A kms key can help user to protect data security in the transmission process.
Basic Usage
resource "alicloud_kms_key" "key" { description = "Hello KMS" deletion_window_in_days = "7" is_enabled = true }
The following arguments are supported:
description
- (Optional) The description of the key as viewed in Alicloud console. Default to "From Terraform". key_usage
- (Optional) Specifies the usage of CMK. Currently, default to 'ENCRYPT/DECRYPT', indicating that CMK is used for encryption and decryption. deletion_window_in_days
- (Optional) Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 30 days. is_enabled
- (Optional) Specifies whether the key is enabled. Defaults to true. NOTE: At present, the resource only supports to modify
is_enabled
.
NOTE: When the pre-deletion days elapses, the key is permanently deleted and cannot be recovered.
id
- The ID of the key. arn
- The Alicloud Resource Name (ARN) of the key. description
- The description of the key. key_usage
- Specifies the usage of CMK. deletion_window_in_days
- During pre-deletion days. is_enabled
- Whether the key is enabled. KMS key can be imported using the id, e.g.
$ terraform import alicloud_kms_key.example abc123456
© 2018 HashiCorpLicensed under the MPL 2.0 License.
https://www.terraform.io/docs/providers/alicloud/r/kms_key.html