feat: LabSecrets layer

LocalStack/README.md

@@ -66,4 +66,5 @@ Also, ec2 instance's associate_public_ip_address attribute is always set to true
 it is set to false in my code. This caused the instance to be redeployed everytime terraform
 apply is ran.
 
-The free edition of LocalStack does not include rds support
+The free edition of LocalStack does not support rds, among other services described in
+https://docs.localstack.cloud/aws/licensing/

LocalStack/Security/LabSecrets/main.tf

@@ -0,0 +1,24 @@
+module "secret1" {
+  source = "../../../modules/security_identity_compliance/secretsmanager-secret"
+
+  secret_name        = "test-secret-name-1"
+  secret_description = "test-secret-desc-1"
+  secret_value       = "test-secret-value"
+}
+
+module "secret2" {
+  source = "../../../modules/security_identity_compliance/secretsmanager-secret"
+
+  secret_name        = "test-secret-name-2"
+  secret_description = "test-secret-desc-2"
+  generate_secret    = true
+}
+
+module "secret3" {
+  source = "../../../modules/security_identity_compliance/secretsmanager-secret"
+
+  secret_name        = "test-secret-name-3"
+  secret_description = "test-secret-desc-3"
+  generate_secret    = true
+  secret_version     = 1 # increment to update secret value
+}

LocalStack/Security/LabSecrets/provider.tf

@@ -0,0 +1,59 @@
+provider "aws" {
+  region = var.aws-region
+
+  # localstack config
+  access_key                  = "test"
+  secret_key                  = "test"
+  skip_credentials_validation = true
+  skip_metadata_api_check     = true
+  skip_requesting_account_id  = true
+
+  # localstack endpoints https://docs.localstack.cloud/aws/integrations/infrastructure-as-code/terraform/#:~:text=tflocal%20is%20a%20small%20wrapper,unmodified%20Terraform%20scripts%20against%20LocalStack.
+  endpoints {
+    apigateway     = "http://192.168.86.96:4566"
+    apigatewayv2   = "http://192.168.86.96:4566"
+    cloudformation = "http://192.168.86.96:4566"
+    cloudwatch     = "http://192.168.86.96:4566"
+    dynamodb       = "http://192.168.86.96:4566"
+    ec2            = "http://192.168.86.96:4566"
+    es             = "http://192.168.86.96:4566"
+    elasticache    = "http://192.168.86.96:4566"
+    firehose       = "http://192.168.86.96:4566"
+    iam            = "http://192.168.86.96:4566"
+    kinesis        = "http://192.168.86.96:4566"
+    lambda         = "http://192.168.86.96:4566"
+    rds            = "http://192.168.86.96:4566"
+    redshift       = "http://192.168.86.96:4566"
+    route53        = "http://192.168.86.96:4566"
+    s3             = "http://192.168.86.96:4566"
+    secretsmanager = "http://192.168.86.96:4566"
+    ses            = "http://192.168.86.96:4566"
+    sns            = "http://192.168.86.96:4566"
+    sqs            = "http://192.168.86.96:4566"
+    ssm            = "http://192.168.86.96:4566"
+    stepfunctions  = "http://192.168.86.96:4566"
+    sts            = "http://192.168.86.96:4566"
+  }
+
+  default_tags {
+    tags = {
+      Environment     = var.environment
+      Project         = var.project
+      Application     = var.application
+      LocalStack      = true
+      TerraformDir    = join("/", reverse(slice(reverse(split("/", path.cwd)), 0, 2)))
+    }
+  }
+}
+
+terraform {
+  required_version = ">= 1.11.0"
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 6.0"
+    }
+  }
+}
+
+# data aws_caller_identity current {}

LocalStack/Security/LabSecrets/terraform.tfvars

@@ -0,0 +1,4 @@
+application = "localstack"
+environment = "locallab"
+project     = "iac"
+aws-region  = "us-east-1"

LocalStack/Security/LabSecrets/variables.tf

@@ -0,0 +1,4 @@
+variable "aws-region" {}
+variable "environment" {}
+variable "project" {}
+variable "application" {}