Skip to content

oliverschenk/aws-secrets-manager-rotation

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
function
function
 
 
.gitignore
.gitignore
 
 
.terraform.lock.hcl
.terraform.lock.hcl
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
deploy.sh
deploy.sh
 
 
main.tf
main.tf
 
 
provider.tf
provider.tf
 
 
variables.tf
variables.tf
 
 

Repository files navigation

AWS Secrets Manager Rotation

This repo contains the code for the Medium article Achieving RDS password rotation with Secrets Manager

Please note that the resources created by this project are NOT free. Deploy at your own risk and destroy when no longer needed.

If you are interested in how to read secrets from Secrets Manager and perform database migrations see the article Read Secrets Manager secrets and perform RDS database migrations using Lambda.

Prerequisites

  • Terraform
  • AWS account with Administrator access
  • aws-vault (only required if using deployment script deploy.sh)

Getting Started

Running terraform manually

This method assumes you have credentials set up appropriately.

terraform init
terraform apply

Using the deploy script

This method assumes you have aws-vault configured.

You can configure the default region in the deploy.sh file.

./deploy.sh

DESCRIPTION:
  Script for deploying serverless lambda.

USAGE:
  deploy.sh -p credentials_profile [-r region] [-s stage] [-d destroy]

OPTIONS
  -p   the credentials profile to use (uses aws-vault)
  -r   region (default: ap-southeast-2)
  -s   the stage to deploy [dev, test, prod] (default: dev)
  -d   destroy

# to apply
./deploy.sh -p <aws_vault_profile>

# to destroy
./deploy.sh -p <aws_vault_profile> -d

About

AWS Secrets Manager rotation sample project

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages