hashicorp / terraform-provider-random Goto Github PK

View Code? Open in Web Editor NEW

195.0 22.0 114.0 12.53 MB

Utility provider that supports the use of randomness within Terraform configurations.

Home Page: https://registry.terraform.io/providers/hashicorp/random/latest

License: Mozilla Public License 2.0

Makefile 0.09% Go 99.71% HCL 0.20%

terraform terraform-provider random

terraform-provider-random's Introduction

Terraform Provider: Random

The Random provider supports the use of randomness within Terraform configurations. The provider resources can be used to generate a random id, integer, password, pet, shuffle (random permutation of a list of strings), string or uuid.

Documentation, questions and discussions

Official documentation on how to use this provider can be found on the Terraform Registry. In case of specific questions or discussions, please use the HashiCorp Terraform Providers Discuss forums, in accordance with HashiCorp Community Guidelines.

We also provide:

Support page for help when using the provider
Contributing guidelines in case you want to help this project
Design documentation to understand the scope and maintenance decisions

The remainder of this document will focus on the development aspects of the provider.

Requirements

Terraform (>= 0.12)
Go (1.21)
GNU Make
golangci-lint (optional)

Development

Building

git clone this repository and cd into its directory
make build will trigger the Golang build

The provided GNUmakefile defines additional commands generally useful during development, like for running tests, generating documentation, code formatting and linting. Taking a look at it's content is recommended.

Testing

In order to test the provider, you can run

make test to run provider tests
make testacc to run provider acceptance tests

It's important to note that acceptance tests (testacc) will actually spawn terraform and the provider. Read more about they work on the official page.

Generating documentation

This provider uses terraform-plugin-docs to generate documentation and store it in the docs/ directory. Once a release is cut, the Terraform Registry will download the documentation from docs/ and associate it with the release version. Read more about how this works on the official page.

Use make generate to ensure the documentation is regenerated with any changes.

Using a development build

If running tests and acceptance tests isn't enough, it's possible to set up a local terraform configuration to use a development builds of the provider. This can be achieved by leveraging the Terraform CLI configuration file development overrides.

First, use make install to place a fresh development build of the provider in your ${GOBIN} (defaults to ${GOPATH}/bin or ${HOME}/go/bin if ${GOPATH} is not set). Repeat this every time you make changes to the provider locally.

Then, in your ${HOME}/.terraformrc (Unix) / %APPDATA%\terraform.rc (Windows), a provider_installation that contains the following dev_overrides:

provider_installation {
  dev_overrides {
    "hashicorp/random" = "${GOBIN}" //< replace `${GOBIN}` with the actual path on your system
  }

  direct {}
}

Note that it's also possible to use a dedicated Terraform configuration file and invoke terraform while setting the environment variable TF_CLI_CONFIG_FILE=my_terraform_config_file.

Once the dev_overrides are in place, any local execution of terraform plan and terraform apply will use the version of the provider found in the given ${GOBIN} directory, instead of the one indicated in your terraform configuration.

Testing GitHub Actions

This project uses GitHub Actions to realize its CI.

Sometimes it might be helpful to locally reproduce the behaviour of those actions, and for this we use act. Once installed, you can simulate the actions executed when opening a PR with:

# List of workflows for the 'pull_request' action
$ act -l pull_request

# Execute the workflows associated with the `pull_request' action 
$ act pull_request

Releasing

The release process is automated via GitHub Actions, and it's defined in the Workflow release.yml.

Each release is cut by pushing a semantically versioned tag to the default branch.

License

Mozilla Public License v2.0

terraform-provider-random's People

Contributors

Stargazers

Watchers

Forkers

ryan-dyer-sp bitbrain sheax0r chrisns alexxnica kryndex ginja danawillow alisdair itc3repos phekmat wadeholler oscr dpmerron-ltd zombiezen gdinnegan nyurik zimbatm ajayrockrock charmedbaryon jcarrothers-sap bnygld vadv thirdeyenick thecodeassassin tommyknows nat-henderson stack72 jen20 yanc0 vrutkovs hdhruna h34dl355 hoandang dhoepelman nickgryg enricsoler danusarf riccardomc jahantech flokli allunel screwnet gianluca-mascolo maxtkc cgriggs01 pulumi boazjr d-luu lukiffer ibrohimislam namrata-rajpoot pytoshka contentsquare aareet eda-dev-test slarti-com neodern terrorizer1980 flyinprogrammer rick-pri mootpt roopeshvs pradeepbhadani iamasmith jkerry flaviotvrs cramaker stephan242 jbadru73 isabella232 wakeful felisiam olebru mediaclip tryweirdier lostick andygarfield miguelhrocha automationd l-with flhxer703 hashic0rp giautm jpatigny ryhoward mariadb-vadymfedorov biwashi jcool15 cconcannon garonetux sourcegraph-ce gwnlng tsrobworld iq-scm dimazyuwono danielmschmidt tomasspctest hefeweizen opentofu

terraform-provider-random's Issues

Use cryptographically secure RNG for random_string, or don't recommend them for passwords?

Affected Resource(s)

random_string

Description

Reading index:

Unless otherwise stated within the documentation of a specific resource, this provider's results are not sufficiently random for cryptographic use.

But on random_string, it shows a demo using it for generating a password, and the API for random_string seems to be geared around generating passwords.

Is random_string suitable for generating passwords? If so, it could be good to explicitly mention this on the resource docs, or alternatively, mention that this resource is not for generating passwords?

random_id docs are out of date

This issue was originally opened by @brikis98 as hashicorp/terraform#12262. It was migrated here as part of the provider split. The original body of the issue is below.

#9903 updated the random_id resource to deprecate the b64 attribute and add b64_url and b64_std, but did not update the documentation.

Values from random_integer module are not different when using count

This issue was originally opened by @PleaseStopAsking as hashicorp/terraform#17325. It was migrated here as a result of the provider split. The original body of the issue is below.

Terraform Version

Terraform v0.11.3
+ provider.azurerm v1.1.1
+ provider.random v1.1.0

Terraform Configuration Files

variable "numberOfMachines" {
    default = 2
}


resource "random_integer" "Server" {
    min     = 40
    max     = 79
    count   = "${var.numberOfMachines}"
}

output "ips" {
  value = ["${random_integer.Server.*.result}"]
}

Outputs:

ips = [
    41,
    41
]

Debug Output

Crash Output

Expected Behavior

I expect to see different values for the random integers

Actual Behavior

The same value is produced for each count

Steps to Reproduce

Please list the full steps required to reproduce the issue, for example:

terraform init
terraform plan
terraform apply

Additional Context

References

`output_changes` incorrectly calculated in the plan file

This issue was originally opened by @marcinwyszynski as hashicorp/terraform#24628. It was migrated here as a result of the provider split. The original body of the issue is below.

Terraform Version

❯ terraform version
Terraform v0.12.24

Terraform Configuration Files

provider "random" {}

resource "random_id" "bacon" {
  keepers     = { bacon = "tasty" }
  byte_length = 16
}

output "bacon" { value = random_id.bacon.hex }

Steps to reproduce

After the change has been applied:

❯ terraform plan -out repro.plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

random_id.bacon: Refreshing state... [id=eprljZv58YrewNlMCchkQA]

------------------------------------------------------------------------

No changes. Infrastructure is up-to-date.

This means that Terraform did not detect any differences between your
configuration and real physical resources that exist. As a result, no
actions need to be performed.

❯ terraform plan -out repro.plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

random_id.bacon: Refreshing state... [id=eprljZv58YrewNlMCchkQA]

------------------------------------------------------------------------

No changes. Infrastructure is up-to-date.

This means that Terraform did not detect any differences between your
configuration and real physical resources that exist. As a result, no
actions need to be performed.

