[Terraform] AWS Secrets Manager

곽우현·2022년 7월 7일
0

Terraform

목록 보기
2/3
post-thumbnail

RDS를 구축할때 Password를 AWS SecretsManager를 사용한다고 한다.
이때 Terraform으로 Secrets Manager를 생성하는 tf 코드이다.

#############################################################
# Secret Manager
#############################################################

resource "random_password" "password" {
  length           = 16
  special          = true
  override_special = "_%@"
}

# Creating a AWS secret for database master account (Masteraccoundb)
resource "aws_secretsmanager_secret" "db_password" {
  name = "wkwak-terraform-mysql"
}

# Creating a AWS secret versions for database master account (Masteraccoundb)
resource "aws_secretsmanager_secret_version" "db_password" {
  secret_id = aws_secretsmanager_secret.db_password.id
  secret_string = random_password.password.result
}

# Importing the AWS secrets created previously using arn.
data "aws_secretsmanager_secret" "db_password" {
  arn = aws_secretsmanager_secret.db_password.arn
}

# Importing the AWS secret version created previously using arn.
data "aws_secretsmanager_secret_version" "db_password" {
  secret_id = data.aws_secretsmanager_secret.db_password.id
}

# After importing the secrets storing into Locals
locals {
  db_creds = data.aws_secretsmanager_secret_version.db_password.secret_string
}

profile
주니어 Java 개발자

0개의 댓글