Inputs

The following input variables are supported:

admin_iam_arns

Description: List of IAM arns for key admins.

Type: list(string)

Default: []

description

Description: The description of the KMS key.

Type: string

Default: n/a

log_delivery_enabled

Description: Whether to allow the delivery.logs.amazonaws.com service to use the key

Type: bool

Default: false

name

Description: The name of the KMS key.

Type: string

Default: n/a

reader_iam_arns

Description: List of IAM arns for users who can use the key for encryption and decryption.

Type: list(string)

Default: []

replication_enabled

Description: Whether to replicate the key to another region

Type: bool

Default: true

restricted_reader_iam_arns

Description: List of IAM arns for users who can only view the key.

Type: list(string)

Default: []

superuser_iam_arns

Description: List of IAM arns for key superusers.

Type: list(string)

Default: []

Outputs

The following outputs are exported:

alias_arn

Description: n/a

arn

Description: The ARN of the KMS key

arn2

Description: The ARN of the backup key

id

Description: n/a

Providers

The following providers are needed by this module:

• aws (6.40.0)

• pf (0.0.7)