aws::kms-key

Example

aws::kms-key kms-example
    aliases: ["alias/kmsExample", "alias/kmsSecondExample"]
    bypass-policy-lockout-safety-check: "false"
    description: "sample kms key"
    enabled: "true"
    key-manager: "CUSTOMER"
    key-rotation: "false"
    key-usage: "ENCRYPT_DECRYPT"
    origin: "AWS_KMS"
    pending-window: "7"
    policy: "gyro-providers/gyro-aws-provider/examples/kms/kms-policy.json"
    tags: {
        Name: "kms-example"
    }
end

Attributes

Attribute Description
aliases set The set of aliases associated with the key. (Required)
bypass-policy-lockout-safety-check Determines whether to bypass the key policy lockout safety check. Defaults to false.
description The description of the key.
enabled Determines whether the key is enabled. Defaults to enabled.
key-rotation Determines whether the backing key is rotated each year. Defaults to false.
key-usage The usage of the key. The only Defaults to ENCRYPT_DECRYPT. (Required)
origin The source of the key material. Defaults to AWS_KMS.
pending-window The number of days until the key will be deleted. Defaults to 30.
policy The path to the policy associated with the key.
tags map The tags associated with the key.

Outputs

Attribute Description
arn The arn for this key.
id The id for this key.
key-manager The manager of the key, either AWS or customer.
key-state The current state of the key.