diff --git a/website/source/docs/providers/aws/r/kms_alias.html.markdown b/website/source/docs/providers/aws/r/kms_alias.html.markdown new file mode 100644 index 000000000..9efe4377c --- /dev/null +++ b/website/source/docs/providers/aws/r/kms_alias.html.markdown @@ -0,0 +1,38 @@ +--- +layout: "aws" +page_title: "AWS: aws_kms_alias" +sidebar_current: "docs-aws-resource-kms-alias" +description: |- + Provides a display name for a customer master key. +--- + +# aws\_kms\_alias + +Provides an alias for a KMS customer master key. AWS Console enforces 1-to-1 mapping between aliases & keys, +but API (hence Terraform too) allows you to create as many aliases as +the [account limits](http://docs.aws.amazon.com/kms/latest/developerguide/limits.html) allow you. + +## Example Usage + +``` +resource "aws_kms_key" "a" { +} + +resource "aws_kms_alias" "a" { + name = "alias/my-key-alias" + target_key_id = "${aws_kms_key.a.key_id}" +} +``` + +## Argument Reference + +The following arguments are supported: + +* `name` - (Required) The display name of the alias. The name must start with the word "alias" followed by a forward slash (alias/) +* `target_key_id` - (Required) Identifier for the key for which the alias is for, can be either an ARN or key_id. + +## Attributes Reference + +The following attributes are exported: + +* `arn` - The Amazon Resource Name (ARN) of the key alias. diff --git a/website/source/docs/providers/aws/r/kms_key.html.markdown b/website/source/docs/providers/aws/r/kms_key.html.markdown new file mode 100644 index 000000000..9e6954bd8 --- /dev/null +++ b/website/source/docs/providers/aws/r/kms_key.html.markdown @@ -0,0 +1,36 @@ +--- +layout: "aws" +page_title: "AWS: aws_kms_key" +sidebar_current: "docs-aws-resource-kms-key" +description: |- + Provides a KMS customer master key. +--- + +# aws\_kms\_key + +Provides a KMS customer master key. + +## Example Usage + +``` +resource "aws_kms_key" "a" { + description = "KMS key 1" + deletion_window = 10 +} +``` + +## Argument Reference + +The following arguments are supported: + +* `description` - (Optional) The description of the key as viewed in AWS console. +* `key_usage` - (Optional) Specifies the intended use of the key. Currently this defaults to ENCRYPT/DECRYPT, and only symmetric encryption and decryption are supported. +* `policy` - (Optional) A valid policy JSON document. +* `deletion_window` - (Optional) Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. + +## Attributes Reference + +The following attributes are exported: + +* `arn` - The Amazon Resource Name (ARN) of the key. +* `key_id` - The globally unique identifier for the key. diff --git a/website/source/layouts/aws.erb b/website/source/layouts/aws.erb index 32d577ceb..260e242f6 100644 --- a/website/source/layouts/aws.erb +++ b/website/source/layouts/aws.erb @@ -405,6 +405,20 @@ + > + KMS Resources + + + > Lambda Resources