Closed usuryadevara closed 1 year ago
How should i extract to username/password to something similar here? Example: locals { db_creds = jsondecode(data.aws_secretsmanager_secret_version.creds.secret_string) }
CODE: resource "random_password" "random_db_password" { length = 16 special = true overridespecial = "!%^" }
module "rds_aws_secret" { source = "./modules/secrets" secrets = { "tf-${var.env_type}-dbsecrets" = { description = "This is a key/value secret for RDS admin account, used for provisioning" secret_key_value = { username = "${var.db_username}" password = "${random_password.random_db_password.result}" } } } }
Terraform state shows:
resource "aws_secretsmanager_secret_version" "sm-sv" { arn = "arn:aws:secretsmanager:us-east-1:**:secret:tf-dev-dbsecrets-S9tkKc" id = "tf-dev-dbsecrets|D4FF8F82-B9D2-430E-9FE6-A1F0C69F52F2" secret_binary = (sensitive value) secret_id = "tf-dev-dbsecrets" secret_string = (sensitive value) version_id = "D4FF8F82-B9D2-430E-9FE6-A1F0C69F52F2" version_stages = [ "AWSCURRENT", ] }
@usuryadevara please check the key-value example here.
I'm going to close the issue, but if you need further help you can comment here.
lgallard
commented
1 year ago
How should i extract to username/password to something similar here? Example: locals { db_creds = jsondecode(data.aws_secretsmanager_secret_version.creds.secret_string) }
CODE: resource "random_password" "random_db_password" { length = 16 special = true overridespecial = "!%^" }
module "rds_aws_secret" { source = "./modules/secrets" secrets = { "tf-${var.env_type}-dbsecrets" = { description = "This is a key/value secret for RDS admin account, used for provisioning" secret_key_value = { username = "${var.db_username}" password = "${random_password.random_db_password.result}" } } } }
Terraform state shows:
module.rds_aws_secret.aws_secretsmanager_secret_version.sm-sv["tf-dev-dbsecrets"]:
resource "aws_secretsmanager_secret_version" "sm-sv" { arn = "arn:aws:secretsmanager:us-east-1:**:secret:tf-dev-dbsecrets-S9tkKc" id = "tf-dev-dbsecrets|D4FF8F82-B9D2-430E-9FE6-A1F0C69F52F2" secret_binary = (sensitive value) secret_id = "tf-dev-dbsecrets" secret_string = (sensitive value) version_id = "D4FF8F82-B9D2-430E-9FE6-A1F0C69F52F2" version_stages = [ "AWSCURRENT", ] }