When an app secret is removed, it is immediately deleted from AWS sec…

…rets manager (#7)

CHANGELOG.md

@@ -1,3 +1,6 @@
+# 0.2.3 (Jan 22, 2025)
+* When an app secret is removed, it is immediately deleted from AWS secrets manager.
+
 # 0.2.2 (Feb 20, 2024)
 * Added support for variable and secret interpolation.
 

secrets.tf

@@ -7,9 +7,10 @@ locals {
 resource "aws_secretsmanager_secret" "app_secret" {
   for_each = local.secret_keys
 
-  name_prefix = "${local.block_name}/${each.value}/"
-  tags        = local.tags
-  kms_key_id  = aws_kms_alias.this.arn
+  name_prefix             = "${local.block_name}/${each.value}/"
+  tags                    = local.tags
+  kms_key_id              = aws_kms_alias.this.arn
+  recovery_window_in_days = 0 // force delete so that re-adding the secret doesn't cause issues
 
   lifecycle {
     create_before_destroy = true