You must be logged in to view saved presets
Symmetric Encryption KMS Key with Standalone Policy Resource
Defines a symmetric encryption KMS key and separates the key policy into a standalone resource.
Terraform Template
data "aws_caller_identity" "current" {
}
resource "aws_kms_key" "example" {
deletion_window_in_days = 20
description = "An example symmetric encryption KMS key"
enable_key_rotation = true
}
resource "aws_kms_key_policy" "example" {
key_id = aws_kms_key.example.id
policy = jsonencode({
Version = "2012-10-17"
Id = "key-default-1"
Statement = [
{
Sid = "Enable IAM User Permissions"
Effect = "Allow"
Principal = {
AWS = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:root"
},
Action = "kms:*"
Resource = "*"
}
]
})
}
© 2024 asecurecloud. All rights reserved.