Introduction
Secret is created on the AWS Portal through the AWS Secrets Manager whereas using terraform this could be created using resource aws_secretsmanager_secret. Screenshots below:
Secret created through AWS Portal
Secret created through terraform
resource "aws_secretsmanager_secret" "test-aws-secret-terraform" {
name = "test-aws-secret-using-terraform"
recovery_window_in_days = "20"
description = "Testing whether secret version is created when creating this resource through terraform."
}
Problem
When creating secret through AWS Secrets Manager on the AWS Portal, secret version is automatically created for the secret whereas when the secret is created through terraform using the resource aws_secretsmanager_secret, the secret version is not created automatically as can be seen in the screenshots above.
Solution
In order to create the secret version for a corresponding secret using terraform, we would need to use the resource aws_secretsmanager_secret_versionand associated this with the secret created using the resource aws_secretsmanager_secret.
resource "aws_secretsmanager_secret" "test-aws-secret-terraform" {
name = "test-aws-secret-using-terraform"
recovery_window_in_days = "20"
description = "Testing whether secret version is created when creating this resource through terraform."
}
resource "aws_secretsmanager_secret_version" "example" {
secret_id = aws_secretsmanager_secret.test-aws-secret-terraform.id
secret_string = "example-string-to-protect-1"
}
After running terraform apply, the secret version gets created as visible in the screenshot below:
Additional Information
Note: If you continue to experience issues, please contact HashiCorp Support.