diff --git a/main.tf b/main.tf
index 8e53c57..97b6562 100644
--- a/main.tf
+++ b/main.tf
@@ -104,7 +104,7 @@ resource "null_resource" "s3_create_wait" {
   }
 }
 
-resource "aws_s3_bucket_object" "this_objects" {
+riesource "aws_s3_bucket_object" "this_objects" {
   bucket = aws_s3_bucket.this.id
   count  = length(var.bucket_folders)
   key    = format("%s/", element(var.bucket_folders, count.index))
@@ -112,3 +112,24 @@ resource "aws_s3_bucket_object" "this_objects" {
 
   depends_on = [null_resource.s3_create_wait]
 }
+
+#-------------------------------------------------------------------------
+# EFS KMS KEY
+#-------------------------------------------------------------------------
+resource "aws_kms_key" "key" {
+  count               = local.kms_key_arn_exists ? 0 : 1
+  description         = "KMS CMK for title26_s3 ${local.name}"
+  enable_key_rotation = true
+
+  tags = merge(
+    local.base_tags,
+    { "Name" = local.kms_key_name },
+    var.tags
+  )
+}
+
+resource "aws_kms_alias" "key" {
+  count         = local.kms_key_arn_exists ? 0 : 1
+  name          = "alias/${local.kms_key_name}"
+  target_key_id = (aws_kms_key.key.*)[0].key_id
+}