Terraform Module for AWS Secretsmanager
This is a stable example. It should successfully build out of the box
This examples does is built on Construct Libraries marked "Stable" and does not have any infrastructure prerequisites to build.
This module may be used to create Secretsmanager Secret resources in AWS cloud provider......
This module needs Terraform 0.12.24 or newer. You can download the latest Terraform version from here.
This module deploys aws services details are in respective feature branches.
Below we are able to check the resources that are being created as part of this module call:
- Secretsmanager Secret
To use this module, add the following call to your code:
module "secretsmanager_secret" {
source = "git::https://github.com/nitinda/terraform-module-aws-secretsmanager-secret.git?ref=master"
providers = {
aws = aws.services
}
name = "rotation-example"
rotation_lambda_arn = "${aws_lambda_function.example.arn}"
rotation_rules = {
automatically_after_days = 7
}
}
The variables required in order for the module to be successfully called from the deployment repository are the following:
Variable | Description | Type | Argument Status | Default Value |
---|---|---|---|---|
name | Specifies the friendly name of the new secret | string | Optional | null |
name_prefix | Creates a unique name beginning with the specified prefix | string | Optional | null |
description | A description of the secret | string | Optional | null |
kms_key_id | Specifies the ARN or alias of the AWS KMS customer master key (CMK) to be used to encrypt the secret values in the versions stored in this secret | string | Optional | null |
policy | A valid JSON document representing a resource policy | string | Optional | null |
recovery_window_in_days | Specifies the number of days that AWS Secrets Manager waits before it can delete the secret. This value can be 0 to force deletion without recovery or range from 7 to 30 days. The default value is 30. | number | Optional | 30 |
rotation_lambda_arn | Specifies the ARN of the Lambda function that can rotate the secret. | string | Optional | null |
rotation_rules | A structure that defines the rotation configuration for this secret | map(string) | Optional | {} |
tags | Specifies a key-value map of user-defined tags that are attached to the secret | map(string) | Optional | {} |
This module has the following outputs:
- rotation_enabled
- id
- arn
In order for the variables to be accessed on module level please use the syntax below:
module.<module_name>.<output_variable_name>
The output variable is able to be accessed through terraform state file using the syntax below:
data.terraform_remote_state.<module_name>.<output_variable_name>
Module maintained by Module maintained by the - Nitin Das