83 | To force a random result to be replaced, the `taint` command can be used to 84 | produce a new result on the next run. 85 | -------------------------------------------------------------------------------- /docs/cdktf/typescript/resources/bytes.md: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | 4 | # generated by https://github.com/hashicorp/terraform-plugin-docs 5 | page_title: "random_bytes Resource - terraform-provider-random" 6 | subcategory: "" 7 | description: |- 8 | The resource random_bytes generates random bytes that are intended to be used as a secret, or key. Use this in preference to random_id when the output is considered sensitive, and should not be displayed in the CLI. 9 | This resource does use a cryptographic random number generator. 10 | --- 11 | 12 | # random_bytes (Resource) 13 | 14 | The resource `random_bytes` generates random bytes that are intended to be used as a secret, or key. Use this in preference to `random_id` when the output is considered sensitive, and should not be displayed in the CLI. 15 | 16 | This resource *does* use a cryptographic random number generator. 17 | 18 | ## Example Usage 19 | 20 | ```typescript 21 | // DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 22 | import { Construct } from "constructs"; 23 | import { TerraformStack } from "cdktf"; 24 | /* 25 | * Provider bindings are generated by running `cdktf get`. 26 | * See https://cdk.tf/provider-generation for more details. 27 | */ 28 | import { KeyVaultSecret } from "./.gen/providers/azurerm/key-vault-secret"; 29 | import { Bytes } from "./.gen/providers/random/bytes"; 30 | class MyConvertedCode extends TerraformStack { 31 | constructor(scope: Construct, name: string) { 32 | super(scope, name); 33 | /*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm. 34 | For a more precise conversion please use the --provider flag in convert.*/ 35 | const jwtSecret = new Bytes(this, "jwt_secret", { 36 | length: 64, 37 | }); 38 | const azurermKeyVaultSecretJwtSecret = new KeyVaultSecret( 39 | this, 40 | "jwt_secret_1", 41 | { 42 | key_vault_id: "some-azure-key-vault-id", 43 | name: "JwtSecret", 44 | value: jwtSecret.base64, 45 | } 46 | ); 47 | /*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/ 48 | azurermKeyVaultSecretJwtSecret.overrideLogicalId("jwt_secret"); 49 | } 50 | } 51 | 52 | ``` 53 | 54 | 55 | ## Schema 56 | 57 | ### Required 58 | 59 | - `length` (Number) The number of bytes requested. The minimum value for length is 1. 60 | 61 | ### Optional 62 | 63 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 64 | 65 | ### Read-Only 66 | 67 | - `base64` (String, Sensitive) The generated bytes presented in base64 string format. 68 | - `hex` (String, Sensitive) The generated bytes presented in lowercase hexadecimal string format. The length of the encoded string is exactly twice the `length` parameter. 69 | 70 | ## Import 71 | 72 | Import is supported using the following syntax: 73 | 74 | ```shell 75 | # Random bytes can be imported by specifying the value as base64 string. 76 | terraform import random_bytes.basic "8/fu3q+2DcgSJ19i0jZ5Cw==" 77 | ``` 78 | 79 | -------------------------------------------------------------------------------- /docs/cdktf/typescript/resources/id.md: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | 4 | # generated by https://github.com/hashicorp/terraform-plugin-docs 5 | page_title: "random_id Resource - terraform-provider-random" 6 | subcategory: "" 7 | description: |- 8 | The resource random_id generates random numbers that are intended to be 9 | used as unique identifiers for other resources. If the output is considered 10 | sensitive, and should not be displayed in the CLI, use random_bytes 11 | instead. 12 | This resource does use a cryptographic random number generator in order 13 | to minimize the chance of collisions, making the results of this resource 14 | when a 16-byte identifier is requested of equivalent uniqueness to a 15 | type-4 UUID. 16 | This resource can be used in conjunction with resources that have 17 | the create_before_destroy lifecycle flag set to avoid conflicts with 18 | unique names during the brief period where both the old and new resources 19 | exist concurrently. 20 | --- 21 | 22 | # random_id (Resource) 23 | 24 | The resource `random_id` generates random numbers that are intended to be 25 | used as unique identifiers for other resources. If the output is considered 26 | sensitive, and should not be displayed in the CLI, use `random_bytes` 27 | instead. 28 | 29 | This resource *does* use a cryptographic random number generator in order 30 | to minimize the chance of collisions, making the results of this resource 31 | when a 16-byte identifier is requested of equivalent uniqueness to a 32 | type-4 UUID. 33 | 34 | This resource can be used in conjunction with resources that have 35 | the `create_before_destroy` lifecycle flag set to avoid conflicts with 36 | unique names during the brief period where both the old and new resources 37 | exist concurrently. 38 | 39 | ## Example Usage 40 | 41 | ```typescript 42 | // DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 43 | import { Construct } from "constructs"; 44 | import { Fn, Token, TerraformStack } from "cdktf"; 45 | /* 46 | * Provider bindings are generated by running `cdktf get`. 47 | * See https://cdk.tf/provider-generation for more details. 48 | */ 49 | import { Instance } from "./.gen/providers/aws/instance"; 50 | import { Id } from "./.gen/providers/random/id"; 51 | class MyConvertedCode extends TerraformStack { 52 | constructor(scope: Construct, name: string) { 53 | super(scope, name); 54 | const server = new Id(this, "server", { 55 | byteLength: 8, 56 | keepers: { 57 | ami_id: amiId.stringValue, 58 | }, 59 | }); 60 | const awsInstanceServer = new Instance(this, "server_1", { 61 | ami: Token.asString(Fn.lookupNested(server, ["keepers", "ami_id"])), 62 | tags: { 63 | Name: "web-server ${" + server.hex + "}", 64 | }, 65 | }); 66 | /*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/ 67 | awsInstanceServer.overrideLogicalId("server"); 68 | } 69 | } 70 | 71 | ``` 72 | 73 | 74 | ## Schema 75 | 76 | ### Required 77 | 78 | - `byteLength` (Number) The number of random bytes to produce. The minimum value is 1, which produces eight bits of randomness. 79 | 80 | ### Optional 81 | 82 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 83 | - `prefix` (String) Arbitrary string to prefix the output value with. This string is supplied as-is, meaning it is not guaranteed to be URL-safe or base64 encoded. 84 | 85 | ### Read-Only 86 | 87 | - `b64Std` (String) The generated id presented in base64 without additional transformations. 88 | - `b64Url` (String) The generated id presented in base64, using the URL-friendly character set: case-sensitive letters, digits and the characters `_` and `-`. 89 | - `dec` (String) The generated id presented in non-padded decimal digits. 90 | - `hex` (String) The generated id presented in padded hexadecimal digits. This result will always be twice as long as the requested byte length. 91 | - `id` (String) The generated id presented in base64 without additional transformations or prefix. 92 | 93 | ## Import 94 | 95 | Import is supported using the following syntax: 96 | 97 | ```shell 98 | # Random IDs can be imported using the b64_url with an optional prefix. This 99 | # can be used to replace a config value with a value interpolated from the 100 | # random provider without experiencing diffs. 101 | 102 | # Example with no prefix: 103 | terraform import random_id.server p-9hUg 104 | 105 | # Example with prefix (prefix is separated by a ,): 106 | $ terraform import random_id.server my-prefix-,p-9hUg 107 | ``` 108 | 109 | -------------------------------------------------------------------------------- /docs/cdktf/typescript/resources/integer.md: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | 4 | # generated by https://github.com/hashicorp/terraform-plugin-docs 5 | page_title: "random_integer Resource - terraform-provider-random" 6 | subcategory: "" 7 | description: |- 8 | The resource random_integer generates random values from a given range, described by the min and max attributes of a given resource. 9 | This resource can be used in conjunction with resources that have the create_before_destroy lifecycle flag set, to avoid conflicts with unique names during the brief period where both the old and new resources exist concurrently. 10 | --- 11 | 12 | # random_integer (Resource) 13 | 14 | The resource `random_integer` generates random values from a given range, described by the `min` and `max` attributes of a given resource. 15 | 16 | This resource can be used in conjunction with resources that have the `create_before_destroy` lifecycle flag set, to avoid conflicts with unique names during the brief period where both the old and new resources exist concurrently. 17 | 18 | ## Example Usage 19 | 20 | ```typescript 21 | // DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 22 | import { Construct } from "constructs"; 23 | import { Fn, Token, TerraformStack } from "cdktf"; 24 | /* 25 | * Provider bindings are generated by running `cdktf get`. 26 | * See https://cdk.tf/provider-generation for more details. 27 | */ 28 | import { AlbListenerRule } from "./.gen/providers/aws/alb-listener-rule"; 29 | import { Integer } from "./.gen/providers/random/integer"; 30 | interface MyConfig { 31 | condition: any; 32 | } 33 | class MyConvertedCode extends TerraformStack { 34 | constructor(scope: Construct, name: string, config: MyConfig) { 35 | super(scope, name); 36 | const priority = new Integer(this, "priority", { 37 | keepers: { 38 | listener_arn: listenerArn.stringValue, 39 | }, 40 | max: 50000, 41 | min: 1, 42 | }); 43 | new AlbListenerRule(this, "main", { 44 | action: [ 45 | { 46 | targetGroupArn: targetGroupArn.stringValue, 47 | type: "forward", 48 | }, 49 | ], 50 | listenerArn: Token.asString( 51 | Fn.lookupNested(priority, ["keepers", "listener_arn"]) 52 | ), 53 | priority: priority.result, 54 | condition: config.condition, 55 | }); 56 | } 57 | } 58 | 59 | ``` 60 | 61 | 62 | ## Schema 63 | 64 | ### Required 65 | 66 | - `max` (Number) The maximum inclusive value of the range. 67 | - `min` (Number) The minimum inclusive value of the range. 68 | 69 | ### Optional 70 | 71 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 72 | - `seed` (String) A custom seed to always produce the same value. 73 | 74 | ### Read-Only 75 | 76 | - `id` (String) The string representation of the integer result. 77 | - `result` (Number) The random integer result. 78 | 79 | ## Import 80 | 81 | Import is supported using the following syntax: 82 | 83 | ```shell 84 | # Random integers can be imported using the result, min, and max, with an 85 | # optional seed. This can be used to replace a config value with a value 86 | # interpolated from the random provider without experiencing diffs. 87 | 88 | # Example (values are separated by a ,): 89 | terraform import random_integer.priority 15390,1,50000 90 | ``` 91 | 92 | -------------------------------------------------------------------------------- /docs/cdktf/typescript/resources/pet.md: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | 4 | # generated by https://github.com/hashicorp/terraform-plugin-docs 5 | page_title: "random_pet Resource - terraform-provider-random" 6 | subcategory: "" 7 | description: |- 8 | The resource random_pet generates random pet names that are intended to be used as unique identifiers for other resources. 9 | This resource can be used in conjunction with resources that have the create_before_destroy lifecycle flag set, to avoid conflicts with unique names during the brief period where both the old and new resources exist concurrently. 10 | --- 11 | 12 | # random_pet (Resource) 13 | 14 | The resource `random_pet` generates random pet names that are intended to be used as unique identifiers for other resources. 15 | 16 | This resource can be used in conjunction with resources that have the `create_before_destroy` lifecycle flag set, to avoid conflicts with unique names during the brief period where both the old and new resources exist concurrently. 17 | 18 | ## Example Usage 19 | 20 | ```typescript 21 | // DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 22 | import { Construct } from "constructs"; 23 | import { Fn, Token, TerraformStack } from "cdktf"; 24 | /* 25 | * Provider bindings are generated by running `cdktf get`. 26 | * See https://cdk.tf/provider-generation for more details. 27 | */ 28 | import { Instance } from "./.gen/providers/aws/instance"; 29 | import { Pet } from "./.gen/providers/random/pet"; 30 | class MyConvertedCode extends TerraformStack { 31 | constructor(scope: Construct, name: string) { 32 | super(scope, name); 33 | const server = new Pet(this, "server", { 34 | keepers: { 35 | ami_id: amiId.stringValue, 36 | }, 37 | }); 38 | const awsInstanceServer = new Instance(this, "server_1", { 39 | ami: Token.asString(Fn.lookupNested(server, ["keepers", "ami_id"])), 40 | tags: { 41 | Name: "web-server-${" + server.id + "}", 42 | }, 43 | }); 44 | /*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/ 45 | awsInstanceServer.overrideLogicalId("server"); 46 | } 47 | } 48 | 49 | ``` 50 | 51 | 52 | ## Schema 53 | 54 | ### Optional 55 | 56 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 57 | - `length` (Number) The length (in words) of the pet name. Defaults to 2 58 | - `prefix` (String) A string to prefix the name with. 59 | - `separator` (String) The character to separate words in the pet name. Defaults to "-" 60 | 61 | ### Read-Only 62 | 63 | - `id` (String) The random pet name. 64 | 65 | -------------------------------------------------------------------------------- /docs/cdktf/typescript/resources/shuffle.md: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | 4 | # generated by https://github.com/hashicorp/terraform-plugin-docs 5 | page_title: "random_shuffle Resource - terraform-provider-random" 6 | subcategory: "" 7 | description: |- 8 | The resource random_shuffle generates a random permutation of a list of strings given as an argument. 9 | --- 10 | 11 | # random_shuffle (Resource) 12 | 13 | The resource `random_shuffle` generates a random permutation of a list of strings given as an argument. 14 | 15 | ## Example Usage 16 | 17 | ```typescript 18 | // DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 19 | import { Construct } from "constructs"; 20 | import { Token, TerraformStack } from "cdktf"; 21 | /* 22 | * Provider bindings are generated by running `cdktf get`. 23 | * See https://cdk.tf/provider-generation for more details. 24 | */ 25 | import { Elb } from "./.gen/providers/aws/elb"; 26 | import { Shuffle } from "./.gen/providers/random/shuffle"; 27 | interface MyConfig { 28 | listener: any; 29 | } 30 | class MyConvertedCode extends TerraformStack { 31 | constructor(scope: Construct, name: string, config: MyConfig) { 32 | super(scope, name); 33 | const az = new Shuffle(this, "az", { 34 | input: ["us-west-1a", "us-west-1c", "us-west-1d", "us-west-1e"], 35 | resultCount: 2, 36 | }); 37 | new Elb(this, "example", { 38 | availabilityZones: Token.asList(az.result), 39 | listener: config.listener, 40 | }); 41 | } 42 | } 43 | 44 | ``` 45 | 46 | 47 | ## Schema 48 | 49 | ### Required 50 | 51 | - `input` (List of String) The list of strings to shuffle. 52 | 53 | ### Optional 54 | 55 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 56 | - `resultCount` (Number) The number of results to return. Defaults to the number of items in the `input` list. If fewer items are requested, some elements will be excluded from the result. If more items are requested, items will be repeated in the result but not more frequently than the number of items in the input list. 57 | - `seed` (String) Arbitrary string with which to seed the random number generator, in order to produce less-volatile permutations of the list. 58 | 59 | **Important:** Even with an identical seed, it is not guaranteed that the same permutation will be produced across different versions of Terraform. This argument causes the result to be *less volatile*, but not fixed for all time. 60 | 61 | ### Read-Only 62 | 63 | - `id` (String) A static value used internally by Terraform, this should not be referenced in configurations. 64 | - `result` (List of String) Random permutation of the list of strings given in `input`. The number of elements is determined by `resultCount` if set, or the number of elements in `input`. 