< microscopic river 74022> I have services which use garden garden.io #🤖

<@1072591948499664996> I have services which use g...

acoustic-architect-39949

08/21/2025, 2:41 PM

@microscopic-river-74022 I have services which use garden + terraform. For some reason they randomly have their secrets wiped out which are stored in secrets manager. I intialy create a secret in secret manager using terraform with an intial value later I manully add more values to it and thus the service can use it but randomly not everytime they get wiped out and get reset to the intial value I have the below block to prevent this but its still happening any suggestions ?

Copy code

resource "aws_secretsmanager_secret_version" "app_secret_version" {
  secret_id     = aws_secretsmanager_secret.app_secret.id
  secret_string = var.secret_string

  lifecycle {
    ignore_changes = all
  }
}

microscopic-river-74022

08/21/2025, 2:41 PM

Please stand by @acoustic-architect-39949 as I search the knowledge base. I normally take about 15 seconds or so. :wave:

microscopic-river-74022

08/21/2025, 2:41 PM

---------------------- I'm sorry, but the knowledge sources provided do not contain information about issues with AWS Secrets Manager secrets being wiped or reset when using Garden and Terraform, nor do they discuss the use of the

ignore_changes

lifecycle block in Terraform for this scenario. The documentation covers how Garden integrates with Terraform, including dynamic backend configuration and how to pass variables and secrets to Terraform, but it does not address the specific behavior of AWS Secrets Manager resources or how manual changes to secrets interact with Terraform's state and apply cycles. There is also no mention of best practices or troubleshooting for preventing Terraform from overwriting manually updated secrets in AWS Secrets Manager. If you need further assistance, I recommend consulting the official Terraform AWS provider documentation or AWS Secrets Manager documentation for guidance on managing secret versions and preventing unintended overwrites. ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ----------------------

microscopic-river-74022

08/21/2025, 2:41 PM

message has been deleted

acoustic-architect-39949

08/21/2025, 2:43 PM

So this issue happens only with garden apps as they can not have the secrets manager secret empty they need a initial value cause they can't pull empty value But no such case for helm apps they can have the empty secrets and work fine

Previous Next