Skip to content

Commit a327acd

Browse files
antonbabenkoantonbabenko
authored
Add encrypted and kms_key_id arguments to the ebs_* and root_* block (terraform-aws-modules#124)
* Add encrypted and kms_key_id arguments to the ebs_* and root_* block device configuration blocks This commit resolves terraform-aws-modules#6 * Updated example to include volume encryption settings
1 parent dc4cc78 commit a327acd

File tree

2 files changed

+17
-1
lines changed

2 files changed

+17
-1
lines changed

examples/basic/main.tf

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -58,10 +58,13 @@ resource "aws_placement_group" "web" {
5858
strategy = "cluster"
5959
}
6060

61+
resource "aws_kms_key" "this" {
62+
}
63+
6164
module "ec2" {
6265
source = "../../"
6366

64-
instance_count = 2
67+
instance_count = 1
6568

6669
name = "example-normal"
6770
ami = data.aws_ami.amazon_linux.id
@@ -79,6 +82,16 @@ module "ec2" {
7982
},
8083
]
8184

85+
ebs_block_device = [
86+
{
87+
device_name = "/dev/sdf"
88+
volume_type = "gp2"
89+
volume_size = 5
90+
encrypted = true
91+
kms_key_id = aws_kms_key.this.arn
92+
}
93+
]
94+
8295
tags = {
8396
"Env" = "Private"
8497
"Location" = "Secret"

main.tf

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,9 @@ resource "aws_instance" "this" {
3232
for_each = var.root_block_device
3333
content {
3434
delete_on_termination = lookup(root_block_device.value, "delete_on_termination", null)
35+
encrypted = lookup(root_block_device.value, "encrypted", null)
3536
iops = lookup(root_block_device.value, "iops", null)
37+
kms_key_id = lookup(root_block_device.value, "kms_key_id", null)
3638
volume_size = lookup(root_block_device.value, "volume_size", null)
3739
volume_type = lookup(root_block_device.value, "volume_type", null)
3840
}
@@ -45,6 +47,7 @@ resource "aws_instance" "this" {
4547
device_name = ebs_block_device.value.device_name
4648
encrypted = lookup(ebs_block_device.value, "encrypted", null)
4749
iops = lookup(ebs_block_device.value, "iops", null)
50+
kms_key_id = lookup(ebs_block_device.value, "kms_key_id", null)
4851
snapshot_id = lookup(ebs_block_device.value, "snapshot_id", null)
4952
volume_size = lookup(ebs_block_device.value, "volume_size", null)
5053
volume_type = lookup(ebs_block_device.value, "volume_type", null)

0 commit comments

Comments
 (0)