AWS and Terraform
Secrets Manager
| Fichier:Tf.svg | # create the secret
resource "aws_secretsmanager_secret" "test-secret" {
name = "test"
description = "test secret"
lifecycle {
ignore_changes = all
}
}
# fill with secrets
resource "aws_secretsmanager_secret_version" "test-secret" {
secret_id = aws_secretsmanager_secret.test-secret.id
secret_string = jsonencode({
Test = "Test123+"
})
}
|
Multiple creation
| Fichier:Tf.svg | variable "secrets" {
type = list(string)
default = ["secret1", ", "secret2"]
}
resource "aws_secretsmanager_secret" "secrets" {
for_each = toset(var.secrets)
name = each.key
description = "${each.key} secret"
lifecycle {
ignore_changes = all
}
}
resource "aws_secretsmanager_secret_version" "test_version" {
secret_id = aws_secretsmanager_secret.secrets["test"].id
secret_string = jsonencode({
Test = "Test123+"
})
}
|