Terraform Provider PGP
Warning: Use of this provider will result in secrets being in terraform state in PLAIN TEXT (aka NOT ENCRYPTED). You've been warned.
There are use cases and situations where you need full access to all values generated within terraform, unfortunately there are some resources that force you to provide a PGP key and it will only encrypt and store those values, then manual commands must be run to decrypt.
This provider allows you to generate a PGP or use an existing one, from there it provides encrypt and decrypt data sources to allow you to get access to the data.
Build provider
Run the following command to build the provider
$ go build -o terraform-provider-pgp
Local release build
$ go install github.com/goreleaser/goreleaser@latest
$ make release
You will find the releases in the /dist
directory. You will need to rename the provider binary to terraform-provider-gpg
and move the binary into the appropriate subdirectory within the user plugins directory.
Test sample configuration
First, build and install the provider.
$ make install
Then, navigate to the examples
directory.
$ cd examples
Run the following command to initialize the workspace and apply the sample configuration.
$ terraform init && terraform apply
Note: you might have to remove the .terraform.lock.hcl
file.