kms_key_id | Patterned Designs Documentation

Type string

Default null

Module secrets-manager

KMS key ID for encryption. If not specified, AWS uses the default service key.

KMS Encryption

By default, Secrets Manager uses an AWS-managed key. Specify a custom KMS key for:

Cross-account access
Compliance requirements
Audit trails

Best Practices

Use customer-managed keys for sensitive secrets
Reference from KMS module output

Full Module Example

module "secrets_manager" {
  source  = "registry.patterneddesigns.ca/patterneddesigns/secrets-manager/aws"
  version = "0.1.0"

  # kms_key_id
  kms_key_id = "..."

  # Other required inputs
  name = "..."
}