❯ terraform show -json repro.plan > repro.json
❯ cat repro.json | jq

{
  "format_version": "0.1",
  "terraform_version": "0.12.24",
  "planned_values": {
    "outputs": {
      "bacon": {
        "sensitive": false,
        "value": "7a9ae58d9bf9f18adec0d94c09c86440"
      }
    },
    "root_module": {
      "resources": [
        {
          "address": "random_id.bacon",
          "mode": "managed",
          "type": "random_id",
          "name": "bacon",
          "provider_name": "random",
          "schema_version": 0,
          "values": {
            "b64": "eprljZv58YrewNlMCchkQA",
            "b64_std": "eprljZv58YrewNlMCchkQA==",
            "b64_url": "eprljZv58YrewNlMCchkQA",
            "byte_length": 16,
            "dec": "162970085093216590396273492464954270784",
            "hex": "7a9ae58d9bf9f18adec0d94c09c86440",
            "id": "eprljZv58YrewNlMCchkQA",
            "keepers": { "bacon": "tasty" },
            "prefix": null
          }
        }
      ]
    }
  },
  "resource_changes": [
    {
      "address": "random_id.bacon",
      "mode": "managed",
      "type": "random_id",
      "name": "bacon",
      "provider_name": "random",
      "change": {
        "actions": ["no-op"],
        "before": {
          "b64": "eprljZv58YrewNlMCchkQA",
          "b64_std": "eprljZv58YrewNlMCchkQA==",
          "b64_url": "eprljZv58YrewNlMCchkQA",
          "byte_length": 16,
          "dec": "162970085093216590396273492464954270784",
          "hex": "7a9ae58d9bf9f18adec0d94c09c86440",
          "id": "eprljZv58YrewNlMCchkQA",
          "keepers": { "bacon": "tasty" },
          "prefix": null
        },
        "after": {
          "b64": "eprljZv58YrewNlMCchkQA",
          "b64_std": "eprljZv58YrewNlMCchkQA==",
          "b64_url": "eprljZv58YrewNlMCchkQA",
          "byte_length": 16,
          "dec": "162970085093216590396273492464954270784",
          "hex": "7a9ae58d9bf9f18adec0d94c09c86440",
          "id": "eprljZv58YrewNlMCchkQA",
          "keepers": { "bacon": "tasty" },
          "prefix": null
        },
        "after_unknown": {}
      }
    }
  ],
  "output_changes": {
    "bacon": {
      "actions": ["create"],
      "before": null,
      "after": "7a9ae58d9bf9f18adec0d94c09c86440",
      "after_unknown": false
    }
  },
  "prior_state": {
    "format_version": "0.1",
    "terraform_version": "0.12.24",
    "values": {
      "outputs": {
        "bacon": {
          "sensitive": false,
          "value": "7a9ae58d9bf9f18adec0d94c09c86440"
        }
      },
      "root_module": {
        "resources": [
          {
            "address": "random_id.bacon",
            "mode": "managed",
            "type": "random_id",
            "name": "bacon",
            "provider_name": "random",
            "schema_version": 0,
            "values": {
              "b64": "eprljZv58YrewNlMCchkQA",
              "b64_std": "eprljZv58YrewNlMCchkQA==",
              "b64_url": "eprljZv58YrewNlMCchkQA",
              "byte_length": 16,
              "dec": "162970085093216590396273492464954270784",
              "hex": "7a9ae58d9bf9f18adec0d94c09c86440",
              "id": "eprljZv58YrewNlMCchkQA",
              "keepers": { "bacon": "tasty" },
              "prefix": null
            }
          }
        ]
      }
    }
  },
  "configuration": {
    "provider_config": { "random": { "name": "random" } },
    "root_module": {
      "outputs": {
        "bacon": { "expression": { "references": ["random_id.bacon"] } }
      },
      "resources": [
        {
          "address": "random_id.bacon",
          "mode": "managed",
          "type": "random_id",
          "name": "bacon",
          "provider_config_key": "random",
          "expressions": {
            "byte_length": { "constant_value": 16 },
            "keepers": { "constant_value": { "bacon": "tasty" } }
          },
          "schema_version": 0
        }
      ]
    }
  }
}

Expected Behavior

The resulting JSON should set the value at $.output_changes.bacon.before to "7a9ae58d9bf9f18adec0d94c09c86440"
The resulting JSON should set the value at $.output_changes.bacon.actions to ["no-op"]

Actual Behavior

The resulting JSON sets the value at $.output_changes.bacon.before to null
The resulting JSON incorrectly sets the value at $.output_changes.bacon.actions to ["create"]

random_string could support import

Terraform Version

Terraform v0.12.1

Affected Resource(s)

random_string

Terraform Configuration Files

resource "random_string" "master_password" {
  length = 16
}

resource "aws_rds_cluster" "cluster" {
  master_password = random_string.master_password.result
}

Expected Behavior

It would be nice to be able to import random strings when you already have things like an RDS cluster set-up otherwise you need to change the password after the first import happens (if you want to keep the password on the state to be able to rotate).

Actual Behavior

Import is denied

Steps to Reproduce

terraform random_string.master_password 1234

If you think this would be useful, let me know and I can try to implement it.

Random_password resource not working?

resource "random_password" "db_password" {
  length = 16
  special = true
  override_special = "!#()-[]<>"
}

resource "aws_db_instance" "bharaths_mysql" {
  instance_class = "db.t2.micro"
  identifier_prefix = "bharaths-terraform-up-and-running"
  engine = "mysql"
  allocated_storage = 10
  name = "bharaths_example_database"
  username = "bharath_admin"
  skip_final_snapshot     =  true
  apply_immediately = true
  password = random_password.db_password.id
  lifecycle {
    ignore_changes = ["password"]
  }
}

It is throwing error as below. And while running terraform apply it still displaying as id=None

random_password.db_password: Creating...
random_password.db_password: Creation complete after 0s [id=none]
aws_db_instance.bharaths_mysql: Creating...

Error: Error creating DB Instance: InvalidParameterValue: The parameter MasterUserPassword is not a valid password because it is shorter than 8 characters.
        status code: 400, request id: 2c27c0b3-811c-41c0-89e3-8a455ba52c9e, {
  AllocatedStorage: 10,
  AutoMinorVersionUpgrade: true,
  BackupRetentionPeriod: 0,
  CopyTagsToSnapshot: false,
  DBInstanceClass: "db.t2.micro",
  DBInstanceIdentifier: "bharaths-terraform-up-and-running20190822040017255400000001",
  DBName: "bharaths_example_database",
  DeletionProtection: false,
  Engine: "mysql",
  EngineVersion: "",
  MasterUserPassword: "********",
  MasterUsername: "bharath_admin",
  PubliclyAccessible: false,
  StorageEncrypted: false,
  Tags: []
}

  on main.tf line 23, in resource "aws_db_instance" "bharaths_mysql":
  23: resource "aws_db_instance" "bharaths_mysql" {


Releasing state lock. This may take a few moments...
Bharaths-MacBook-Pro:mysql bharathdasaraju$

any workaround for this?

random_uuid with keepers doesn't respect depends_on

Hi there,

I'm encountering a bug when trying to generate a file and then use keepers to generate a unique uuid updated based on the filemd5 hashes of the files within a directory.

Terraform Version

Run terraform -v to show the version. If you are not running the latest version of Terraform, please upgrade because your issue may have already been fixed.

Terraform v0.12.13
+ provider.archive v1.3.0
+ provider.google v2.19.0
+ provider.local v1.4.0
+ provider.null v2.1.2
+ provider.random v2.2.1

Affected Resource(s)

Please list the resources as a list, for example:

random_uuid
If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.

Terraform Configuration Files

resource "local_file" "generated-config" {
  content  = jsonencode({a=1, b=2})
  filename = "${path.module}/code/generated.json"
}

resource "random_uuid" "code_hash" {
  keepers = {
    for filename in fileset("${path.module}/code", "**/*") :
    filename => filemd5("${path.module}/code}/${filename}")
  }
  depends_on = [
    local_file.generated-config
  ]
}

Debug Output

Error: Provider produced inconsistent final plan

When expanding the plan for
module.slo-pipeline-cf-errors.random_uuid.code_hash to include new values
learned so far during apply, provider "random" produced an invalid new value
for .keepers["slo_config.json"]: was
cty.StringVal("d41d8cd98f00b204e9800998ecf8427e"), but now
cty.StringVal("4fd65632594f3361802ed49a5f5f6bf0").


This is a bug in the provider, which should be reported in the provider's own
issue tracker.

Panic Output

If Terraform produced a panic, please provide a link to a GitHub Gist containing the output of the crash.log.

Expected Behavior

What should have happened?
The content of keepers including the fileset should have been evaluated after the file is dropped in the directory.

Actual Behavior

What actually happened?
The provider produced an inconsistent plan. It seems that fileset was evaluated before the local_file resource was run, even if depends_on is specified.

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

terraform apply

Azurerm network subnet change is not correctly planned

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform (and AzureRM Provider) Version

Terraform v0.12.19

provider.azurerm v1.41.0
provider.random v2.2.1

Affected Resource(s)

azurerm_application_security_group
azurerm_virtual_network
azurerm_network_security_group
random_id.randomIdLogstore[0]

Terraform Configuration Files

resource "azurerm_resource_group" "batch-rg" {
  location = var.azure-region
  name     = "a-bcdef-dev-rg"
  tags = var.default_tags
}

Debug Output

Expected Behavior

Rename the resource group

Rename of resources.

Error: Provider produced inconsistent final plan

When expanding the plan for
module.workspace-batch.random_id.randomIdLogstore[0] to include new values
learned so far during apply, provider "registry.terraform.io/-/random"
produced an invalid new value for .keepers["resource_group"]: was
cty.StringVal("pbl-geodms-d-rg"), but now cty.StringVal("pbl-GeoDMS-d-rg").

This is a bug in the provider, which should be reported in the provider's own
issue tracker.

Steps to Reproduce

Rename any azurerm resource by only changing the capitalization, e.g., name = a-BCDef-dev-rg

terraform plan
terraform apply

Terraform apply crashed

Hi there,

Thank you for opening an issue. Please note that we try to keep the Terraform issue tracker reserved for bug reports and feature requests. For general usage questions, please see: https://www.terraform.io/community.html.

Terraform version

Terraform v0.13.2

issue with below module

module.cluster.module.eks.random_pet.workers_launch_template

Debug Output

Please provider a link to a GitHub Gist containing the complete debug output: https://www.terraform.io/docs/internals/debugging.html. Please do NOT paste the debug output in the issue; just paste a link to the Gist.

Panic Output

Error: Provider produced inconsistent final plan

When expanding the plan for
module.cluster.module.eks.random_pet.workers_launch_template[0] to include new
values learned so far during apply, provider
"registry.terraform.io/hashicorp/random" changed the planned action from
CreateThenDelete to DeleteThenCreate.

This is a bug in the provider, which should be reported in the provider's own
issue tracker.

Error: Invalid function argument: Invalid value for "vars" parameter: invalid vars value: must be a map.

Expected Behavior

execute the changes for the worker launch template

Actual Behavior

end up with error

Steps to Reproduce

terraform apply

FR: Provider should be aware of max string size constraints

The max string size appears to be 4kb, but the random provider appears to allow an unlimited size to be passed. The first plan/apply will appear to complete and create a state file, but that state file can then never be properly read from when it contains a string larger than 4kb.

