Feature Request - Making the Secret an Output (RDS Proxy dependency), and Updating System Manager Parameters on rotation

[Simonl9l]

Hi

In general it works well, however in the context of using Terraform to set up an RDS Proxy, I need to supply it the arn's of the secret(s) in auth blocks.

What would it take to expose the secret as an output such that it can be referenced in other TF configuration?

Additionally I also like to synchronize the secret value in some scenarios to a the System Manager Parameter store, as this is used for configuration of my underlying services (its much more cost efficient - We're only using the Secret Manager as it's a requirement for RDS Proxy).

Whist with the output I can set up the initial value, once the rotation occurs, I'd need to also update the system parameter.

Perhaps there is a way to define rotation targets, system manager for example another?

Thanks!

[giuseppeborgese]

I think the output is quickly doable.
For the others instead, it is better an optional approach. If the parameter to setup that password (or change the target) is specified is used otherwise it works as before.
Create a pull request with all the changes and I'll approve it.

[Simonl9l]

@giuseppeborgese - dropping the need to sync with other things (system manager)...when would an update possibly be available to support the export of the secret arn as an output such that it can be included in the RDS Proxy configuration, auth block?

I have zero experience of writing TF plugging, so hope that this is something that you might be able to do per the "quickly doable" comment? I'm sure this would be very valuable to other RDS Proxy users!