terraform.examples/modules/security_identity_compliance/secretsmanager-2025/README.md

secretsmanager-2025

This module creates an entry on secretsmanager. It uses ephemeral resources such that the generated password is not stored in terraform state.

Requirements

Name	Version
terraform	>= 1.10

Providers

Name	Version
aws	n/a

Modules

No modules.

Resources

Name	Type
aws_secretsmanager_secret.this	resource
aws_secretsmanager_secret_policy.policy	resource
aws_secretsmanager_secret_rotation.rotation	resource
aws_secretsmanager_secret_version.this	resource
aws_caller_identity.this	data source
aws_iam_policy_document.policy-file	data source

Inputs

Name	Description	Type	Default	Required
auto-rotation-days	Days to rotate secret	number	365	no
description	description of secret	string	null	no
enable-auto-rotation	Enable automatic rotation	bool	false	no
generate_secret	If set to true, a secure password will be generated and saved.	bool	false	no
kms_key_id	Custom kms key id. If not specified, the default key aws/secretmanager key will be used.	string	null	no
name	name of secret	string	null	no
policy	access policy to the secret	string	null	no
recovery_window_in_days	Number of days that AWS Secrets Manager waits before it can delete the secret	number	30	no
rotation-lambda-arn	ARN of lambda function for auto secret rotation	string	null	no
secret	the secret you want to store	any	null	no
secret_use_special_char	Set false to not use special characters	bool	true	no
secret_version	Secret version, default to 1. For subsequent update, set it to more than 1.	number	1	no
tags	(Optional) A mapping of tags to assign to the AWS Secrets Manager.	map(string)	{}	no

Outputs

Name	Description
arn	The id of the secret.
id	Secret of Authenticate Token of elasticcache
secret_arn	The ARN of the secret.
secret_id	The id of the secret.
secret_string	The decrypted secret string of the secret.

---

Authorship

This module was developed by Rackspace.