| Name | Version |
|---|---|
| terraform | >= 1.9 |
| aws | >= 5.60 |
| Name | Version |
|---|---|
| aws | >= 5.60 |
No modules.
| Name | Type |
|---|---|
| aws_kms_alias.symmetric_key_alias | resource |
| aws_kms_key.symmetric_key | resource |
| aws_kms_key_policy.symmetric_key_policy | resource |
| aws_caller_identity.current | data source |
| aws_iam_policy_document.base_key_policy_document | data source |
| aws_iam_policy_document.kms_policy_document | data source |
| aws_iam_policy_document.org_key_use_policy_document | data source |
| aws_iam_policy_document.ou_key_use_policy_document | data source |
| aws_organizations_organization.flagscript_org | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| allow_organization_access | Allow key use to the organizaiton. | bool |
false |
no |
| deletion_window_in_days | The waiting period, specified in number of days. Defaults to 7. | number |
7 |
no |
| enable_key_rotation | Specifies whether key rotation is enabled. Defaults to false. | bool |
false |
no |
| is_multiregion | Indicates whether the KMS key is a multi-Region key. Defaults to false. | bool |
false |
no |
| key_description | Description of the kms key. | string |
"Flagscript kms key." |
no |
| key_name | Friendly name for the key. Also used for the alias. | string |
n/a | yes |
| principal_org_paths | Ou paths to allow key use to. | list(string) |
[] |
no |
| Name | Description |
|---|---|
| alias | Alias of the kms key. |
| arn | The Amazon Resource Name (ARN) of the key. |
| id | The globally unique identifier for the key |
| key_account_id | Account id of the kms key. |