aws::kms-key¶

Example¶

aws::kms-key kms-example
    aliases: ["alias/kmsExample", "alias/kmsSecondExample"]
    bypass-policy-lockout-safety-check: "false"
    description: "sample kms key"
    enabled: "true"
    key-manager: "CUSTOMER"
    key-rotation: "false"
    key-usage: "ENCRYPT_DECRYPT"
    origin: "AWS_KMS"
    pending-window: "7"
    policy: "gyro-providers/gyro-aws-provider/examples/kms/kms-policy.json"
    tags: {
        Name: "kms-example"
    }
end

Attributes¶

Attribute	Description
aliases set	The set of aliases associated with the key. (Required)
bypass-policy-lockout-safety-check	Determines whether to bypass the key policy lockout safety check. Defaults to false.
description	The description of the key.
enabled	Determines whether the key is enabled. Defaults to `enabled`.
key-rotation	Determines whether the backing key is rotated each year. Defaults to `false`.
key-usage	The usage of the key. Defaults to `ENCRYPT_DECRYPT`. (Required)
key-spec	The spec for the key. Valid values are `RSA_2048`, `RSA_3072`, `RSA_4096`, `ECC_NIST_P256`, `ECC_NIST_P384`, `ECC_NIST_P521`, `ECC_SECG_P256K1`, `SYMMETRIC_DEFAULT`, `HMAC_224`, `HMAC_256`, `HMAC_384`, `HMAC_512` or `SM2`.
origin	The source of the key material. Defaults to `AWS_KMS`.
pending-window	The number of days until the key will be deleted. Defaults to 30.
policy	The path to the policy associated with the key.
tags map	The tags associated with the key.

Outputs¶

Attribute	Description
arn	The arn for this key.
id	The id for this key.
key-manager	The manager of the key, either AWS or customer.
key-state	The current state of the key.