This Terraform module retrieves the value for a specific field in a specific section of a 1Password item. This module addresses the challenge of parsing the JSON object returned by the provider directly. It uses the 1Password provider to interact with the local 1Password App.

To use this module, you need to provide the following variables:

• vault_uuid: The UUID of the 1Password vault.
• item: The name of the 1Password item containing the secret.
  • Must be unique; the 1password provider will error if there are multiple entries with this name in the Vault
• section: The section within the item where the secret is stored.
  • IMPORTANT: the 1password UI displays section headings in all-CAPS, but the underlying value may contain lowercase. verify the section name capitalization by opening the item in edit view.
• field: The field within the section where the secret is stored.

data "onepassword_vault" "vault" {
  name = "Personal"
}

module "onepass_read_value" {
  source = "github.com/robertpeteuil/terraform-onepassword-read-value?ref=main"

  vault_uuid = data.onepassword_vault.vault.uuid
  item       = "your-item-name"
  section    = "your-section-name"
  field      = "your-field-name"
}

output "secret_value" {
  value     = module.onepass_read_value.value
  sensitive = true
}

Replace "your-item-name", "your-section-name", and "your-field-name" with values from the UI as shown below.

After running terraform apply, the value of the specified field will be outputted as secret_value.

• Terraform >= 0.12
• 1Password Provider >= 1.4
• 1Password CLI >= 2.23.0
  • installed and configured to work with local 1Password App
  • installation guide: https://developer.1password.com/docs/cli/