Verification

Verification is a necessary step in the Terraform setup process.

  1. Open a new Command Prompt with administrative privileges.

  2. Navigate to the directory containing the Terraform executable by setting the path.

  3. Run the command terraform init as displayed in the image below.

  1. Run the command terraform apply.

The examples below display the command prompt with outputs for possible variables.

Output: Get Secret

Use Case: Retrieve a stored secret (such as a password or API key) using Terraform.

Output: Create Secret

Use Case: Create a new secret from Terraform, for example, generating and storing a new credential, and capture the resulting secret ID for reference or future use.

Output: Update Secret

Use Case: Update an existing secret from Terraform.

Output: Delete Secret by ID

Use Case: Delete a single secret in Delinea Secret Server using Terraform.

Output: Delete Secrets by ID (using deletion resource)

Use Case: Delete multiple secrets in Delinea Secret Server through Terraform which are not being tracked by Terraform in state file.

Validation:

  • terraform apply creates deletion request resources (tss_secret_deletion.delete_secrets) for each secret.

  • These resources trigger deletion via API but are themselves tracked in state.

  • terraform destroy removes the deletion request resources from state, not the secrets themselves.

Output: Get Secret with Ephemeral Resource

Use Case: Retrieve a secret only during the terraform apply process using an ephemeral resource.

When using ephemeral resources in Terraform to retrieve secrets (such as passwords or API keys), the resource is used transiently during the execution of terraform apply. It is instantiated only for the duration of the apply operation to fetch the secret, and its data is not stored in the Terraform state file (.tfstate). As a result, no credentials are saved to disk or version control, enhancing security. Even though the secret is successfully retrieved and used during execution, no output is displayed and nothing is retained after apply, which is the intended behavior of ephemeral resources.

Output: Disable Secret using terraform destroy command

Use Case: The terraform destroy command internally calls the Delete resource function (dataSourceSecretDelete), which disables the secret in the Secret Server from Terraform which is being tracked by Terraform in state file.