Terraform Version

v0.12.29

Affected Resource(s)

Please list the resources as a list, for example:

random_*

Terraform Configuration Files

Terraform code:

resource "random_id" "id" {
	byte_length = var.length

	keepers = {
    uuid = uuid()
  }
}

Where length equals anything over 4k

Debug Output

A second plan against that same configuration will throw this error:

Error: rpc error: code = ResourceExhausted desc = grpc: received message larger than max (8817003 vs. 4194304)

Expected Behavior

As there is a known limit, the provider should have a maximum length in place to prevent end users from accidentally creating an unusable statefile.

Actual Behavior

Terraform allows a string to be created beyond the size it can read in later.

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

terraform apply using the above code where the output is over 4k
Run terraform plan

random string regenerates each time when override_special is defined

When I override the special characters to include the entire set of ascii chars (i.e. 0x00-0xff), it regenerates every single time.

Terraform Version

0.11.14

Affected Resource(s)

random_string

If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.

Terraform Configuration Files

resource "random_string" rander {
  length = 16
  override_special = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f\x20\x21\x22\x23\x24\x25\x26\x27\x28\x29\x2a\x2b\x2c\x2d\x2e\x2f\x30\x31\x32\x33\x34\x35\x36\x37\x38\x39\x3a\x3b\x3c\x3d\x3e\x3f\x40\x41\x42\x43\x44\x45\x46\x47\x48\x49\x4a\x4b\x4c\x4d\x4e\x4f\x50\x51\x52\x53\x54\x55\x56\x57\x58\x59\x5a\x5b\x5c\x5d\x5e\x5f\x60\x61\x62\x63\x64\x65\x66\x67\x68\x69\x6a\x6b\x6c\x6d\x6e\x6f\x70\x71\x72\x73\x74\x75\x76\x77\x78\x79\x7a\x7b\x7c\x7d\x7e\x7f\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f\x90\x91\x92\x93\x94\x95\x96\x97\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff"
}

output rand {
  value = "${random_string.rander.result}"
}
output rand64 {
  value = "${base64encode(random_string.rander.result)}"
}

Debug Output

The relevant part is here:

2019/06/16 16:53:30 [TRACE] DiffTransformer: Module: DESTROY/CREATE: random_string.rander
  length:           "16" => "16"
  lower:            "true" => "true"
  min_lower:        "0" => "0"
  min_numeric:      "0" => "0"
  min_special:      "0" => "0"
  min_upper:        "0" => "0"
  number:           "true" => "true"
  override_special: "\x00\x01\x02\x03\x04\x05\x06\a\b\t\n\v\f\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\u007f��������������������������������������������������������������������������������������������������������������������������������" => "\x00\x01\x02\x03\x04\x05\x06\a\b\t\n\v\f\r\x0e\x0f\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\u007f\x80\x81\x82\x83\x84\x85\x86\x87\x88\x89\x8a\x8b\x8c\x8d\x8e\x8f\x90\x91\x92\x93\x94\x95\x96\x97\x98\x99\x9a\x9b\x9c\x9d\x9e\x9f\xa0\xa1\xa2\xa3\xa4\xa5\xa6\xa7\xa8\xa9\xaa\xab\xac\xad\xae\xaf\xb0\xb1\xb2\xb3\xb4\xb5\xb6\xb7\xb8\xb9\xba\xbb\xbc\xbd\xbe\xbf\xc0\xc1\xc2\xc3\xc4\xc5\xc6\xc7\xc8\xc9\xca\xcb\xcc\xcd\xce\xcf\xd0\xd1\xd2\xd3\xd4\xd5\xd6\xd7\xd8\xd9\xda\xdb\xdc\xdd\xde\xdf\xe0\xe1\xe2\xe3\xe4\xe5\xe6\xe7\xe8\xe9\xea\xeb\xec\xed\xee\xef\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff" (forces new resource)
  result:           "9�\f2h��\x18Y�9�J�\v$" => "<computed>"
  special:          "true" => "true"
  upper:            "true" => "true"

it says that override_special is forcing a new resource.

Expected Behavior

What should have happened?

The input is unchanged, so the resource should be unchanged

Actual Behavior

What actually happened?

New resource

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

Create main.tf in a dir with the above content
tf init .
tf apply .

Then run it again

Feature Request: random number from range

It would be nice to have a resource that generates random numbers from a given range. I would like to use it to vary maintenance window definitions (minute 0-59) for example.

random_integer returns string?

It looks like random_integer is returning a string, rather than an integer.

Terraform Version

Terraform v0.11.13

provider.random v2.1.1

Affected Resource(s)

random_integer

Terraform Configuration Files

provider "random" {
  version = ">= 1"
}

resource "random_integer" "foo" {
  min = 1
  max = 99999
}

locals {
  bar_int = "bar-${format("%05d",random_integer.foo.result)}"
  bar_str = "bar-${format("%05s",random_integer.foo.result)}"
}

output "foobar-int" {
  value       = "${local.bar_int}"
}

output "foobar-str" {
  value       = "${local.bar_str}"
}

Debug Output

https://gist.github.com/dbogen/799b4253bc459098122058066d930b9c

Expected Behavior

Outputs:

foobar-int = bar-00112
foobar-str = bar-%!s(integer=00112)

Actual Behavior

Outputs:

foobar-int = bar-%!d(string=00112)
foobar-str = bar-00112

Steps to Reproduce

terraform init
terraform apply

random_string resource is recreated after import

Terraform Version

Terraform v0.12.29
+ provider.google v3.35.0
+ provider.kubernetes v1.12.0
+ provider.random v2.3.0

Affected Resource(s)

random_string

Terraform Configuration Files

locals {
  random_secrets_1 = [
    "test",
  ]
}

resource "random_string" "random_secrets" {
  for_each = toset(local.random_secrets_1)
  length   = 32
  special  = false
}

Debug Output

2020-08-25T16:39:41.729+0300 [INFO]  plugin.terraform-provider-random_v2.3.0_x4: configuring server automatic mTLS: timestamp=2020-08-25T16:39:41.729+0300
2020-08-25T16:39:41.757+0300 [DEBUG] plugin: using plugin: version=5
2020-08-25T16:39:41.757+0300 [DEBUG] plugin.terraform-provider-random_v2.3.0_x4: plugin address: address=/tmp/plugin672637728 network=unix timestamp=2020-08-25T16:39:41.757+0300
2020-08-25T16:39:41.812+0300 [WARN]  plugin.stdio: received EOF, stopping recv loop: err="rpc error: code = Unimplemented desc = unknown service plugin.GRPCStdio"
2020/08/25 16:39:41 [DEBUG] ReferenceTransformer: "random_string.random_secrets[\"test\"]" references: []
2020/08/25 16:39:41 [WARN] Provider "registry.terraform.io/-/random" produced an invalid plan for random_string.random_secrets["test"], but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .min_lower: planned value cty.NumberIntVal(0) does not match config value cty.NullVal(cty.Number)
      - .min_numeric: planned value cty.NumberIntVal(0) does not match config value cty.NullVal(cty.Number)
      - .min_special: planned value cty.NumberIntVal(0) does not match config value cty.NullVal(cty.Number)
      - .min_upper: planned value cty.NumberIntVal(0) does not match config value cty.NullVal(cty.Number)
      - .upper: planned value cty.True does not match config value cty.NullVal(cty.Bool)
      - .lower: planned value cty.True does not match config value cty.NullVal(cty.Bool)
      - .number: planned value cty.True does not match config value cty.NullVal(cty.Bool)
2020-08-25T16:39:41.817+0300 [DEBUG] plugin: plugin process exited: path=/home/terraform/gke/.terraform/plugins/linux_amd64/terraform-provider-random_v2.3.0_x4 pid=5092
2020-08-25T16:39:41.817+0300 [DEBUG] plugin: plugin exited
2020/08/25 16:39:41 [INFO] backend/local: plan operation completed

Expected Behavior

After using terraform import command the resource should not be recreated if the string matches the random_string resource definition

Actual Behavior

Terraform wants to recreate the resource

  # random_string.random_secrets["test"] must be replaced
-/+ resource "random_string" "random_secrets" {
      ~ id          = "BmNX4G6VPKXHxYdn2H5WzEEwSiRmHdjr" -> (known after apply)
      + length      = 32 # forces replacement
      + lower       = true # forces replacement
      + min_lower   = 0 # forces replacement
      + min_numeric = 0 # forces replacement
      + min_special = 0 # forces replacement
      + min_upper   = 0 # forces replacement
      + number      = true # forces replacement
      ~ result      = "BmNX4G6VPKXHxYdn2H5WzEEwSiRmHdjr" -> (known after apply)
      + special     = false # forces replacement
      + upper       = true # forces replacement
    }

Steps to Reproduce

terraform import 'random_string.random_secrets["test"]' 'BmNX4G6VPKXHxYdn2H5WzEEwSiRmHdjr'

Important Factoids

If you inspect the state file all the resource attributes except the result: are set to null

    {
      "mode": "managed",
      "type": "random_string",
      "name": "random_secrets",
      "each": "map",
      "provider": "provider.random",
      "instances": [
        {
          "index_key": "test",
          "schema_version": 1,
          "attributes": {
            "id": "BmNX4G6VPKXHxYdn2H5WzEEwSiRmHdjr",
            "keepers": null,
            "length": null,
            "lower": null,
            "min_lower": null,
            "min_numeric": null,
            "min_special": null,
            "min_upper": null,
            "number": null,
            "override_special": null,
            "result": "BmNX4G6VPKXHxYdn2H5WzEEwSiRmHdjr",
            "special": null,
            "upper": null
          },
          "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ=="
        }
      ]
    },

using ID as the value is a security issue in CICD pipeline

Is there not a way to use something else such as uuid as id to random_string. We use CICD pipeline and logs output from terraform apply and we also use random_string to generate passwords to refer from other cloud resources such as databases. Even if those cloud resources mark the passwords as sensitive and do not log them in the terraform output because random_string uses the value as own ID and because terraform apply likes to spit out theses ids, we effectively end up logging the passwords.

