search

lgallard / terraform-aws-secrets-manager

Terraform module to create Amazon Secrets Manager resources.
Apache License 2.0
63 stars 50 forks source link

Allow to use `version_stages` on secret versions #45

Closed magmax closed 10 months ago

magmax commented 11 months ago

There is a corner-case problem which might cause data loss: if secret content is changed via secret_string or secret_binary, it will override the previous value. See https://github.com/hashicorp/terraform-provider-aws/issues/25168

According to the comment, it is possible to avoid that situation by using the version_stages parameter which is not supported by this module. And that is the situation this PR is trying to fix: to allow specifying it.

Sadly, it seems that using it by default might cause data loss as well... So I had to leave the default null value, but at least this patch allows to document the patch and to keep the secret data even if the content changes on terraform, if desired.

lgallard commented 10 months ago

@magmax thanks for you PR. I'm going to check it and merge as soon as possible!

magmax commented 10 months ago

@lgallard if you hide whitespaces changes, you will realize my changes are very small...

lgallard commented 10 months ago

@magmax thanks once again! I just merged your PR, thanks for your PR!