Skip to main content

Lab 25: Secrets Manager Setup Using Terraform

The Nautilus DevOps team needs to store sensitive data securely using AWS Secrets Manager. They need to create a secret with the following specifications:

  1. The secret name should be datacenter-secret.

  2. The secret value should contain a key-value pair with username: admin and password: Namin123.

  3. Use Terraform to create the secret in AWS Secrets Manager.

The Terraform working directory is /home/bob/terraform. Create the main.tf file (do not create a different .tf file) to accomplish this task.

Note: Right-click under the EXPLORER section in VS Code and select Open in Integrated Terminal to launch the terminal.

Create main.tf

resource "aws_secretsmanager_secret" "datacenter-secret" {
  name = "datacenter-secret"
}

variable "credentials" {
  default = {
    username = "admin"
    password = "Namin123"
  }

  type = map(string)
}

resource "aws_secretsmanager_secret_version" "credentials" {
  secret_id     = aws_secretsmanager_secret.datacenter-secret.id
  secret_string = jsonencode(var.credentials)
}

terraform init
terraform plan -out kke.plan && terraform apply kke.plan
# or apply forcefully without creating plan and applying it
terraform apply -auto-approve


# aws cli
aws secretsmanager get-secret-value --secret-id datacenter-secret --query SecretString