azure - 通过 terraform 创建 azuread_application_password 时无法输出 client_secret

Question

您好，我正在尝试为 azure_application 创建一个 azure_application_password，以在 backend configuration 期间使用它进行身份验证。 .

resource "azuread_application_password" "application_password" {
  application_object_id  = azuread_application.app-tf.object_id
  end_date       = timeadd(timestamp(), "720h")
}

output "client_secret" {
  description = "Client Secret"
  value       = azuread_application_password.application_password.value
}

由于我是通过 terraform 进行配置，因此我需要在创建后查看 application_password 或 client_secret 以便我可以使用该值。

│ Error: Output refers to sensitive values
│
│   on main.tf line 47:
│   47: output "client_secret" {
│
│ To reduce the risk of accidentally exporting sensitive data that was intended to be only internal, Terraform requires  
│ that any root module output containing sensitive data be explicitly marked as sensitive, to confirm your intent.       
│
│ If you do intend to export this data, annotate the output value as sensitive by adding the following argument:
│     sensitive = true

我知道这现在可能是最安全的，但我相信这是在使用 terraform 时创建和检索 client_secret 的唯一方法，那么我如何解决此错误并获取值？

Answer 1

使用nonsensitive禁用屏蔽功能:

output "client_secret" {
  description = "Client Secret"
  value       = nonsensitive(azuread_application_password.application_password.value)
}