Alternate names for secrets

For a build using Terraform to deploy some infrastructure, I have a bunch of secrets, such as SSH keys. By default Terraform allows you to pass in these values via environment variables, such as TF_VAR_ssh_private_key. Perfect for Drone I thought.

Following I defined a build step like this

    image: hashicorp/terraform:light
      - source: aws_access_key_id
        target: AWS_ACCESS_KEY_ID
      - source: aws_secret_access_key
        target: AWS_SECRET_ACCESS_KEY
      - source: ssh_public_key
        target: TF_VAR_ssh_public_key
      - source: ssh_private_key
        target: TF_VAR_ssh_private_key
      - terraform init
      - terraform get -update
      - terraform plan -out env-k8s-${DRONE_COMMIT_SHA}.plan

It was my impression that alternate names for secrets would allow you to peruse naming schemes diverging from the usual transformation to uppercase names.

Executing the step, and adding in an env call to the commands reveals the transformation produces TF_VAR_SSH_PRIVATE_KEY instead of expected TF_VAR_ssh_private_key.

Is this intended behaviour?

Secrets are always passed to the container with uppercase variable names.