Resource: aws_kms_key_policy

Attaches a policy to a KMS Key.

Example Usage

resource "aws_kms_key" "example" {
  description = "example"
}

resource "aws_kms_key_policy" "example" {
  key_id = aws_kms_key.example.id
  policy = jsonencode({
    Id = "example"
    Statement = [
      {
        Action = "kms:*"
        Effect = "Allow"
        Principal = {
          AWS = "*"
        }

        Resource = "*"
        Sid      = "Enable IAM User Permissions"
      },
    ]
    Version = "2012-10-17"
  })
}

Argument Reference

This resource supports the following arguments:

Attribute Reference

This resource exports no additional attributes.

Import

In Terraform v1.5.0 and later, use an import block to import KMS Key Policies using the key_id. For example:

import {
  to = aws_kms_key_policy.a
  id = "1234abcd-12ab-34cd-56ef-1234567890ab"
}

Using terraform import, import KMS Key Policies using the key_id. For example:

% terraform import aws_kms_key_policy.a 1234abcd-12ab-34cd-56ef-1234567890ab