snippetterraformMinor
Terraform: how do you inspect sensitive data?
Viewed 0 times
inspectyouhowsensitivedataterraform
Problem
In a resource of type
Now in principle this could be doing anything - deleting all my containers, spinning up bitcoin mining containers, etc.
Is there any way I can look at the data, both the old and the new?
aws_ecs_task_definition my plan has an line that looks like this:~ container_definitions = (sensitive) # forces replacementNow in principle this could be doing anything - deleting all my containers, spinning up bitcoin mining containers, etc.
Is there any way I can look at the data, both the old and the new?
Solution
When your configuration or a provider marks an attribute as sensitive, Terraform will always hide that value in any output that's intended for human consumption.
The real values are available in machine-readable output though. This is primarily with the aim of integrating with external software, but if you need to then you can also inspect the machine-readable output directly yourself.
You can get a machine-readable (JSON) rendering of a plan like this:
If you intend to read it directly in the terminal then it can help to pipe it into
The real values are available in machine-readable output though. This is primarily with the aim of integrating with external software, but if you need to then you can also inspect the machine-readable output directly yourself.
You can get a machine-readable (JSON) rendering of a plan like this:
terraform plan -out=tfplan
terraform show -json tfplanIf you intend to read it directly in the terminal then it can help to pipe it into
jq, if you have that utility installed:terraform show -json tfplan | jqCode Snippets
terraform plan -out=tfplan
terraform show -json tfplanterraform show -json tfplan | jqContext
StackExchange DevOps Q#13842, answer score: 4
Revisions (0)
No revisions yet.