Description
Community Note
- Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
- Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment
Description
When you create an instance of mysql_mysql_db_system, you may supply the field admin_password which contains the admin password. this means that the password is fetched/stored/uploaded locally and appears in the terraform state file. Instead, it would be ideal to send it directly to a vault secret.
It is unclear what happens when the field is not provided, nor is it apparent if this field is populated as an attribute if omitted. I will try this but it would be better to document that and ensure the implementation compiles with the docs.
In the aws provider, this field exists for the aws_rds_cluster resource:
manage_master_user_password - (Optional) Set to true to allow RDS to manage the master user password in Secrets Manager. Cannot be set if master_password is provided.
New or Affected Resource(s)
oci_mysql_mysql_db_system
Potential Terraform Configuration
# Copy-paste any Terraform configurations for how the requested feature may be used. i can fill this in but the point is just to copy the manage_master_user_password field - it is mutually exclusive with master_password. that is all there is to the "configuration api".