UDS module for creating KMS keys.
cd test
go test -count 1 -v .
| Name | Version |
|---|---|
| terraform | >= 1.0.0 |
| aws | >= 4.62.0 |
| random | >= 3.1.0 |
| Name | Version |
|---|---|
| aws | 5.63.1 |
| Name | Source | Version |
|---|---|---|
| kms | terraform-aws-modules/kms/aws | 3.1.0 |
| Name | Type |
|---|---|
| aws_kms_alias.default | resource |
| aws_caller_identity.current | data source |
| aws_iam_policy_document.kms_access | data source |
| aws_partition.current | data source |
| aws_region.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| key_owners | A list of IAM ARNs for those who will have full key permissions (kms:*) |
list(string) |
[] |
no |
| kms_external_key | Whether to create an external key for importing key material | bool |
false |
no |
| kms_key_alias_name_prefix | Prefix for KMS key alias. | string |
n/a | yes |
| kms_key_deletion_window | Waiting period for scheduled KMS Key deletion. Can be 7-30 days. | number |
7 |
no |
| kms_key_description | Description for the KMS key. | string |
"" |
no |
| kms_key_policy_default_identities | A list of IAM ARNs for those who will have full key permissions (kms:*) |
list(string) |
[] |
no |
| kms_key_policy_default_services | A list of services that will have full key permissions (kms:*) |
list(string) |
[] |
no |
| kms_key_spec | The key material specification (i.e. SYMMETRIC_DEFAULT) | string |
"SYMMETRIC_DEFAULT" |
no |
| kms_key_usage | What the key is intended to be used for (ENCRYPT_DECRYPT or SIGN_VERIFY) | string |
"ENCRYPT_DECRYPT" |
no |
| tags | A map of tags to add to all resources. | map(string) |
{} |
no |
| Name | Description |
|---|---|
| alias | n/a |
| kms_key_alias | n/a |
| kms_key_arn | n/a |