Adds module for sharing amis. Plan to tag v0.2.2

base/kms/shared_ami_key/main.tf

@@ -0,0 +1,25 @@
+locals {
+  account_arns = [
+    for account in var.account_list:
+      "arn:${var.aws_partition}:iam::${account}:root"
+  ]
+}
+
+output other {
+  value = local.account_arns
+}
+
+module "shared_ami_key" {
+  source = "../../../submodules/kms/ebs-key"
+
+  name = "shared_ami_key"
+  alias = "alias/shared_ami_key"
+  description = "Key for encrypting the AMIs to be shared with other accounts."
+  tags = merge(var.standard_tags, var.tags)
+  key_admin_arns = [ ]
+  key_user_arns = local.account_arns
+  key_attacher_arns = local.account_arns
+  standard_tags = var.standard_tags
+  aws_account_id = var.aws_account_id
+  aws_partition = var.aws_partition
+}

base/kms/shared_ami_key/outputs.tf

@@ -0,0 +1,3 @@
+output key_arn { 
+  value = module.shared_ami_key.key_arn
+}

base/kms/shared_ami_key/vars.tf

@@ -0,0 +1,8 @@
+# variables from terragrunt.hcl
+variable tags { type = map }
+
+# inherited variables
+variable standard_tags { type = map }
+variable aws_account_id { type = string }
+variable aws_partition { type = string }
+variable account_list { type = list }