Terraform Version

Terraform v0.13.5
+ provider registry.terraform.io/hashicorp/random v3.0.0

Your version of Terraform is out of date! The latest version
is 0.14.0. You can update by downloading from https://www.terraform.io/downloads.html

Affected Resource(s)

tested with random_string

Terraform Configuration Files

resource random_string p {
  length      = 14
  min_upper   = 3
  min_lower   = 3
  min_numeric = 3
  special     = true
  min_special = 2

  override_special = "@!^"
}

Debug Output

n/a

Panic Output

n/a

Expected Behavior

Actual Behavior

Steps to Reproduce

terraform apply

random_string does not default to `special = false`

Terraform Version

Terraform v0.10.4

Affected Resource(s)

random_string

Terraform Configuration Files

resource "random_string" "main" {
  length  = 4
}

Expected Behavior

According to the random_string docs the argument special defaults to false.

Actual Behavior

The above config created the string !AA& which has special characters in it.

Terraform vague error message on length=-1 for random_string resource

This issue was originally opened by @bogdanbarna as hashicorp/terraform#26849. It was migrated here as a result of the provider split. The original body of the issue is below.

Terraform Version

Terraform v0.13.5
+ provider registry.terraform.io/hashicorp/random v3.0.0

Terraform Configuration Files

variable "name_prefix" {}

resource "random_string" "name_suffix" {
  length  = 30 - length(var.name_prefix)
  upper   = false
  special = false
}

resource "aws_instance" "web" {
  ami           = "ami-07dd19a7900a1f049"
  instance_type = "t3.micro"

  tags = {
    Name = "foo-${random_string.name_suffix.result}"
  }
}

Debug Output

Crash Output

https://gist.github.com/bogdanbarna/4181ddf0b5fe0082e6cdcf4aae8cf0e0

Expected Behavior

A specific error message appearing during plan and/or apply.

Actual Behavior

Receiving Error: rpc error: code = Unavailable desc = transport is closing on apply.

Steps to Reproduce

terraform init
terraform apply -var name_prefix=small # this works
terraform apply -var name_prefix=laaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaarge # this crashes

Additional Context

The crash report isn't created when the random_string output is used for the aws_instance input.
So apply -target=random_string creates the crash report, but apply without target does not.

References

Add random_password.bcrypt attribute

This issue was originally opened by @mleonhard as hashicorp/terraform#24373. It was migrated here as a result of the provider split. The original body of the issue is below.

Terraform provides a random_password resource for generating random passwords and storing them in the state file. It also provides a bcrypt() function for generating salted hashes of passwords. The salt is not stored in the state file. bcrypt() generates a different hash on every refresh. This means that Terraform updates all resources that use the salted hash. This causes unnecessary server restarts.

We need Terraform to run quickly and perturb our production system as little as possible. A random_password.bcrypt attribute will help with that. How about adding one?

Docs: random_uuid not listed in Random Provider submenu

This issue was originally opened by @kevinneufeld as hashicorp/terraform#18736. It was migrated here as a result of the provider split. The original body of the issue is below.

random_uuid is missing from the Random Provider side menu:

The direct link to random_uuid

Is this provider being depricated? If so, is there somthing to replace it?

Allow a seed option for random_string

Terraform Version

v0.11.8

Affected Resource(s)

random_string

Terraform Configuration Files

Current

resource "random_string" "rg_name" {
  length = 13
  upper = false
  special = false
}

Proposed

resource "random_string" "rg_name" {
  length = 13
  upper = false
  special = false
  seed = "${var.myseed}"
}

Important Factoids

Mainly thinking about Azure here (not too familiar with AWS), but in Azure they have a function in their ARM scripts called uniqueString which generates a 13 character "unique" string based off other strings as seeds.

This is quite useful when you want to tear down an environment and rebuild it as the names will all stay the same.

There might be a way of doing this in Terraform that I missed but thought this could do it

random_string resource prints warning during plan

Terraform Version

Terraform v0.12.24

provider.google v3.19.0
provider.google-beta v3.19.0
provider.random v2.2.1
provider.tfe v0.16.0

Affected Resource(s)

random_string

Terraform Configuration Files

resource "random_string" "four_chars" {
  length  = 4
  upper   = false
  special = false
}

Debug Output

2020/04/27 12:10:56 [WARN] Provider "registry.terraform.io/-/random" produced an invalid plan for module.db.random_string.four_chars, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .min_lower: planned value cty.NumberIntVal(0) does not match config value cty.NullVal(cty.Number)
      - .min_numeric: planned value cty.NumberIntVal(0) does not match config value cty.NullVal(cty.Number)
      - .min_special: planned value cty.NumberIntVal(0) does not match config value cty.NullVal(cty.Number)
      - .lower: planned value cty.True does not match config value cty.NullVal(cty.Bool)
      - .min_upper: planned value cty.NumberIntVal(0) does not match config value cty.NullVal(cty.Number)
      - .number: planned value cty.True does not match config value cty.NullVal(cty.Bool)

Expected Behavior

The plan should've run without any warnings.

Actual Behavior

The plan produced the warning above.

Steps to Reproduce

terraform plan

Important Factoids

This is being using with Google Cloud.

References

"Could not load plugin" – regression between 2.2.1 and 2.3.0

When using provider version 2.3.0, the provider plugin fails to load.

Error: Could not load plugin
...
Failed to retrieve schema from provider
"registry.terraform.io/hashicorp/random": rpc error: code = Unavailable desc =
connection closed

Terraform Version

Reproduced on both 0.12.29 and 0.13.2

Affected Resource(s)

It appears to be a provider issue (or potentially a plugin SDK issue) not related to a specific resource, but will use random_id for the sake of example.

Terraform Configuration Files

provider "random" {
  version = "2.3.0"
}

resource "random_id" "test" {
  byte_length = 8
}

output "test" {
  value = random_id.test.b64_std
}

Debug Output

https://gist.github.com/lukiffer/b9b86ccb0fb50b658b1d297d1e221f22

To highlight a specific set of outputs:

2020/09/03 03:51:19 [INFO] Go runtime version: go1.14.7

2020-09-03T03:51:19.508-0500 [DEBUG] plugin.terraform-provider-random_v2.3.0_x4: plugin address: address=/var/folders/0s/bbgtj68j187fdpfggtzgqr8r0000gn/T/plugin077377841 network=unix timestamp=2020-09-03T03:51:19.508-0500
2020-09-03T03:51:19.508-0500 [DEBUG] plugin: using plugin: version=5
2020-09-03T03:51:19.606-0500 [DEBUG] plugin.terraform-provider-random_v2.3.0_x4: SIGILL: illegal instruction
2020-09-03T03:51:19.606-0500 [DEBUG] plugin.terraform-provider-random_v2.3.0_x4: PC=0x1063d90 m=0 sigcode=1

2020-09-03T03:51:19.606-0500 [DEBUG] plugin.terraform-provider-random_v2.3.0_x4: goroutine 54 [running]:
2020-09-03T03:51:19.606-0500 [DEBUG] plugin.terraform-provider-random_v2.3.0_x4: runtime.asyncPreempt()
2020-09-03T03:51:19.606-0500 [DEBUG] plugin.terraform-provider-random_v2.3.0_x4: 	/opt/goenv/versions/1.14.0/src/runtime/preempt_amd64.s:8 fp=0xc00056b1e8 sp=0xc00056b1e0 pc=0x1063d90

It appears that the go runtime is 1.14.7 but the provider was compiled against 1.14.0 – not typically an issue, but there was an issue with 1.14.0 not guarding a specific instruction or feature not available on some CPUs that was fixed in 1.14.1. (See golang/go#37478 and https://go-review.googlesource.com/c/go/+/221058/)

I believe all that should be required is that the plugin be compiled with go1.14.1 or later, but I haven't tested this.

