awscc_secretsmanager_secret (Resource)

Creates a new secret. A secret can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret information that you store in an encrypted form in Secrets Manager. For RDS master user credentials, see AWS::RDS::DBCluster MasterUserSecret. To retrieve a secret in a CFNshort template, use a dynamic reference. For more information, see Retrieve a secret in an resource. A common scenario is to first create a secret with GenerateSecretString, which generates a password, and then use a dynamic reference to retrieve the username and password from the secret to use as credentials for a new database. See the example Creating a Redshift cluster and a secret for the admin credentials. For information about creating a secret in the console, see Create a secret. For information about creating a secret using the CLI or SDK, see CreateSecret. For information about retrieving a secret in code, see Retrieve secrets from Secrets Manager.

Example Usage

Basic Usage

Create an AWS Secrets Manager secret

resource "awscc_secretsmanager_secret" "example" {
  name = "example"
  description = "this is a user-provided description of the secret"
}

Example Replicate a secret to another region

Replicate an AWS Secrets Manager secret to other AWS Regions

resource "awscc_secretsmanager_secret" "example_replica" {
  name = "example_replica"

  replica_regions = [{
    region = "ap-southeast-1"
  },
  {
    region = "ap-southeast-2"
  }]
}

Schema

Optional

Read-Only

Nested Schema for generate_secret_string

Optional:

Nested Schema for replica_regions

Required:

Optional:

Nested Schema for tags

Required:

Import

Import is supported using the following syntax:

$ terraform import awscc_secretsmanager_secret.example <resource ID>