Database Credentials

module "db_credentials" {
  source  = "registry.patterneddesigns.ca/patterneddesigns/secrets-manager/aws"
  version = "2.1.0"

  name          = "prod/rds/postgres/credentials"
  secret_string = jsonencode({
    engine   = "postgres"
    host     = aws_db_instance.main.endpoint
    port     = 5432
    username = "app_user"
    password = random_password.db.result
    dbname   = "application"
  })

  kms_key_id              = module.kms.key_id
  recovery_window_in_days = 14
}

resource "random_password" "db" {
  length  = 32
  special = true
}