Last checked and updated on 10 Jun 2026
What Is New in Terraform 1.10
Terraform 1.10 introduces ephemeral resources and ephemeral values, a major step toward handling temporary and sensitive data more securely without persisting it in state.
This release also adds the terraform modules command and brings several enhancements to functions, validation, and backends.
| Category | Key Changes |
|---|---|
| New Features | Ephemeral resources, ephemeral values for variables and outputs, ephemeralasnull() function, terraform modules -json command |
| Enhancements | element() function now supports negative indices, improved import block validation, performance gains for large resource counts, new Tencent Cloud auth for COS backend |
| Bug Fixes | Sensitive mark handling, variable validation messages, GitHub module source parsing, refresh-only plan applyability, postcondition evaluation, plantimestamp() during validation, and several expression mark issues |
| Upgrade Notes | S3 backend assume_role changes, S3 native locking preview, moved block keyword handling, conditional expression mark combination |
Ephemeral Resources and Values
Ephemeral resources are read during every Terraform evaluation phase and never stored in state. All values they produce are ephemeral by nature.
Input variables and outputs can now be marked as ephemeral. These values can only be used in limited contexts and are never written to plan or state files.
In practice, this feature helps teams handle short-lived tokens, one-time secrets, or temporary data without risking exposure in state.
New ephemeralasnull Function
The new ephemeralasnull() function takes any value and returns a copy where all ephemeral parts are replaced with null while preserving non-ephemeral data.
This is particularly useful when you need to pass data to contexts that do not support ephemeral values.
It gives module authors precise control when mixing ephemeral and persistent data.
Module Inspection Command
The new terraform modules -json command lists all installed modules in the working directory, including whether each one is actively referenced by your configuration.
This makes it easier to audit and clean up unused modules in large codebases.
Teams maintaining complex module structures will find this command helpful during refactoring.
Other Enhancements and Fixes
The element() function now accepts negative indices for easier access to items from the end of a list.
Import block validation is stricter and provides clearer errors during terraform validate. Performance when evaluating many resource instances has also improved.
Several bugs around sensitive values, GitHub module sources, and conditional expressions were fixed, leading to more predictable plan and apply behavior.
FAQ
What are ephemeral resources in Terraform 1.10?
Ephemeral resources are read fresh during every evaluation phase and are never persisted to state. All values they produce remain ephemeral.
How do ephemeral values work for variables and outputs?
You can now mark input variables and outputs as ephemeral. They can only be used in specific contexts and never appear in plan or state files.
What does the ephemeralasnull() function do?
It converts any value by replacing ephemeral parts with null while keeping non-ephemeral data intact. Useful for passing data to non-ephemeral contexts.
What is the new terraform modules command in version 1.10?terraform modules -json shows all installed modules and indicates which ones are currently referenced in your configuration.
Does Terraform 1.10 change anything about the S3 backend?
Yes, it introduces preview support for S3 native state locking and removes some deprecated assume_role attributes in favor of the assume_role block.