Create Secrets Manager replicas in multiple regions

chhall-fms · February 25, 2026, 8:05pm

I am trying to create a Secrets Manager Secret with replicas in multiple regions, and all examples I’ve seen only replicate to a single region. Is this possible with aws_secretsmanager_secret?

The region argument only accepts a string, not a list. I’ve also tried a for_each loop using a variable set of regions, but this leads to duplicate secrets failing to be created in my home region.

resource "aws_secretsmanager_secret" "master" {
  for_each = var.other_regions
  name = "SecretName"
  kms_key_id = aws_kms_key.secret-key.key_id
  replica {
    kms_key_id = aws_kms_replica_key.secret-replica-key[each.key].key_id
    region = each.key
  }
}

chhall-fms · March 4, 2026, 9:04pm

Solved it with a dynamic block:

resource "aws_secretsmanager_secret" "master" {
  name = "SecretName"
  kms_key_id = aws_kms_key.secret-key.key_id
  region = "us-east-1"
  dynamic "replica" {
    for_each = var.other_regions
    content {
      kms_key_id = aws_kms_key.secret-key.key_id
      region = replica.value
    }
  }
}

Topic		Replies	Views
When storing ses password in different region secrets, values are same which is wrong AWS	0	128	December 21, 2023
Variably create 1 or more AWS Buckets across multiple regions AWS	0	501	July 31, 2020
Terraform supporting KMS Multi-Region Keys AWS	1	3168	July 2, 2021
How to create resources in multiple AWS accounts based on a variable list AWS	1	134	November 25, 2024
Create Multi-region with round-robin Terraform testing , connect , hcp-terraform , tf-aws-provider-release	0	699	October 25, 2021

Create Secrets Manager replicas in multiple regions

Related topics