Please update this provider to work with ephemeral resources and write-only attributes

[allanwilson]

In order to help keep passwords out of the state file it would be great to have support for ephemeral resources and write-only attributes.

Example:

ephemeral "random_password" "role_password" {
length = 16
special = true
override_special = "~!#$%^&*()_-+={}[]<>,.;?:"
}

resource "postgresql_role" "role_dev" {
name = "dev"
login = true
create_database = true
password = ephemeral.random_password.role_password.result
inherit = false

lifecycle {
prevent_destroy = true
}
}

Note: password would be password_wo in postgresql_role resource.

Current state using version 1.25 of provider:

│ Error: Invalid use of ephemeral value
│
│ with postgresql_role.role_dev,
│ on create_pg_roles.tf line 129, in resource "postgresql_role" "role_dev":
│ 129: password = ephemeral.random_password.role_password.result
│
│ Ephemeral values are not valid for "password", because it is not a write-only attribute and must be persisted to state.

[zoezhangmattr]

any plan for this one pls,

[jakeschurch]

wanted to bump on this issue - super interested in using this in my org or anything I could help with to get this prioritized and/or merged.