Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
"Correct" way to read custom fields in ```onepassword_item``` data source
Hi,
We're looking at migrating from HashiCorp Vault to 1Password as a secret provider for our terraform projects.
At present we have something like this:
```
provider "vault" {
address...
jerdew - nice, although that looks like it would get quite busy if you have multiple onepassword items that you want to reference in the same project.
For completeness, I went my original approach in the end:
provider "azurerm" {
tenant_id = [for field in data.onepassword_item.my_spn.section[0].field : field.value if field.label == "tenant_id"][0]
.. etc ...
}
I also created a local variable like you did for referencing secrets in resources:
locals {
my_spn = {
tenant_id = [for field in data.onepassword_item.my_spn.section[0].field : field.value if field.label == "tenant_id"][0]
client_id = [for field in data.onepassword_item.my_spn.section[0].field : field.value if field.label == "client_id"][0]
client_secret = [for field in data.onepassword_item.my_spn.section[0].field : field.value if field.label == "client_secret"][0]
}
}
and then
some_resource_property = local.my_spn.tenant_id
I didn't seem to be able to reference the locals in a provider block so I had to duplicate the long-hand version in the azurerm provider. I might take another look as your example looks like it does that ok...
