| 123456789101112131415161718192021222324252627 |
- data "aws_kms_key" "shared_ami_key" {
- key_id = "alias/shared_ami_key"
- provider = aws.common
- }
- resource "aws_iam_service_linked_role" "AWSServiceRoleForAutoScaling" {
- aws_service_name = "autoscaling.amazonaws.com"
- }
- resource "aws_kms_grant" "ASG_access_to_Shared_AMI" {
- name = "ASG_access_to_Shared_AMI"
- key_id = data.aws_kms_key.shared_ami_key.arn
- grantee_principal = aws_iam_service_linked_role.AWSServiceRoleForAutoScaling.arn
- operations = [
- "Decrypt",
- "Encrypt",
- "GenerateDataKey",
- "GenerateDataKeyWithoutPlaintext",
- "ReEncryptFrom",
- "ReEncryptTo",
- "CreateGrant",
- "RetireGrant",
- "DescribeKey",
- ]
- depends_on = [ aws_iam_service_linked_role.AWSServiceRoleForAutoScaling ]
- }
|
