OpenTofu lets you declaratively manage your cloud infrastructure.
- https://opentofu.org
OpenTofu
- project on GitHub > opentofu/opentofu
- last check : with 0 version(s) added
notes:
| Release list | ||
|---|---|---|
| 1.11.1 | RECENT | |
| 1.11.0 | ||
| 1.10.8 | ||
| 1.10.7 | ||
| 1.10.6 | ||
| 1.9.4 | ||
| 1.10.5 | ||
| 1.10.4 | ||
| 1.9.3 | ||
| 1.8.11 | ||
| 1.7.10 | ||
| 1.7.9 | ||
| 1.8.10 | ||
| 1.9.2 | ||
| 1.10.3 | ||
| 1.10.2 | ||
| 1.10.1 | ||
| 1.10.0 | ||
| 1.9.1 | 6m+ | |
OpenTofu
- project on GitHub > opentofu/opentofu
- last check : with 0 version(s) added
notes:
OpenTofu lets you declaratively manage your cloud infrastructure.
- https://opentofu.org
Release notes:
OpenTofu 1.11.0
We're proud to announce that OpenTofu 1.11.0 is now officially available! 🎉
Highlights
This release cycle introduces major new capabilities and integrations:
Ephemeral Values and Write Only Attributes
Ephemeral resources allow you to work with confidential data, temporary credentials, and transient infrastructure without persisting them to your state.
ephemeral "aws_secretsmanager_random_password" "password" {
}
resource "kubernetes_secret_v1" "credentials" {
metadata {
name = "admin"
namespace = "my-app"
}
data_wo = {
username = "admin"
password = ephemeral.aws_secretsmanager_random_password.password.random_password
}
data_wo_revision = 1
type = "kubernetes.io/basic-auth"
}
The enabled Meta-Argument
If you want to conditionally deploy a resource, you no longer have to use count = var.create_my_resource ? 1 : 0, you can now add the new enabled meta-argument to your resource to conditionally deploy it.
resource "aws_instance" "web" {
ami = "ami-12345"
instance_type = "t3.micro"
lifecycle {
enabled = var.create_instance # Simple boolean condition
}
}
Compatibility Notes
-
macOS: Requires macOS 12 Monterey or later
-
Azure Backend (
azurerm):- The
endpointandARM_ENDPOINTconfiguration options are no longer supported - The
msi_endpointandARM_MSI_ENDPOINToptions are no longer supported - The
environmentandmetadata_hostarguments are now mutually exclusive
- The
-
issensitive() Function: Now correctly returns unknown results when evaluating unknown values. Code that previously relied on the incorrect behavior may need updates.
-
Testing with Mocks: Mock values generated during testing now strictly adhere to provider schemas. Test configurations with invalid mock values will need to be corrected.
-
S3 Module Installation: When installing module packages from Amazon S3 buckets using S3 source addresses OpenTofu will use the same credentials as the AWS CLI and SDK.
-
TLS and SSH Security:
- SHA-1 signatures are no longer accepted for TLS or SSH connections
- SSH certificates must comply with the
draft-miller-ssh-cert-03specification
Reference
Thank you for your continued support and testing of the OpenTofu project!