<- All Blueprints
Create a template that deploys...

AWS KMS Key

This blueprint creates an AWS KMS key with best practices in mind, such as enabling key rotation by default to enhance security. It allows users to provide a custom key policy if needed and encourages the use of tags for resource identification and management. The blueprint organizes variables into groups to assist users—including those who may not be cloud infrastructure experts—in configuring essential and advanced settings easily.

Template code
Automatically generated UI

---
constants:
  __name: "{{ name }}_{{ __guid }}"
variables:
  name:
    desc: "Name of the KMS key."
    required: true
    group: Key Details
  description:
    desc: "Description of the KMS key."
    required: false
    group: Key Details
    default: "Managed by Resourcely"
  key_usage:
    desc: "Specifies the intended use of the key."
    required: false
    group: Key Details
    default: "ENCRYPT_DECRYPT"
    suggested: "ENCRYPT_DECRYPT"
  customer_master_key_spec:
    desc: "Specifies the type of key material."
    required: false
    group: Key Details
    default: "SYMMETRIC_DEFAULT"
  deletion_window_in_days:
    desc: "Duration in days after which the key is deleted after destruction."
    required: false
    group: Key Details
    default: 30
  enable_key_rotation:
    desc: "Specifies whether key rotation is enabled."
    required: false
    group: Key Details
    default: true
  policy:
    desc: "The key policy JSON. Provide a valid JSON policy."
    required: false
    group: Policy Document
  tags:
    group: Tags
    required: false
groups:
  Key Details:
    order: 1
    desc: "Basic settings for the KMS key."
  Policy Document:
    order: 2
    desc: "Define the key policy document."
  Tags:
    order: 3
    desc: "Tags to assign to the KMS key."
---

resource "aws_kms_key" "__name" {
  description                 = {{ description }}
  key_usage                   = {{ key_usage }}
  customer_master_key_spec    = {{ customer_master_key_spec }}
  deletion_window_in_days     = {{ deletion_window_in_days }}
  enable_key_rotation         = {{ enable_key_rotation }}
  policy                      = {{ policy | required: false }}

  tags = {
    Name = {{ name }}
    {{# tags }}
      {{ tags.key | required: false }} = {{ tags.value | required: false }}
    {{/ tags }}
  }
}

// Key rotation is enabled by default for enhanced security.
// Users can provide a custom key policy if needed.
// Tags are encouraged for resource identification and management.
//
What am I looking at?

Talk to a Human

See Resourcely in action and learn how it can help you secure and manage your cloud infrastructure today!