mirror of
https://github.com/inspec/inspec
synced 2024-12-19 09:33:20 +00:00
603bef6f29
* Initial commit of skeletal resource aws_kms_key * * Adds comments to rerun travis * * Clarifies some parts of the doc. * Changes matcher have_aws_key_manager to manged_by_aws * Fixes copypasta * Adds clarification to property names * Fixes rescueing exceptions from the api * raises exceptions in the unit tests Signed-off-by: Matthew Dromazos <dromazmj@dukes.jmu.edu>
43 lines
1.1 KiB
HCL
43 lines
1.1 KiB
HCL
#===========================================================================#
|
|
# KMS Key
|
|
#===========================================================================#
|
|
|
|
resource "aws_kms_key" "kms_key_1" {
|
|
description = "${terraform.env}-kms_key_1"
|
|
deletion_window_in_days = 10
|
|
key_usage = "ENCRYPT_DECRYPT"
|
|
is_enabled = true
|
|
enable_key_rotation = true
|
|
}
|
|
|
|
resource "aws_kms_key" "kms_key_2" {
|
|
description = "${terraform.env}-kms_key_2"
|
|
deletion_window_in_days = 10
|
|
key_usage = "ENCRYPT_DECRYPT"
|
|
is_enabled = false
|
|
enable_key_rotation = false
|
|
}
|
|
|
|
output "kms_key_recall_hit_arn" {
|
|
value = "${aws_kms_key.kms_key_1.arn}"
|
|
}
|
|
|
|
output "kms_key_enabled_key_id" {
|
|
value = "${aws_kms_key.kms_key_1.key_id}"
|
|
}
|
|
|
|
output "kms_key_disabled_key_id" {
|
|
value = "${aws_kms_key.kms_key_2.key_id}"
|
|
}
|
|
|
|
output "kms_key_enabled_key_description" {
|
|
value = "${terraform.env}-kms_key_1"
|
|
}
|
|
|
|
output "kms_key_enabled_arn" {
|
|
value = "${aws_kms_key.kms_key_1.arn}"
|
|
}
|
|
|
|
output "kms_key_disabled_arn" {
|
|
value = "${aws_kms_key.kms_key_2.arn}"
|
|
}
|