Patterned Designs HCL Module Registry
MODULE

kms-key

patterneddesigns/kms-key/aws
v0.1.0 latest View all versions

Terraform module for kms-key on aws

View Full Documentation Usage guides, examples & best practices
module "kms-key" {
  source  = "registry.patterneddesigns.ca/patterneddesigns/kms-key/aws"
  version = "0.1.0"
}
alias required
string

Alias for the KMS key. Must start with 'alias/' (e.g., alias/my-app-encryption).

Constraints
  • KMS key alias must start with 'alias/'.
description
string default: null

Description of the KMS key. Include purpose and which services or applications use it.

enable_key_rotation
bool default: true

Whether to enable automatic key rotation. AWS rotates the key material annually when enabled.

deletion_window_in_days
number default: 30

Duration in days before the key is deleted. Minimum 7, maximum 30.

Constraints
  • Deletion window must be between 7 and 30 days.
tags
map(string) default: null

Tags to apply to all resources

publish_ssm_parameters
bool default: true

Publish KMS key metadata to SSM Parameter Store for discovery by other modules

key_id

ID of the KMS key.

key_arn

ARN of the KMS key.

alias_arn

ARN of the KMS key alias.

alias_name

Name of the KMS key alias.

ssm_parameter_paths

SSM parameter paths where KMS key metadata is published

← Back to Home Machine-readable specification