Resource: aws_kms_external_key

Manages a single-Region or multi-Region primary KMS key that uses external key material. To instead manage a single-Region or multi-Region primary KMS key where AWS automatically generates and potentially rotates key material, see the aws_kms_key resource.

Example Usage

resource "aws_kms_external_key" "example" {
  description = "KMS EXTERNAL for AMI encryption"
}

Argument Reference

This resource supports the following arguments:

Attribute Reference

This resource exports the following attributes in addition to the arguments above:

Import

In Terraform v1.5.0 and later, use an import block to import KMS External Keys using the id. For example:

import {
  to = aws_kms_external_key.a
  id = "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
}

Using terraform import, import KMS External Keys using the id. For example:

% terraform import aws_kms_external_key.a arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab