Enable key replication across regions when 'multi_region' option is selected - Githubissues

cloudposse / terraform-aws-kms-key

Terraform module to provision a KMS key with alias

https://cloudposse.com/accelerate

Apache License 2.0

72 stars 87 forks source link

Enable key replication across regions when 'multi_region' option is selected #32

Closed nsvijay04b1 closed 2 years ago

nsvijay04b1 commented 2 years ago

Have a question? Please checkout our Slack Community or visit our Slack Archive.

Describe the Feature

A clear and concise description of what the bug is.

Expected Behavior

Enable key replication across regions when 'multi_region' option is selected

Use Case

KMS supports key replication. It is logical to support it from this module as it already support creation of multi-region key.

Describe Ideal Solution

This module should use below Terraform recourse and create replication https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_replica_key

Alternatives Considered

If i have to use 'multi-region' now i have to implement on top myself using https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_replica_key

Nuru commented 2 years ago

Closing as wontfix because replica keys need to be created in the region in which they will be used. This means you need an AWS provider for that region. Because providers cannot be parameterized, it is impractical to create all the replica keys in a single module. You need to create the replica keys outside of this module, configuring the providers as needed.