AWS KMS key delegating access to IAM and allowing all AWS services to use the key.
The KMS key is not deleted if you delete the CloudFormation stack to prevent unwanted data loss!
If you look for a KMS key with stricter access check out the kms-key-strict module.
Install Node.js and npm first!
npm i @cfn-modules/kms-key
---
AWSTemplateFormatVersion: '2010-09-09'
Description: 'cfn-modules example'
Resources:
Key:
Type: 'AWS::CloudFormation::Stack'
Properties:
Parameters:
AlertingModule: !GetAtt 'Alerting.Outputs.StackName' # optional
AliasName: '' # optional
TemplateURL: './node_modules/@cfn-modules/kms-key/module.yml'
none
| Name | Description | Default | Required? | Allowed values |
|---|---|---|---|---|
| AlertingModule | Stack name of alerting module | no | ||
| AliasName | Alias name (if not set, the stack name is used) | no |
| Name | Interface | Description | Exported? |
|---|---|---|---|
| ModuleId | global | Id of the module | no |
| ModuleVersion | global | Version of the module | no |
| StackName | global | Name of the stack (used to pass module references) | no |
| Arn | ExposeArn | KMS key ARN | yes |
| IamActions | LambdaDependency | Used to auto-generate IAM policies | yes |
| IamResources | LambdaDependency | sed to auto-generate IAM policies | yes |