Hi there!
I’m having a weird issue with aws_secretsmanager_secret when two aws_secretsmanager_secret_version resource putting the values in the same AWS Secret.
This is how I created a SecretsManager Secret:
resource "aws_secretsmanager_secret" "env_secrets" {
name = "my-super-secrets"
kms_key_id = aws_kms_key.master_kms_key.arn
description = "${var.aws_acc_name} default secrets"
And then two separate aws_secretsmanager_secret_version adding two sets of secrets (key/value pair) to the same secret-store:
resource "aws_secretsmanager_secret_version" "app_secrets" {
secret_id = aws_secretsmanager_secret.env_secrets.id
secret_string = jsonencode(var.app_secrets)
}
#
resource "aws_secretsmanager_secret_version" "ssh_key" {
secret_id = aws_secretsmanager_secret.env_secrets.id
secret_string = file("${local.ssh_key_file}.pass")
}
What I’m experiencing here, it’s overwriting each-other set. In the AWS AWS Secret Manager console either I see the secrets from app_secrets or ssh_key depends on which one was added first, whilst I was expecting to see secret values from both of the resources.
Is it expected or it’s a bug? Or, I’m doing something wrong here? Any help would be really appreciated!!
-San