Currently the dynamoDB is encrypted using AWS managed keys. The aws_dynamodb_table resource permits use of encrypting this resource with a customer managed key as documented below.
Add new Terraform variable dynamodb_kms_key_arn (default value null) to allow the user to pass in a CMK key to aws_dynamodb_table.binaryalert_yara_matches.
Background
Currently the dynamoDB is encrypted using AWS managed keys. The
aws_dynamodb_tableresource permits use of encrypting this resource with a customer managed key as documented below.https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table#server_side_encryption
Desired Change
Add new Terraform variable
dynamodb_kms_key_arn(default valuenull) to allow the user to pass in a CMK key toaws_dynamodb_table.binaryalert_yara_matches.