From 4629c8de04da4ced5dfb7fd7b44b8219fcd45e34 Mon Sep 17 00:00:00 2001 From: yadavprakash Date: Fri, 21 May 2021 15:22:18 +0530 Subject: [PATCH] encrypted true --- _example/basic_example/example.tf | 31 +++++++++++++++++++ .../.terraform.tfstate.lock.info | 1 + 2 files changed, 32 insertions(+) create mode 100644 _example/secure_example/.terraform.tfstate.lock.info diff --git a/_example/basic_example/example.tf b/_example/basic_example/example.tf index 91d179a..ab21730 100644 --- a/_example/basic_example/example.tf +++ b/_example/basic_example/example.tf @@ -71,6 +71,36 @@ module "iam-role" { policy = data.aws_iam_policy_document.iam-policy.json } +module "kms_key" { + source = "clouddrove/kms/aws" + version = "0.14.0" + name = "kms" + environment = "test" + label_order = ["environment", "name"] + enabled = true + description = "KMS key for ec2" + deletion_window_in_days = 7 + enable_key_rotation = true + alias = "alias/ec2" + policy = data.aws_iam_policy_document.kms.json +} + + +data "aws_iam_policy_document" "kms" { + version = "2012-10-17" + statement { + sid = "Enable IAM User Permissions" + effect = "Allow" + principals { + type = "AWS" + identifiers = ["*"] + } + actions = ["kms:*"] + resources = ["*"] + } + +} + data "aws_iam_policy_document" "default" { statement { effect = "Allow" @@ -127,4 +157,5 @@ module "ec2" { instance_tags = { "snapshot" = true } dns_zone_id = "Z1XJD7SSBKXLC1" hostname = "ec2" + kms_key_id = module.kms_key.key_arn } \ No newline at end of file diff --git a/_example/secure_example/.terraform.tfstate.lock.info b/_example/secure_example/.terraform.tfstate.lock.info new file mode 100644 index 0000000..0513afa --- /dev/null +++ b/_example/secure_example/.terraform.tfstate.lock.info @@ -0,0 +1 @@ +{"ID":"10b22222-f684-fe9c-141c-5a5d2e87bc2e","Operation":"OperationTypePlan","Info":"","Who":"prakash@prakash","Version":"0.14.7","Created":"2021-05-21T09:51:33.101568919Z","Path":"terraform.tfstate"} \ No newline at end of file