You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
| project | Name of the project. |`string`| n/a | yes |
70
-
| kms_key_arn | ARN for an existing KMS key to use for encryption. Required if `create_kms_key` is set to `false`; ignored otherwise. |`string`|`null`| conditional |
71
-
| add_suffix | Apply a random suffix to the secret name. Useful when secrets may need to be replaced, but makes identify secrets by name alone more difficult. |`bool`|`true`| no |
72
-
| create_kms_key | Whether to create a new KMS key for encrypting secrets. If set to `false`, `kms_key_arn` must be provided. |`bool`|`true`| no |
73
-
| environment | Environment for the project. |`string`|`"dev"`| no |
74
-
| key_recovery_period | Recovery period for deleted KMS key, in days. Must be between 7 and 30, or 0 to disable recovery. Only used if `create_kms_key` is set to `true`. |`number`|`30`| no |
75
-
|[secrets]| Secrets to be created. |`map(object)`|`{}`| no |
76
-
| service | Optional service that these resources are supporting. Example: `"api"`, `"web"`, `"worker"`|`string`| n/a | no |
77
-
| tags | Optional tags to be applied to all resources. |`list`|`[]`| no |
67
+
| Name | Description | Type | Default | Required |
| project | Name of the project. |`string`| n/a | yes |
70
+
| kms_key_arn | ARN for an existing KMS key to use for encryption. Required if `create_kms_key` is set to `false`; ignored otherwise. |`string`|`null`| conditional |
71
+
| add_suffix | Apply a random suffix to the secret name. Useful when secrets may need to be replaced, but makes identify secrets by name alone more difficult. |`bool`|`true`| no |
72
+
| create_kms_key | Whether to create a new KMS key for encrypting secrets. If set to `false`, `kms_key_arn` must be provided. |`bool`|`true`| no |
73
+
| environment | Environment for the project. |`string`|`"dev"`| no |
74
+
| key_recovery_period | Recovery period for deleted KMS key, in days. Must be between 7 and 30, or 0 to disable recovery. Only used if `create_kms_key` is set to `true`. |`number`|`30`| no |
75
+
| recovery_window | Recovery window for deleted secrets, in days. Must be between 7 and 30, or 0 to disable recovery when the secret is deleted. This value can be overridden for each secret by setting the `recovery_window` for the secret. |`number`|`30`| no |
76
+
|[secrets]| Secrets to be created. |`map(object)`|`{}`| no |
77
+
| service | Optional service that these resources are supporting. Example: `"api"`, `"web"`, `"worker"`|`string`| n/a | no |
78
+
| tags | Optional tags to be applied to all resources. |`list`|`[]`| no |
79
+
78
80
79
81
### secrets
80
82
@@ -112,13 +114,13 @@ secrets = {
112
114
This would result in a key named `my/example/key-` before the random suffix is
113
115
applied.
114
116
115
-
| Name | Description | Type | Default | Required |
| description | Description of the secret. |`string`| n/a | yes |
120
+
| create_random_password | Creates a random password as the staring value. |`bool`|`false`| no |
121
+
| name | Name to use as the prefix for the secret. |`string`|`""`| no |
122
+
| recovery_window |Override the default recovery window. Must be between 7 and 30, or 0 to disable recovery when the secret is deleted. |`number`|`null`| no |
123
+
| start_value | Value to be set into the secret at creation. |`string`|`"{}"`| no |
0 commit comments