https://github.com/terraform-ibm-modules/terraform-ibm-kms-key-ring
Module to create Key Rings in a KMS instance
https://github.com/terraform-ibm-modules/terraform-ibm-kms-key-ring
core-team graduated hpcs ibm-cloud key-protect key-ring kms supported terraform terraform-module
Last synced: 6 months ago
JSON representation
Module to create Key Rings in a KMS instance
- Host: GitHub
- URL: https://github.com/terraform-ibm-modules/terraform-ibm-kms-key-ring
- Owner: terraform-ibm-modules
- License: apache-2.0
- Created: 2022-11-08T10:09:47.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2024-10-21T21:14:35.000Z (7 months ago)
- Last Synced: 2024-10-22T05:26:33.951Z (7 months ago)
- Topics: core-team, graduated, hpcs, ibm-cloud, key-protect, key-ring, kms, supported, terraform, terraform-module
- Language: Go
- Size: 775 KB
- Stars: 0
- Watchers: 17
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
README
# KMS key ring module
[-brightgreen)](https://terraform-ibm-modules.github.io/documentation/#/badge-status)
[](https://github.com/semantic-release/semantic-release)
[](https://github.com/pre-commit/pre-commit)
[](https://github.com/terraform-ibm-modules/terraform-ibm-kms-key-ring/releases/latest)
[](https://renovatebot.com/)
This module creates a key ring to help organize keys in a KMS instance. KMS can be Key Protect or Hyper Protect Crypto Services(HPCS) instance.
For more information, about key management rings, see [creating key rings in Key Protect](https://cloud.ibm.com/docs/key-protect?topic=key-protect-grouping-keys#create-key-ring-api) and [managing key rings in HPCS](https://cloud.ibm.com/docs/hs-crypto?topic=hs-crypto-managing-key-rings&interface=ui).
## Usage
```hcl
provider "ibm" {
ibmcloud_api_key = "XXXXXXXXXX"
# Must be the same region the KMS instance is in
region = "us-south"
}
module "kms_key_ring" {
source = "terraform-ibm-modules/kms-key-ring/ibm"
version = "latest" # Replace "latest" with a release version to lock into a specific release
instance_id = "XXxxXXxx-xxxx-XXXX-xxxx-XXxxXXxx"
key_ring_id = "my-key-ring"
}
```
## Required IAM access policies
You need the following permissions to run this module.
- Account Management
- **Resource Group** service
- `Viewer` platform access
- IAM Services
- **KMS** service
- `Viewer` platform access
- `Manager` service access
## Examples
- [ Basic example](examples/basic)
- [ Complete example](examples/complete)
### Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0.0 |
| [ibm](#requirement\_ibm) | >= 1.69.0, < 2.0.0 |
### Modules
No modules.
### Resources
| Name | Type |
|------|------|
| [ibm_kms_key_rings.key_ring](https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/kms_key_rings) | resource |
### Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [endpoint\_type](#input\_endpoint\_type) | The type of endpoint to be used for creating keys. Accepts 'public' or 'private' | `string` | `"public"` | no |
| [instance\_id](#input\_instance\_id) | The KMS instance GUID | `string` | n/a | yes |
| [key\_ring\_id](#input\_key\_ring\_id) | The ID that identifies the Key Ring. Each ID is unique within the given KMS instance but is not reserved across the KMS service | `string` | n/a | yes |
### Outputs
| Name | Description |
|------|-------------|
| [key\_ring\_id](#output\_key\_ring\_id) | ID of the Key Ring |
## Contributing
You can report issues and request features for this module in GitHub issues in the module repo. See [Report an issue or request a feature](https://github.com/terraform-ibm-modules/.github/blob/main/.github/SUPPORT.md).
To set up your local development environment, see [Local development setup](https://terraform-ibm-modules.github.io/documentation/#/local-dev-setup) in the project documentation.