65 | 66 | -------------------------------------------------------------------------------- /docs/cdktf/typescript/resources/uuid.md: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | 4 | # generated by https://github.com/hashicorp/terraform-plugin-docs 5 | page_title: "random_uuid Resource - terraform-provider-random" 6 | subcategory: "" 7 | description: |- 8 | The resource random_uuid generates a random uuid string that is intended to be used as a unique identifier for other resources. 9 | This resource uses hashicorp/go-uuid https://github.com/hashicorp/go-uuid to generate a UUID-formatted string for use with services needing a unique string identifier. 10 | --- 11 | 12 | # random_uuid (Resource) 13 | 14 | The resource `random_uuid` generates a random uuid string that is intended to be used as a unique identifier for other resources. 15 | 16 | This resource uses [hashicorp/go-uuid](https://github.com/hashicorp/go-uuid) to generate a UUID-formatted string for use with services needing a unique string identifier. 17 | 18 | ## Example Usage 19 | 20 | ```typescript 21 | // DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug 22 | import { Construct } from "constructs"; 23 | import { TerraformStack } from "cdktf"; 24 | /* 25 | * Provider bindings are generated by running `cdktf get`. 26 | * See https://cdk.tf/provider-generation for more details. 27 | */ 28 | import { ResourceGroup } from "./.gen/providers/azurerm/resource-group"; 29 | import { Uuid } from "./.gen/providers/random/uuid"; 30 | class MyConvertedCode extends TerraformStack { 31 | constructor(scope: Construct, name: string) { 32 | super(scope, name); 33 | /*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm. 34 | For a more precise conversion please use the --provider flag in convert.*/ 35 | const test = new Uuid(this, "test", {}); 36 | const azurermResourceGroupTest = new ResourceGroup(this, "test_1", { 37 | location: "Central US", 38 | name: "${" + test.result + "}-rg", 39 | }); 40 | /*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/ 41 | azurermResourceGroupTest.overrideLogicalId("test"); 42 | } 43 | } 44 | 45 | ``` 46 | 47 | 48 | ## Schema 49 | 50 | ### Optional 51 | 52 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 53 | 54 | ### Read-Only 55 | 56 | - `id` (String) The generated uuid presented in string format. 57 | - `result` (String) The generated uuid presented in string format. 58 | 59 | ## Import 60 | 61 | Import is supported using the following syntax: 62 | 63 | ```shell 64 | # Random UUID's can be imported. This can be used to replace a config 65 | # value with a value interpolated from the random provider without 66 | # experiencing diffs. 67 | 68 | terraform import random_uuid.main aabbccdd-eeff-0011-2233-445566778899 69 | ``` 70 | 71 | -------------------------------------------------------------------------------- /docs/ephemeral-resources/password.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "random_password Ephemeral Resource - terraform-provider-random" 4 | subcategory: "" 5 | description: |- 6 | -> If the managed resource doesn't have a write-only argument available for the password (first introduced in Terraform 1.11), then the password can only be created with the managed resource variant of random_password https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password. 7 | Generates an ephemeral password string using a cryptographic random number generator. 8 | The primary use-case for generating an ephemeral random password is to be used in combination with a write-only argument in a managed resource, which will avoid Terraform storing the password string in the plan or state file. 9 | --- 10 | 11 | # random_password (Ephemeral Resource) 12 | 13 | -> If the managed resource doesn't have a write-only argument available for the password (first introduced in Terraform 1.11), then the password can only be created with the managed resource variant of [`random_password`](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password). 14 | 15 | Generates an ephemeral password string using a cryptographic random number generator. 16 | 17 | The primary use-case for generating an ephemeral random password is to be used in combination with a write-only argument in a managed resource, which will avoid Terraform storing the password string in the plan or state file. 18 | 19 | ## Example Usage 20 | 21 | ```terraform 22 | ephemeral "random_password" "password" { 23 | length = 16 24 | special = true 25 | override_special = "!#$%&*()-_=+[]{}<>:?" 26 | } 27 | ``` 28 | 29 | 30 | ## Schema 31 | 32 | ### Required 33 | 34 | - `length` (Number) The length of the string desired. The minimum value for length is 1 and, length must also be >= (`min_upper` + `min_lower` + `min_numeric` + `min_special`). 35 | 36 | ### Optional 37 | 38 | - `lower` (Boolean) Include lowercase alphabet characters in the result. Default value is `true`. 39 | - `min_lower` (Number) Minimum number of lowercase alphabet characters in the result. Default value is `0`. 40 | - `min_numeric` (Number) Minimum number of numeric characters in the result. Default value is `0`. 41 | - `min_special` (Number) Minimum number of special characters in the result. Default value is `0`. 42 | - `min_upper` (Number) Minimum number of uppercase alphabet characters in the result. Default value is `0`. 43 | - `numeric` (Boolean) Include numeric characters in the result. Default value is `true`. If `numeric`, `upper`, `lower`, and `special` are all configured, at least one of them must be set to `true`. 44 | - `override_special` (String) Supply your own list of special characters to use for string generation. This overrides the default character list in the special argument. The `special` argument must still be set to true for any overwritten characters to be used in generation. 45 | - `special` (Boolean) Include special characters in the result. These are `!@#$%&*()-_=+[]{}<>:?`. Default value is `true`. 46 | - `upper` (Boolean) Include uppercase alphabet characters in the result. Default value is `true`. 47 | 48 | ### Read-Only 49 | 50 | - `bcrypt_hash` (String, Sensitive) A bcrypt hash of the generated random string. **NOTE**: If the generated random string is greater than 72 bytes in length, `bcrypt_hash` will contain a hash of the first 72 bytes. 51 | - `result` (String, Sensitive) The generated random string. 52 | -------------------------------------------------------------------------------- /docs/index.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "Provider: Random" 3 | description: |- 4 | The Random provider is used to generate randomness. 5 | --- 6 | 7 | # Random Provider 8 | 9 | The "random" provider allows the use of randomness within Terraform 10 | configurations. This is a *logical provider*, which means that it works 11 | entirely within Terraform's logic, and doesn't interact with any other 12 | services. 13 | 14 | Unconstrained randomness within a Terraform configuration would not be very 15 | useful, since Terraform's goal is to converge on a fixed configuration by 16 | applying a diff. Because of this, the "random" provider provides an idea of 17 | *managed randomness*: it provides resources that generate random values during 18 | their creation and then hold those values steady until the inputs are changed. 19 | 20 | Even with these resources, it is advisable to keep the use of randomness within 21 | Terraform configuration to a minimum, and retain it for special cases only; 22 | Terraform works best when the configuration is well-defined, since its behavior 23 | can then be more readily predicted. 24 | 25 | Unless otherwise stated within the documentation of a specific resource, this 26 | provider's results are **not** sufficiently random for cryptographic use. 27 | 28 | For more information on the specific resources available, see the links in the 29 | navigation bar. Read on for information on the general patterns that apply 30 | to this provider's resources. 31 | 32 | ## Resource "Keepers" 33 | 34 | As noted above, the random resources generate randomness only when they are 35 | created; the results produced are stored in the Terraform state and re-used 36 | until the inputs change, prompting the resource to be recreated. 37 | 38 | The resources all provide a map argument called `keepers` that can be populated 39 | with arbitrary key/value pairs that should be selected such that they remain 40 | the same until new random values are desired. 41 | 42 | For example: 43 | 44 | ```terraform 45 | resource "random_id" "server" { 46 | keepers = { 47 | # Generate a new id each time we switch to a new AMI id 48 | ami_id = var.ami_id 49 | } 50 | 51 | byte_length = 8 52 | } 53 | 54 | resource "aws_instance" "server" { 55 | tags = { 56 | Name = "web-server ${random_id.server.hex}" 57 | } 58 | 59 | # Read the AMI id "through" the random_id resource to ensure that 60 | # both will change together. 61 | ami = random_id.server.keepers.ami_id 62 | 63 | # ... (other aws_instance arguments) ... 64 | } 65 | ``` 66 | 67 | Resource "keepers" are optional. The other arguments to each resource must 68 | *also* remain constant in order to retain a random result. 69 | 70 | `keepers` are *not* treated as sensitive attributes; a value used for `keepers` will be displayed in Terraform UI output as plaintext. 71 | 72 | To force a random result to be replaced, the `taint` command can be used to 73 | produce a new result on the next run. -------------------------------------------------------------------------------- /docs/resources/bytes.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "random_bytes Resource - terraform-provider-random" 4 | subcategory: "" 5 | description: |- 6 | The resource random_bytes generates random bytes that are intended to be used as a secret, or key. Use this in preference to random_id when the output is considered sensitive, and should not be displayed in the CLI. 7 | This resource does use a cryptographic random number generator. 8 | --- 9 | 10 | # random_bytes (Resource) 11 | 12 | The resource `random_bytes` generates random bytes that are intended to be used as a secret, or key. Use this in preference to `random_id` when the output is considered sensitive, and should not be displayed in the CLI. 13 | 14 | This resource *does* use a cryptographic random number generator. 15 | 16 | ## Example Usage 17 | 18 | ```terraform 19 | resource "random_bytes" "jwt_secret" { 20 | length = 64 21 | } 22 | 23 | resource "azurerm_key_vault_secret" "jwt_secret" { 24 | key_vault_id = "some-azure-key-vault-id" 25 | name = "JwtSecret" 26 | value = random_bytes.jwt_secret.base64 27 | } 28 | ``` 29 | 30 | 31 | ## Schema 32 | 33 | ### Required 34 | 35 | - `length` (Number) The number of bytes requested. The minimum value for length is 1. 36 | 37 | ### Optional 38 | 39 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 40 | 41 | ### Read-Only 42 | 43 | - `base64` (String, Sensitive) The generated bytes presented in base64 string format. 44 | - `hex` (String, Sensitive) The generated bytes presented in lowercase hexadecimal string format. The length of the encoded string is exactly twice the `length` parameter. 45 | 46 | ## Import 47 | 48 | Import is supported using the following syntax: 49 | 50 | ```shell 51 | # Random bytes can be imported by specifying the value as base64 string. 52 | terraform import random_bytes.basic "8/fu3q+2DcgSJ19i0jZ5Cw==" 53 | ``` 54 | -------------------------------------------------------------------------------- /docs/resources/id.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "random_id Resource - terraform-provider-random" 4 | subcategory: "" 5 | description: |- 6 | The resource random_id generates random numbers that are intended to be 7 | used as unique identifiers for other resources. If the output is considered 8 | sensitive, and should not be displayed in the CLI, use random_bytes 9 | instead. 10 | This resource does use a cryptographic random number generator in order 11 | to minimize the chance of collisions, making the results of this resource 12 | when a 16-byte identifier is requested of equivalent uniqueness to a 13 | type-4 UUID. 14 | This resource can be used in conjunction with resources that have 15 | the create_before_destroy lifecycle flag set to avoid conflicts with 16 | unique names during the brief period where both the old and new resources 17 | exist concurrently. 18 | --- 19 | 20 | # random_id (Resource) 21 | 22 | The resource `random_id` generates random numbers that are intended to be 23 | used as unique identifiers for other resources. If the output is considered 24 | sensitive, and should not be displayed in the CLI, use `random_bytes` 25 | instead. 26 | 27 | This resource *does* use a cryptographic random number generator in order 28 | to minimize the chance of collisions, making the results of this resource 29 | when a 16-byte identifier is requested of equivalent uniqueness to a 30 | type-4 UUID. 31 | 32 | This resource can be used in conjunction with resources that have 33 | the `create_before_destroy` lifecycle flag set to avoid conflicts with 34 | unique names during the brief period where both the old and new resources 35 | exist concurrently. 36 | 37 | ## Example Usage 38 | 39 | ```terraform 40 | # The following example shows how to generate a unique name for an AWS EC2 41 | # instance that changes each time a new AMI id is selected. 42 | 43 | resource "random_id" "server" { 44 | keepers = { 45 | # Generate a new id each time we switch to a new AMI id 46 | ami_id = var.ami_id 47 | } 48 | 49 | byte_length = 8 50 | } 51 | 52 | resource "aws_instance" "server" { 53 | tags = { 54 | Name = "web-server ${random_id.server.hex}" 55 | } 56 | 57 | # Read the AMI id "through" the random_id resource to ensure that 58 | # both will change together. 59 | ami = random_id.server.keepers.ami_id 60 | 61 | # ... (other aws_instance arguments) ... 62 | } 63 | ``` 64 | 65 | 66 | ## Schema 67 | 68 | ### Required 69 | 70 | - `byte_length` (Number) The number of random bytes to produce. The minimum value is 1, which produces eight bits of randomness. 71 | 72 | ### Optional 73 | 74 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 75 | - `prefix` (String) Arbitrary string to prefix the output value with. This string is supplied as-is, meaning it is not guaranteed to be URL-safe or base64 encoded. 76 | 77 | ### Read-Only 78 | 79 | - `b64_std` (String) The generated id presented in base64 without additional transformations. 80 | - `b64_url` (String) The generated id presented in base64, using the URL-friendly character set: case-sensitive letters, digits and the characters `_` and `-`. 81 | - `dec` (String) The generated id presented in non-padded decimal digits. 82 | - `hex` (String) The generated id presented in padded hexadecimal digits. This result will always be twice as long as the requested byte length. 83 | - `id` (String) The generated id presented in base64 without additional transformations or prefix. 84 | 85 | ## Import 86 | 87 | Import is supported using the following syntax: 88 | 89 | ```shell 90 | # Random IDs can be imported using the b64_url with an optional prefix. This 91 | # can be used to replace a config value with a value interpolated from the 92 | # random provider without experiencing diffs. 93 | 94 | # Example with no prefix: 95 | terraform import random_id.server p-9hUg 96 | 97 | # Example with prefix (prefix is separated by a ,): 98 | $ terraform import random_id.server my-prefix-,p-9hUg 99 | ``` 100 | -------------------------------------------------------------------------------- /docs/resources/integer.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "random_integer Resource - terraform-provider-random" 4 | subcategory: "" 5 | description: |- 6 | The resource random_integer generates random values from a given range, described by the min and max attributes of a given resource. 7 | This resource can be used in conjunction with resources that have the create_before_destroy lifecycle flag set, to avoid conflicts with unique names during the brief period where both the old and new resources exist concurrently. 8 | --- 9 | 10 | # random_integer (Resource) 11 | 12 | The resource `random_integer` generates random values from a given range, described by the `min` and `max` attributes of a given resource. 13 | 14 | This resource can be used in conjunction with resources that have the `create_before_destroy` lifecycle flag set, to avoid conflicts with unique names during the brief period where both the old and new resources exist concurrently. 