AWS KMS key

[robertdebock]

Currently, the KMS key is generated within the module.

When you now delete a Vault deployment, the KMS key is also destroyed.

This means a saved snapshot can't be used, because the decryption key does not exist anymore.

Options to overcome this:

• Let the user of the module bring his/her own key.
• Prevent deleting KMS keys.