History

xpk a87af8f557 FEAT: added kms_key_id support to secretsmanager-secret module		2023-12-21 18:09:12 +08:00
..
main.tf	FEAT: added kms_key_id support to secretsmanager-secret module	2023-12-21 18:09:12 +08:00
outputs.tf	FEAT: generate_secret is now supported	2023-12-21 17:47:41 +08:00
provider.tf	UPD: added README and removed unnecessary config in provider.tf	2023-06-13 15:37:53 +08:00
README.md	FEAT: generate_secret is now supported	2023-12-21 17:47:41 +08:00
variables.tf	FEAT: added kms_key_id support to secretsmanager-secret module	2023-12-21 18:09:12 +08:00

README.md

secretsmanager-secret module

This module creates an entry in secretsmanager, attaching a default access policy if one is not provided from root module. A random suffix is assigned to every secret, as AWS may delay creation of secrets with the same name, after the old one has been destroyed that is.

The default policy attached to secretsmanager prevents cross-account access.

To have this module generate a random password, set generate_secret to true.

To tag resources, please use provider default_tags.

Example

module "secret1" {
  source = "../../modules/security_identity_compliance/secretsmanager-secret"

  secret_name        = "test-secret-name-1"
  secret_description = "test-secret-desc-1"
  secret_value       = "test-secret-value"
}

module "secret2" {
  source = "../../modules/security_identity_compliance/secretsmanager-secret"

  secret_name        = "test-secret-name-2"
  secret_description = "test-secret-desc-3"
  generate_secret    = true
}