Steps to Reproduce

terraform init && terraform plan

Support import for random_shuffle resource

The random_shuffle resource could support terraform import e.g.

terraform import random_shuffle.foo 'x,y,z'

Remove the long-deprecated "b64" attribute on random_id

The b64 attribute of random_id was deprecated in late 2016 in favor of b64_url and b64_std alternatives that give two variants with different base64 digit sets.

b64 has been deprecated (and undocumented) for long enough now that we can remove it for the next major release.

random_string leaking sensitive information on rotate

The random_string resource leaks the current value when planning with a changed keeper value

Terraform Version

Terraform v0.11.7

provider.random v2.0.0

Affected Resource(s)

random_string

Terraform Configuration Files

provider "random" {
  version = "2.0"
}

variable "rotator" {
  default = 1
}

resource "random_string" "password" {
  keepers = {
    rotator = "${var.rotator}"
  }

  length  = 30
  special = true
}

Output of apply:

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  + random_string.password
      id:              <computed>
      keepers.%:       "1"
      keepers.rotator: "1"
      length:          "30"
      lower:           "true"
      min_lower:       "0"
      min_numeric:     "0"
      min_special:     "0"
      min_upper:       "0"
      number:          "true"
      result:          <computed>
      special:         "true"
      upper:           "true"


Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

random_string.password: Creating...
  keepers.%:       "" => "1"
  keepers.rotator: "" => "1"
  length:          "" => "30"
  lower:           "" => "true"
  min_lower:       "" => "0"
  min_numeric:     "" => "0"
  min_special:     "" => "0"
  min_upper:       "" => "0"
  number:          "" => "true"
  result:          "" => "<computed>"
  special:         "" => "true"
  upper:           "" => "true"
random_string.password: Creation complete after 0s (ID: none)

Up until this point the value is safe. However if you then change the keeper e.g.

variable "rotator" {
  default = 2
}

And run a plan it exposes the current value in the diff:

terraform plan
random_string.password: Refreshing state... (ID: none)

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
-/+ destroy and then create replacement

Terraform will perform the following actions:

-/+ random_string.password (new resource required)
      id:              "none" => <computed> (forces new resource)
      keepers.%:       "1" => "1"
      keepers.rotator: "1" => "2" (forces new resource)
      length:          "30" => "30"
      lower:           "true" => "true"
      min_lower:       "0" => "0"
      min_numeric:     "0" => "0"
      min_special:     "0" => "0"
      min_upper:       "0" => "0"
      number:          "true" => "true"
      result:          "3kktL*zGlEPZcx(Z5=CwlA%1D8y%]G" => <computed>
      special:         "true" => "true"
      upper:           "true" => "true"

Expected Behavior

The diff should say:

result: <sensitive> => <computed>

Actual Behavior

The sensitive value is leaked in a plain text.

Steps to Reproduce

Create a random string with a keeper value
Change the keeper value and replan

References

#17

Could we generate random results at plan time rather than apply time?

When I originally proposed the random provider we didn't have any well-defined mechanism for a provider to generate attribute values at any time other than apply time, but in the meantime we have introduced facilities for providers to be able to populate attribute values at plan time, as long as what they are populating exactly matches what will eventually result from apply.

For resource types like the ones in this provider, where the primary way to use them is to derive other resource configurations from them, it's helpful to have as much as possible populated with known values during planning so that more values from the rest of the configuration can also be known and visible in the plan output, rather than (known after apply).

Given that the random provider is originating all of its results in-process rather than via remote APIs, it seems plausible that it should be able to do the random number generation during the plan phase rather than during the apply phase, and then have the apply phase just commit to the state whatever random result the plan phase chose.

In principle we have the necessary building blocks in place in the current SDK to implement this, but I know that folks working on other providers have indicated that the CustomizeDiff API is hard to use robustly, so it might end up being better to wait until this provider is using a next-generation SDK with a more robust plan customization hook. I'm recording this here now mainly to register the potential use-case as something we might consider when designing that next-generation SDK, although it could also be interesting to prototype this against the legacy SDK and see whether it's robust enough to ship.

add object similar to random_string resource which generates data without explicit taint

This issue was originally opened by @kalfa as hashicorp/terraform#18179. It was migrated here as a result of the provider split. The original body of the issue is below.

This is a feature request.

Currently the random_string resource needs tainting to generate another random string.
Would it be useful to have a similar object which actually generate a string everytime, not only when tainted.

The use case (which I am facing now) is:

have dumb worker(s) with names (actual hostnames, via cloudinit in my case) genearated via random_string
the master service registers the worker(s) with their hostname name, it needs to be unique
- when a worker registers (after deployment or after reboots), if master finds the same name, it assumes it's the same worker and will assume some pre-existing data structure present

in this scenario if I rebuild a worker, but I forget to taint the random_string resource, it will come up with the same name, which creates a number of problems.

the only solution in my scenario for this is to wrap terraform to some scripts which tain the resource.
the weak point is that it's hard to understand when the random resource needs tainting. It requires tainting if and only if the aws instance is re-created. not always nor never.

Preferable soltion
have the random string generated everytime the aws_instance/aws_spot_request is generated.

ideally it will not force the instance to be recreated everytime, but obtain the random string when it's the instance is re-created and keep the same name if it's untouched or only re-provisioned.

To be honest, I have no clue how to obtain it, I don't think a "data" object would cover the use case.
AIUI it would generate a string at every 'plan'

`random_pet` separator attribute must be specified if using Terraform 0.12.0-beta1

Terraform Version

Terraform v0.12.0-beta1

Affected Resource(s)

random_pet

Terraform Configuration Files

variable "whose" {
  description = "Who's animal this is"
  type        = string
  default     = null
}

variable "yours_length" {
  description = "Length in words that your pet's name should be"
  type        = string
  default     = "3"
}

variable "mine_length" {
  description = "Length in words that my pet's name should be"
  type        = string
  default     = "2"
}

resource "random_pet" "pet" {

  length = (var.whose == "yours" ? var.yours_length : var.mine_length)
  
  prefix    = var.whose
}

Debug Output

https://gist.github.com/errygg/2d993c448b068a7cb5ca2c10bf4b4917

Expected Behavior

The provider should have detected the default separator -.

Actual Behavior

Plugin exited with error (see gist).

Steps to Reproduce

Manually build this provider from master and move it to ~/.terraform.d/plugins. Using the above config run:

terraform apply

Important Factoids

As noted in the steps to reproduce, this provider was manually built and manually deployed since this provider is not yet released for Terraform 0.12.

Additionally, if the separator is specifically set in the random_pet resource, this plan and apply works as expected. Here is the hcl that works:

resource "random_pet" "pet" {

  length = (var.whose == "yours" ? var.yours_length : var.mine_length)
  
  prefix    = var.whose
  separator = "-"
}

Instance module.ABC.module.XYZ.random_id.suffix data could not be decoded from the state: unsupported attribute "b64". when changing from version 2.3.0 to 3.0.0

Hi, I have not yet get around lock providers in specific versions using the 0.13 syntax.

However this happened when I had a terraform configuration previously applied with 2.3.0 and then broke when the plugin got the update to 3.0.0.

It is hard for me to add a reproduction right now, but I'll try to add it later.

Terraform Version

Run terraform -v to show the version. If you are not running the latest version of Terraform, please upgrade because your issue may have already been fixed.

terraform version

Your version of Terraform is out of date! The latest version
is 0.13.4. You can update by downloading from https://www.terraform.io/downloads.html
Terraform v0.13.0

Affected Resource(s)

Please list the resources as a list, for example:

random_id

Terraform Configuration Files

# to be added

Debug Output

To be added.

Panic Output

To be added.

Expected Behavior

Plan should work.

Actual Behavior

Plan didn't worked.

Steps to Reproduce

terraform plan

Linux-x86_64-terraform.bin plan -input=false -out terraform.plan -detailed-exitcode
Error: Invalid resource instance data in state
  on xyz/xyz.tf line 14:
  14: resource "random_id" "abc" {
Instance module.abc.module.xyz1.random_id.abc data could not be
decoded from the state: unsupported attribute "b64".
Error: Invalid resource instance data in state
  on xyz/xyz.tf line 14:
  14: resource "random_id" "abc" {
Instance module.abc.module.xyz2.random_id.abc data could not be
decoded from the state: unsupported attribute "b64".

Important Factoids

Provider not locked in 0.13 style.

References

Terraform random_string :provider not supported error

Hi there,

Terraform Version

Run terraform -v to show the version. If you are not running the latest version of Terraform, please upgrade because your issue may have already been fixed.

Affected Resource(s)

Please list the resources as a list, for example:

opc_instance
opc_storage_volume

If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.

Terraform Configuration Files

# Copy-paste your Terraform configurations here - for large Terraform configs,
# please use a service like Dropbox and share a link to the ZIP file. For
# security, you can also encrypt the files using our GPG public key.

Debug Output

Panic Output

If Terraform produced a panic, please provide a link to a GitHub Gist containing the output of the crash.log.

Expected Behavior

What should have happened?

Actual Behavior

What actually happened?

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

terraform apply

Important Factoids

Are there anything atypical about your accounts that we should know? For example: Running in EC2 Classic? Custom version of OpenStack? Tight ACLs?

References

Are there any other GitHub issues (open or closed) or Pull Requests that should be linked here? For example:

GH-1234

Can I import if I only know the hex value via conversion perhaps?

Hello,
I lost my state due to losing a lock apparently on my storage backend and so it never completed saving the state file. The resources were all created but i no longer have the state.
I would like to still manage these resources so i was hoping I could import the random ID as I use it on another resource that is always wanting to update.
In the meantime I an using lifecycle hooks to ignore it.

I use the "hex" attribute of the random_id resource to place within a disk name for a VM.
So all i have is the hex value for instance with using a 16 byte length this hex value:
1c2535161c6755ac151b4c6adf2242ca

Is there any possible way to convert this back to the base64url value that is needed to import?

Terraform Version

Terraform v0.12.18

provider.azurerm v1.38.0
provider.random v2.2.1

Affected Resource(s)

random_id

Terraform Configuration Files

resource "random_id" "os_disk_id" {
  keepers = {
    vm_name = var.vm_name
  }
  byte_length = 16
}

resource "azurerm_virtual_machine" "vm" {
#<snip>
  storage_os_disk {
    name              = "${var.vm_name}_OsDisk_1_${random_id.os_disk_id.hex}"
    #<snip>
  }
}

Expected Behavior

Be able to import with the known hex value perhaps, or a simple way to convert back to the other formats when knowing one of the formats.

Actual Behavior

Cannot import hex value as it sets this for all values and wants to replace the resource on plan. as it sets the b64_url value and will convert this to hex.

Steps to Reproduce

terraform import resource.random_id.os_disk_id 1c2535161c6755ac151b4c6adf2242ca
terraform plan

Important Factoids

only know the hex value created by the random_id provider. would like to convert this back to b64_url value if at all possible.

Error: rpc error: code = Unavailable desc = transport is closing

Terraform Version

Terraform v0.12.24

provider.aws v2.53.0
provider.random v2.2.1
provider.template v2.1.2

Affected Resource(s)

resource "random_password" "xxx_yyy_password" {
length = 1
min_numeric = 1
min_lower = 1
min_upper = 1
min_special = 1
override_special = "!#*()-_=+[]{}<>:?"

keepers = {
# Generate a new id each time we create a new RDS instance
db_name = var.db_name
}
}

Expected Behavior

No error

Actual Behavior

Error: rpc error: code = Unavailable desc = transport is closing

Steps to Reproduce

terraform apply

Important Factoids

The thing seems to be the length of the password. When I set it to 15, there seems to be issue.

`random_id` prints sensitive data to console

Terraform Version

$ terraform version
Terraform v0.11.14
+ provider.aws v2.14.0
+ provider.random v2.1.2

Affected Resource(s)

random_id

Terraform Configuration Files

resource "random_id" "etcd_encryption_key" {
  byte_length = 32
}

Debug Output

N/A

Panic Output

N/A

Expected Behavior

The id attribute of random_id should be none, like random_string, in case it is being used to generate a secret value.

Actual Behavior

The id attribute of the random_id is the randomly generated id, causing it to be displayed on the console:

$ terraform plan                                                                                                                                                                                                                                                                                                         
Refreshing Terraform state in-memory prior to plan...                                                                                                                                                                                                                                                                    
The refreshed state will be used to calculate this plan, but will not be                                                                                                                                                                                                                                                 
persisted to local or remote state storage.                                                                                                                                                                                                                                                                              
                                                                                                                                                                                                                                                                                                                         
random_id.etcd_encryption_key: Refreshing state... (ID: ****************)

This is a shame, because this resource, with its byte_length argument and b64_std attribute, is otherwise perfect for generating an etcd encryption key for Kubernetes.

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

terraform plan

Important Factoids

N/A

References

Are there any other GitHub issues (open or closed) or Pull Requests that should be linked here? For example:

#17: This is the same issue, but for a different resource.

`output_changes` incorrectly calculated in the plan file

This issue was originally opened by @marcinwyszynski as hashicorp/terraform#24628. It was migrated here as a result of the provider split. The original body of the issue is below.

Terraform Version

❯ terraform version
Terraform v0.12.24

Terraform Configuration Files

provider "random" {}

resource "random_id" "bacon" {
  keepers     = { bacon = "tasty" }
  byte_length = 16
}

output "bacon" { value = random_id.bacon.hex }

Steps to reproduce

After the change has been applied:

❯ terraform plan -out repro.plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

random_id.bacon: Refreshing state... [id=eprljZv58YrewNlMCchkQA]

------------------------------------------------------------------------

No changes. Infrastructure is up-to-date.

This means that Terraform did not detect any differences between your
configuration and real physical resources that exist. As a result, no
actions need to be performed.

❯ terraform plan -out repro.plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

random_id.bacon: Refreshing state... [id=eprljZv58YrewNlMCchkQA]

------------------------------------------------------------------------

No changes. Infrastructure is up-to-date.

This means that Terraform did not detect any differences between your
configuration and real physical resources that exist. As a result, no
actions need to be performed.

❯ terraform show -json repro.plan > repro.json
❯ cat repro.json | jq

{
  "format_version": "0.1",
  "terraform_version": "0.12.24",
  "planned_values": {
    "outputs": {
      "bacon": {
        "sensitive": false,
        "value": "7a9ae58d9bf9f18adec0d94c09c86440"
      }
    },
    "root_module": {
      "resources": [
        {
          "address": "random_id.bacon",
          "mode": "managed",
          "type": "random_id",
          "name": "bacon",
          "provider_name": "random",
          "schema_version": 0,
          "values": {
            "b64": "eprljZv58YrewNlMCchkQA",
            "b64_std": "eprljZv58YrewNlMCchkQA==",
            "b64_url": "eprljZv58YrewNlMCchkQA",
            "byte_length": 16,
            "dec": "162970085093216590396273492464954270784",
            "hex": "7a9ae58d9bf9f18adec0d94c09c86440",
            "id": "eprljZv58YrewNlMCchkQA",
            "keepers": { "bacon": "tasty" },
            "prefix": null
          }
        }
      ]
    }
  },
  "resource_changes": [
    {
      "address": "random_id.bacon",
      "mode": "managed",
      "type": "random_id",
      "name": "bacon",
      "provider_name": "random",
      "change": {
        "actions": ["no-op"],
        "before": {
          "b64": "eprljZv58YrewNlMCchkQA",
          "b64_std": "eprljZv58YrewNlMCchkQA==",
          "b64_url": "eprljZv58YrewNlMCchkQA",
          "byte_length": 16,
          "dec": "162970085093216590396273492464954270784",
          "hex": "7a9ae58d9bf9f18adec0d94c09c86440",
          "id": "eprljZv58YrewNlMCchkQA",
          "keepers": { "bacon": "tasty" },
          "prefix": null
        },
        "after": {
          "b64": "eprljZv58YrewNlMCchkQA",
          "b64_std": "eprljZv58YrewNlMCchkQA==",
          "b64_url": "eprljZv58YrewNlMCchkQA",
          "byte_length": 16,
          "dec": "162970085093216590396273492464954270784",
          "hex": "7a9ae58d9bf9f18adec0d94c09c86440",
          "id": "eprljZv58YrewNlMCchkQA",
          "keepers": { "bacon": "tasty" },
          "prefix": null
        },
        "after_unknown": {}
      }
    }
  ],
  "output_changes": {
    "bacon": {
      "actions": ["create"],
      "before": null,
      "after": "7a9ae58d9bf9f18adec0d94c09c86440",
      "after_unknown": false
    }
  },
  "prior_state": {
    "format_version": "0.1",
    "terraform_version": "0.12.24",
    "values": {
      "outputs": {
        "bacon": {
          "sensitive": false,
          "value": "7a9ae58d9bf9f18adec0d94c09c86440"
        }
      },
      "root_module": {
        "resources": [
          {
            "address": "random_id.bacon",
            "mode": "managed",
            "type": "random_id",
            "name": "bacon",
            "provider_name": "random",
            "schema_version": 0,
            "values": {
              "b64": "eprljZv58YrewNlMCchkQA",
              "b64_std": "eprljZv58YrewNlMCchkQA==",
              "b64_url": "eprljZv58YrewNlMCchkQA",
              "byte_length": 16,
              "dec": "162970085093216590396273492464954270784",
              "hex": "7a9ae58d9bf9f18adec0d94c09c86440",
              "id": "eprljZv58YrewNlMCchkQA",
              "keepers": { "bacon": "tasty" },
              "prefix": null
            }
          }
        ]
      }
    }
  },
  "configuration": {
    "provider_config": { "random": { "name": "random" } },
    "root_module": {
      "outputs": {
        "bacon": { "expression": { "references": ["random_id.bacon"] } }
      },
      "resources": [
        {
          "address": "random_id.bacon",
          "mode": "managed",
          "type": "random_id",
          "name": "bacon",
          "provider_config_key": "random",
          "expressions": {
            "byte_length": { "constant_value": 16 },
            "keepers": { "constant_value": { "bacon": "tasty" } }
          },
          "schema_version": 0
        }
      ]
    }
  }
}

Expected Behavior

Actual Behavior

The resulting JSON sets the value at $.output_changes.bacon.before to null
The resulting JSON incorrectly sets the value at $.output_changes.bacon.actions to ["create"]

General random bytes, perhaps base64 encoded?

Are there any plans to offer a resource to generate generic random bytes, perhaps base64-encoded if storage/representation is an issue?

random_string generates the requested number of bytes, but is limited to the alphanumeric and defined special character range. By default, that is ~83 potential bytes (26 lcase, 26 ucase, 10 digits, and another 21 special characters)
random_integer does provide a theoretical full range, but if you want to generate anything useful, e.g. 16 or 32 bytes of randomness, I don't know if it will get there.
random_uuid has 16 bytes and is randomly generated, but the format returned is the normal UUID string, which would require some hoops to jump through (if even possible using tf interpolation) to get the raw bytes.

I could see a useful case, something like:

resource "random_bytes" b {
  length = 32
}

output "randbytes" {
  value = random_bytes.b.bytes // gives actual bytes, which may be unprintable, but are passable
}
output "randb64" {
  value = random_bytes.b.base64 // gives a string
}

Trying to find a way to get the same result in the meantime (I haven't figured it out yet), but this would be quite useful.

Terraform Plan Crash

This issue was originally opened by @dmitrytokarev as hashicorp/terraform#27680. It was migrated here as a result of the provider split. The original body of the issue is below.

Terraform Version

Terraform v0.14.5
+ provider registry.terraform.io/hashicorp/azurerm v2.45.1
+ provider registry.terraform.io/hashicorp/random v3.0.1

Terraform Configuration Files

terraform {
  required_version = "=0.14.5"
  required_providers {
    azurerm = {
      source = "hashicorp/azurerm"
      version = "=2.45.1"
    }
    random = {
      version = "=3.0.1"
    }
  }
  backend "azurerm" {
    key = "mydir/infra.tfstate"
  }
}```

### Debug Output
https://gist.github.com/dmitrytokarev/a3a1fd71e2a90d2730a92921a9ca87e8

### Crash Output
https://gist.github.com/dmitrytokarev/fc44d695199f001d6da6e55e9f56af3b

### Expected Behavior
clean terraform plan output with nothing to change only to modify outputs.

### Actual Behavior
Executed: terraform plan
terraform hanged
executed: CTRL+C
terraform crashed

### Steps to Reproduce
1. `terraform plan` >> nothing to change
2.  added new output
3. `terraform plan -var-file=../env.tfvars -var-file=../auth.tfvars -var-file=custom.tfvars -out tf.plan`
4. terraform didn't return for about a minute or 2.
5. CTRL + C

### Additional Context
none

### References
none

Force random_pet to return unique value within resource

Terraform Version

Terraform 0.11

Affected Resource(s)

random_pet and probably other random_*

Terraform Configuration Files

resource "random_pet" "tg" {
  count = 2

  separator = "-"
  length    = 1

  keepers = {
    count = "${count.index}"
  }
}

Expected Behavior

Possibility to specify that random values should be unique within one resource would be a great feature.

Actual Behavior

Two random pets had the same name, which failed the rest of the automatic creation of infrastructure.

Provider produced inconsistent final plan

Terraform Version

$ terraform -v
Terraform v0.12.5
+ provider.alks v1.3.0
+ provider.archive v1.2.0
+ provider.aws v2.21.1
+ provider.external v1.2.0
+ provider.null v2.1.0
+ provider.random v2.1.0
+ provider.template v2.1.0

Affected Resource(s)

Please list the resources as a list, for example:

random_shuffle

Debug Output

Error: Provider produced inconsistent final plan

When expanding the plan for
random_shuffle.public_subnets[0]
to include new values learned so far during apply, provider "random" produced
an invalid new value for .input: was null, but now
cty.ListVal([]cty.Value{cty.StringVal("subnet-085e91467d54b2027")}).

This is a bug in the provider, which should be reported in the provider's own
issue tracker.

Important Factoids

I am in the process of upgrading to Terraform 0.12. On first apply after upgrading, I receive this error. Unfortunately, I am unable to provide many more details, because running terraform apply a second time does not exhibit this error.

I am unsure what may be causing the issue, but since the one-time occurrence has been consistent when switching workspaces, I went ahead and reported an issue.

random_password example in documentation should be modified

Hi,

In the documentation for the random_password resource, the exemple is incorrect :

resource "random_password" "password" {
  length = 16
  special = true
  override_special = "_%@"
}

resource "aws_db_instance" "example" {
  instance_class = "db.t3.micro"
  allocated_storage = 64
  engine = "mysql"
  username = "someone"
  password = random_string.password.result
}

the password attribute for resource aws_db_instance running with mysql engine cannot contain the @ character.

random_pet schema missing id attribute

The docs show an id attribute. However it is missing from the schema definition.

Terraform Version

master

Affected Resource(s)

Please list the resources as a list, for example:

random_pet

random_id docs give the wrong number of bytes for UUID-equivalence

The random_id docs claim the following:

Unlike other resources in the "random" provider, this resource does use a cryptographic random number generator in order to minimize the chance of collisions, making the results of this resource when a 32-byte identifier is requested of equivalent uniqueness to a type-4 UUID.

This is misleading because a UUID is actually 16 bytes. The hex representation is 32-bytes.

"random_string" prints sensitive data to console

"random_string"uses the generated random string as id. The id will be printed to the console like "random_string.password: Refreshing state... (ID: s**********)" when executing terraform plan. If you want to use an random_string as an password, you won't like your sensitive data printed to the console.

Terraform Version

Terraform v0.11.2

provider.azurerm v1.0.1
provider.random v1.1.0

Affected Resource(s)

provider.random

Expected Behavior

random string should not use the result as id, because it could be sensitive data and will be output when running terraform plan: "random_string.password: Refreshing state... (ID: s**********)"

Actual Behavior

random string uses the result as id and outputs it when running "terraform plan"

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

create a "random_string"
terraform plan

Import string always forces replacement

I have been following #62 and subsequently #104 and decided to give it a try today after the patch was merged.

Terraform Version

Terraform v0.12.19

Affected Resource(s)

random_string
random_password

Terraform Configuration Files

Relevant portion of config

resource "random_string" "db_name" {
  keepers = {
    static = true
  }
  length  = 8
  special = false
  number  = false
}

Output

$ tf import module.rds.random_string.db_name tjbdkeuo
module.rds.random_string.db_name: Importing from ID "tjbdkeuo"...
module.rds.random_string.db_name: Import prepared!
  Prepared random_string for import
module.rds.random_string.db_name: Refreshing state... [id=tjbdkeuo]

Import successful!

The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.

$ tf plan -target=module.rds.random_string.db_name
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

module.rds.random_string.db_name: Refreshing state... [id=tjbdkeuo]

------------------------------------------------------------------------

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
-/+ destroy and then create replacement

Terraform will perform the following actions:

  # module.rds.random_string.db_name must be replaced
-/+ resource "random_string" "db_name" {
      ~ id          = "tjbdkeuo" -> (known after apply)
      + keepers     = {
          + "static" = "true"
        } # forces replacement
      + length      = 8 # forces replacement
      + lower       = true # forces replacement
      + min_lower   = 0 # forces replacement
      + min_numeric = 0 # forces replacement
      + min_special = 0 # forces replacement
      + min_upper   = 0 # forces replacement
      + number      = false # forces replacement
      ~ result      = "tjbdkeuo" -> (known after apply)
      + special     = false # forces replacement
      + upper       = true # forces replacement
    }

Plan: 1 to add, 0 to change, 1 to destroy.

Warning: Resource targeting is in effect

Expected Behavior

The imported string is persisted into state

Actual Behavior

The imported string is replaced on next apply

It would appear that it is currently impossible to import a string value as the initial creation of the other properties will trigger a replacement? I thought about creating the resource first but that is obviously met with a resource already managed error.

random_password output as plain text and indicates and resource update required

Terraform Version

Terraform v0.12.10

Affected Resource(s)

Please list the resources as a list, for example:

random_password

If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.

Terraform Configuration Files

resource "random_password" "pg_database_password" {
  length  = 32
  special = "${var.pg_password_specials}"
}

resource "aws_cloudformation_stack" "db" {
  ...
  parameters = {
        DatabasePassword      = "${random_password.pg_database_password.result}"
  }
}

Debug Output

When running a terraform apply against preexisting resource:

# aws_cloudformation_stack.db will be updated in-place
  ~ resource "aws_cloudformation_stack" "db" {
      ....
      ~ parameters       = {
            ...
          ~ "DatabasePassword"      = "****" -> "OsnonMD98NDrztZDKorZ0N8a5BL9iHvM"
            ...
        }

Expected Behavior

What should have happened?
No change should be computed, as well as the generated password should be considered sensitive and not output to the log

Actual Behavior

What actually happened?
Plain text password output and resource "update" required. Even then cloudformation doesn't show it was updated after an apply as all values are technically identical and no change is actually needed.

`output_changes` incorrectly calculated in the plan file

This issue was originally opened by @marcinwyszynski as hashicorp/terraform#24628. It was migrated here as a result of the provider split. The original body of the issue is below.

Terraform Version

❯ terraform version
Terraform v0.12.24

Terraform Configuration Files

provider "random" {}

resource "random_id" "bacon" {
  keepers     = { bacon = "tasty" }
  byte_length = 16
}

output "bacon" { value = random_id.bacon.hex }

Steps to reproduce

After the change has been applied:

❯ terraform plan -out repro.plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

random_id.bacon: Refreshing state... [id=eprljZv58YrewNlMCchkQA]

------------------------------------------------------------------------

No changes. Infrastructure is up-to-date.

This means that Terraform did not detect any differences between your
configuration and real physical resources that exist. As a result, no
actions need to be performed.

❯ terraform plan -out repro.plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

random_id.bacon: Refreshing state... [id=eprljZv58YrewNlMCchkQA]

------------------------------------------------------------------------

No changes. Infrastructure is up-to-date.

This means that Terraform did not detect any differences between your
configuration and real physical resources that exist. As a result, no
actions need to be performed.

