Resource: aws_dx_macsec_key_association

Provides a MAC Security (MACSec) secret key resource for use with Direct Connect. See MACsec prerequisites for information about MAC Security (MACsec) prerequisites.

Creating this resource will also create a resource of type aws_secretsmanager_secret which is managed by Direct Connect. While you can import this resource into your Terraform state, because this secret is managed by Direct Connect, you will not be able to make any modifications to it. See How AWS Direct Connect uses AWS Secrets Manager for details.

Example Usage

Create MACSec key with CKN and CAK

data "aws_dx_connection" "example" {
  name = "tf-dx-connection"
}

resource "aws_dx_macsec_key_association" "test" {
  connection_id = data.aws_dx_connection.example.id
  ckn           = "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
  cak           = "abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789"
}

Create MACSec key with existing Secrets Manager secret

data "aws_dx_connection" "example" {
  name = "tf-dx-connection"
}

data "aws_secretsmanager_secret" "example" {
  name = "directconnect!prod/us-east-1/directconnect/0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
}

resource "aws_dx_macsec_key_association" "test" {
  connection_id = data.aws_dx_connection.example.id
  secret_arn    = data.aws_secretsmanager_secret.example.arn
}

Argument Reference

This resource supports the following arguments:

Attribute Reference

This resource exports the following attributes in addition to the arguments above: