DEV Community

Cover image for Rotate on a periodic basis using Terraform

Rotate on a periodic basis using Terraform

antoinega profile image Antoine ・1 min read

Photo by Jeremy Perkins on Unsplash

One key component of modern security is rotating secret.

Hashicorp has a good product that can generate secrets based on a master one : Vault.

I though it was very difficult to achieve this through Terraform.
But Terraform has a provider that can provide a change at the defined frequency basis : time_rotating.


terraform {
  required_providers {
    time = {
      source = "hashicorp/time"
      version = "0.5.0"

resource "time_rotating" "example" {
  rotation_days = 30

resource "random_id" "server" {
  keepers = {
    # Generate a new password each time time rotates
    rotation = time_rotating.example

  byte_length = 8

Hope this helps !


Editor guide