Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://developer.hashicorp.com/terraform/language/ephemeral below:

Ephemeral block reference for the Terraform configuration language | Terraform

Ephemeral resources are Terraform resources that are essentially temporary. Ephemeral resources have a unique lifecycle, and Terraform does not store them in its state. Each ephemeral block describes one or more ephemeral resources, such as a temporary password or connection to another system.

Note: Ephemeral resources are available in Terraform v1.10 and later.

The lifecycle of an ephemeral resource is different from other resources and data sources. Terraform performs the following lifecycle steps for each ephemeral resource in a configuration:

1. If Terraform needs to access the result of an ephemeral resource, it opens that ephemeral resource. For example, if Terraform opens an ephemeral resource for a Vault secret, the Vault provider obtains a lease and returns the secret.

2. If Terraform needs access to the ephemeral resource for longer than the remote system's enforced expiration time, Terraform asks the provider to periodically renew it. For example, if Terraform renews a Vault secret ephemeral resource, the Vault provider calls Vault's lease renewal API endpoint to extend the expiration time.

3. Once Terraform no longer needs an ephemeral resource, Terraform closes it. This happens after the providers that depend on an ephemeral resource complete all of their work for the current Terraform run phase. For example, closing a Vault secret ephemeral resource means the Vault provider explicitly ends the lease, allowing Vault to immediately revoke the associated credentials.

Ephemeral resources form nodes in Terraform's dependency graph, which interact similarly as resources and data sources. For example, when a resource or data source depends on an attribute of an ephemeral resource, Terraform automatically provisions the ephemeral resource first.

If an input argument of an ephemeral resource references a value that Terraform does not know yet, but can learn during or after a plan, Terraform defers executing that resource until the apply stage. Deferring execution lets Terraform ensure it has all of the information it needs to properly provision the ephemeral resource.

An ephemeral block declares an ephemeral resource of a specific type with a specific local name, much like a resource block. Terraform uses an ephemeral resource's name to refer to that resource in the same module, but an ephemeral resource's name has no meaning outside that module's scope.

Most of the arguments within the body of an ephemeral block are specific to the ephemeral resource you are defining. As with resources and data sources, each provider in the Terraform Registry includes documentation for the ephemeral resources it supports, if any. An ephemeral resource type's documentation lists which arguments are available and how you should format your resource's values.

The following list outlines general field hierarchy, language-specific data types, and requirements in the ephemeral block.

• ephemeral: map
  • attributes
  • meta-arguments

An ephemeral block has the following form:

ephemeral "<resource_type>" "<resource_name>" {
  <attributes>
  <meta-arguments>
}

You can only reference ephemeral resources in specific ephemeral contexts or Terraform throws an error. The following are valid contexts for referencing ephemeral resources:

• In a write-only argument
• In another ephemeral resource
• In local values
• In ephemeral variables
• In ephemeral outputs
• Configuring providers in the provider block
• In provisioner and connection blocks

You can use the following meta-arguments with ephemeral resources to change the behavior of those resources. The following meta-arguments work the same way for resources, data sources, and ephemeral resources:

• depends_on, for specifying hidden dependencies
• count, for creating multiple resource instances according to a count
• for_each, to create multiple instances according to a map or set of strings
• provider, for selecting a non-default provider configuration
• lifecycle, for lifecycle customizations

Ephemeral resources do not support the provisioner meta-argument.

The following example configures the postgresql provider with credentials from an ephemeral resource. Since these credentials are managed by an ephemeral resource, Terraform does not store them in your state or plan files.

ephemeral "aws_secretsmanager_secret_version" "db_master" {
  secret_id = aws_secretsmanager_secret_version.db_password.secret_id
}

locals {
  credentials = jsondecode(ephemeral.aws_secretsmanager_secret_version.db_master.secret_string)
}

provider "postgresql" {
  host     = aws_db_instance.example.address
  port     = aws_db_instance.example.port
  username = local.credentials["username"]
  password = local.credentials["password"]
}

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4