AWS KMS
AWS Key Management Service (AWS KMS) lets you create, manage, and control cryptographic keys across your applications and AWS services.
Requirements
Name |
Version |
|---|---|
>= 1.0 |
|
>= 5.61 |
Providers
Name |
Version |
|---|---|
>= 5.61 |
Modules
No modules.
Resources
Name |
Type |
|---|---|
resource |
|
resource |
|
data source |
|
data source |
|
data source |
|
data source |
Inputs
Name |
Description |
Type |
Default |
Required |
|---|---|---|---|---|
A flag to indicate whether to bypass the key policy lockout safety check. Setting this value to true increases the risk that the KMS key becomes unmanageable |
|
|
no |
|
Determines whether resources will be created (affects all resources) |
|
|
no |
|
Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports. Valid values: |
|
|
no |
|
The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key. If you specify a value, it must be between |
|
|
no |
|
The description of the key as viewed in AWS console |
|
|
no |
|
Specifies whether to enable the default key policy. Defaults to |
|
|
no |
|
Specifies whether key rotation is enabled. Defaults to |
|
|
no |
|
Determines whether the KMS policy used for Route53 DNSSEC signing is enabled |
|
|
no |
|
Specifies whether the key is enabled. Defaults to |
|
|
no |
|
A list of IAM ARNs for key administrators |
|
|
no |
|
A list of IAM ARNs for key asymmetric public encryption users |
|
|
no |
|
A list of IAM ARNs for key asymmetric sign and verify users |
|
|
no |
|
A list of IAM ARNs for key HMAC users |
|
|
no |
|
A list of IAM ARNs for those who will have full key permissions ( |
|
|
no |
|
A list of IAM ARNs for AWSServiceRoleForAutoScaling roles |
|
|
no |
|
A list of IAM ARNs for key service users |
|
|
no |
|
A map of IAM policy statements for custom permission usage |
|
|
no |
|
A list of IAM ARNs for key symmetric encryption users |
|
|
no |
|
Specifies the intended use of the key. Valid values: |
|
|
no |
|
A list of IAM ARNs for key users |
|
|
no |
|
Indicates whether the KMS key is a multi-Region ( |
|
|
no |
|
AWS Key Management Service parameters |
|
|
no |
|
List of IAM policy documents that are merged together into the exported document. In merging, statements with non-blank |
|
|
no |
|
A valid policy JSON document. Although this is a key policy, not an IAM policy, an |
|
|
no |
|
A list of maps containing |
|
|
no |
|
List of IAM policy documents that are merged together into the exported document. Statements must have unique |
|
|
no |
|
A map of tags to add to all resources |
|
|
no |
Outputs
Name |
Description |
|---|---|
The Amazon Resource Name (ARN) of the key |
|
The globally unique identifier for the key |
|
Alias KMS |