15 | 16 | ## Example Usage 17 | 18 | ```terraform 19 | # The following example shows how to generate a random priority 20 | # between 1 and 50000 for a aws_alb_listener_rule resource: 21 | 22 | resource "random_integer" "priority" { 23 | min = 1 24 | max = 50000 25 | keepers = { 26 | # Generate a new integer each time we switch to a new listener ARN 27 | listener_arn = var.listener_arn 28 | } 29 | } 30 | 31 | resource "aws_alb_listener_rule" "main" { 32 | listener_arn = random_integer.priority.keepers.listener_arn 33 | priority = random_integer.priority.result 34 | 35 | action { 36 | type = "forward" 37 | target_group_arn = var.target_group_arn 38 | } 39 | # ... (other aws_alb_listener_rule arguments) ... 40 | } 41 | ``` 42 | 43 | 44 | ## Schema 45 | 46 | ### Required 47 | 48 | - `max` (Number) The maximum inclusive value of the range. 49 | - `min` (Number) The minimum inclusive value of the range. 50 | 51 | ### Optional 52 | 53 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 54 | - `seed` (String) A custom seed to always produce the same value. 55 | 56 | ### Read-Only 57 | 58 | - `id` (String) The string representation of the integer result. 59 | - `result` (Number) The random integer result. 60 | 61 | ## Import 62 | 63 | Import is supported using the following syntax: 64 | 65 | ```shell 66 | # Random integers can be imported using the result, min, and max, with an 67 | # optional seed. This can be used to replace a config value with a value 68 | # interpolated from the random provider without experiencing diffs. 69 | 70 | # Example (values are separated by a ,): 71 | terraform import random_integer.priority 15390,1,50000 72 | ``` 73 | -------------------------------------------------------------------------------- /docs/resources/password.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "random_password Resource - terraform-provider-random" 3 | subcategory: "" 4 | description: |- 5 | -> If the managed resource supports a write-only attribute for the password (first introduced in Terraform 1.11), then the ephemeral variant of random_password https://registry.terraform.io/providers/hashicorp/random/latest/docs/ephemeral-resources/password should be used, when possible, to avoid storing the password in the plan or state file. 6 | Identical to random_string https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string with the exception that the result is treated as sensitive and, thus, not displayed in console output. Read more about sensitive data handling in the Terraform documentation https://developer.hashicorp.com/terraform/language/state/sensitive-data. 7 | This resource does use a cryptographic random number generator. 8 | --- 9 | 10 | # random_password (Resource) 11 | 12 | -> If the managed resource supports a write-only attribute for the password (first introduced in Terraform 1.11), then the ephemeral variant of [`random_password`](https://registry.terraform.io/providers/hashicorp/random/latest/docs/ephemeral-resources/password) should be used, when possible, to avoid storing the password in the plan or state file. 13 | 14 | Identical to [`random_string`](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) with the exception that the result is treated as sensitive and, thus, _not_ displayed in console output. Read more about sensitive data handling in the [Terraform documentation](https://developer.hashicorp.com/terraform/language/state/sensitive-data). 15 | 16 | This resource *does* use a cryptographic random number generator. 17 | 18 | ## Example Usage 19 | 20 | ```terraform 21 | resource "random_password" "password" { 22 | length = 16 23 | special = true 24 | override_special = "!#$%&*()-_=+[]{}<>:?" 25 | } 26 | 27 | resource "aws_db_instance" "example" { 28 | instance_class = "db.t3.micro" 29 | allocated_storage = 64 30 | engine = "mysql" 31 | username = "someone" 32 | password = random_password.password.result 33 | } 34 | ``` 35 | 36 | 37 | ## Schema 38 | 39 | ### Required 40 | 41 | - `length` (Number) The length of the string desired. The minimum value for length is 1 and, length must also be >= (`min_upper` + `min_lower` + `min_numeric` + `min_special`). 42 | 43 | ### Optional 44 | 45 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 46 | - `lower` (Boolean) Include lowercase alphabet characters in the result. Default value is `true`. 47 | - `min_lower` (Number) Minimum number of lowercase alphabet characters in the result. Default value is `0`. 48 | - `min_numeric` (Number) Minimum number of numeric characters in the result. Default value is `0`. 49 | - `min_special` (Number) Minimum number of special characters in the result. Default value is `0`. 50 | - `min_upper` (Number) Minimum number of uppercase alphabet characters in the result. Default value is `0`. 51 | - `number` (Boolean, Deprecated) Include numeric characters in the result. Default value is `true`. If `number`, `upper`, `lower`, and `special` are all configured, at least one of them must be set to `true`. **NOTE**: This is deprecated, use `numeric` instead. 52 | - `numeric` (Boolean) Include numeric characters in the result. Default value is `true`. If `numeric`, `upper`, `lower`, and `special` are all configured, at least one of them must be set to `true`. 53 | - `override_special` (String) Supply your own list of special characters to use for string generation. This overrides the default character list in the special argument. The `special` argument must still be set to true for any overwritten characters to be used in generation. 54 | - `special` (Boolean) Include special characters in the result. These are `!@#$%&*()-_=+[]{}<>:?`. Default value is `true`. 55 | - `upper` (Boolean) Include uppercase alphabet characters in the result. Default value is `true`. 56 | 57 | ### Read-Only 58 | 59 | - `bcrypt_hash` (String, Sensitive) A bcrypt hash of the generated random string. **NOTE**: If the generated random string is greater than 72 bytes in length, `bcrypt_hash` will contain a hash of the first 72 bytes. 60 | - `id` (String) A static value used internally by Terraform, this should not be referenced in configurations. 61 | - `result` (String, Sensitive) The generated random string. 62 | 63 | ## Import 64 | 65 | Import is supported using the following syntax: 66 | 67 | ```shell 68 | terraform import random_password.password securepassword 69 | ``` 70 | 71 | ### Limitations of Import 72 | 73 | Any attribute values that are specified within Terraform config will be 74 | ignored during import and all attributes that have defaults defined within 75 | the schema will have the default assigned. 76 | 77 | For instance, using the following config during import: 78 | ```terraform 79 | resource "random_password" "password" { 80 | length = 16 81 | lower = false 82 | } 83 | ``` 84 | 85 | Then importing the resource using `terraform import random_password.password securepassword`, 86 | would result in the triggering of a replacement (i.e., destroy-create) during the next 87 | `terraform apply`. 88 | 89 | ### Avoiding Replacement 90 | 91 | If the resource were imported using `terraform import random_password.password securepassword`, 92 | replacement could be avoided by using: 93 | 94 | 1. Attribute values that match the imported ID and defaults: 95 | 96 | ```terraform 97 | resource "random_password" "password" { 98 | length = 14 99 | lower = true 100 | } 101 | ``` 102 | 103 | 104 | 2. Attribute values that match the imported ID and omit the attributes with defaults: 105 | 106 | ```terraform 107 | resource "random_password" "password" { 108 | length = 14 109 | } 110 | ``` 111 | 112 | 113 | 3. `ignore_changes` specifying the attributes to ignore: 114 | 115 | ```terraform 116 | resource "random_password" "password" { 117 | length = 16 118 | lower = false 119 | 120 | lifecycle { 121 | ignore_changes = [ 122 | length, 123 | lower, 124 | ] 125 | } 126 | } 127 | ``` 128 | 129 | **NOTE** `ignore_changes` is only required until the resource is recreated after import, 130 | after which it will use the configuration values specified. 131 | -------------------------------------------------------------------------------- /docs/resources/pet.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "random_pet Resource - terraform-provider-random" 4 | subcategory: "" 5 | description: |- 6 | The resource random_pet generates random pet names that are intended to be used as unique identifiers for other resources. 7 | This resource can be used in conjunction with resources that have the create_before_destroy lifecycle flag set, to avoid conflicts with unique names during the brief period where both the old and new resources exist concurrently. 8 | --- 9 | 10 | # random_pet (Resource) 11 | 12 | The resource `random_pet` generates random pet names that are intended to be used as unique identifiers for other resources. 13 | 14 | This resource can be used in conjunction with resources that have the `create_before_destroy` lifecycle flag set, to avoid conflicts with unique names during the brief period where both the old and new resources exist concurrently. 15 | 16 | ## Example Usage 17 | 18 | ```terraform 19 | # The following example shows how to generate a unique pet name 20 | # for an AWS EC2 instance that changes each time a new AMI id is 21 | # selected. 22 | 23 | resource "random_pet" "server" { 24 | keepers = { 25 | # Generate a new pet name each time we switch to a new AMI id 26 | ami_id = var.ami_id 27 | } 28 | } 29 | 30 | resource "aws_instance" "server" { 31 | tags = { 32 | Name = "web-server-${random_pet.server.id}" 33 | } 34 | 35 | # Read the AMI id "through" the random_pet resource to ensure that 36 | # both will change together. 37 | ami = random_pet.server.keepers.ami_id 38 | 39 | # ... (other aws_instance arguments) ... 40 | } 41 | ``` 42 | 43 | 44 | ## Schema 45 | 46 | ### Optional 47 | 48 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 49 | - `length` (Number) The length (in words) of the pet name. Defaults to 2 50 | - `prefix` (String) A string to prefix the name with. 51 | - `separator` (String) The character to separate words in the pet name. Defaults to "-" 52 | 53 | ### Read-Only 54 | 55 | - `id` (String) The random pet name. 56 | -------------------------------------------------------------------------------- /docs/resources/shuffle.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "random_shuffle Resource - terraform-provider-random" 4 | subcategory: "" 5 | description: |- 6 | The resource random_shuffle generates a random permutation of a list of strings given as an argument. 7 | --- 8 | 9 | # random_shuffle (Resource) 10 | 11 | The resource `random_shuffle` generates a random permutation of a list of strings given as an argument. 12 | 13 | ## Example Usage 14 | 15 | ```terraform 16 | resource "random_shuffle" "az" { 17 | input = ["us-west-1a", "us-west-1c", "us-west-1d", "us-west-1e"] 18 | result_count = 2 19 | } 20 | 21 | resource "aws_elb" "example" { 22 | # Place the ELB in any two of the given availability zones, selected 23 | # at random. 24 | availability_zones = random_shuffle.az.result 25 | 26 | # ... and other aws_elb arguments ... 27 | } 28 | ``` 29 | 30 | 31 | ## Schema 32 | 33 | ### Required 34 | 35 | - `input` (List of String) The list of strings to shuffle. 36 | 37 | ### Optional 38 | 39 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 40 | - `result_count` (Number) The number of results to return. Defaults to the number of items in the `input` list. If fewer items are requested, some elements will be excluded from the result. If more items are requested, items will be repeated in the result but not more frequently than the number of items in the input list. 41 | - `seed` (String) Arbitrary string with which to seed the random number generator, in order to produce less-volatile permutations of the list. 42 | 43 | **Important:** Even with an identical seed, it is not guaranteed that the same permutation will be produced across different versions of Terraform. This argument causes the result to be *less volatile*, but not fixed for all time. 44 | 45 | ### Read-Only 46 | 47 | - `id` (String) A static value used internally by Terraform, this should not be referenced in configurations. 48 | - `result` (List of String) Random permutation of the list of strings given in `input`. The number of elements is determined by `result_count` if set, or the number of elements in `input`. 49 | -------------------------------------------------------------------------------- /docs/resources/string.md: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "random_string Resource - terraform-provider-random" 3 | subcategory: "" 4 | description: |- 5 | The resource random_string generates a random permutation of alphanumeric characters and optionally special characters. 6 | This resource does use a cryptographic random number generator. 7 | Historically this resource's intended usage has been ambiguous as the original example used it in a password. For backwards compatibility it will continue to exist. For unique ids please use random_id id.html, for sensitive random values please use random_password password.html. 8 | --- 9 | 10 | # random_string (Resource) 11 | 12 | The resource `random_string` generates a random permutation of alphanumeric characters and optionally special characters. 13 | 14 | This resource *does* use a cryptographic random number generator. 15 | 16 | Historically this resource's intended usage has been ambiguous as the original example used it in a password. For backwards compatibility it will continue to exist. For unique ids please use [random_id](id.html), for sensitive random values please use [random_password](password.html). 17 | 18 | ## Example Usage 19 | 20 | ```terraform 21 | resource "random_string" "random" { 22 | length = 16 23 | special = true 24 | override_special = "/@£$" 25 | } 26 | ``` 27 | 28 | 29 | ## Schema 30 | 31 | ### Required 32 | 33 | - `length` (Number) The length of the string desired. The minimum value for length is 1 and, length must also be >= (`min_upper` + `min_lower` + `min_numeric` + `min_special`). 34 | 35 | ### Optional 36 | 37 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 38 | - `lower` (Boolean) Include lowercase alphabet characters in the result. Default value is `true`. 39 | - `min_lower` (Number) Minimum number of lowercase alphabet characters in the result. Default value is `0`. 40 | - `min_numeric` (Number) Minimum number of numeric characters in the result. Default value is `0`. 41 | - `min_special` (Number) Minimum number of special characters in the result. Default value is `0`. 42 | - `min_upper` (Number) Minimum number of uppercase alphabet characters in the result. Default value is `0`. 43 | - `number` (Boolean, Deprecated) Include numeric characters in the result. Default value is `true`. If `number`, `upper`, `lower`, and `special` are all configured, at least one of them must be set to `true`. **NOTE**: This is deprecated, use `numeric` instead. 44 | - `numeric` (Boolean) Include numeric characters in the result. Default value is `true`. If `numeric`, `upper`, `lower`, and `special` are all configured, at least one of them must be set to `true`. 45 | - `override_special` (String) Supply your own list of special characters to use for string generation. This overrides the default character list in the special argument. The `special` argument must still be set to true for any overwritten characters to be used in generation. 46 | - `special` (Boolean) Include special characters in the result. These are `!@#$%&*()-_=+[]{}<>:?`. Default value is `true`. 47 | - `upper` (Boolean) Include uppercase alphabet characters in the result. Default value is `true`. 48 | 49 | ### Read-Only 50 | 51 | - `id` (String) The generated random string. 52 | - `result` (String) The generated random string. 53 | 54 | ## Import 55 | 56 | Import is supported using the following syntax: 57 | 58 | ```shell 59 | terraform import random_string.test test 60 | ``` 61 | 62 | ### Limitations of Import 63 | 64 | Any attribute values that are specified within Terraform config will be 65 | ignored during import and all attributes that have defaults defined within 66 | the schema will have the default assigned. 67 | 68 | For instance, using the following config during import: 69 | ```terraform 70 | resource "random_string" "test" { 71 | length = 16 72 | lower = false 73 | } 74 | ``` 75 | 76 | Then importing the resource using `terraform import random_string.test test`, 77 | would result in the triggering of a replacement (i.e., destroy-create) during 78 | the next `terraform apply`. 