terraform-aws-rds-cluster icon indicating copy to clipboard operation
terraform-aws-rds-cluster copied to clipboard

Published 20 hours ago verified publisher icon cloudposse

Add option for RDS/Aurora Managed Master Passwords via Secrets Manager

Open fabianf92 opened this issue 2 years ago • 1 comments

Describe the Feature

We want to use RDS integration with secret manager so that master password will be managed by RDS and rotated by secret manager. This option is available in Terraform by using the variable manage_master_user_password : Set to true to allow RDS to manage the master user password in Secrets Manager. Cannot be set if master_password is provided. Currently the cloudposse module does not allow to enable this feature.

Expected Behavior

The module allows to enable managed user password feature in RDS.

Use Case

Managed secrets are more secure and easy to use.

Describe Ideal Solution

  • Add a variable to enable managed master user password option in RDS.
  • Add output block that contains the the secret ARN (see master_user_secret reference in the terraform docs).

Alternatives Considered

No response

Additional Context

No response

fabianf92 avatar May 10 '23 13:05 fabianf92

Any plans for this? This should be quite simple to add - just pass through 2 additional variables?

rstml avatar Aug 24 '23 23:08 rstml