How to hide sensitive data when calling a custom script in null resource

foudelsalhi · June 18, 2020, 9:39pm

Hi All,

When calling a custom script using a null_resource, my input parameters are displayed in plain text. Example:

provisioner "local-exec" {
    when    = "destroy"
    command = "./scripts/smctl-delete-broker.sh ${var.cf_org_name} ${var.cf_ending_domain_name} ${var.cf_username} ${var.cf_password} ${var.service_broker_name} ${var.sub_account_id}"
  }

All the parameters passed to the script are displayed as below:

module.service-broker.null_resource.smctl-registration (local-exec): Executing: ["/bin/sh" "-c" "./scripts/smctl-delete-broker.sh myOrg mydomain.com dummy@gmail.com 12345 myBrokername a9d29bbc-bc4a-467f-bbe1-753a7509f0f6"]

How possible to hide that? or is there a better way to implement this using different method than null_resource

Thanks

Topic		Replies	Views
Delete null resource when terraform destroy Terraform	2	1902	March 27, 2023
Cannot move null_resource to terraform_data: This value is null, so it does not have any attributes Terraform	3	87	April 1, 2025
Conditional null resource Terraform	0	1210	November 18, 2019
Null_resource auto removal Terraform azure	0	282	March 5, 2021
Null_resource with a destroy provisioner being destroyed for every trigger change Terraform	1	2435	February 10, 2021

How to hide sensitive data when calling a custom script in null resource

Related topics