79 | 80 | ### Avoiding Replacement 81 | 82 | If the resource were imported using `terraform import random_string.test test`, 83 | replacement can be avoided by using: 84 | 85 | 1. Attribute values that match the imported ID and defaults: 86 | ```terraform 87 | resource "random_string" "test" { 88 | length = 4 89 | lower = true 90 | } 91 | ``` 92 | 93 | 2. Attribute values that match the imported ID and omit the attributes with defaults: 94 | ```terraform 95 | resource "random_string" "test" { 96 | length = 4 97 | } 98 | ``` 99 | 100 | 3. `ignore_changes` specifying the attributes to ignore: 101 | ```terraform 102 | resource "random_string" "test" { 103 | length = 16 104 | lower = false 105 | 106 | lifecycle { 107 | ignore_changes = [ 108 | length, 109 | lower, 110 | ] 111 | } 112 | } 113 | ``` 114 | 115 | **NOTE** `ignore_changes` is only required until the resource is recreated after import, 116 | after which it will use the configuration values specified. -------------------------------------------------------------------------------- /docs/resources/uuid.md: -------------------------------------------------------------------------------- 1 | --- 2 | # generated by https://github.com/hashicorp/terraform-plugin-docs 3 | page_title: "random_uuid Resource - terraform-provider-random" 4 | subcategory: "" 5 | description: |- 6 | The resource random_uuid generates a random uuid string that is intended to be used as a unique identifier for other resources. 7 | This resource uses hashicorp/go-uuid https://github.com/hashicorp/go-uuid to generate a UUID-formatted string for use with services needing a unique string identifier. 8 | --- 9 | 10 | # random_uuid (Resource) 11 | 12 | The resource `random_uuid` generates a random uuid string that is intended to be used as a unique identifier for other resources. 13 | 14 | This resource uses [hashicorp/go-uuid](https://github.com/hashicorp/go-uuid) to generate a UUID-formatted string for use with services needing a unique string identifier. 15 | 16 | ## Example Usage 17 | 18 | ```terraform 19 | # The following example shows how to generate a unique name for an Azure Resource Group. 20 | 21 | resource "random_uuid" "test" { 22 | } 23 | 24 | resource "azurerm_resource_group" "test" { 25 | name = "${random_uuid.test.result}-rg" 26 | location = "Central US" 27 | } 28 | ``` 29 | 30 | 31 | ## Schema 32 | 33 | ### Optional 34 | 35 | - `keepers` (Map of String) Arbitrary map of values that, when changed, will trigger recreation of resource. See [the main provider documentation](../index.html) for more information. 36 | 37 | ### Read-Only 38 | 39 | - `id` (String) The generated uuid presented in string format. 40 | - `result` (String) The generated uuid presented in string format. 41 | 42 | ## Import 43 | 44 | Import is supported using the following syntax: 45 | 46 | ```shell 47 | # Random UUID's can be imported. This can be used to replace a config 48 | # value with a value interpolated from the random provider without 49 | # experiencing diffs. 50 | 51 | terraform import random_uuid.main aabbccdd-eeff-0011-2233-445566778899 52 | ``` 53 | -------------------------------------------------------------------------------- /examples/ephemeral-resources/random_password/ephemeral-resource.tf: -------------------------------------------------------------------------------- 1 | ephemeral "random_password" "password" { 2 | length = 16 3 | special = true 4 | override_special = "!#$%&*()-_=+[]{}<>:?" 5 | } 6 | -------------------------------------------------------------------------------- /examples/provider/provider.tf: -------------------------------------------------------------------------------- 1 | resource "random_id" "server" { 2 | keepers = { 3 | # Generate a new id each time we switch to a new AMI id 4 | ami_id = var.ami_id 5 | } 6 | 7 | byte_length = 8 8 | } 9 | 10 | resource "aws_instance" "server" { 11 | tags = { 12 | Name = "web-server ${random_id.server.hex}" 13 | } 14 | 15 | # Read the AMI id "through" the random_id resource to ensure that 16 | # both will change together. 17 | ami = random_id.server.keepers.ami_id 18 | 19 | # ... (other aws_instance arguments) ... 20 | } 21 | -------------------------------------------------------------------------------- /examples/resources/random_bytes/import.sh: -------------------------------------------------------------------------------- 1 | # Random bytes can be imported by specifying the value as base64 string. 2 | terraform import random_bytes.basic "8/fu3q+2DcgSJ19i0jZ5Cw==" 3 | -------------------------------------------------------------------------------- /examples/resources/random_bytes/resource.tf: -------------------------------------------------------------------------------- 1 | resource "random_bytes" "jwt_secret" { 2 | length = 64 3 | } 4 | 5 | resource "azurerm_key_vault_secret" "jwt_secret" { 6 | key_vault_id = "some-azure-key-vault-id" 7 | name = "JwtSecret" 8 | value = random_bytes.jwt_secret.base64 9 | } 10 | -------------------------------------------------------------------------------- /examples/resources/random_id/import.sh: -------------------------------------------------------------------------------- 1 | # Random IDs can be imported using the b64_url with an optional prefix. This 2 | # can be used to replace a config value with a value interpolated from the 3 | # random provider without experiencing diffs. 4 | 5 | # Example with no prefix: 6 | terraform import random_id.server p-9hUg 7 | 8 | # Example with prefix (prefix is separated by a ,): 9 | $ terraform import random_id.server my-prefix-,p-9hUg -------------------------------------------------------------------------------- /examples/resources/random_id/resource.tf: -------------------------------------------------------------------------------- 1 | # The following example shows how to generate a unique name for an AWS EC2 2 | # instance that changes each time a new AMI id is selected. 3 | 4 | resource "random_id" "server" { 5 | keepers = { 6 | # Generate a new id each time we switch to a new AMI id 7 | ami_id = var.ami_id 8 | } 9 | 10 | byte_length = 8 11 | } 12 | 13 | resource "aws_instance" "server" { 14 | tags = { 15 | Name = "web-server ${random_id.server.hex}" 16 | } 17 | 18 | # Read the AMI id "through" the random_id resource to ensure that 19 | # both will change together. 20 | ami = random_id.server.keepers.ami_id 21 | 22 | # ... (other aws_instance arguments) ... 23 | } 24 | -------------------------------------------------------------------------------- /examples/resources/random_integer/import.sh: -------------------------------------------------------------------------------- 1 | # Random integers can be imported using the result, min, and max, with an 2 | # optional seed. This can be used to replace a config value with a value 3 | # interpolated from the random provider without experiencing diffs. 4 | 5 | # Example (values are separated by a ,): 6 | terraform import random_integer.priority 15390,1,50000 -------------------------------------------------------------------------------- /examples/resources/random_integer/resource.tf: -------------------------------------------------------------------------------- 1 | # The following example shows how to generate a random priority 2 | # between 1 and 50000 for a aws_alb_listener_rule resource: 3 | 4 | resource "random_integer" "priority" { 5 | min = 1 6 | max = 50000 7 | keepers = { 8 | # Generate a new integer each time we switch to a new listener ARN 9 | listener_arn = var.listener_arn 10 | } 11 | } 12 | 13 | resource "aws_alb_listener_rule" "main" { 14 | listener_arn = random_integer.priority.keepers.listener_arn 15 | priority = random_integer.priority.result 16 | 17 | action { 18 | type = "forward" 19 | target_group_arn = var.target_group_arn 20 | } 21 | # ... (other aws_alb_listener_rule arguments) ... 22 | } 23 | -------------------------------------------------------------------------------- /examples/resources/random_password/import.sh: -------------------------------------------------------------------------------- 1 | # Random Password can be imported by specifying the value of the password. 2 | terraform import random_password.password securepassword -------------------------------------------------------------------------------- /examples/resources/random_password/resource.tf: -------------------------------------------------------------------------------- 1 | resource "random_password" "password" { 2 | length = 16 3 | special = true 4 | override_special = "!#$%&*()-_=+[]{}<>:?" 5 | } 6 | 7 | resource "aws_db_instance" "example" { 8 | instance_class = "db.t3.micro" 9 | allocated_storage = 64 10 | engine = "mysql" 11 | username = "someone" 12 | password = random_password.password.result 13 | } 14 | -------------------------------------------------------------------------------- /examples/resources/random_pet/resource.tf: -------------------------------------------------------------------------------- 1 | # The following example shows how to generate a unique pet name 2 | # for an AWS EC2 instance that changes each time a new AMI id is 3 | # selected. 4 | 5 | resource "random_pet" "server" { 6 | keepers = { 7 | # Generate a new pet name each time we switch to a new AMI id 8 | ami_id = var.ami_id 9 | } 10 | } 11 | 12 | resource "aws_instance" "server" { 13 | tags = { 14 | Name = "web-server-${random_pet.server.id}" 15 | } 16 | 17 | # Read the AMI id "through" the random_pet resource to ensure that 18 | # both will change together. 19 | ami = random_pet.server.keepers.ami_id 20 | 21 | # ... (other aws_instance arguments) ... 22 | } 23 | -------------------------------------------------------------------------------- /examples/resources/random_shuffle/resource.tf: -------------------------------------------------------------------------------- 1 | resource "random_shuffle" "az" { 2 | input = ["us-west-1a", "us-west-1c", "us-west-1d", "us-west-1e"] 3 | result_count = 2 4 | } 5 | 6 | resource "aws_elb" "example" { 7 | # Place the ELB in any two of the given availability zones, selected 8 | # at random. 9 | availability_zones = random_shuffle.az.result 10 | 11 | # ... and other aws_elb arguments ... 12 | } 13 | -------------------------------------------------------------------------------- /examples/resources/random_string/import.sh: -------------------------------------------------------------------------------- 1 | # Random String can be imported by specifying the value of the string. 2 | terraform import random_string.test test -------------------------------------------------------------------------------- /examples/resources/random_string/resource.tf: -------------------------------------------------------------------------------- 1 | resource "random_string" "random" { 2 | length = 16 3 | special = true 4 | override_special = "/@£$" 5 | } 6 | -------------------------------------------------------------------------------- /examples/resources/random_uuid/import.sh: -------------------------------------------------------------------------------- 1 | # Random UUID's can be imported. This can be used to replace a config 2 | # value with a value interpolated from the random provider without 3 | # experiencing diffs. 4 | 5 | terraform import random_uuid.main aabbccdd-eeff-0011-2233-445566778899 -------------------------------------------------------------------------------- /examples/resources/random_uuid/resource.tf: -------------------------------------------------------------------------------- 1 | # The following example shows how to generate a unique name for an Azure Resource Group. 2 | 3 | resource "random_uuid" "test" { 4 | } 5 | 6 | resource "azurerm_resource_group" "test" { 7 | name = "${random_uuid.test.result}-rg" 8 | location = "Central US" 9 | } 10 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module github.com/terraform-providers/terraform-provider-random 2 | 3 | go 1.23.7 4 | 5 | require ( 6 | github.com/dustinkirkland/golang-petname v0.0.0-20240428194347-eebcea082ee0 7 | github.com/google/go-cmp v0.7.0 8 | github.com/hashicorp/go-uuid v1.0.3 9 | github.com/hashicorp/terraform-json v0.25.0 10 | github.com/hashicorp/terraform-plugin-framework v1.15.0 11 | github.com/hashicorp/terraform-plugin-framework-validators v0.18.0 12 | github.com/hashicorp/terraform-plugin-go v0.27.0 13 | github.com/hashicorp/terraform-plugin-testing v1.13.1 14 | golang.org/x/crypto v0.39.0 15 | ) 16 | 17 | require ( 18 | github.com/ProtonMail/go-crypto v1.1.6 // indirect 19 | github.com/agext/levenshtein v1.2.2 // indirect 20 | github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect 21 | github.com/cloudflare/circl v1.6.0 // indirect 22 | github.com/fatih/color v1.16.0 // indirect 23 | github.com/golang/protobuf v1.5.4 // indirect 24 | github.com/hashicorp/errwrap v1.1.0 // indirect 25 | github.com/hashicorp/go-checkpoint v0.5.0 // indirect 26 | github.com/hashicorp/go-cleanhttp v0.5.2 // indirect 27 | github.com/hashicorp/go-cty v1.5.0 // indirect 28 | github.com/hashicorp/go-hclog v1.6.3 // indirect 29 | github.com/hashicorp/go-multierror v1.1.1 // indirect 30 | github.com/hashicorp/go-plugin v1.6.3 // indirect 31 | github.com/hashicorp/go-retryablehttp v0.7.7 // indirect 32 | github.com/hashicorp/go-version v1.7.0 // indirect 33 | github.com/hashicorp/hc-install v0.9.2 // indirect 34 | github.com/hashicorp/hcl/v2 v2.23.0 // indirect 35 | github.com/hashicorp/logutils v1.0.0 // indirect 36 | github.com/hashicorp/terraform-exec v0.23.0 // indirect 37 | github.com/hashicorp/terraform-plugin-log v0.9.0 // indirect 38 | github.com/hashicorp/terraform-plugin-sdk/v2 v2.37.0 // indirect 39 | github.com/hashicorp/terraform-registry-address v0.2.5 // indirect 40 | github.com/hashicorp/terraform-svchost v0.1.1 // indirect 41 | github.com/hashicorp/yamux v0.1.1 // indirect 42 | github.com/kr/pretty v0.3.0 // indirect 43 | github.com/mattn/go-colorable v0.1.13 // indirect 44 | github.com/mattn/go-isatty v0.0.20 // indirect 45 | github.com/mitchellh/copystructure v1.2.0 // indirect 46 | github.com/mitchellh/go-testing-interface v1.14.1 // indirect 47 | github.com/mitchellh/go-wordwrap v1.0.0 // indirect 48 | github.com/mitchellh/mapstructure v1.5.0 // indirect 49 | github.com/mitchellh/reflectwalk v1.0.2 // indirect 50 | github.com/oklog/run v1.1.0 // indirect 51 | github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect 52 | github.com/vmihailenco/msgpack/v5 v5.4.1 // indirect 53 | github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect 54 | github.com/zclconf/go-cty v1.16.2 // indirect 55 | golang.org/x/mod v0.25.0 // indirect 56 | golang.org/x/net v0.40.0 // indirect 57 | golang.org/x/sync v0.15.0 // indirect 58 | golang.org/x/sys v0.33.0 // indirect 59 | golang.org/x/text v0.26.0 // indirect 60 | golang.org/x/tools v0.33.0 // indirect 61 | google.golang.org/appengine v1.6.8 // indirect 62 | google.golang.org/genproto/googleapis/rpc v0.0.0-20250218202821-56aae31c358a // indirect 63 | google.golang.org/grpc v1.72.1 // indirect 64 | google.golang.org/protobuf v1.36.6 // indirect 65 | ) 66 | -------------------------------------------------------------------------------- /internal/diagnostics/diagnostics.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package diagnostics 5 | 6 | import ( 7 | "fmt" 8 | 9 | "github.com/hashicorp/terraform-plugin-framework/diag" 10 | ) 11 | 12 | const RetryMsg = "Retry the Terraform operation. If the error still occurs or happens regularly, please contact the provider developer with hardware and operating system information.\n\n" 13 | 14 | func RandomReadError(errMsg string) diag.Diagnostics { 15 | var diags diag.Diagnostics 16 | 17 | diags.AddError( 18 | "Random Read Error", 19 | "While attempting to generate a random value for this resource, a read error was generated.\n\n"+ 20 | RetryMsg+ 21 | fmt.Sprintf("Original Error: %s", errMsg), 22 | ) 23 | 24 | return diags 25 | } 26 | 27 | func HashGenerationError(errMsg string) diag.Diagnostics { 28 | var diags diag.Diagnostics 29 | 30 | diags.AddError( 31 | "Hash Generation Error", 32 | "While attempting to generate a hash from the password an error occurred.\n\n"+ 33 | "Verify that the state contains a populated 'result' field, using 'terraform state show', and retry the operation\n\n"+ 34 | fmt.Sprintf("Original Error: %s", errMsg), 35 | ) 36 | 37 | return diags 38 | } 39 | 40 | func RandomnessGenerationError(errMsg string) diag.Diagnostics { 41 | var diags diag.Diagnostics 42 | 43 | diags.AddError( 44 | "Randomness Generation Error", 45 | "While attempting to generate a random value for this resource, an insufficient number of random bytes were generated.