Set recovery window in days to 0 for secrets

Ryan Jiang · web-flow · commit 5e58b9a7e201 · 2021-08-09T11:57:02.000-07:00
diff --git a/modules/aws_ecs_ec2/secrets.tf b/modules/aws_ecs_ec2/secrets.tf
@@ -6,6 +6,7 @@ resource "random_string" "rds_password" {
 resource "aws_secretsmanager_secret" "rds_password" {
   name        = "${var.deployment_name}-rds-password"
   description = "This is the password for the Retool RDS instance"
+  recovery_window_in_days = 0
 }
 
 resource "aws_secretsmanager_secret_version" "rds_password" {
@@ -16,6 +17,7 @@ resource "aws_secretsmanager_secret_version" "rds_password" {
 resource "aws_secretsmanager_secret" "rds_username" {
   name        = "${var.deployment_name}-rds-username"
   description = "This is the username for the Retool RDS instance"
+  recovery_window_in_days = 0
 }
 
 resource "aws_secretsmanager_secret_version" "rds_username" {
@@ -31,6 +33,7 @@ resource "random_string" "jwt_secret" {
 resource "aws_secretsmanager_secret" "jwt_secret" {
   name        = "${var.deployment_name}-jwt-secret"
   description = "This is the secret for Retool JWTs"
+  recovery_window_in_days = 0
 }
 
 resource "aws_secretsmanager_secret_version" "jwt_secret" {
@@ -47,6 +50,7 @@ resource "random_string" "encryption_key" {
 resource "aws_secretsmanager_secret" "encryption_key" {
   name        = "${var.deployment_name}-encryption-key"
   description = "This is the secret for encrypting credentials"
+  recovery_window_in_days = 0
 }
 
 resource "aws_secretsmanager_secret_version" "encryption_key" {
