You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This issue is reported from Azure provider but it seems to be TF core related. More details including TF config files, run output, related source code could refer to the source issue.
A brief summary of the above issue is, when provider resource source code is written as below:
b always shows up as plain text rather than (sensitive value) in command output. Removing ConfigMode: schema.SchemaConfigModeAttr could solve this problem.
Expected Behavior
Sensitive fields are marked as (sensitive value) in log / cmd-output, which is not impacted by how ConfigMode is set.
or
Any official document is provided to explain the impact of SchemaConfigModeAttr to sensitive fields.
Actual Behavior
Sensitive fields have plain text value shown in log / cmd-output when ConfigMode is set as SchemaConfigModeAttr
References
Refer to the issue reported in the Azure provider.
The text was updated successfully, but these errors were encountered:
This is, unfortunately, a limitation of ConfigModeAttr. When the SDK sends terraform the schema for a resource created with that flag set, it's sent as a regular Attribute with (in your example) type list(object), instead of a Block. Attributes inside a block can be sensitive, but nested attributes inside objects cannot be sensitive. There's an issue for this open with the SDK repository: hashicorp/terraform-plugin-sdk#201
You can see this in action yourself by running terraform providers schema -json.
Here's an example of that output, using your "a" schema above:
Since there's already an issue open with the SDK, I am going to close this. I hope the additional information is helpful (or at least interesting). Thanks!
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
Terraform Version
0.13.6; 0.14.10
Description
This issue is reported from Azure provider but it seems to be TF core related. More details including TF config files, run output, related source code could refer to the source issue.
A brief summary of the above issue is, when provider resource source code is written as below:
b
always shows up as plain text rather than (sensitive value) in command output. RemovingConfigMode: schema.SchemaConfigModeAttr
could solve this problem.Expected Behavior
Sensitive fields are marked as (sensitive value) in log / cmd-output, which is not impacted by how
ConfigMode
is set.or
Any official document is provided to explain the impact of SchemaConfigModeAttr to sensitive fields.
Actual Behavior
Sensitive fields have plain text value shown in log / cmd-output when
ConfigMode
is set asSchemaConfigModeAttr
References
Refer to the issue reported in the Azure provider.
The text was updated successfully, but these errors were encountered: