juju_secret (Resource)

A resource that represents a Juju secret.

Example Usage

resource "juju_secret" "my-secret" {
  model_uuid = juju_model.development.uuid
  name       = "my_secret_name"
  value = {
    key1 = "value1"
    key2 = "value2"
  }
  info = "This is the secret"
}

resource "juju_application" "my-application" {
  #
  config = {
    # Reference my-secret within the plan by using the secret_id
    secret = juju_secret.my-secret.secret_id
  }
  #
}

# Write-only secret value. The value is supplied via value_wo, which is never
# stored in Terraform state. Bumping value_wo_version triggers an update of the
# secret value. This requires Terraform >= 1.11 and pairs well with ephemeral
# resources/values.
resource "juju_secret" "my-wo-secret" {
  model_uuid = juju_model.development.uuid
  name       = "my_wo_secret_name"
  value_wo = {
    key1 = "value1"
    key2 = "value2"
  }
  value_wo_version = 1
  info             = "This is a write-only secret"
}

Schema

Required

  • model_uuid (String) The model in which the secret belongs. Changing this value will cause the secret to be destroyed and recreated by terraform.

Optional

  • info (String) The description of the secret.

  • name (String) The name of the secret.

  • value (Map of String, Sensitive) The value map of the secret. There can be more than one key-value pair. Conflicts with value_wo; prefer value_wo for ephemeral/secret data that should not be stored in Terraform state.

  • value_wo (Map of String, Sensitive) The write-only value map of the secret. Its content is never persisted to Terraform state. Requires value_wo_version to be set; bump value_wo_version to apply changes to this value. Requires Terraform >= 1.11.

  • value_wo_version (Number) The version of value_wo. Increment this value to trigger an update of the write-only secret value.

Read-Only

  • id (String) The ID of the secret. Used for terraform import.

  • secret_id (String) The ID of the secret. E.g. coj8mulh8b41e8nv6p90

  • secret_uri (String) The URI of the secret. E.g. secret:coj8mulh8b41e8nv6p90

Import

Import is supported using the following syntax:

# Secrets can be imported by using the model and secret names.
$ terraform import juju_secret.secret-name testmodel:secret-name