\n\n"+ 46 | RetryMsg+ 47 | fmt.Sprintf("Original Error: %s", errMsg), 48 | ) 49 | 50 | return diags 51 | } 52 | -------------------------------------------------------------------------------- /internal/planmodifiers/bool/boolplanmodifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package boolplanmodifiers 5 | 6 | import ( 7 | "context" 8 | 9 | "github.com/hashicorp/terraform-plugin-framework/path" 10 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier" 11 | "github.com/hashicorp/terraform-plugin-framework/types" 12 | ) 13 | 14 | // NumberNumericAttributePlanModifier returns a plan modifier that keep the values 15 | // held in number and numeric attributes synchronised. 16 | func NumberNumericAttributePlanModifier() planmodifier.Bool { 17 | return &numberNumericAttributePlanModifier{} 18 | } 19 | 20 | type numberNumericAttributePlanModifier struct { 21 | } 22 | 23 | func (d *numberNumericAttributePlanModifier) Description(ctx context.Context) string { 24 | return "Ensures that number and numeric attributes are kept synchronised." 25 | } 26 | 27 | func (d *numberNumericAttributePlanModifier) MarkdownDescription(ctx context.Context) string { 28 | return d.Description(ctx) 29 | } 30 | 31 | func (d *numberNumericAttributePlanModifier) PlanModifyBool(ctx context.Context, req planmodifier.BoolRequest, resp *planmodifier.BoolResponse) { 32 | numberConfig := types.Bool{} 33 | diags := req.Config.GetAttribute(ctx, path.Root("number"), &numberConfig) 34 | resp.Diagnostics.Append(diags...) 35 | if resp.Diagnostics.HasError() { 36 | return 37 | } 38 | 39 | numericConfig := types.Bool{} 40 | diags = req.Config.GetAttribute(ctx, path.Root("numeric"), &numericConfig) 41 | resp.Diagnostics.Append(diags...) 42 | if resp.Diagnostics.HasError() { 43 | return 44 | } 45 | 46 | if !numberConfig.IsNull() && !numericConfig.IsNull() && (numberConfig.ValueBool() != numericConfig.ValueBool()) { 47 | resp.Diagnostics.AddError( 48 | "Number and numeric are both configured with different values", 49 | "Number is deprecated, use numeric instead", 50 | ) 51 | return 52 | } 53 | 54 | // Default to true for both number and numeric when both are null. 55 | if numberConfig.IsNull() && numericConfig.IsNull() { 56 | resp.PlanValue = types.BoolValue(true) 57 | return 58 | } 59 | 60 | // Default to using value for numeric if number is null. 61 | if numberConfig.IsNull() && !numericConfig.IsNull() { 62 | resp.PlanValue = numericConfig 63 | return 64 | } 65 | 66 | // Default to using value for number if numeric is null. 67 | if !numberConfig.IsNull() && numericConfig.IsNull() { 68 | resp.PlanValue = numberConfig 69 | return 70 | } 71 | } 72 | -------------------------------------------------------------------------------- /internal/planmodifiers/map/mapplanmodifiers.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package mapplanmodifiers 5 | 6 | import ( 7 | "context" 8 | 9 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier" 10 | ) 11 | 12 | func RequiresReplaceIfValuesNotNull() planmodifier.Map { 13 | return requiresReplaceIfValuesNotNullModifier{} 14 | } 15 | 16 | type requiresReplaceIfValuesNotNullModifier struct{} 17 | 18 | func (r requiresReplaceIfValuesNotNullModifier) PlanModifyMap(ctx context.Context, req planmodifier.MapRequest, resp *planmodifier.MapResponse) { 19 | if req.State.Raw.IsNull() { 20 | // if we're creating the resource, no need to delete and 21 | // recreate it 22 | return 23 | } 24 | 25 | if req.Plan.Raw.IsNull() { 26 | // if we're deleting the resource, no need to delete and 27 | // recreate it 28 | return 29 | } 30 | 31 | // If there are no differences, do not mark the resource for replacement 32 | // and ensure the plan matches the configuration. 33 | if req.ConfigValue.Equal(req.StateValue) { 34 | return 35 | } 36 | 37 | if req.StateValue.IsNull() { 38 | // terraform-plugin-sdk would store maps as null if all keys had null 39 | // values. To prevent unintentional replacement plans when migrating 40 | // to terraform-plugin-framework, only trigger replacement when the 41 | // prior state (map) is null and when there are not null map values. 42 | allNullValues := true 43 | 44 | for _, configValue := range req.ConfigValue.Elements() { 45 | if !configValue.IsNull() { 46 | allNullValues = false 47 | } 48 | } 49 | 50 | if allNullValues { 51 | return 52 | } 53 | } else { 54 | // terraform-plugin-sdk would completely omit storing map keys with 55 | // null values, so this also must prevent unintentional replacement 56 | // in that case as well. 57 | allNewNullValues := true 58 | 59 | configMap := req.ConfigValue 60 | 61 | stateMap := req.StateValue 62 | 63 | for configKey, configValue := range configMap.Elements() { 64 | stateValue, ok := stateMap.Elements()[configKey] 65 | 66 | // If the key doesn't exist in state and the config value is 67 | // null, do not trigger replacement. 68 | if !ok && configValue.IsNull() { 69 | continue 70 | } 71 | 72 | // If the state value exists, and it is equal to the config value, 73 | // do not trigger replacement. 74 | if configValue.Equal(stateValue) { 75 | continue 76 | } 77 | 78 | allNewNullValues = false 79 | break 80 | } 81 | 82 | for stateKey := range stateMap.Elements() { 83 | _, ok := configMap.Elements()[stateKey] 84 | 85 | // If the key doesn't exist in the config, but there is a state 86 | // value, trigger replacement. 87 | if !ok { 88 | allNewNullValues = false 89 | break 90 | } 91 | } 92 | 93 | if allNewNullValues { 94 | return 95 | } 96 | } 97 | 98 | resp.RequiresReplace = true 99 | } 100 | 101 | // Description returns a human-readable description of the plan modifier. 102 | func (r requiresReplaceIfValuesNotNullModifier) Description(ctx context.Context) string { 103 | return "If the value of this attribute changes, Terraform will destroy and recreate the resource." 104 | } 105 | 106 | // MarkdownDescription returns a markdown description of the plan modifier. 107 | func (r requiresReplaceIfValuesNotNullModifier) MarkdownDescription(ctx context.Context) string { 108 | return "If the value of this attribute changes, Terraform will destroy and recreate the resource." 109 | } 110 | -------------------------------------------------------------------------------- /internal/planmodifiers/string/stringplanmodifier.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package stringplanmodifiers 5 | 6 | import ( 7 | "context" 8 | 9 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier" 10 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier" 11 | ) 12 | 13 | // RequiresReplaceUnlessEmptyStringToNull returns a 14 | // resource.RequiresReplaceIfFunc that returns true unless the change is from 15 | // an empty string to null. This plan modifier allows practitioners to fix 16 | // their configurations in this situation without replacing the resource. 17 | // 18 | // For example, version 3.4.2 errantly setup the random_password and 19 | // random_string resource override_special attributes with an empty string 20 | // default value plan modifier. 21 | func RequiresReplaceUnlessEmptyStringToNull() stringplanmodifier.RequiresReplaceIfFunc { 22 | return func(ctx context.Context, req planmodifier.StringRequest, resp *stringplanmodifier.RequiresReplaceIfFuncResponse) { 23 | // If the configuration is unknown, this cannot be sure what to do yet. 24 | if req.ConfigValue.IsUnknown() { 25 | resp.RequiresReplace = false 26 | return 27 | } 28 | 29 | // If the configuration is not null or the state is already null, 30 | // replace the resource. 31 | if !req.ConfigValue.IsNull() || req.StateValue.IsNull() { 32 | resp.RequiresReplace = true 33 | return 34 | } 35 | 36 | // If the state is not an empty string, replace the resource. 37 | if req.StateValue.ValueString() != "" { 38 | resp.RequiresReplace = true 39 | return 40 | } 41 | 42 | resp.RequiresReplace = false 43 | } 44 | } 45 | -------------------------------------------------------------------------------- /internal/provider/provider.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package provider 5 | 6 | import ( 7 | "context" 8 | 9 | "github.com/hashicorp/terraform-plugin-framework/datasource" 10 | "github.com/hashicorp/terraform-plugin-framework/ephemeral" 11 | "github.com/hashicorp/terraform-plugin-framework/provider" 12 | "github.com/hashicorp/terraform-plugin-framework/resource" 13 | ) 14 | 15 | func New() provider.Provider { 16 | return &randomProvider{} 17 | } 18 | 19 | var _ provider.Provider = (*randomProvider)(nil) 20 | var _ provider.ProviderWithEphemeralResources = (*randomProvider)(nil) 21 | 22 | type randomProvider struct{} 23 | 24 | func (p *randomProvider) Metadata(_ context.Context, _ provider.MetadataRequest, resp *provider.MetadataResponse) { 25 | resp.TypeName = "random" 26 | } 27 | 28 | func (p *randomProvider) Schema(context.Context, provider.SchemaRequest, *provider.SchemaResponse) { 29 | } 30 | 31 | func (p *randomProvider) Configure(context.Context, provider.ConfigureRequest, *provider.ConfigureResponse) { 32 | } 33 | 34 | func (p *randomProvider) Resources(context.Context) []func() resource.Resource { 35 | return []func() resource.Resource{ 36 | NewIdResource, 37 | NewBytesResource, 38 | NewIntegerResource, 39 | NewPasswordResource, 40 | NewPetResource, 41 | NewShuffleResource, 42 | NewStringResource, 43 | NewUuidResource, 44 | } 45 | } 46 | 47 | func (p *randomProvider) DataSources(context.Context) []func() datasource.DataSource { 48 | return nil 49 | } 50 | 51 | func (p *randomProvider) EphemeralResources(context.Context) []func() ephemeral.EphemeralResource { 52 | return []func() ephemeral.EphemeralResource{ 53 | NewPasswordEphemeralResource, 54 | } 55 | } 56 | -------------------------------------------------------------------------------- /internal/provider/provider_test.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package provider 5 | 6 | import ( 7 | "github.com/hashicorp/terraform-plugin-framework/providerserver" 8 | "github.com/hashicorp/terraform-plugin-go/tfprotov5" 9 | "github.com/hashicorp/terraform-plugin-testing/helper/resource" 10 | ) 11 | 12 | //nolint:unparam 13 | func protoV5ProviderFactories() map[string]func() (tfprotov5.ProviderServer, error) { 14 | return map[string]func() (tfprotov5.ProviderServer, error){ 15 | "random": providerserver.NewProtocol5WithError(New()), 16 | } 17 | } 18 | 19 | func providerVersion221() map[string]resource.ExternalProvider { 20 | return map[string]resource.ExternalProvider{ 21 | "random": { 22 | VersionConstraint: "2.2.1", 23 | Source: "hashicorp/random", 24 | }, 25 | } 26 | } 27 | 28 | func providerVersion313() map[string]resource.ExternalProvider { 29 | return map[string]resource.ExternalProvider{ 30 | "random": { 31 | VersionConstraint: "3.1.3", 32 | Source: "hashicorp/random", 33 | }, 34 | } 35 | } 36 | 37 | func providerVersion320() map[string]resource.ExternalProvider { 38 | return map[string]resource.ExternalProvider{ 39 | "random": { 40 | VersionConstraint: "3.2.0", 41 | Source: "hashicorp/random", 42 | }, 43 | } 44 | } 45 | 46 | func providerVersion332() map[string]resource.ExternalProvider { 47 | return map[string]resource.ExternalProvider{ 48 | "random": { 49 | VersionConstraint: "3.3.2", 50 | Source: "hashicorp/random", 51 | }, 52 | } 53 | } 54 | 55 | func providerVersion342() map[string]resource.ExternalProvider { 56 | return map[string]resource.ExternalProvider{ 57 | "random": { 58 | VersionConstraint: "3.4.2", 59 | Source: "hashicorp/random", 60 | }, 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /internal/provider/resource_bytes.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package provider 5 | 6 | import ( 7 | "context" 8 | "crypto/rand" 9 | "encoding/base64" 10 | "encoding/hex" 11 | "fmt" 12 | 13 | "github.com/hashicorp/terraform-plugin-framework-validators/int64validator" 14 | "github.com/hashicorp/terraform-plugin-framework/resource" 15 | "github.com/hashicorp/terraform-plugin-framework/resource/schema" 16 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/int64planmodifier" 17 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/mapplanmodifier" 18 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier" 19 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier" 20 | "github.com/hashicorp/terraform-plugin-framework/schema/validator" 21 | "github.com/hashicorp/terraform-plugin-framework/types" 22 | 23 | "github.com/terraform-providers/terraform-provider-random/internal/diagnostics" 24 | ) 25 | 26 | var ( 27 | _ resource.Resource = (*bytesResource)(nil) 28 | _ resource.ResourceWithImportState = (*bytesResource)(nil) 29 | ) 30 | 31 | func NewBytesResource() resource.Resource { 32 | return &bytesResource{} 33 | } 34 | 35 | type bytesResource struct { 36 | } 37 | 38 | func (r *bytesResource) Metadata(_ context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) { 39 | resp.TypeName = req.ProviderTypeName + "_bytes" 40 | } 41 | 42 | func (r *bytesResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse) { 43 | resp.Schema = bytesSchemaV0() 44 | } 45 | 46 | func (r *bytesResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) { 47 | var plan bytesModelV0 48 | 49 | diags := req.Plan.Get(ctx, &plan) 50 | resp.Diagnostics.Append(diags...) 51 | if resp.Diagnostics.HasError() { 52 | return 53 | } 54 | 55 | bytes := make([]byte, plan.Length.ValueInt64()) 56 | _, err := rand.Read(bytes) 57 | if err != nil { 58 | resp.Diagnostics.AddError( 59 | "Create Random bytes error", 60 | "There was an error during random generation.\n\n"+ 61 | diagnostics.RetryMsg+ 62 | fmt.Sprintf("Original Error: %s", err), 63 | ) 64 | return 65 | } 66 | 67 | u := &bytesModelV0{ 68 | Length: plan.Length, 69 | Base64: types.StringValue(base64.StdEncoding.EncodeToString(bytes)), 70 | Hex: types.StringValue(hex.EncodeToString(bytes)), 71 | Keepers: plan.Keepers, 72 | } 73 | 74 | diags = resp.State.Set(ctx, u) 75 | resp.Diagnostics.Append(diags...) 76 | if resp.Diagnostics.HasError() { 77 | return 78 | } 79 | } 80 | 81 | // Read does not need to perform any operations as the state in ReadResourceResponse is already populated. 82 | func (r *bytesResource) Read(context.Context, resource.ReadRequest, *resource.ReadResponse) { 83 | } 84 | 85 | func (r *bytesResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) { 86 | var model bytesModelV0 87 | 88 | resp.Diagnostics.Append(req.Plan.Get(ctx, &model)...) 89 | if resp.Diagnostics.HasError() { 90 | return 91 | } 92 | resp.Diagnostics.Append(resp.State.Set(ctx, &model)...) 93 | } 94 | 95 | // Delete does not need to explicitly call resp.State.RemoveResource() as this is automatically handled by the 96 | // [framework](https://github.com/hashicorp/terraform-plugin-framework/pull/301). 97 | func (r *bytesResource) Delete(context.Context, resource.DeleteRequest, *resource.DeleteResponse) { 98 | } 99 | 100 | func (r *bytesResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse) { 101 | bytes, err := base64.StdEncoding.DecodeString(req.ID) 102 | if err != nil { 103 | resp.Diagnostics.AddError( 104 | "Import Random bytes Error", 105 | "There was an error during the parsing of the base64 string.\n\n"+ 106 | diagnostics.RetryMsg+ 107 | fmt.Sprintf("Original Error: %s", err), 108 | ) 109 | return 110 | } 111 | 112 | var state bytesModelV0 113 | 114 | state.Length = types.Int64Value(int64(len(bytes))) 115 | state.Base64 = types.StringValue(req.ID) 116 | state.Hex = types.StringValue(hex.EncodeToString(bytes)) 117 | state.Keepers = types.MapNull(types.StringType) 118 | 119 | diags := resp.State.Set(ctx, &state) 120 | resp.Diagnostics.Append(diags...) 121 | if resp.Diagnostics.HasError() { 122 | return 123 | } 124 | } 125 | 126 | type bytesModelV0 struct { 127 | Length types.Int64 `tfsdk:"length"` 128 | Keepers types.Map `tfsdk:"keepers"` 129 | Base64 types.String `tfsdk:"base64"` 130 | Hex types.String `tfsdk:"hex"` 131 | } 132 | 133 | func bytesSchemaV0() schema.Schema { 134 | return schema.Schema{ 135 | Version: 0, 136 | Description: "The resource `random_bytes` generates random bytes that are intended to be " + 137 | "used as a secret, or key. Use this in preference to `random_id` when the output is " + 138 | "considered sensitive, and should not be displayed in the CLI.