Pass kms_key_id

bcgov · Dec 10, 2024 · 75f0394 · 75f0394
1 parent 36387ea
commit 75f0394
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 1 deletion.
diff --git a/infrastructure/cloud/environments/test/webapp.tf b/infrastructure/cloud/environments/test/webapp.tf
@@ -77,6 +77,7 @@ module "iam" {
   iam_user_table_name = var.iam_user_table_name
   secrets_arn_list    = module.secrets_manager.secrets_arn_list
   account_id          = data.aws_caller_identity.current.account_id
+  kms_key_id          = data.aws_kms_key.kms_key.id
 }
 
 # Parse Subnets

diff --git a/infrastructure/cloud/modules/IAM/main.tf b/infrastructure/cloud/modules/IAM/main.tf
@@ -2,7 +2,7 @@
 # KMS Key Policy
 #
 resource "aws_kms_key_policy" "kms_key_policy" {
-  key_id = aws_kms_key.kms_key.id
+  key_id = var.kms_key_id
 
   policy = jsonencode({
     Version = "2012-10-17"

diff --git a/infrastructure/cloud/modules/IAM/variables.tf b/infrastructure/cloud/modules/IAM/variables.tf
@@ -37,3 +37,8 @@ variable "account_id" {
   description = "The current AWS Account Id"
   type        = string
 }
+
+variable "kms_key_id" {
+  description = "The custom KMS Key Id"
+  type        = string
+}