terraform.examples/modules/security_identity_compliance/SecretRotationReminder/example/main.tf

module "secret-rotation-reminder" {
  source                       = "../"
  sns-cmk-arn                  = "arn:aws:kms:ap-east-1:111122223333:key/e13912c7-54d3-4d77-9a52-c482bcaf3209"
  logs-cmk-arn                 = "arn:aws:kms:ap-east-1:111122223333:key/143d0178-8ad2-458b-90b3-0fa6b3e62fc4"
  rotation-reminder-recipients = ["foo@bar.local"]
  prefix                       = "prod-project1"
  lambda-subnet-ids            = ["subnet-001", "subnet-002"]
}

resource "aws_secretsmanager_secret_rotation" "secret-rotation" {
  secret_id           = "your-secret-id"
  rotation_lambda_arn = module.secret-rotation-reminder.function-arn
  rotate_immediately  = false
  rotation_rules {
    automatically_after_days = 365
  }
}