\n" + 139 | "\n" + 140 | "This resource *does* use a cryptographic random number generator.", 141 | Attributes: map[string]schema.Attribute{ 142 | "keepers": schema.MapAttribute{ 143 | Description: "Arbitrary map of values that, when changed, will trigger recreation of " + 144 | "resource. See [the main provider documentation](../index.html) for more information.", 145 | ElementType: types.StringType, 146 | Optional: true, 147 | PlanModifiers: []planmodifier.Map{ 148 | mapplanmodifier.RequiresReplace(), 149 | }, 150 | }, 151 | "length": schema.Int64Attribute{ 152 | Description: "The number of bytes requested. The minimum value for length is 1.", 153 | Required: true, 154 | PlanModifiers: []planmodifier.Int64{ 155 | int64planmodifier.RequiresReplace(), 156 | }, 157 | Validators: []validator.Int64{ 158 | int64validator.AtLeast(1), 159 | }, 160 | }, 161 | "base64": schema.StringAttribute{ 162 | Description: "The generated bytes presented in base64 string format.", 163 | Computed: true, 164 | Sensitive: true, 165 | PlanModifiers: []planmodifier.String{ 166 | stringplanmodifier.UseStateForUnknown(), 167 | }, 168 | }, 169 | "hex": schema.StringAttribute{ 170 | Description: "The generated bytes presented in lowercase hexadecimal string format. " + 171 | "The length of the encoded string is exactly twice the `length` parameter.", 172 | Computed: true, 173 | Sensitive: true, 174 | PlanModifiers: []planmodifier.String{ 175 | stringplanmodifier.UseStateForUnknown(), 176 | }, 177 | }, 178 | }, 179 | } 180 | } 181 | -------------------------------------------------------------------------------- /internal/provider/resource_pet.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package provider 5 | 6 | import ( 7 | "context" 8 | "fmt" 9 | "strings" 10 | 11 | petname "github.com/dustinkirkland/golang-petname" 12 | "github.com/hashicorp/terraform-plugin-framework/resource" 13 | "github.com/hashicorp/terraform-plugin-framework/resource/schema" 14 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/int64default" 15 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/int64planmodifier" 16 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier" 17 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringdefault" 18 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier" 19 | "github.com/hashicorp/terraform-plugin-framework/types" 20 | 21 | mapplanmodifiers "github.com/terraform-providers/terraform-provider-random/internal/planmodifiers/map" 22 | ) 23 | 24 | var _ resource.Resource = (*petResource)(nil) 25 | 26 | func NewPetResource() resource.Resource { 27 | return &petResource{} 28 | } 29 | 30 | type petResource struct{} 31 | 32 | func (r *petResource) Metadata(_ context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) { 33 | resp.TypeName = req.ProviderTypeName + "_pet" 34 | } 35 | 36 | func (r *petResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse) { 37 | resp.Schema = schema.Schema{ 38 | Description: "The resource `random_pet` generates random pet names that are intended to be used as " + 39 | "unique identifiers for other resources.\n" + 40 | "\n" + 41 | "This resource can be used in conjunction with resources that have the `create_before_destroy` " + 42 | "lifecycle flag set, to avoid conflicts with unique names during the brief period where both the old " + 43 | "and new resources exist concurrently.", 44 | Attributes: map[string]schema.Attribute{ 45 | "keepers": schema.MapAttribute{ 46 | Description: "Arbitrary map of values that, when changed, will trigger recreation of " + 47 | "resource. See [the main provider documentation](../index.html) for more information.", 48 | ElementType: types.StringType, 49 | Optional: true, 50 | PlanModifiers: []planmodifier.Map{ 51 | mapplanmodifiers.RequiresReplaceIfValuesNotNull(), 52 | }, 53 | }, 54 | "length": schema.Int64Attribute{ 55 | Description: "The length (in words) of the pet name. Defaults to 2", 56 | Optional: true, 57 | Computed: true, 58 | Default: int64default.StaticInt64(2), 59 | PlanModifiers: []planmodifier.Int64{ 60 | int64planmodifier.RequiresReplace(), 61 | }, 62 | }, 63 | "prefix": schema.StringAttribute{ 64 | Description: "A string to prefix the name with.", 65 | Optional: true, 66 | PlanModifiers: []planmodifier.String{ 67 | stringplanmodifier.RequiresReplace(), 68 | }, 69 | }, 70 | "separator": schema.StringAttribute{ 71 | Description: "The character to separate words in the pet name. Defaults to \"-\"", 72 | Optional: true, 73 | Computed: true, 74 | Default: stringdefault.StaticString("-"), 75 | PlanModifiers: []planmodifier.String{ 76 | stringplanmodifier.RequiresReplace(), 77 | }, 78 | }, 79 | "id": schema.StringAttribute{ 80 | Description: "The random pet name.", 81 | Computed: true, 82 | PlanModifiers: []planmodifier.String{ 83 | stringplanmodifier.UseStateForUnknown(), 84 | }, 85 | }, 86 | }, 87 | } 88 | } 89 | 90 | func (r *petResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) { 91 | // This is necessary to ensure each call to petname is properly randomised: 92 | // the library uses `rand.Intn()` and does NOT seed `rand.Seed()` by default, 93 | // so this call takes care of that. 94 | petname.NonDeterministicMode() 95 | 96 | var plan petModelV0 97 | 98 | diags := req.Plan.Get(ctx, &plan) 99 | resp.Diagnostics.Append(diags...) 100 | if resp.Diagnostics.HasError() { 101 | return 102 | } 103 | 104 | length := plan.Length.ValueInt64() 105 | separator := plan.Separator.ValueString() 106 | prefix := plan.Prefix.ValueString() 107 | 108 | pet := strings.ToLower(petname.Generate(int(length), separator)) 109 | 110 | pn := petModelV0{ 111 | Keepers: plan.Keepers, 112 | Length: types.Int64Value(length), 113 | Separator: types.StringValue(separator), 114 | } 115 | 116 | if prefix != "" { 117 | pet = fmt.Sprintf("%s%s%s", prefix, separator, pet) 118 | pn.Prefix = types.StringValue(prefix) 119 | } else { 120 | pn.Prefix = types.StringNull() 121 | } 122 | 123 | pn.ID = types.StringValue(pet) 124 | 125 | diags = resp.State.Set(ctx, pn) 126 | resp.Diagnostics.Append(diags...) 127 | if resp.Diagnostics.HasError() { 128 | return 129 | } 130 | } 131 | 132 | // Read does not need to perform any operations as the state in ReadResourceResponse is already populated. 133 | func (r *petResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) { 134 | } 135 | 136 | // Update ensures the plan value is copied to the state to complete the update. 137 | func (r *petResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) { 138 | var model petModelV0 139 | 140 | resp.Diagnostics.Append(req.Plan.Get(ctx, &model)...) 141 | 142 | if resp.Diagnostics.HasError() { 143 | return 144 | } 145 | 146 | resp.Diagnostics.Append(resp.State.Set(ctx, &model)...) 147 | } 148 | 149 | // Delete does not need to explicitly call resp.State.RemoveResource() as this is automatically handled by the 150 | // [framework](https://github.com/hashicorp/terraform-plugin-framework/pull/301). 151 | func (r *petResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) { 152 | } 153 | 154 | type petModelV0 struct { 155 | ID types.String `tfsdk:"id"` 156 | Keepers types.Map `tfsdk:"keepers"` 157 | Length types.Int64 `tfsdk:"length"` 158 | Prefix types.String `tfsdk:"prefix"` 159 | Separator types.String `tfsdk:"separator"` 160 | } 161 | -------------------------------------------------------------------------------- /internal/provider/resource_shuffle.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package provider 5 | 6 | import ( 7 | "context" 8 | 9 | "github.com/hashicorp/terraform-plugin-framework/attr" 10 | "github.com/hashicorp/terraform-plugin-framework/resource" 11 | "github.com/hashicorp/terraform-plugin-framework/resource/schema" 12 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/int64planmodifier" 13 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/listplanmodifier" 14 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier" 15 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier" 16 | "github.com/hashicorp/terraform-plugin-framework/types" 17 | 18 | mapplanmodifiers "github.com/terraform-providers/terraform-provider-random/internal/planmodifiers/map" 19 | "github.com/terraform-providers/terraform-provider-random/internal/random" 20 | ) 21 | 22 | var _ resource.Resource = (*shuffleResource)(nil) 23 | 24 | func NewShuffleResource() resource.Resource { 25 | return &shuffleResource{} 26 | } 27 | 28 | type shuffleResource struct{} 29 | 30 | func (r *shuffleResource) Metadata(_ context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) { 31 | resp.TypeName = req.ProviderTypeName + "_shuffle" 32 | } 33 | 34 | func (r *shuffleResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse) { 35 | resp.Schema = schema.Schema{ 36 | Description: "The resource `random_shuffle` generates a random permutation of a list of strings " + 37 | "given as an argument.", 38 | Attributes: map[string]schema.Attribute{ 39 | "keepers": schema.MapAttribute{ 40 | Description: "Arbitrary map of values that, when changed, will trigger recreation of " + 41 | "resource. See [the main provider documentation](../index.html) for more information.", 42 | ElementType: types.StringType, 43 | Optional: true, 44 | PlanModifiers: []planmodifier.Map{ 45 | mapplanmodifiers.RequiresReplaceIfValuesNotNull(), 46 | }, 47 | }, 48 | "seed": schema.StringAttribute{ 49 | Description: "Arbitrary string with which to seed the random number generator, in order to " + 50 | "produce less-volatile permutations of the list.\n" + 51 | "\n" + 52 | "**Important:** Even with an identical seed, it is not guaranteed that the same permutation " + 53 | "will be produced across different versions of Terraform. This argument causes the " + 54 | "result to be *less volatile*, but not fixed for all time.", 55 | Optional: true, 56 | PlanModifiers: []planmodifier.String{ 57 | stringplanmodifier.RequiresReplace(), 58 | }, 59 | }, 60 | "input": schema.ListAttribute{ 61 | Description: "The list of strings to shuffle.", 62 | ElementType: types.StringType, 63 | Required: true, 64 | PlanModifiers: []planmodifier.List{ 65 | listplanmodifier.RequiresReplace(), 66 | }, 67 | }, 68 | "result_count": schema.Int64Attribute{ 69 | Description: "The number of results to return. Defaults to the number of items in the " + 70 | "`input` list. If fewer items are requested, some elements will be excluded from the " + 71 | "result. If more items are requested, items will be repeated in the result but not more " + 72 | "frequently than the number of items in the input list.", 73 | Optional: true, 74 | PlanModifiers: []planmodifier.Int64{ 75 | int64planmodifier.RequiresReplace(), 76 | }, 77 | }, 78 | "result": schema.ListAttribute{ 79 | Description: "Random permutation of the list of strings given in `input`. The number of elements is determined by `result_count` if set, or the number of elements in `input`.", 80 | ElementType: types.StringType, 81 | Computed: true, 82 | PlanModifiers: []planmodifier.List{ 83 | listplanmodifier.UseStateForUnknown(), 84 | }, 85 | }, 86 | "id": schema.StringAttribute{ 87 | Description: "A static value used internally by Terraform, this should not be referenced in configurations.", 88 | Computed: true, 89 | PlanModifiers: []planmodifier.String{ 90 | stringplanmodifier.UseStateForUnknown(), 91 | }, 92 | }, 93 | }, 94 | } 95 | } 96 | 97 | func (r *shuffleResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) { 98 | var data shuffleModelV0 99 | 100 | resp.Diagnostics.Append(req.Plan.Get(ctx, &data)...) 101 | 102 | if resp.Diagnostics.HasError() { 103 | return 104 | } 105 | 106 | // Legacy identifier attribute that is hardcoded. This is not necessary 107 | // after Terraform 0.12, but left for compatibility reasons. The attribute 108 | // could be removed in a future major version of the provider. 109 | data.ID = types.StringValue("-") 110 | 111 | inputElements := data.Input.Elements() 112 | 113 | var resultCount int64 114 | 115 | if !data.ResultCount.IsNull() { 116 | resultCount = data.ResultCount.ValueInt64() 117 | } else { 118 | resultCount = int64(len(inputElements)) 119 | } 120 | 121 | // If the practitioner explicitly chose a result count of zero or the input 122 | // had no elements, immediately return with an empty list for the result. 123 | if resultCount == 0 || len(inputElements) == 0 { 124 | data.Result = types.ListValueMust(types.StringType, []attr.Value{}) 125 | 126 | resp.Diagnostics.Append(resp.State.Set(ctx, &data)...) 127 | 128 | return 129 | } 130 | 131 | rand := random.NewRand(data.Seed.ValueString()) 132 | resultElements := make([]attr.Value, 0, resultCount) 133 | 134 | // Keep producing permutations until we fill our result 135 | Batches: 136 | for { 137 | perm := rand.Perm(len(inputElements)) 138 | 139 | for _, i := range perm { 140 | resultElements = append(resultElements, inputElements[i]) 141 | 142 | if int64(len(resultElements)) >= resultCount { 143 | break Batches 144 | } 145 | } 146 | } 147 | 148 | result, diags := types.ListValue(types.StringType, resultElements) 149 | 150 | resp.Diagnostics.Append(diags...) 151 | 152 | if resp.Diagnostics.HasError() { 153 | return 154 | } 155 | 156 | data.Result = result 157 | 158 | resp.Diagnostics.Append(resp.State.Set(ctx, &data)...) 159 | } 160 | 161 | // Read does not need to perform any operations as the state in ReadResourceResponse is already populated. 162 | func (r *shuffleResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) { 163 | } 164 | 165 | // Update ensures the plan value is copied to the state to complete the update. 166 | func (r *shuffleResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) { 167 | var model shuffleModelV0 168 | 169 | resp.Diagnostics.Append(req.Plan.Get(ctx, &model)...) 170 | 171 | if resp.Diagnostics.HasError() { 172 | return 173 | } 174 | 175 | resp.Diagnostics.Append(resp.State.Set(ctx, &model)...) 176 | } 177 | 178 | // Delete does not need to explicitly call resp.State.RemoveResource() as this is automatically handled by the 179 | // [framework](https://github.com/hashicorp/terraform-plugin-framework/pull/301). 180 | func (r *shuffleResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) { 181 | } 182 | 183 | type shuffleModelV0 struct { 184 | ID types.String `tfsdk:"id"` 185 | Keepers types.Map `tfsdk:"keepers"` 186 | Seed types.String `tfsdk:"seed"` 187 | Input types.List `tfsdk:"input"` 188 | ResultCount types.Int64 `tfsdk:"result_count"` 189 | Result types.List `tfsdk:"result"` 190 | } 191 | -------------------------------------------------------------------------------- /internal/provider/resource_uuid.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package provider 5 | 6 | import ( 7 | "context" 8 | "fmt" 9 | 10 | "github.com/hashicorp/go-uuid" 11 | "github.com/hashicorp/terraform-plugin-framework/resource" 12 | "github.com/hashicorp/terraform-plugin-framework/resource/schema" 13 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier" 14 | "github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier" 15 | "github.com/hashicorp/terraform-plugin-framework/types" 16 | 17 | "github.com/terraform-providers/terraform-provider-random/internal/diagnostics" 18 | mapplanmodifiers "github.com/terraform-providers/terraform-provider-random/internal/planmodifiers/map" 19 | ) 20 | 21 | var ( 22 | _ resource.Resource = (*uuidResource)(nil) 23 | _ resource.ResourceWithImportState = (*uuidResource)(nil) 24 | ) 25 | 26 | func NewUuidResource() resource.Resource { 27 | return &uuidResource{} 28 | } 29 | 30 | type uuidResource struct{} 31 | 32 | func (r *uuidResource) Metadata(_ context.Context, req resource.MetadataRequest, resp *resource.MetadataResponse) { 33 | resp.TypeName = req.ProviderTypeName + "_uuid" 34 | } 35 | 36 | func (r *uuidResource) Schema(ctx context.Context, req resource.SchemaRequest, resp *resource.SchemaResponse) { 37 | resp.Schema = schema.Schema{ 38 | Description: "The resource `random_uuid` generates a random uuid string that is intended to be " + 39 | "used as a unique identifier for other resources.\n" + 40 | "\n" + 41 | "This resource uses [hashicorp/go-uuid](https://github.com/hashicorp/go-uuid) to generate a " + 42 | "UUID-formatted string for use with services needing a unique string identifier.", 43 | Attributes: map[string]schema.Attribute{ 44 | "keepers": schema.MapAttribute{ 45 | Description: "Arbitrary map of values that, when changed, will trigger recreation of " + 46 | "resource. See [the main provider documentation](../index.html) for more information.", 47 | ElementType: types.StringType, 48 | Optional: true, 49 | PlanModifiers: []planmodifier.Map{ 50 | mapplanmodifiers.RequiresReplaceIfValuesNotNull(), 51 | }, 52 | }, 53 | "result": schema.StringAttribute{ 54 | Description: "The generated uuid presented in string format.", 55 | Computed: true, 56 | PlanModifiers: []planmodifier.String{ 57 | stringplanmodifier.UseStateForUnknown(), 58 | }, 59 | }, 60 | "id": schema.StringAttribute{ 61 | Description: "The generated uuid presented in string format.", 62 | Computed: true, 63 | PlanModifiers: []planmodifier.String{ 64 | stringplanmodifier.UseStateForUnknown(), 65 | }, 66 | }, 67 | }, 68 | } 69 | } 70 | 71 | func (r *uuidResource) Create(ctx context.Context, req resource.CreateRequest, resp *resource.CreateResponse) { 72 | result, err := uuid.GenerateUUID() 73 | if err != nil { 74 | resp.Diagnostics.AddError( 75 | "Create Random UUID error", 76 | "There was an error during generation of a UUID.