random_password (Resource)

Identical to random_string with the exception that the result is treated as sensitive and, thus, _not_ displayed in console output. Read more about sensitive data handling in the Terraform documentation.

This resource does use a cryptographic random number generator.

Example Usage

# DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug
from constructs import Construct
from cdktf import TerraformStack
#
# Provider bindings are generated by running `cdktf get`.
# See https://cdk.tf/provider-generation for more details.
#
from imports.aws.db_instance import DbInstance
from imports.random.password import Password
class MyConvertedCode(TerraformStack):
    def __init__(self, scope, name):
        super().__init__(scope, name)
        password = Password(self, "password",
            length=16,
            override_special="!#$%&*()-_=+[]{}<>:?",
            special=True
        )
        DbInstance(self, "example",
            allocated_storage=64,
            engine="mysql",
            instance_class="db.t3.micro",
            password=password.result,
            username="someone"
        )

Schema

Required

Optional

Read-Only

Import

Import is supported using the following syntax:

terraform import random_password.password securepassword

Limitations of Import

Any attribute values that are specified within Terraform config will be ignored during import and all attributes that have defaults defined within the schema will have the default assigned.

For instance, using the following config during import:

# DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug
from constructs import Construct
from cdktf import TerraformStack
#
# Provider bindings are generated by running `cdktf get`.
# See https://cdk.tf/provider-generation for more details.
#
from imports.random.password import Password
class MyConvertedCode(TerraformStack):
    def __init__(self, scope, name):
        super().__init__(scope, name)
        Password(self, "password",
            length=16,
            lower=False
        )

Then importing the resource using terraform import random_password.password securepassword, would result in the triggering of a replacement (i.e., destroy-create) during the next terraform apply.

Avoiding Replacement

If the resource were imported using terraform import random_password.password securepassword, replacement could be avoided by using:

  1. Attribute values that match the imported ID and defaults:

    ```python

    DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug

from constructs import Construct from cdktf import TerraformStack #

Provider bindings are generated by running cdktf get.

See https://cdk.tf/provider-generation for more details.

# from imports.random.password import Password class MyConvertedCode(TerraformStack): def __init__(self, scope, name): super().__init__(scope, name) Password(self, "password", length=14, lower=True )



2. Attribute values that match the imported ID and omit the attributes with defaults:

    ```python
# DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug
from constructs import Construct
from cdktf import TerraformStack
#
# Provider bindings are generated by running `cdktf get`.
# See https://cdk.tf/provider-generation for more details.
#
from imports.random.password import Password
class MyConvertedCode(TerraformStack):
    def __init__(self, scope, name):
        super().__init__(scope, name)
        Password(self, "password",
            length=14
        )
  1. ignore_changes specifying the attributes to ignore:

    ```python

    DO NOT EDIT. Code generated by 'cdktf convert' - Please report bugs at https://cdk.tf/bug

from cdktf import TerraformResourceLifecycle from constructs import Construct from cdktf import TerraformStack #

Provider bindings are generated by running cdktf get.

See https://cdk.tf/provider-generation for more details.

# from imports.random.password import Password class MyConvertedCode(TerraformStack): def __init__(self, scope, name): super().__init__(scope, name) Password(self, "password", length=16, lifecycle=TerraformResourceLifecycle( ignore_changes=[length, lower] ), lower=False ) ```

**NOTE** `ignore_changes` is only required until the resource is recreated after import,
after which it will use the configuration values specified.