❯ terraform show -json repro.plan > repro.json
❯ cat repro.json | jq

{
  "format_version": "0.1",
  "terraform_version": "0.12.24",
  "planned_values": {
    "outputs": {
      "bacon": {
        "sensitive": false,
        "value": "7a9ae58d9bf9f18adec0d94c09c86440"
      }
    },
    "root_module": {
      "resources": [
        {
          "address": "random_id.bacon",
          "mode": "managed",
          "type": "random_id",
          "name": "bacon",
          "provider_name": "random",
          "schema_version": 0,
          "values": {
            "b64": "eprljZv58YrewNlMCchkQA",
            "b64_std": "eprljZv58YrewNlMCchkQA==",
            "b64_url": "eprljZv58YrewNlMCchkQA",
            "byte_length": 16,
            "dec": "162970085093216590396273492464954270784",
            "hex": "7a9ae58d9bf9f18adec0d94c09c86440",
            "id": "eprljZv58YrewNlMCchkQA",
            "keepers": { "bacon": "tasty" },
            "prefix": null
          }
        }
      ]
    }
  },
  "resource_changes": [
    {
      "address": "random_id.bacon",
      "mode": "managed",
      "type": "random_id",
      "name": "bacon",
      "provider_name": "random",
      "change": {
        "actions": ["no-op"],
        "before": {
          "b64": "eprljZv58YrewNlMCchkQA",
          "b64_std": "eprljZv58YrewNlMCchkQA==",
          "b64_url": "eprljZv58YrewNlMCchkQA",
          "byte_length": 16,
          "dec": "162970085093216590396273492464954270784",
          "hex": "7a9ae58d9bf9f18adec0d94c09c86440",
          "id": "eprljZv58YrewNlMCchkQA",
          "keepers": { "bacon": "tasty" },
          "prefix": null
        },
        "after": {
          "b64": "eprljZv58YrewNlMCchkQA",
          "b64_std": "eprljZv58YrewNlMCchkQA==",
          "b64_url": "eprljZv58YrewNlMCchkQA",
          "byte_length": 16,
          "dec": "162970085093216590396273492464954270784",
          "hex": "7a9ae58d9bf9f18adec0d94c09c86440",
          "id": "eprljZv58YrewNlMCchkQA",
          "keepers": { "bacon": "tasty" },
          "prefix": null
        },
        "after_unknown": {}
      }
    }
  ],
  "output_changes": {
    "bacon": {
      "actions": ["create"],
      "before": null,
      "after": "7a9ae58d9bf9f18adec0d94c09c86440",
      "after_unknown": false
    }
  },
  "prior_state": {
    "format_version": "0.1",
    "terraform_version": "0.12.24",
    "values": {
      "outputs": {
        "bacon": {
          "sensitive": false,
          "value": "7a9ae58d9bf9f18adec0d94c09c86440"
        }
      },
      "root_module": {
        "resources": [
          {
            "address": "random_id.bacon",
            "mode": "managed",
            "type": "random_id",
            "name": "bacon",
            "provider_name": "random",
            "schema_version": 0,
            "values": {
              "b64": "eprljZv58YrewNlMCchkQA",
              "b64_std": "eprljZv58YrewNlMCchkQA==",
              "b64_url": "eprljZv58YrewNlMCchkQA",
              "byte_length": 16,
              "dec": "162970085093216590396273492464954270784",
              "hex": "7a9ae58d9bf9f18adec0d94c09c86440",
              "id": "eprljZv58YrewNlMCchkQA",
              "keepers": { "bacon": "tasty" },
              "prefix": null
            }
          }
        ]
      }
    }
  },
  "configuration": {
    "provider_config": { "random": { "name": "random" } },
    "root_module": {
      "outputs": {
        "bacon": { "expression": { "references": ["random_id.bacon"] } }
      },
      "resources": [
        {
          "address": "random_id.bacon",
          "mode": "managed",
          "type": "random_id",
          "name": "bacon",
          "provider_config_key": "random",
          "expressions": {
            "byte_length": { "constant_value": 16 },
            "keepers": { "constant_value": { "bacon": "tasty" } }
          },
          "schema_version": 0
        }
      ]
    }
  }
}

Expected Behavior

Actual Behavior

The resulting JSON sets the value at $.output_changes.bacon.before to null
The resulting JSON incorrectly sets the value at $.output_changes.bacon.actions to ["create"]

random_password with special characters

Hi there,

Terraform Version

Terraform v0.12.12

Affected Resource(s)

random_password

Terraform Configuration Files

resource "random_password" "grafana" {
  length           = 16
  special          = true
  override_special = "/@\""
}

Expected Behavior

Password generated with special characters but first character is not a special character.

Actual Behavior

i got password

@ocIdZ7Jq7jSiL6"

Steps to Reproduce

helm installation failed due to error:
error converting YAML to JSON: yaml: line 14: found character that cannot start any token

Is it possible to add option to generate password when first character is not a special ?

no available releases match the given constraints 3.0.0, ~> 2.2, ~> 2.2

Hi there,

Terraform Version

v0.13.4

Affected Resource(s)

random_string

Terraform Configuration Files

provider "random" {
  version = "3.0.0" # See https://github.com/hashicorp/terraform-provider-random/releases
}

Debug Output

Initializing modules...

Initializing the backend...

Initializing provider plugins...
- Using previously-installed hashicorp/google v3.43.0
- Using previously-installed hashicorp/google-beta v3.43.0
- Using previously-installed hashicorp/null v2.1.2
- Using previously-installed hashicorp/kubernetes v1.13.2
- Finding hashicorp/random versions matching "3.0.0, ~> 2.2, ~> 2.2"...

Error: Failed to query available provider packages

Could not retrieve the list of available versions for provider
hashicorp/random: no available releases match the given constraints 3.0.0, ~>
2.2, ~> 2.2

Expected Behavior

The "random" provider should just install

Actual Behavior

The "random" provider version cannot be matched. Although v3.0.0 is available in the releases - https://github.com/hashicorp/terraform-provider-random/releases

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

terraform init

default value for optional params forces new resource

With the version bump of the random provider, resources that rely on random strings generated by the older version are forced to regenerate, as they now see that the new optional params go from empty string to the default value.

This seems like a bug.

In our case, databases are re-created because the random password and username are considered changed and forces a new resource.

Terraform Version

Terraform v0.11.7
+ provider.aws v1.14.0
+ provider.random v1.2.0

Affected Resource(s)

random_string

Expected Behavior

IMHO, it would be ideal if the state file is updated to include the default values
OR
the provider is smart enough to realize that "" does not need to change to the default value.

Actual Behavior

Resources are re-created that aren't expected to be re-created as no substantive or logical change has been made.

-/+ random_string.core_service_db_username (new resource required)
     id:                               "[redacted]" => <computed> (forces new resource)
     length:                           "8" => "8"
     lower:                            "true" => "true"
     min_lower:                        "" => "0" (forces new resource)
     min_numeric:                      "" => "0" (forces new resource)
     min_special:                      "" => "0" (forces new resource)
     min_upper:                        "" => "0" (forces new resource)
     number:                           "false" => "false"

random selections not produced for small sets or fast operations

Hi there,

Terraform Version

Terraform v0.11.1

provider.random v1.3.0

Affected Resource(s)

resource_shuffle or all random resources

Terraform Configuration Files

resource "random_shuffle" "mu_random_subnet" {
  input = ["a", "b", "c"]
  result_count = 1
  count = "10"
}

output "mu_shuffles" {
  value = ["${random_shuffle.mu_random_subnet.*.result}"]
}

Debug Output

...
random_shuffle.mu_random_subnet[2]: Creation complete after 0s (ID: -)
random_shuffle.mu_random_subnet[0]: Creation complete after 0s (ID: -)
random_shuffle.mu_random_subnet[6]: Creation complete after 0s (ID: -)
random_shuffle.mu_random_subnet[9]: Creation complete after 0s (ID: -)
random_shuffle.mu_random_subnet[4]: Creation complete after 0s (ID: -)
random_shuffle.mu_random_subnet[1]: Creation complete after 0s (ID: -)
random_shuffle.mu_random_subnet[7]: Creation complete after 0s (ID: -)
random_shuffle.mu_random_subnet[3]: Creation complete after 0s (ID: -)
random_shuffle.mu_random_subnet[5]: Creation complete after 0s (ID: -)
random_shuffle.mu_random_subnet[8]: Creation complete after 0s (ID: -)

Apply complete! Resources: 10 added, 0 changed, 0 destroyed.

Outputs:

mu_shuffles = [
    [
        a
    ],
    [
        a
    ],
    [
        a
    ],
    [
        a
    ],
    [
        a
    ],
    [
        a
    ],
    [
        a
    ],
    [
        a
    ],
    [
        a
    ],
    [
        a
    ]
]

Expected Behavior

Random results should have been produced

Actual Behavior

This is not random for small or fast operations

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

terraform apply

Suggestion

I have tested using UnixNano() instead of Unix and that fixes it. I will submit a PR

trying to read variables through keepers ends up in "does not have attribute ..."

Hello together,

Documentation example states that one can read a variable through the random provider:
https://www.terraform.io/docs/providers/random/r/id.html

  # Read the AMI id "through" the random_id resource to ensure that
  # both will change together.
  ami = "${random_id.server.keepers.ami_id}"

  # ... (other aws_instance arguments) ...

I tried to use keepers reading it with ${random_integer.priority.keepers.target_group_arn}, but ended up with seeing the following error:

* module.httpd.aws_alb_listener_rule.http: Resource 'random_integer.priority' does not have attribute 'keepers.target_group_arn' for variable random_integer.priority.keepers.target_group_arn'

Terraform Version

v0.11.3

Affected Resource(s)

Please list the resources as a list, for example:

random_integer
Only tried with random_integer, might also effect other random_* resources.

Terraform Configuration Files

resource "random_integer" "priority" {
  min = 1
  max = 50000
  keepers = {
    target_group_arn = "${aws_alb_target_group.target_group.arn}"
    route53_record_name = "${aws_route53_record.service.name}"
  }
  lifecycle {
    create_before_destroy = true
  }
}
resource "aws_alb_listener_rule" "http" {
  listener_arn = "${var.aws_services["alb_extern_http"]}"
  priority = "${random_integer.priority.result}"
  action {
    type = "forward"
    target_group_arn = "${random_integer.priority.keepers.target_group_arn}"
  }
  condition {
    field = "host-header"
    values = ["${aws_route53_record.service.name}"]
  }
}

Expected Behavior

Terraform planning & applying as expected.

Actual Behavior

Error presented as quoted above.

Many thanks in advance for your consideration. 👍

Best regards,
Harald