\n\n"+ 77 | diagnostics.RetryMsg+ 78 | fmt.Sprintf("Original Error: %s", err), 79 | ) 80 | return 81 | } 82 | 83 | var plan uuidModelV0 84 | 85 | diags := req.Plan.Get(ctx, &plan) 86 | resp.Diagnostics.Append(diags...) 87 | if resp.Diagnostics.HasError() { 88 | return 89 | } 90 | 91 | u := &uuidModelV0{ 92 | ID: types.StringValue(result), 93 | Result: types.StringValue(result), 94 | Keepers: plan.Keepers, 95 | } 96 | 97 | diags = resp.State.Set(ctx, u) 98 | resp.Diagnostics.Append(diags...) 99 | if resp.Diagnostics.HasError() { 100 | return 101 | } 102 | } 103 | 104 | // Read does not need to perform any operations as the state in ReadResourceResponse is already populated. 105 | func (r *uuidResource) Read(ctx context.Context, req resource.ReadRequest, resp *resource.ReadResponse) { 106 | } 107 | 108 | // Update ensures the plan value is copied to the state to complete the update. 109 | func (r *uuidResource) Update(ctx context.Context, req resource.UpdateRequest, resp *resource.UpdateResponse) { 110 | var model uuidModelV0 111 | 112 | resp.Diagnostics.Append(req.Plan.Get(ctx, &model)...) 113 | 114 | if resp.Diagnostics.HasError() { 115 | return 116 | } 117 | 118 | resp.Diagnostics.Append(resp.State.Set(ctx, &model)...) 119 | } 120 | 121 | // Delete does not need to explicitly call resp.State.RemoveResource() as this is automatically handled by the 122 | // [framework](https://github.com/hashicorp/terraform-plugin-framework/pull/301). 123 | func (r *uuidResource) Delete(ctx context.Context, req resource.DeleteRequest, resp *resource.DeleteResponse) { 124 | } 125 | 126 | func (r *uuidResource) ImportState(ctx context.Context, req resource.ImportStateRequest, resp *resource.ImportStateResponse) { 127 | bytes, err := uuid.ParseUUID(req.ID) 128 | if err != nil { 129 | resp.Diagnostics.AddError( 130 | "Import Random UUID Error", 131 | "There was an error during the parsing of the UUID.\n\n"+ 132 | diagnostics.RetryMsg+ 133 | fmt.Sprintf("Original Error: %s", err), 134 | ) 135 | return 136 | } 137 | 138 | result, err := uuid.FormatUUID(bytes) 139 | if err != nil { 140 | resp.Diagnostics.AddError( 141 | "Import Random UUID Error", 142 | "There was an error during the formatting of the UUID.\n\n"+ 143 | diagnostics.RetryMsg+ 144 | fmt.Sprintf("Original Error: %s", err), 145 | ) 146 | return 147 | } 148 | 149 | var state uuidModelV0 150 | 151 | state.ID = types.StringValue(result) 152 | state.Result = types.StringValue(result) 153 | state.Keepers = types.MapNull(types.StringType) 154 | 155 | diags := resp.State.Set(ctx, &state) 156 | resp.Diagnostics.Append(diags...) 157 | if resp.Diagnostics.HasError() { 158 | return 159 | } 160 | } 161 | 162 | type uuidModelV0 struct { 163 | ID types.String `tfsdk:"id"` 164 | Keepers types.Map `tfsdk:"keepers"` 165 | Result types.String `tfsdk:"result"` 166 | } 167 | -------------------------------------------------------------------------------- /internal/provider/tftypes_test.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package provider 5 | 6 | import ( 7 | "fmt" 8 | 9 | "github.com/hashicorp/terraform-plugin-go/tftypes" 10 | ) 11 | 12 | func testTftypesValueAtPath(value tftypes.Value, path *tftypes.AttributePath) (tftypes.Value, error) { 13 | valueAtPathRaw, remaining, err := tftypes.WalkAttributePath(value, path) 14 | 15 | if err != nil { 16 | return tftypes.Value{}, fmt.Errorf("unexpected error getting %s: %s (%s remaining)", path, err, remaining) 17 | } 18 | 19 | valueAtPath, ok := valueAtPathRaw.(tftypes.Value) 20 | 21 | if !ok { 22 | return tftypes.Value{}, fmt.Errorf("unexpected type converting %s to tftypes.Value, got: %T", path, valueAtPathRaw) 23 | } 24 | 25 | return valueAtPath, nil 26 | } 27 | -------------------------------------------------------------------------------- /internal/random/seed.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package random 5 | 6 | import ( 7 | "hash/crc64" 8 | "math/rand" 9 | "time" 10 | ) 11 | 12 | // NewRand returns a seeded random number generator, using a seed derived 13 | // from the provided string. 14 | // 15 | // If the seed string is empty, the current time is used as a seed. 16 | func NewRand(seed string) *rand.Rand { 17 | var seedInt int64 18 | if seed != "" { 19 | crcTable := crc64.MakeTable(crc64.ISO) 20 | seedInt = int64(crc64.Checksum([]byte(seed), crcTable)) 21 | } else { 22 | seedInt = time.Now().UnixNano() 23 | } 24 | 25 | randSource := rand.NewSource(seedInt) 26 | return rand.New(randSource) 27 | } 28 | -------------------------------------------------------------------------------- /internal/random/string.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package random 5 | 6 | import ( 7 | "crypto/rand" 8 | "errors" 9 | "math/big" 10 | "sort" 11 | ) 12 | 13 | type StringParams struct { 14 | Length int64 15 | Upper bool 16 | MinUpper int64 17 | Lower bool 18 | MinLower int64 19 | Numeric bool 20 | MinNumeric int64 21 | Special bool 22 | MinSpecial int64 23 | OverrideSpecial string 24 | } 25 | 26 | func CreateString(input StringParams) ([]byte, error) { 27 | const numChars = "0123456789" 28 | const lowerChars = "abcdefghijklmnopqrstuvwxyz" 29 | const upperChars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" 30 | var specialChars = "!@#$%&*()-_=+[]{}<>:?" 31 | var result []byte 32 | 33 | if input.OverrideSpecial != "" { 34 | specialChars = input.OverrideSpecial 35 | } 36 | 37 | var chars = "" 38 | if input.Upper { 39 | chars += upperChars 40 | } 41 | if input.Lower { 42 | chars += lowerChars 43 | } 44 | if input.Numeric { 45 | chars += numChars 46 | } 47 | if input.Special { 48 | chars += specialChars 49 | } 50 | 51 | if chars == "" { 52 | return nil, errors.New("the character set specified is empty") 53 | } 54 | 55 | minMapping := map[string]int64{ 56 | numChars: input.MinNumeric, 57 | lowerChars: input.MinLower, 58 | upperChars: input.MinUpper, 59 | specialChars: input.MinSpecial, 60 | } 61 | 62 | result = make([]byte, 0, input.Length) 63 | 64 | for k, v := range minMapping { 65 | s, err := generateRandomBytes(&k, v) 66 | if err != nil { 67 | return nil, err 68 | } 69 | result = append(result, s...) 70 | } 71 | 72 | s, err := generateRandomBytes(&chars, input.Length-int64(len(result))) 73 | if err != nil { 74 | return nil, err 75 | } 76 | 77 | result = append(result, s...) 78 | 79 | order := make([]byte, len(result)) 80 | if _, err := rand.Read(order); err != nil { 81 | return nil, err 82 | } 83 | 84 | sort.Slice(result, func(i, j int) bool { 85 | return order[i] < order[j] 86 | }) 87 | 88 | return result, nil 89 | } 90 | 91 | func generateRandomBytes(charSet *string, length int64) ([]byte, error) { 92 | if charSet == nil { 93 | return nil, errors.New("charSet is nil") 94 | } 95 | 96 | if *charSet == "" && length > 0 { 97 | return nil, errors.New("charSet is empty") 98 | } 99 | 100 | bytes := make([]byte, length) 101 | setLen := big.NewInt(int64(len(*charSet))) 102 | for i := range bytes { 103 | idx, err := rand.Int(rand.Reader, setLen) 104 | if err != nil { 105 | return nil, err 106 | } 107 | bytes[i] = (*charSet)[idx.Int64()] 108 | } 109 | return bytes, nil 110 | } 111 | -------------------------------------------------------------------------------- /internal/randomtest/bcrypt_hash_match.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package randomtest 5 | 6 | import ( 7 | "fmt" 8 | 9 | "github.com/hashicorp/terraform-plugin-testing/compare" 10 | "golang.org/x/crypto/bcrypt" 11 | ) 12 | 13 | var _ compare.ValueComparer = bcryptHashMatch{} 14 | 15 | type bcryptHashMatch struct{} 16 | 17 | // CompareValues determines whether the first value is a valid bcrypt hash of the second value. 18 | func (v bcryptHashMatch) CompareValues(values ...any) error { 19 | if len(values) != 2 { 20 | return fmt.Errorf("expected to receive two values to compare, but got: %d", len(values)) 21 | } 22 | 23 | hash, ok := values[0].(string) 24 | if !ok { 25 | return fmt.Errorf("expected bcrypt hash to be of type string, but got: %T", values[0]) 26 | } 27 | 28 | plainTextVal, ok := values[1].(string) 29 | if !ok { 30 | return fmt.Errorf("expected plain text value to be of type string, but got: %T", values[1]) 31 | } 32 | 33 | return bcrypt.CompareHashAndPassword([]byte(hash), []byte(plainTextVal)) 34 | } 35 | 36 | // BcryptHashMatch returns a ValueComparer for asserting that the first value in the sequence is a matching 37 | // bcrypt hash of the second value. 38 | func BcryptHashMatch() bcryptHashMatch { 39 | return bcryptHashMatch{} 40 | } 41 | -------------------------------------------------------------------------------- /internal/randomtest/bcrypt_hash_mismatch.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package randomtest 5 | 6 | import ( 7 | "errors" 8 | "fmt" 9 | 10 | "github.com/hashicorp/terraform-plugin-testing/compare" 11 | "golang.org/x/crypto/bcrypt" 12 | ) 13 | 14 | var _ compare.ValueComparer = bcryptHashMismatch{} 15 | 16 | type bcryptHashMismatch struct{} 17 | 18 | // CompareValues determines whether the first value is a valid bcrypt hash of the second value. 19 | func (v bcryptHashMismatch) CompareValues(values ...any) error { 20 | if len(values) != 2 { 21 | return fmt.Errorf("expected to receive two values to compare, but got: %d", len(values)) 22 | } 23 | 24 | hash, ok := values[0].(string) 25 | if !ok { 26 | return fmt.Errorf("expected bcrypt hash to be of type string, but got: %T", values[0]) 27 | } 28 | 29 | plainTextVal, ok := values[1].(string) 30 | if !ok { 31 | return fmt.Errorf("expected plain text value to be of type string, but got: %T", values[1]) 32 | } 33 | 34 | err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(plainTextVal)) 35 | if !errors.Is(err, bcrypt.ErrMismatchedHashAndPassword) { 36 | return fmt.Errorf("unexpected error: %s", err) 37 | } 38 | 39 | return nil 40 | } 41 | 42 | // BcryptHashMismatch returns a ValueComparer for asserting that the first value in the sequence is not a matching 43 | // bcrypt hash of the second value. If there is an error parsing the hash, this compare will fail. 44 | func BcryptHashMismatch() bcryptHashMismatch { 45 | return bcryptHashMismatch{} 46 | } 47 | -------------------------------------------------------------------------------- /internal/randomtest/expect_no_attribute.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | package randomtest 4 | 5 | import ( 6 | "context" 7 | "fmt" 8 | 9 | tfjson "github.com/hashicorp/terraform-json" 10 | 11 | "github.com/hashicorp/terraform-plugin-testing/statecheck" 12 | "github.com/hashicorp/terraform-plugin-testing/tfjsonpath" 13 | ) 14 | 15 | var _ statecheck.StateCheck = expectNoAttribute{} 16 | 17 | type expectNoAttribute struct { 18 | resourceAddress string 19 | attributePath tfjsonpath.Path 20 | } 21 | 22 | // CheckState implements the state check logic. 23 | func (e expectNoAttribute) CheckState(ctx context.Context, req statecheck.CheckStateRequest, resp *statecheck.CheckStateResponse) { 24 | var resource *tfjson.StateResource 25 | 26 | if req.State == nil { 27 | resp.Error = fmt.Errorf("state is nil") 28 | 29 | return 30 | } 31 | 32 | if req.State.Values == nil { 33 | resp.Error = fmt.Errorf("state does not contain any state values") 34 | 35 | return 36 | } 37 | 38 | if req.State.Values.RootModule == nil { 39 | resp.Error = fmt.Errorf("state does not contain a root module") 40 | 41 | return 42 | } 43 | 44 | for _, r := range req.State.Values.RootModule.Resources { 45 | if e.resourceAddress == r.Address { 46 | resource = r 47 | 48 | break 49 | } 50 | } 51 | 52 | if resource == nil { 53 | resp.Error = fmt.Errorf("%s - Resource not found in state", e.resourceAddress) 54 | 55 | return 56 | } 57 | 58 | _, err := tfjsonpath.Traverse(resource.AttributeValues, e.attributePath) 59 | 60 | // Attribute doesn't exist in the resource, which is the success scenario for this state check. 61 | if err != nil { 62 | return 63 | } 64 | 65 | resp.Error = fmt.Errorf("%s - Attribute %q was found in resource state, but was expected to not exist", e.resourceAddress, e.attributePath.String()) 66 | } 67 | 68 | // ExpectNoAttribute returns a state check that asserts that the specified attribute at the given resource does not exist. 69 | func ExpectNoAttribute(resourceAddress string, attributePath tfjsonpath.Path) statecheck.StateCheck { 70 | return expectNoAttribute{ 71 | resourceAddress: resourceAddress, 72 | attributePath: attributePath, 73 | } 74 | } 75 | -------------------------------------------------------------------------------- /internal/randomtest/string_length_exact.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package randomtest 5 | 6 | import ( 7 | "fmt" 8 | "strconv" 9 | 10 | "github.com/hashicorp/terraform-plugin-testing/knownvalue" 11 | ) 12 | 13 | var _ knownvalue.Check = stringLengthExact{} 14 | 15 | type stringLengthExact struct { 16 | length int 17 | } 18 | 19 | // CheckValue determines whether the passed value is of type string, and 20 | // contains a matching length of bytes. 21 | func (v stringLengthExact) CheckValue(other any) error { 22 | otherVal, ok := other.(string) 23 | 24 | if !ok { 25 | return fmt.Errorf("expected string value for StringLengthExact check, got: %T", other) 26 | } 27 | 28 | if len(otherVal) != v.length { 29 | return fmt.Errorf("expected string of length %d for StringLengthExact check, got: %d (value = %s)", v.length, len(otherVal), otherVal) 30 | } 31 | 32 | return nil 33 | } 34 | 35 | // String returns the string representation of the value. 36 | func (v stringLengthExact) String() string { 37 | return strconv.FormatInt(int64(v.length), 10) 38 | } 39 | 40 | // StringLengthExact returns a Check for asserting the exact length of the 41 | // value passed to the CheckValue method. 42 | func StringLengthExact(length int) stringLengthExact { 43 | return stringLengthExact{ 44 | length: length, 45 | } 46 | } 47 | -------------------------------------------------------------------------------- /internal/randomtest/string_length_min.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package randomtest 5 | 6 | import ( 7 | "fmt" 8 | "strconv" 9 | 10 | "github.com/hashicorp/terraform-plugin-testing/knownvalue" 11 | ) 12 | 13 | var _ knownvalue.Check = stringLengthMin{} 14 | 15 | type stringLengthMin struct { 16 | minLength int 17 | } 18 | 19 | // CheckValue determines whether the passed value is of type string, and 20 | // contains a matching length of bytes. 21 | func (v stringLengthMin) CheckValue(other any) error { 22 | otherVal, ok := other.(string) 23 | 24 | if !ok { 25 | return fmt.Errorf("expected string value for StringLengthMin check, got: %T", other) 26 | } 27 | 28 | if len(otherVal) < v.minLength { 29 | return fmt.Errorf("expected string length to be at least %d for StringLengthMin check, got: %d (value = %s)", v.minLength, len(otherVal), otherVal) 30 | } 31 | 32 | return nil 33 | } 34 | 35 | // String returns the string representation of the value. 36 | func (v stringLengthMin) String() string { 37 | return strconv.FormatInt(int64(v.minLength), 10) 38 | } 39 | 40 | // StringLengthMin returns a Check for asserting the minimum length of the 41 | // value passed to the CheckValue method. 42 | func StringLengthMin(minLength int) stringLengthMin { 43 | return stringLengthMin{ 44 | minLength: minLength, 45 | } 46 | } 47 | -------------------------------------------------------------------------------- /internal/validators/boolvalidator.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package validators 5 | 6 | import ( 7 | "context" 8 | "fmt" 9 | 10 | "github.com/hashicorp/terraform-plugin-framework-validators/helpers/validatordiag" 11 | "github.com/hashicorp/terraform-plugin-framework/diag" 12 | "github.com/hashicorp/terraform-plugin-framework/path" 13 | "github.com/hashicorp/terraform-plugin-framework/schema/validator" 14 | "github.com/hashicorp/terraform-plugin-framework/tfsdk" 15 | "github.com/hashicorp/terraform-plugin-framework/types" 16 | ) 17 | 18 | // AtLeastOneOfTrueValidator is the underlying struct implementing AtLeastOneOfTrue. 