Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/terraform-ibm-modules/terraform-ibm-kms-key-ring

Module to create Key Rings in a KMS instance
https://github.com/terraform-ibm-modules/terraform-ibm-kms-key-ring

core-team graduated hpcs ibm-cloud key-protect key-ring kms supported terraform terraform-module

Last synced: 1 day ago
JSON representation

Module to create Key Rings in a KMS instance

Host: GitHub
URL: https://github.com/terraform-ibm-modules/terraform-ibm-kms-key-ring
Owner: terraform-ibm-modules
License: apache-2.0
Created: 2022-11-08T10:09:47.000Z (almost 2 years ago)
Default Branch: main
Last Pushed: 2024-09-15T03:05:33.000Z (17 days ago)
Last Synced: 2024-09-15T17:00:37.887Z (17 days ago)
Topics: core-team, graduated, hpcs, ibm-cloud, key-protect, key-ring, kms, supported, terraform, terraform-module
Language: Go
Size: 761 KB
Stars: 0
Watchers: 18
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS

Awesome Lists containing this project

README

        # KMS key ring module

[![Graduated (Supported)](https://img.shields.io/badge/Status-Graduated%20(Supported)-brightgreen)](https://terraform-ibm-modules.github.io/documentation/#/badge-status)

[![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)

[![pre-commit](https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white)](https://github.com/pre-commit/pre-commit)

[![latest release](https://img.shields.io/github/v/release/terraform-ibm-modules/terraform-ibm-kms-key-ring?logo=GitHub&sort=semver)](https://github.com/terraform-ibm-modules/terraform-ibm-kms-key-ring/releases/latest)

[![Renovate enabled](https://img.shields.io/badge/renovate-enabled-brightgreen.svg)](https://renovatebot.com/)

This module creates a key ring to help organize keys in a KMS instance. KMS can be Key Protect or Hyper Protect Crypto Services(HPCS) instance.

For more information, about key management rings, see [creating key rings in Key Protect](https://cloud.ibm.com/docs/key-protect?topic=key-protect-grouping-keys#create-key-ring-api) and [managing key rings in HPCS](https://cloud.ibm.com/docs/hs-crypto?topic=hs-crypto-managing-key-rings&interface=ui).

## Usage

```hcl

provider "ibm" {

  ibmcloud_api_key = "XXXXXXXXXX"

  # Must be the same region the KMS instance is in

  region           = "us-south"

}

module "kms_key_ring" {

  source  = "terraform-ibm-modules/kms-key-ring/ibm"

  version = "latest" # Replace "latest" with a release version to lock into a specific release

  instance_id   = "XXxxXXxx-xxxx-XXXX-xxxx-XXxxXXxx"

  key_ring_id   = "my-key-ring"

}

```

## Required IAM access policies

You need the following permissions to run this module.

- Account Management

    - **Resource Group** service

        - `Viewer` platform access

- IAM Services

    - **KMS** service

        - `Viewer` platform access

        - `Manager` service access

## Examples

- [ Basic example](examples/basic)

- [ Complete example](examples/complete)

### Requirements

| Name | Version |

|------|---------|

|  [terraform](#requirement\_terraform) | >= 1.0.0 |

|  [ibm](#requirement\_ibm) | >= 1.58.0, < 2.0.0 |

### Modules

No modules.

### Resources

| Name | Type |

|------|------|

| [ibm_kms_key_rings.key_ring](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/kms_key_rings) | resource |

### Inputs

| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [endpoint\_type](#input\_endpoint\_type) | The type of endpoint to be used for creating keys. Accepts 'public' or 'private' | `string` | `"public"` | no |

|  [force\_delete](#input\_force\_delete) | Set to `true` if you wish to force delete the kms key rings, else `false`. | `bool` | `false` | no |

|  [instance\_id](#input\_instance\_id) | The KMS instance GUID | `string` | n/a | yes |

|  [key\_ring\_id](#input\_key\_ring\_id) | The ID that identifies the Key Ring. Each ID is unique within the given KMS instance but is not reserved across the KMS service | `string` | n/a | yes |

### Outputs

| Name | Description |

|------|-------------|

|  [key\_ring\_id](#output\_key\_ring\_id) | ID of the Key Ring |

## Contributing

You can report issues and request features for this module in GitHub issues in the module repo. See [Report an issue or request a feature](https://github.com/terraform-ibm-modules/.github/blob/main/.github/SUPPORT.md).

To set up your local development environment, see [Local development setup](https://terraform-ibm-modules.github.io/documentation/#/local-dev-setup) in the project documentation.