| 1234567891011121314151617181920212223 |
- module "ebs_root_encrypt_decrypt" {
- source = "../../submodules/kms/ebs-key"
- name = "ebs_root_encrypt_decrypt"
- alias = "alias/ebs_root_encrypt_decrypt"
- description = "Default key for encrypting and decryption EBS volumes."
- tags = merge(var.standard_tags, var.tags)
- key_admin_arns = [ ]
- key_user_arns = [ ]
- key_attacher_arns = [ ]
- standard_tags = var.standard_tags
- aws_account_id = var.aws_account_id
- aws_partition = var.aws_partition
- }
- # Note: The following wasn't configured in tf11
- resource "aws_ebs_default_kms_key" "ebs_root_encrypt_decrypt" {
- key_arn = module.ebs_root_encrypt_decrypt.key_arn
- }
- resource "aws_ebs_encryption_by_default" "encryptbydefault" {
- enabled = true
- }
|
