Terraform Error: error creating Secrets Manager Secret: InvalidRequestException: You can't create this secert because a secret with this name is already schedule for deletion

Terraform建立resource aws_secretsmanager_secret時出現錯誤訊息：

Error: error creating Secrets Manager Secret: InvalidRequestException: You can't create this secert because a secret with this name is already schedule for deletion.

錯誤原因是之前曾經刪除的Secrets Manager的secret其實不會立刻被AWS刪除，而是放在刪除排程中等待recovery window時間過後才會真正刪除，因此Terraform再次建立同名的secret時出現以上錯誤訊息。

強制刪除secret

可在AWS CLI輸入下面指令強制立刻刪除secret來解決此問題：

aws secretsmanager delete-secret --secret-id your-secret --force-delete-without-recovery --region your-region

your-secret改成要立刻刪除的secret名稱；
your-region改成要立刻刪除secret所在的region。

設定recovery window

或一開始設定resouce aws_secretsmanager_secret的屬性recovery_window_in_days可設定recovery window的天數，也就是要等多少天後secret才會真正被刪除，若未設定預設為30天，若要立即刪除則可設為0。

resource "aws_secretsmanager_secret" "mysecret" {
    name                    = "mysecert"
    recovery_window_in_days = 0
}

• How can I immediately delete a Secrets Manager secret so that I can create a new secret with the same name?
• DeleteSecret RecoveryWindowInDays
• AWS Secrets Manager 建立secret
• Terraform 設定Secrets Manager secret範例