[Feature] Support Ephemeral Secrets #89
Description
Feature Request: Support for Ephemeral Secrets
Context
Terraform/OpenTofu recently introduced ephemeral values for sensitive data(tf,tofu), enabling secrets to be used only during apply-time and never persisted in the Terraform state. Providers such as azurerm have implemented support for ephemeral resources, e.g., azurerm_key_vault_secret.ephemeral.
Proposal
Implement support for ephemeral secrets in the Bitwarden Terraform provider. This would allow users to consume secrets from Bitwarden without persisting them in state files, enhancing security by reducing exposure to sensitive information.
Requested Behavior
- Add a resource/data source or option to fetch Bitwarden secrets as ephemeral values during Terraform apply.
- Ensure secrets fetched this way are never written to Terraform state.
- Align behavior and documentation with the Terraform ephemeral data lifecycle.
References
- Terraform Documentation: Ephemeral Values
- OpenTofu Documentation: Ephemeral Values
- azurerm Ephemeral Resource Example
- Write only attribute support request: [Feature] Support for wo (write only attributes) #87 (implementing both would enable secret non-persistence for the entire lifecycle)
Thanks for considering this enhancement!