From da551ff608d8f8beee1b0f29f41cc330382bf873 Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Fri, 15 Jul 2022 10:43:51 -0400
Subject: [PATCH] kms_key: add multi_region

---
 common/kms.tf           | 1 +
 common/variables.kms.tf | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/common/kms.tf b/common/kms.tf
index 6ad1df0..e7410d0 100644
--- a/common/kms.tf
+++ b/common/kms.tf
@@ -20,6 +20,7 @@ resource "aws_kms_key" "key" {
   description         = "KMS CMK for S3 bucket ${local.name}"
   enable_key_rotation = true
   policy              = data.aws_iam_policy_document.key_policy_combined.json
+  multi_region        = var.multi_region
 
   tags = merge(
     local.base_tags,
diff --git a/common/variables.kms.tf b/common/variables.kms.tf
index 4eda73e..713ae95 100644
--- a/common/variables.kms.tf
+++ b/common/variables.kms.tf
@@ -27,3 +27,9 @@ variable "use_kms_encryption" {
   type        = bool
   default     = true
 }
+
+variable "multi_region" {
+  description = "Flag to enable or disable the use of a multi-region KMS key (default=false)"
+  type        = bool
+  default     = false
+}