moliver-aicradle
commented
3 years ago @lgallard thanks for the quick response!
Closed moliver-aicradle closed 3 years ago
moliver-aicradle
commented
3 years ago @lgallard thanks for the quick response!
Extends behavior added in PR #4 to rotating secrets (https://github.com/lgallard/terraform-aws-secrets-manager/pull/4).
For our use case, this module sets up our rotated secret based off an initial password set by a Terraform variable. The secret then immediately rotates to no longer match the initial password which is exposed in the Terraform state file. From here, Secrets Manager handles the rotation schedule, and we do not want the secret to be updated by subsequent runs of our terraform modules that still prompt for and and apply a new password.
Ignoring changes to the rotated secrets_string and secrets_binary will prevent subsequent terraform applies from changing the secret currently in rotation.