19 | type AtLeastOneOfTrueValidator struct { 20 | PathExpressions path.Expressions 21 | } 22 | 23 | type AtLeastOneOfTrueValidatorRequest struct { 24 | Config tfsdk.Config 25 | ConfigValue types.Bool 26 | Path path.Path 27 | PathExpression path.Expression 28 | } 29 | 30 | type AtLeastOneOfTrueValidatorResponse struct { 31 | Diagnostics diag.Diagnostics 32 | } 33 | 34 | func (av AtLeastOneOfTrueValidator) Description(ctx context.Context) string { 35 | return av.MarkdownDescription(ctx) 36 | } 37 | 38 | func (av AtLeastOneOfTrueValidator) MarkdownDescription(_ context.Context) string { 39 | return fmt.Sprintf("Ensure that at least one attribute from this collection is set: %s", av.PathExpressions) 40 | } 41 | 42 | func (av AtLeastOneOfTrueValidator) Validate(ctx context.Context, req AtLeastOneOfTrueValidatorRequest, res *AtLeastOneOfTrueValidatorResponse) { 43 | if req.ConfigValue.IsNull() { 44 | return 45 | } 46 | 47 | // At least one value is not false 48 | if !req.ConfigValue.IsNull() && req.ConfigValue.ValueBool() { 49 | return 50 | } 51 | 52 | expressions := req.PathExpression.MergeExpressions(av.PathExpressions...) 53 | 54 | for _, expression := range expressions { 55 | matchedPaths, diags := req.Config.PathMatches(ctx, expression) 56 | 57 | res.Diagnostics.Append(diags...) 58 | 59 | // Collect all errors 60 | if diags.HasError() { 61 | continue 62 | } 63 | 64 | for _, mp := range matchedPaths { 65 | var mpVal types.Bool 66 | diags := req.Config.GetAttribute(ctx, mp, &mpVal) 67 | res.Diagnostics.Append(diags...) 68 | 69 | // Collect all errors 70 | if diags.HasError() { 71 | continue 72 | } 73 | 74 | // Delay validation until all involved attribute have a known value 75 | if mpVal.IsUnknown() { 76 | return 77 | } 78 | 79 | if mpVal.IsNull() { 80 | return 81 | } 82 | 83 | // At least one value is not false 84 | if !mpVal.IsNull() && mpVal.ValueBool() { 85 | return 86 | } 87 | } 88 | } 89 | 90 | expressions.Append(req.PathExpression) 91 | 92 | res.Diagnostics.Append(validatordiag.InvalidAttributeCombinationDiagnostic( 93 | req.Path, 94 | fmt.Sprintf("At least one attribute out of %s must be specified as true", expressions), 95 | )) 96 | } 97 | 98 | func (av AtLeastOneOfTrueValidator) ValidateBool(ctx context.Context, req validator.BoolRequest, resp *validator.BoolResponse) { 99 | validateReq := AtLeastOneOfTrueValidatorRequest{ 100 | Config: req.Config, 101 | ConfigValue: req.ConfigValue, 102 | Path: req.Path, 103 | PathExpression: req.PathExpression, 104 | } 105 | validateResp := &AtLeastOneOfTrueValidatorResponse{} 106 | 107 | av.Validate(ctx, validateReq, validateResp) 108 | 109 | resp.Diagnostics.Append(validateResp.Diagnostics...) 110 | } 111 | 112 | func AtLeastOneOfTrue(expressions ...path.Expression) validator.Bool { 113 | return AtLeastOneOfTrueValidator{ 114 | PathExpressions: expressions, 115 | } 116 | } 117 | -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | package main 5 | 6 | import ( 7 | "context" 8 | "flag" 9 | "log" 10 | 11 | "github.com/hashicorp/terraform-plugin-framework/providerserver" 12 | 13 | "github.com/terraform-providers/terraform-provider-random/internal/provider" 14 | ) 15 | 16 | func main() { 17 | var debug bool 18 | 19 | flag.BoolVar(&debug, "debug", false, "set to true to run the provider with support for debuggers like delve") 20 | flag.Parse() 21 | 22 | err := providerserver.Serve(context.Background(), provider.New, providerserver.ServeOpts{ 23 | Address: "registry.terraform.io/hashicorp/random", 24 | Debug: debug, 25 | ProtocolVersion: 5, 26 | }) 27 | if err != nil { 28 | log.Fatal(err) 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /templates/index.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "Provider: Random" 3 | description: |- 4 | The Random provider is used to generate randomness. 5 | --- 6 | 7 | # Random Provider 8 | 9 | The "random" provider allows the use of randomness within Terraform 10 | configurations. This is a *logical provider*, which means that it works 11 | entirely within Terraform's logic, and doesn't interact with any other 12 | services. 13 | 14 | Unconstrained randomness within a Terraform configuration would not be very 15 | useful, since Terraform's goal is to converge on a fixed configuration by 16 | applying a diff. Because of this, the "random" provider provides an idea of 17 | *managed randomness*: it provides resources that generate random values during 18 | their creation and then hold those values steady until the inputs are changed. 19 | 20 | Even with these resources, it is advisable to keep the use of randomness within 21 | Terraform configuration to a minimum, and retain it for special cases only; 22 | Terraform works best when the configuration is well-defined, since its behavior 23 | can then be more readily predicted. 24 | 25 | Unless otherwise stated within the documentation of a specific resource, this 26 | provider's results are **not** sufficiently random for cryptographic use. 27 | 28 | For more information on the specific resources available, see the links in the 29 | navigation bar. Read on for information on the general patterns that apply 30 | to this provider's resources. 31 | 32 | ## Resource "Keepers" 33 | 34 | As noted above, the random resources generate randomness only when they are 35 | created; the results produced are stored in the Terraform state and re-used 36 | until the inputs change, prompting the resource to be recreated. 37 | 38 | The resources all provide a map argument called `keepers` that can be populated 39 | with arbitrary key/value pairs that should be selected such that they remain 40 | the same until new random values are desired. 41 | 42 | For example: 43 | 44 | {{ tffile "examples/provider/provider.tf" }} 45 | 46 | Resource "keepers" are optional. The other arguments to each resource must 47 | *also* remain constant in order to retain a random result. 48 | 49 | `keepers` are *not* treated as sensitive attributes; a value used for `keepers` will be displayed in Terraform UI output as plaintext. 50 | 51 | To force a random result to be replaced, the `taint` command can be used to 52 | produce a new result on the next run. 53 | 54 | {{- /* No schema in this provider, so no need for this: .SchemaMarkdown | trimspace */ -}} -------------------------------------------------------------------------------- /templates/resources/password.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | ## Example Usage 13 | 14 | {{ tffile (printf "examples/resources/%s/resource.tf" .Name)}} 15 | 16 | {{ .SchemaMarkdown | trimspace }} 17 | 18 | ## Import 19 | 20 | Import is supported using the following syntax: 21 | 22 | ```shell 23 | terraform import random_password.password securepassword 24 | ``` 25 | 26 | ### Limitations of Import 27 | 28 | Any attribute values that are specified within Terraform config will be 29 | ignored during import and all attributes that have defaults defined within 30 | the schema will have the default assigned. 31 | 32 | For instance, using the following config during import: 33 | ```terraform 34 | resource "random_password" "password" { 35 | length = 16 36 | lower = false 37 | } 38 | ``` 39 | 40 | Then importing the resource using `terraform import random_password.password securepassword`, 41 | would result in the triggering of a replacement (i.e., destroy-create) during the next 42 | `terraform apply`. 43 | 44 | ### Avoiding Replacement 45 | 46 | If the resource were imported using `terraform import random_password.password securepassword`, 47 | replacement could be avoided by using: 48 | 49 | 1. Attribute values that match the imported ID and defaults: 50 | 51 | ```terraform 52 | resource "random_password" "password" { 53 | length = 14 54 | lower = true 55 | } 56 | ``` 57 | 58 | 59 | 2. Attribute values that match the imported ID and omit the attributes with defaults: 60 | 61 | ```terraform 62 | resource "random_password" "password" { 63 | length = 14 64 | } 65 | ``` 66 | 67 | 68 | 3. `ignore_changes` specifying the attributes to ignore: 69 | 70 | ```terraform 71 | resource "random_password" "password" { 72 | length = 16 73 | lower = false 74 | 75 | lifecycle { 76 | ignore_changes = [ 77 | length, 78 | lower, 79 | ] 80 | } 81 | } 82 | ``` 83 | 84 | **NOTE** `ignore_changes` is only required until the resource is recreated after import, 85 | after which it will use the configuration values specified. 86 | -------------------------------------------------------------------------------- /templates/resources/string.md.tmpl: -------------------------------------------------------------------------------- 1 | --- 2 | page_title: "{{.Name}} {{.Type}} - {{.ProviderName}}" 3 | subcategory: "" 4 | description: |- 5 | {{ .Description | plainmarkdown | trimspace | prefixlines " " }} 6 | --- 7 | 8 | # {{.Name}} ({{.Type}}) 9 | 10 | {{ .Description | trimspace }} 11 | 12 | ## Example Usage 13 | 14 | {{ tffile (printf "examples/resources/%s/resource.tf" .Name)}} 15 | 16 | {{ .SchemaMarkdown | trimspace }} 17 | 18 | ## Import 19 | 20 | Import is supported using the following syntax: 21 | 22 | ```shell 23 | terraform import random_string.test test 24 | ``` 25 | 26 | ### Limitations of Import 27 | 28 | Any attribute values that are specified within Terraform config will be 29 | ignored during import and all attributes that have defaults defined within 30 | the schema will have the default assigned. 31 | 32 | For instance, using the following config during import: 33 | ```terraform 34 | resource "random_string" "test" { 35 | length = 16 36 | lower = false 37 | } 38 | ``` 39 | 40 | Then importing the resource using `terraform import random_string.test test`, 41 | would result in the triggering of a replacement (i.e., destroy-create) during 42 | the next `terraform apply`. 43 | 44 | ### Avoiding Replacement 45 | 46 | If the resource were imported using `terraform import random_string.test test`, 47 | replacement can be avoided by using: 48 | 49 | 1. Attribute values that match the imported ID and defaults: 50 | ```terraform 51 | resource "random_string" "test" { 52 | length = 4 53 | lower = true 54 | } 55 | ``` 56 | 57 | 2. Attribute values that match the imported ID and omit the attributes with defaults: 58 | ```terraform 59 | resource "random_string" "test" { 60 | length = 4 61 | } 62 | ``` 63 | 64 | 3. `ignore_changes` specifying the attributes to ignore: 65 | ```terraform 66 | resource "random_string" "test" { 67 | length = 16 68 | lower = false 69 | 70 | lifecycle { 71 | ignore_changes = [ 72 | length, 73 | lower, 74 | ] 75 | } 76 | } 77 | ``` 78 | 79 | **NOTE** `ignore_changes` is only required until the resource is recreated after import, 80 | after which it will use the configuration values specified. -------------------------------------------------------------------------------- /terraform-registry-manifest.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": 1, 3 | "metadata": { 4 | "protocol_versions": ["5.0"] 5 | } 6 | } -------------------------------------------------------------------------------- /tools/go.mod: -------------------------------------------------------------------------------- 1 | module tools 2 | 3 | go 1.23.7 4 | 5 | require ( 6 | github.com/hashicorp/copywrite v0.22.0 7 | github.com/hashicorp/terraform-plugin-docs v0.21.0 8 | ) 9 | 10 | require ( 11 | dario.cat/mergo v1.0.1 // indirect 12 | github.com/AlecAivazis/survey/v2 v2.3.7 // indirect 13 | github.com/BurntSushi/toml v1.2.1 // indirect 14 | github.com/Kunde21/markdownfmt/v3 v3.1.0 // indirect 15 | github.com/Masterminds/goutils v1.1.1 // indirect 16 | github.com/Masterminds/semver/v3 v3.3.0 // indirect 17 | github.com/Masterminds/sprig/v3 v3.3.0 // indirect 18 | github.com/ProtonMail/go-crypto v1.1.3 // indirect 19 | github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect 20 | github.com/armon/go-radix v1.0.0 // indirect 21 | github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef // indirect 22 | github.com/bgentry/speakeasy v0.1.0 // indirect 23 | github.com/bmatcuk/doublestar/v4 v4.8.1 // indirect 24 | github.com/bradleyfalzon/ghinstallation/v2 v2.5.0 // indirect 25 | github.com/cli/go-gh/v2 v2.12.1 // indirect 26 | github.com/cli/safeexec v1.0.0 // indirect 27 | github.com/cloudflare/circl v1.3.7 // indirect 28 | github.com/fatih/color v1.16.0 // indirect 29 | github.com/fsnotify/fsnotify v1.5.4 // indirect 30 | github.com/go-openapi/errors v0.20.2 // indirect 31 | github.com/go-openapi/strfmt v0.21.3 // indirect 32 | github.com/golang-jwt/jwt/v4 v4.5.2 // indirect 33 | github.com/golang/protobuf v1.5.2 // indirect 34 | github.com/google/go-github/v45 v45.2.0 // indirect 35 | github.com/google/go-github/v53 v53.0.0 // indirect 36 | github.com/google/go-querystring v1.1.0 // indirect 37 | github.com/google/uuid v1.6.0 // indirect 38 | github.com/hashicorp/cli v1.1.7 // indirect 39 | github.com/hashicorp/errwrap v1.1.0 // indirect 40 | github.com/hashicorp/go-checkpoint v0.5.0 // indirect 41 | github.com/hashicorp/go-cleanhttp v0.5.2 // indirect 42 | github.com/hashicorp/go-hclog v1.6.3 // indirect 43 | github.com/hashicorp/go-multierror v1.1.1 // indirect 44 | github.com/hashicorp/go-retryablehttp v0.7.7 // indirect 45 | github.com/hashicorp/go-uuid v1.0.3 // indirect 46 | github.com/hashicorp/go-version v1.7.0 // indirect 47 | github.com/hashicorp/hc-install v0.9.1 // indirect 48 | github.com/hashicorp/hcl v1.0.0 // indirect 49 | github.com/hashicorp/terraform-exec v0.22.0 // indirect 50 | github.com/hashicorp/terraform-json v0.24.0 // indirect 51 | github.com/huandu/xstrings v1.5.0 // indirect 52 | github.com/inconshreveable/mousetrap v1.0.1 // indirect 53 | github.com/jedib0t/go-pretty v4.3.0+incompatible // indirect 54 | github.com/jedib0t/go-pretty/v6 v6.4.6 // indirect 55 | github.com/joho/godotenv v1.3.0 // indirect 56 | github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect 57 | github.com/knadh/koanf v1.5.0 // indirect 58 | github.com/mattn/go-colorable v0.1.14 // indirect 59 | github.com/mattn/go-isatty v0.0.20 // indirect 60 | github.com/mattn/go-runewidth v0.0.16 // indirect 61 | github.com/mergestat/timediff v0.0.3 // indirect 62 | github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect 63 | github.com/mitchellh/copystructure v1.2.0 // indirect 64 | github.com/mitchellh/go-homedir v1.1.0 // indirect 65 | github.com/mitchellh/mapstructure v1.5.0 // indirect 66 | github.com/mitchellh/reflectwalk v1.0.2 // indirect 67 | github.com/oklog/ulid v1.3.1 // indirect 68 | github.com/posener/complete v1.2.3 // indirect 69 | github.com/rivo/uniseg v0.4.7 // indirect 70 | github.com/samber/lo v1.37.0 // indirect 71 | github.com/shopspring/decimal v1.4.0 // indirect 72 | github.com/spf13/cast v1.7.0 // indirect 73 | github.com/spf13/cobra v1.6.1 // indirect 74 | github.com/spf13/pflag v1.0.5 // indirect 75 | github.com/thanhpk/randstr v1.0.4 // indirect 76 | github.com/yuin/goldmark v1.7.8 // indirect 77 | github.com/yuin/goldmark-meta v1.1.0 // indirect 78 | github.com/zclconf/go-cty v1.16.2 // indirect 79 | go.abhg.dev/goldmark/frontmatter v0.2.0 // indirect 80 | go.mongodb.org/mongo-driver v1.10.0 // indirect 81 | golang.org/x/crypto v0.36.0 // indirect 82 | golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df // indirect 83 | golang.org/x/mod v0.22.0 // indirect 84 | golang.org/x/net v0.38.0 // indirect 85 | golang.org/x/oauth2 v0.8.0 // indirect 86 | golang.org/x/sync v0.12.0 // indirect 87 | golang.org/x/sys v0.31.0 // indirect 88 | golang.org/x/term v0.30.0 // indirect 89 | golang.org/x/text v0.23.0 // indirect 90 | google.golang.org/appengine v1.6.7 // indirect 91 | google.golang.org/protobuf v1.33.0 // indirect 92 | gopkg.in/yaml.v2 v2.4.0 // indirect 93 | gopkg.in/yaml.v3 v3.0.1 // indirect 94 | ) 95 | -------------------------------------------------------------------------------- /tools/tools.go: -------------------------------------------------------------------------------- 1 | // Copyright (c) HashiCorp, Inc. 2 | // SPDX-License-Identifier: MPL-2.0 3 | 4 | //go:build generate 5 | 6 | package tools 7 | 8 | import ( 9 | // document generation 10 | _ "github.com/hashicorp/terraform-plugin-docs/cmd/tfplugindocs" 11 | // copywrite header generation 12 | _ "github.com/hashicorp/copywrite" 13 | ) 14 | 15 | // Generate copyright headers 16 | //go:generate go run github.com/hashicorp/copywrite headers -d .. --config ../.copywrite.hcl 17 | // Format Terraform code for use in documentation. 18 | // If you do not have Terraform installed, you can remove the formatting command, but it is suggested 19 | // to ensure the documentation is formatted properly. 20 | //go:generate terraform fmt -recursive ../examples/ 21 | // Generate documentation. 22 | //go:generate go run github.com/hashicorp/terraform-plugin-docs/cmd/tfplugindocs generate --provider-dir .. 23 | -------------------------------------------------------------------------------- /version/VERSION: -------------------------------------------------------------------------------- 1 | 3.7.2 --------------------------------------------------------------------------------