» aws_secretsmanager_secret_version

Provides a resource to manage AWS Secrets Manager secret version including its secret value. To manage secret metadata, see the aws_secretsmanager_secret resource.

» Example Usage

resource "aws_secretsmanager_secret_version" "example" {
  secret_id     = "${aws_secretsmanager_secret.example.id}"
  secret_string = "example-string-to-protect"

» Argument Reference

The following arguments are supported:

  • secret_id - (Required) Specifies the secret to which you want to add a new version. You can specify either the Amazon Resource Name (ARN) or the friendly name of the secret. The secret must already exist.
  • secret_string - (Required) Specifies text data that you want to encrypt and store in this version of the secret.
  • version_stages - (Optional) Specifies a list of staging labels that are attached to this version of the secret. A staging label must be unique to a single version of the secret. If you specify a staging label that's already associated with a different version of the same secret then that staging label is automatically removed from the other version and attached to this version. If you do not specify a value, then AWS Secrets Manager automatically moves the staging label AWSCURRENT to this new version on creation.

» Attribute Reference

  • id - A pipe delimited combination of secret ID and version ID
  • version_id - The unique identifier of the version of the secret.

» Import

aws_secretsmanager_secret_version can be imported by using the secret ID and version ID, e.g.

$ terraform import aws_secretsmanager_secret.example arn:aws:secretsmanager:us-east-1:123456789012:secret:example-123456|xxxxx-xxxxxxx-xxxxxxx-xxxxx