terraform jsoncode secret manager

Solution for terraform jsoncode secret manager
is Given Below:

I have secrets on AWS secret manager and I have to retrieve these secrets on terraform.
I am using data to retrieve the secrets and I receive JSON with all the secrets configured on AWS secret manager:

data "aws_secretsmanager_secret_version" "secrets_manager_rds" {
  secret_id = "rds-sm"

in order to parse this JSON, I am using jsondecode on locals:

locals {
rds = jsondecode(data.aws_secretsmanager_secret_version.secrets_manager_rds.secret_string)

Now I can get the secrets by specifying the secret key (password_rds) in the rds-sm secret:


I want the ability to loop through the JSON without specifying a specific secret key, for example, to use for_each with jsoncode output.

I need to loop through a resource with for_each. for example:

resource "postgresql_role" "test" {
  for_each = [for k in local.rds : k]
  name     = each.key
  password = each.value
  login    = true
  skip_reassign_owned = true
  roles = ["readonlyrole"]

I receive:

local.users_creds has a sensitive value 
Sensitive values, or values derived from sensitive values, cannot be used as for_each arguments. If used, the sensitive
value could be exposed as a resource instance key.

Is it possible?

Based on your JSON string in the comments, you can do this:

locals {
  secrets = jsondecode(data.aws_secretsmanager_secret_version.secrets_manager_rds.secret_string)

output "secrets" {
  value = [
    for secret_name, secret_value in local.secrets.secret_string:
     "${secret_name}: ${secret_value}"


Apply complete! Resources: 0 added, 0 changed, 0 destroyed.


secrets = [
  "secretname1: secretvalue1",
  "secretname2: secretvalue2",