kms
clouddrove/kms/aws
This terraform module creates a KMS Customer Master Key (CMK) and its alias.
Terraform AWS KMS This terraform module creates a KMS Customer Master Key (CMK) and its alias. We eat, drink, sleep and most importantly love DevOps. We are working towards strategies for standardizing architecture while ensuring security for the infrastructure. We are strong believer of the philosophy Bigger problems are always solved by breaking them into smaller manageable problems . Resonating with microservices architecture, it is considered best-practice to run database, cluster, storage in smaller connected yet manageable pieces within the infrastructure. This module is basically combination of Terraform open source and includes automatation tests and examples. It also helps to create and improve your infrastructure with minimalistic code instead of maintaining the whole infrastruct
| Name | Type | Description | Default |
|---|---|---|---|
| label_order | list(any) | label order, e.g. `name`,`application`. | [
"name",
"environment"
] |
| is_enabled | bool | Specifies whether the key is enabled. | true |
| enabled | bool | Specifies whether the kms is enabled or disabled. | true |
| customer_master_key_spec | string | Specifies whether the key contains a symmetric key or an asymmetric key pair and | "SYMMETRIC_DEFAULT" |
| primary_external_key_arn | string | The primary external key arn of a multi-region replica external key | null |
| primary_key_arn | string | The primary key arn of a multi-region replica key | "" |
| policy | string | A valid policy JSON document. Although this is a key policy, not an IAM policy, | null |
| name | string | Name (e.g. `app` or `cluster`). | "" |
| create_replica_external_enabled | bool | Determines whether a replica external CMK will be created (externally provided m | false |
| kms_key_enabled | bool | Specifies whether the kms is enabled or disabled. | true |
| alias | string | The display name of the alias. The name must start with the word `alias` followe | "" |
| enable_key_rotation | string | Specifies whether key rotation is enabled. | true |
| valid_to | string | Time at which the imported key material expires. When the key material expires, | "" |
| key_material_base64 | string | Base64 encoded 256-bit symmetric encryption key material to import. The CMK is p | null |
| create_replica_enabled | bool | Determines whether a replica standard CMK will be created (AWS provided material | false |
| attributes | list(string) | Additional attributes (e.g. `1`). | [] |
| environment | string | Environment (e.g. `prod`, `dev`, `staging`). | "" |
| managedby | string | ManagedBy, eg 'CloudDrove'. | "[email protected]" |
| deletion_window_in_days | number | Duration in days after which the key is deleted after destruction of the resourc | 10 |
| key_usage | string | Specifies the intended use of the key. Defaults to ENCRYPT_DECRYPT, and only sym | "ENCRYPT_DECRYPT" |
alias_name — Alias name.tags — A mapping of tags to assign to the resource.target_key_id — Identifier for the key for which the alias is for, can be either an ARN or key_id.key_arn — Key ARN.key_id — Key ID.alias_arn — Alias ARN.Terraform module to deploy landing zone subscriptions (and much more) in Azure
Terraform Azure Verified Pattern Module for Azure Landing Zone
Terraform Azure Verified Resource Module for Key Vault
Terraform module for building and deploying Next.js apps to AWS. Supports SSR (L