Creates an AWS Secrets Manager which is expected to be manually updated by a
developer. A list of environment variable names can be provided, which must then
be filled in using the SecretsManager UI or CLI. Rotation is disabled for the
secret.
Example:
module "smtp" {
source = "github.com/thoughtbot/terraform-aws-secrets//secret"
environment_variables = ["USERNAME", "PASSWORD"]
description = "SMTP credentials"
name = "smtp-credentials"
}This module does not support rotation, but it otherwise supports the same
variables for permissions as the generic secret module.
| Name |
Source |
Version |
| secret |
../secret |
n/a |
| Name |
Description |
Type |
Default |
Required |
| admin_principals |
Principals allowed to peform admin actions (default: current account) |
list(string) |
null |
no |
| description |
Description for this secret |
string |
null |
no |
| environment_variables |
Environment variables for which a user must provide values |
list(string) |
n/a |
yes |
| name |
Name for this secret |
string |
n/a |
yes |
| read_principals |
Principals allowed to read the secret (default: current account) |
list(string) |
null |
no |
| readwrite_principals |
Principals allowed to both read and write secrets |
list(string) |
[] |
no |
| resource_tags |
Tags to be applied to created resources |
map(string) |
{} |
no |
| secret_policies |
Overrides for the secret resource policies |
list(string) |
[] |
no |
| trust_tags |
Tags required on principals accessing the secret |
map(string) |
{} |
no |