cjbischoff/kms.tf

## kms.tf
# KMS.tf

resource "aws_kms_key" "kms_key" {
  policy = <<POLICY
{
  "Version": "2012-10-17",
  "Id": "${var.name}-key",
  "Statement": [
    {
      "Sid": "Enable IAM User Permissions",
      "Effect": "Allow",
      "Principal": {
        "AWS": "arn:aws:iam::${data.aws_caller_identity.current.account_id}:root"
      },
      "Action": "kms:*",
      "Resource": "*"
    }
  ]
}
POLICY
}

resource "aws_kms_alias" "kms_key" {
  name          = "alias/${var.name}"
  target_key_id = "${aws_kms_key.kms_key.id}"
}

# OUTPUT.tf
output "kms_key_arn" {
  value = "${aws_kms_key.kms_key.arn}"
}

# VARIABLES.TF
variable "name" {}

data "aws_caller_identity" "current" {}
	# KMS.tf

	resource "aws_kms_key" "kms_key" {
	policy = <<POLICY
	{
	"Version": "2012-10-17",
	"Id": "${var.name}-key",
	"Statement": [
	{
	"Sid": "Enable IAM User Permissions",
	"Effect": "Allow",
	"Principal": {
	"AWS": "arn:aws:iam::${data.aws_caller_identity.current.account_id}:root"
	},
	"Action": "kms:*",
	"Resource": "*"
	}
	]
	}
	POLICY
	}

	resource "aws_kms_alias" "kms_key" {
	name = "alias/${var.name}"
	target_key_id = "${aws_kms_key.kms_key.id}"
	}

	# OUTPUT.tf
	output "kms_key_arn" {
	value = "${aws_kms_key.kms_key.arn}"
	}

	# VARIABLES.TF
	variable "name" {}

	data "aws_caller_identity" "current" {}