From 350db34082884afc5a9322b2a7435763b9e4efde Mon Sep 17 00:00:00 2001
From: Fabian Omenankiti <fabian.i.omenankiti@census.gov>
Date: Mon, 21 Sep 2020 13:07:41 -0400
Subject: [PATCH] Added KMS CMK key

---
 main.tf | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/main.tf b/main.tf
index 9d2fa45..be80ec7 100644
--- a/main.tf
+++ b/main.tf
@@ -93,7 +93,7 @@ resource "null_resource" "s3_create_wait" {
   }
 }
 
-resource "aws_s3_bucket_object" "this_objects" {
+riesource "aws_s3_bucket_object" "this_objects" {
   bucket = aws_s3_bucket.this.id
   count  = length(var.bucket_folders)
   key    = format("%s/", element(var.bucket_folders, count.index))
@@ -101,3 +101,24 @@ resource "aws_s3_bucket_object" "this_objects" {
 
   depends_on = [null_resource.s3_create_wait]
 }
+
+#-------------------------------------------------------------------------
+# EFS KMS KEY
+#-------------------------------------------------------------------------
+resource "aws_kms_key" "key" {
+  count               = local.kms_key_arn_exists ? 0 : 1
+  description         = "KMS CMK for title26_s3 ${local.name}"
+  enable_key_rotation = true
+
+  tags = merge(
+    local.base_tags,
+    { "Name" = local.kms_key_name },
+    var.tags
+  )
+}
+
+resource "aws_kms_alias" "key" {
+  count         = local.kms_key_arn_exists ? 0 : 1
+  name          = "alias/${local.kms_key_name}"
+  target_key_id = (aws_kms_key.key.*)[0].key_id
+}