Skip to content

KMS Module

Source: tofu/modules/kms

Creates a KMS Customer Managed Key with automatic annual rotation.

Inputs

Variable Type Description
name string Key alias name
tags map(string) Resource tags

Outputs

Output Description
key_id KMS key ID
key_arn KMS key ARN

Keys in Use

Alias Purpose
prod-nhc-kms-ebs EBS volume encryption
prod-nhc-kms-rds RDS + ElastiCache encryption
prod-nhc-kms-s3 S3 bucket encryption
prod-nhc-dr-backup DR vault (us-west-2)