# Terraform configuration to create a secret in AWS Secrets Manager.

provider "aws" {
  region = "us-east-1"
}

# --- 1. Create Secret ---
resource "aws_secretsmanager_secret" "my_secret" {
  name        = "MyTerraformAppSecret"
  description = "Secret for my Terraform application"
  recovery_window_in_days = 7 # Minimum 7 days for deletion

  tags = {
    Name = "MyTerraformAppSecret"
  }
}

resource "aws_secretsmanager_secret_version" "my_secret_version" {
  secret_id     = aws_secretsmanager_secret.my_secret.id
  secret_string = "MySuperSecretValue123!" # !!! IMPORTANT: Use a strong, dynamic value in production !!!
}

# --- Outputs ---
output "secret_arn" {
  value       = aws_secretsmanager_secret.my_secret.arn
  description = "The ARN of the created secret."
}

output "secret_name" {
  value       = aws_secretsmanager_secret.my_secret.name
  description = "The name of the created secret."
}