Add new optional variable ibmcloud_kms_api_key. This should be used in the kms provider block like so:
provider "ibm" {
alias = "kms"
ibmcloud_api_key = var.ibmcloud_kms_api_key != null ? var.ibmcloud_kms_api_key : var.ibmcloud_api_key
region = local.kms_region
}
The kms module block should use the kms provider alias.
Support creating cross account s2s auth policy (in KMS account)
Review all of the variable descriptions and readme markdowns to ensure its clear that it supports KMS in a different account using the ibmcloud_kms_api_key variable.
Changes should go into
solutions/instances
only..ibmcloud_kms_api_key
. This should be used in the kms provider block like so:kms
module block should use thekms
provider alias.ibmcloud_kms_api_key
variable.