Inputs

Configuration parameters for the kms-key module (v0.1.0).

Required

alias Required
string

Alias for the KMS key. Must start with 'alias/' (e.g., alias/my-app-encryption).

Optional

description
string

Description of the KMS key. Include purpose and which services or applications use it.

enable_key_rotation
bool Default: true

Whether to enable automatic key rotation. AWS rotates the key material annually when enabled.

deletion_window_in_days
number Default: 30

Duration in days before the key is deleted. Minimum 7, maximum 30.

tags
map(string)

Tags to apply to all resources

publish_ssm_parameters
bool Default: true

Publish KMS key metadata to SSM Parameter Store for discovery by other modules