generated from terraform-ibm-modules/terraform-ibm-module-template
-
Notifications
You must be signed in to change notification settings - Fork 2
/
main.tf
35 lines (32 loc) · 1.03 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
##############################################################################
# KMS Key module
##############################################################################
resource "ibm_kms_key" "key" {
instance_id = var.kms_instance_id
key_name = var.key_name
key_ring_id = var.kms_key_ring_id
standard_key = var.standard_key
endpoint_type = var.endpoint_type
force_delete = var.force_delete
}
resource "ibm_kms_key_policies" "root_key_policy" {
count = var.standard_key ? 0 : 1
endpoint_type = var.endpoint_type
instance_id = var.kms_instance_id
key_id = ibm_kms_key.key.key_id
rotation {
interval_month = var.rotation_interval_month
}
dual_auth_delete {
enabled = var.dual_auth_delete_enabled
}
}
resource "ibm_kms_key_policies" "standard_key_policy" {
count = var.standard_key ? 1 : 0
endpoint_type = var.endpoint_type
instance_id = var.kms_instance_id
key_id = ibm_kms_key.key.key_id
dual_auth_delete {
enabled = var.dual_auth_delete_enabled
}
}