| Name | Version |
|---|---|
| terraform | >= 1.3.2 |
| aws | ~> 5.0 |
| Name | Version |
|---|---|
| aws | ~> 5.0 |
No modules.
| Name | Type |
|---|---|
| aws_kms_alias.alias | resource |
| aws_kms_key.kms_key | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| alias_name | The display name of the alias. Dont pass alias/ | string |
null |
no |
| alias_use_name_prefix | Creates an unique alias beginning with the specified prefix. Dont pass alias/ | string |
null |
no |
| custom_key_store_id | where the key will be stored instead of KMS | string |
null |
no |
| customer_master_key_spec | Specifies whether the key contains a symmetric key SYMMETRIC_DEFAULT, RSA_2048, RSA_3072, RSA_4096, HMAC_256, ECC_NIST_P256, ECC_NIST_P384, ECC_NIST_P521, or ECC_SECG_P256K1. Defaults to SYMMETRIC_DEFAULT |
string |
null |
no |
| deletion_window_in_days | The waiting period, specified in number of days. After the waiting period ends | number |
null |
no |
| description | Description for KMS key | string |
null |
no |
| enable_key_rotation | Specifies whether key rotation is enabled. | bool |
true |
no |
| is_kms_enabled | Specifies whether the key is enabled | bool |
true |
no |
| kms_key_usage | Specifies the intended use of the key.Valid values: ENCRYPT_DECRYPT, SIGN_VERIFY, or GENERATE_VERIFY_MAC and Defaults to ENCRYPT_DECRYPT |
string |
null |
no |
| multi_region | Indicates whether the KMS key is a multi-Region (true) or regional | bool |
false |
no |
| required_tags | tags to add to all resources | map(string) |
{} |
no |
| Name | Description |
|---|---|
| kms_arn | KMS arn value |
| kms_key_id | KMS Key id |