Random ID
The random_id resource generates cryptographically secure random identifiers. It provides the generated ID in multiple formats (base64, hexadecimal, and decimal) for use in other resources and configurations.
HCL Syntax
Section titled “HCL Syntax”Basic Syntax
Section titled “Basic Syntax”resource "random_id" "name" { byte_length = 8}Full Syntax
Section titled “Full Syntax”resource "random_id" "name" { byte_length = 16}Fields
Section titled “Fields”| Field | Type | Required | Description |
|---|---|---|---|
| byte_length | int | ✓ | Number of random bytes to generate (minimum: 1) |
Computed Attributes
Section titled “Computed Attributes”These attributes are set by the system after ID generation:
| Field | Type | Description |
|---|---|---|
| base64 | string | Generated ID in base64 encoding |
| hex | string | Generated ID in padded hexadecimal (twice the byte length) |
| dec | string | Generated ID in decimal format |
Validation Rules
Section titled “Validation Rules”- Byte length must be at least 1
- Generated values remain constant across multiple runs (idempotent)
- Random values are cryptographically secure
Examples
Section titled “Examples”Simple Random ID
Section titled “Simple Random ID”resource "random_id" "session" { byte_length = 8}
output "session_id" { value = resource.random_id.session.hex}Database Identifier
Section titled “Database Identifier”resource "random_id" "db_suffix" { byte_length = 4}
resource "container" "database" { image { name = "postgres:15" }
environment = { POSTGRES_DB = "app_${resource.random_id.db_suffix.hex}" }}Multiple Format Usage
Section titled “Multiple Format Usage”resource "random_id" "app_key" { byte_length = 32}
# Use in different formatsoutput "key_base64" { value = resource.random_id.app_key.base64 description = "Application key in base64 format"}
output "key_hex" { value = resource.random_id.app_key.hex description = "Application key in hex format"}
output "key_decimal" { value = resource.random_id.app_key.dec description = "Application key in decimal format"}Container Name Generation
Section titled “Container Name Generation”resource "random_id" "container_suffix" { byte_length = 6}
resource "container" "web" { image { name = "nginx:alpine" }
# Use random ID to ensure unique container names meta { name = "web-${resource.random_id.container_suffix.hex}" }}Secret Generation
Section titled “Secret Generation”resource "random_id" "api_secret" { byte_length = 24}
resource "template" "app_config" { source = <<-EOF api: secret_key: ${resource.random_id.api_secret.base64} session_timeout: 3600 EOF
destination = "./config/app.yaml"}Network Naming
Section titled “Network Naming”resource "random_id" "network_id" { byte_length = 4}
resource "network" "app_network" { subnet = "10.${resource.random_id.network_id.dec % 254 + 1}.0.0/24"}Best Practices
Section titled “Best Practices”- Appropriate Length: Use sufficient byte length for your use case (8-16 bytes for most identifiers)
- Format Selection: Choose the appropriate format for your target system
- Uniqueness: Random IDs are unique per resource instance, not globally unique
- Security: Use for non-sensitive identifiers; for passwords use random_password
- Naming: Use descriptive resource names to clarify the ID’s purpose
- Consistency: Use the same format consistently within a configuration
Common Use Cases
Section titled “Common Use Cases”- Unique Naming: Generating unique suffixes for resource names
- Session IDs: Creating session identifiers for applications
- Database Names: Generating unique database or schema names
- Cache Keys: Creating cache key prefixes or suffixes
- API Keys: Generating non-sensitive API identifiers
- Container Names: Ensuring unique container names in multi-instance deployments
- Network Isolation: Creating unique network identifiers