Skip to content

Commit

Permalink
fix(DMVP-2690): Added kms key support
Browse files Browse the repository at this point in the history
  • Loading branch information
Julieta Aghamyan committed Sep 18, 2023
1 parent 65c08fc commit ac4f7ad
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 0 deletions.
1 change: 1 addition & 0 deletions modules/secret/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@ No modules.

| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| <a name="input_kms_key_id"></a> [kms\_key\_id](#input\_kms\_key\_id) | ARN or Id of the AWS KMS key to be used to encrypt the secret values in the versions stored in this secret. | `any` | `null` | no |
| <a name="input_name"></a> [name](#input\_name) | Secret name | `string` | n/a | yes |
| <a name="input_recovery_window_in_days"></a> [recovery\_window\_in\_days](#input\_recovery\_window\_in\_days) | (Optional) Number of days that AWS Secrets Manager waits before it can delete the secret. This value can be 0 to force deletion without recovery or range from 7 to 30 days. The default value is 30 | `number` | `30` | no |
| <a name="input_value"></a> [value](#input\_value) | Secret value | `any` | `null` | no |
Expand Down
1 change: 1 addition & 0 deletions modules/secret/secret.tf
Original file line number Diff line number Diff line change
Expand Up @@ -8,4 +8,5 @@ resource "aws_secretsmanager_secret_version" "value" {

secret_id = aws_secretsmanager_secret.secret.id
secret_string = jsonencode(var.value)
kms_key_id = var.kms_key_id
}
7 changes: 7 additions & 0 deletions modules/secret/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,13 @@ variable "value" {
description = "Secret value"
}

variable "kms_key_id" {
type = any
default = null
description = "ARN or Id of the AWS KMS key to be used to encrypt the secret values in the versions stored in this secret."
}


variable "recovery_window_in_days" {
type = number
default = 30
Expand Down

0 comments on commit ac4f7ad

Please sign in to comment.