When storing ses password in different region secrets, values are same which is wrong

tahchiev · December 21, 2023, 8:13am

Hi,
i am have created

resource "aws_iam_user" "ses_smtp_user_nonprd" {
  name = "smtp_user"
}

creating access key

resource "aws_iam_access_key" "ses_user_key_nonprd" {
  user = aws_iam_user.ses_smtp_user_nonprd.name
}

i have secrets in two regions and i want proper ses value per regions. since ses_smtp_password_v4 is encrypting it per region so i am using different provider per region…

resource "aws_secretsmanager_secret_version" "sversion_nonprd" {
  secret_id     = aws_secretsmanager_secret.secret-ses-smtp-user-nonprd.id
  secret_string = <<EOF
   {
    "username": "${aws_iam_access_key.ses_user_key_nonprd.id}",
    "password": "${aws_iam_access_key.ses_user_key_nonprd.ses_smtp_password_v4}"
   }
EOF
}

resource "aws_secretsmanager_secret_version" "sversion_nonprd-replica" {
  provider = aws.replica
  secret_id     = aws_secretsmanager_secret.secret-ses-smtp-user-nonprd-replica.id
  secret_string = <<EOF
   {
    "username": "${aws_iam_access_key.ses_user_key_nonprd.id}",
    "password": "${aws_iam_access_key.ses_user_key_nonprd.ses_smtp_password_v4}"
   }
EOF
}

result is password 1 and password replica have same value and region replica cannot send emails with password for region one. Any idea why it is not working as expected?

Topic		Replies	Views
Valid provider description of SigV4 (ses_smtp_password_v4) AWS	0	523	December 27, 2022
Creating a new user without console access and only create access key and secrets access key AWS	0	177	August 11, 2023
Confused about aws-secretsmanager-secret-version resource behaviour AWS	1	5377	March 29, 2023
How to create db in same account but different region Terraform	1	262	July 28, 2021
How to use multiple secretsmanager secret_version in a module? AWS	2	1883	February 7, 2023

When storing ses password in different region secrets, values are same which is wrong

Related topics