Utilize ephemeral resource and password_wo property

[puzzloholic]

Is your request related to a new offering from AWS?

Is this functionality available in the AWS provider for Terraform? See CHANGELOG.md, too.

• Yes ✅: please list the AWS provider version which introduced this functionality
• password_wo property is introduced in v5.88.0

Is your request related to a problem? Please describe.

Revert the functionality of generating a random password for newly created database.

Describe the solution you'd like.

Password can be created by ephemeral resource and used as an input with password_wo property so that the value will not be preserved in the state. Complete solution here

ephemeral "random_password" "db_password" {
  length           = 16
  override_special = "!#$%&*()-_=+[]{}<>:?"
}

resource "aws_db_instance" "example" {
  instance_class      = "db.t3.micro"
  allocated_storage   = "5"
  engine              = "postgres"
  username            = "example"
  skip_final_snapshot = true
  password_wo         = ephemeral.random_password.db_password.result
  password_wo_version = 1
}

Additional context

Need to increase minimum terraform version to Terraform v1.10 and later to support ephemeral block.

[cohen-neria]

Hi, requesting this solution as well please 🙏

[github-actions]

This issue has been automatically marked as stale because it has been open 30 days
with no activity. Remove stale label or comment or this issue will be closed in 10 days

[josh-sherman-worthwhile]

I'm also looking for this feature to be added if possible