https://github.com/dod-iac/terraform-aws-ebs-kms-key
A KMS Key for use with EBS
https://github.com/dod-iac/terraform-aws-ebs-kms-key
aws ebs kms terraform terraform-modules
Last synced: 5 months ago
JSON representation
A KMS Key for use with EBS
- Host: GitHub
- URL: https://github.com/dod-iac/terraform-aws-ebs-kms-key
- Owner: dod-iac
- License: mit
- Created: 2021-02-03T21:05:34.000Z (over 5 years ago)
- Default Branch: main
- Last Pushed: 2022-09-13T23:57:29.000Z (over 3 years ago)
- Last Synced: 2025-01-21T08:44:53.542Z (over 1 year ago)
- Topics: aws, ebs, kms, terraform, terraform-modules
- Language: HCL
- Homepage: https://registry.terraform.io/modules/dod-iac/ebs-kms-key/aws
- Size: 11.7 KB
- Stars: 1
- Watchers: 5
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
## Usage
Creates a KMS Key for use with AWS EBS.
```hcl
module "ebs_kms_key" {
source = "dod-iac/ebs-kms-key/aws"
name = format("alias/app-%s-ebs-%s", var.application, var.environment)
description = format("A KMS key used to encrypt EBS volumes for %s:%s.", var.application, var.environment)
tags = {
Application = var.application
Environment = var.environment
Automation = "Terraform"
}
}
```
## Terraform Version
Terraform 0.13. Pin module version to ~> 1.0.0 . Submit pull-requests to main branch.
Terraform 0.11 and 0.12 are not supported.
## License
This project constitutes a work of the United States Government and is not subject to domestic copyright protection under 17 USC § 105. However, because the project utilizes code licensed from contributors and other third parties, it therefore is licensed under the MIT License. See LICENSE file for more information.
## Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 0.13 |
| [aws](#requirement\_aws) | >= 3.0, < 5.0 |
## Providers
| Name | Version |
|------|---------|
| [aws](#provider\_aws) | >= 3.0, < 5.0 |
## Modules
No modules.
## Resources
| Name | Type |
|------|------|
| [aws_kms_alias.ebs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_alias) | resource |
| [aws_kms_key.ebs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key) | resource |
| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
| [aws_iam_policy_document.ebs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |
| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [description](#input\_description) | n/a | `string` | `"A KMS key used to encrypt EBS volumes."` | no |
| [key\_deletion\_window\_in\_days](#input\_key\_deletion\_window\_in\_days) | Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. | `string` | `30` | no |
| [name](#input\_name) | The display name of the alias. The name must start with the word "alias" followed by a forward slash (alias/). | `string` | n/a | yes |
| [tags](#input\_tags) | Tags applied to the KMS key. | `map(string)` | `{}` | no |
## Outputs
| Name | Description |
|------|-------------|
| [aws\_kms\_alias\_arn](#output\_aws\_kms\_alias\_arn) | The Amazon Resource Name (ARN) of the key alias. |
| [aws\_kms\_alias\_name](#output\_aws\_kms\_alias\_name) | The display name of the alias. |
| [aws\_kms\_key\_arn](#output\_aws\_kms\_key\_arn) | The Amazon Resource Name (ARN) of the key. |