37 lines
1009 B
Markdown
37 lines
1009 B
Markdown
|
---
|
||
|
layout: "aws"
|
||
|
page_title: "AWS: aws_kms_key"
|
||
|
sidebar_current: "docs-aws-resource-kms-key"
|
||
|
description: |-
|
||
|
Provides a KMS customer master key.
|
||
|
---
|
||
|
|
||
|
# aws\_kms\_key
|
||
|
|
||
|
Provides a KMS customer master key.
|
||
|
|
||
|
## Example Usage
|
||
|
|
||
|
```
|
||
|
resource "aws_kms_key" "a" {
|
||
|
description = "KMS key 1"
|
||
|
deletion_window = 10
|
||
|
}
|
||
|
```
|
||
|
|
||
|
## Argument Reference
|
||
|
|
||
|
The following arguments are supported:
|
||
|
|
||
|
* `description` - (Optional) The description of the key as viewed in AWS console.
|
||
|
* `key_usage` - (Optional) Specifies the intended use of the key. Currently this defaults to ENCRYPT/DECRYPT, and only symmetric encryption and decryption are supported.
|
||
|
* `policy` - (Optional) A valid policy JSON document.
|
||
|
* `deletion_window` - (Optional) Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days.
|
||
|
|
||
|
## Attributes Reference
|
||
|
|
||
|
The following attributes are exported:
|
||
|
|
||
|
* `arn` - The Amazon Resource Name (ARN) of the key.
|
||
|
* `key_id` - The globally unique identifier for the key.
|