From 8383c08a25aa5ce87627ae99760088a979b75b59 Mon Sep 17 00:00:00 2001
From: Allen Chiang <allenjianggo@gmail.com>
Date: Wed, 18 Sep 2024 17:20:41 +0800
Subject: [PATCH] feature: add terraform note

---
 terraform/02-time-rotating.md | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 terraform/02-time-rotating.md

diff --git a/terraform/02-time-rotating.md b/terraform/02-time-rotating.md
new file mode 100644
index 0000000..7957298
--- /dev/null
+++ b/terraform/02-time-rotating.md
@@ -0,0 +1,21 @@
+# Time Rotating
+
+Terraform 中有提供一個叫做 `time_rotating` 的資源，讓你可以超過一定時間後，重新部署資源。
+
+```hcl
+resource "time_rotating" "rotate_every_fifteen_seconds" {
+  rotation_days = 15
+}
+```
+
+假設你想要讓 IAM Access Key 超過 15 天後就重新建立，就可以在 `lifecycle` 設定超過天數就重新建立。
+
+```hcl
+resource "aws_iam_access_key" "example" {
+  user = aws_iam_user.example.name
+
+  lifecycle {
+    replace_triggered_by = [time_rotating.rotate_every_fifteen_seconds.rotation_rfc3339]
+  }
+}
+```