| Name | Version |
|---|---|
| terraform | ~> 1.0 |
| aws | ~> 5.0 |
| Name | Version |
|---|---|
| aws | 5.100.0 |
No modules.
| Name | Type |
|---|---|
| aws_kms_key.this | resource |
| aws_iam_policy_document.kms_policy | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| description | A description of the KMS key. | string |
"Managed by Terraform" |
no |
| key_usage | The intended use of the KMS key. Valid values are 'ENCRYPT_DECRYPT' and 'SIGN_VERIFY'. | string |
"ENCRYPT_DECRYPT" |
no |
| policy | A JSON-formatted string that represents the key policy to attach to the KMS key. | map(object({ |
null |
no |
| deletion_window_in_days | The waiting period, specified in number of days, before the KMS key is deleted after destruction is requested. | number |
30 |
no |
| is_enabled | Specifies whether the KMS key is enabled. | bool |
true |
no |
| enable_key_rotation | Specifies whether key rotation is enabled for the KMS key. | bool |
false |
no |
| rotation_period_in_days | The number of days in the rotation period for the KMS key. Only applicable if enable_key_rotation is true. | number |
365 |
no |
| multi_region | Specifies whether the KMS key is a multi-region key. | bool |
false |
no |
| tags | A map of tags to assign to the KMS key. | map(string) |
{} |
no |
| Name | Description |
|---|---|
| key_id | The ID of the KMS key. |
| arn | The ARN of the KMS key. |
| tags_all | A map of tags assigned to the KMS key, including those inherited from the provider default_tags configuration block. |
