From f8c96ce4bfc45fa2cb2e2cfa346d0d1930cdfce3 Mon Sep 17 00:00:00 2001
From: Melissa Greenbaum <69476188+magreenbaum@users.noreply.github.com>
Date: Sat, 11 May 2024 08:42:00 -0400
Subject: [PATCH] feat!: Support `rotation_period_in_days`, AWS Provider v5,
Terraform MSV 1.3 (#32)
* rotation_period_in_days
* terraform MSV 1.3
---
README.md | 7 ++++---
examples/complete/README.md | 6 +++---
examples/complete/versions.tf | 4 ++--
main.tf | 1 +
variables.tf | 6 ++++++
versions.tf | 4 ++--
wrappers/main.tf | 1 +
7 files changed, 19 insertions(+), 10 deletions(-)
diff --git a/README.md b/README.md
index 0e813f0..ed5ecd5 100644
--- a/README.md
+++ b/README.md
@@ -146,14 +146,14 @@ Examples codified under the [`examples`](https://github.com/terraform-aws-module
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 4.33 |
+| [terraform](#requirement\_terraform) | >= 1.3 |
+| [aws](#requirement\_aws) | >= 5.49 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 4.33 |
+| [aws](#provider\_aws) | >= 5.49 |
## Modules
@@ -211,6 +211,7 @@ No modules.
| [policy](#input\_policy) | A valid policy JSON document. Although this is a key policy, not an IAM policy, an `aws_iam_policy_document`, in the form that designates a principal, can be used | `string` | `null` | no |
| [primary\_external\_key\_arn](#input\_primary\_external\_key\_arn) | The primary external key arn of a multi-region replica external key | `string` | `null` | no |
| [primary\_key\_arn](#input\_primary\_key\_arn) | The primary key arn of a multi-region replica key | `string` | `null` | no |
+| [rotation\_period\_in\_days](#input\_rotation\_period\_in\_days) | Custom period of time between each rotation date. Must be a number between 90 and 2560 (inclusive) | `number` | `null` | no |
| [route53\_dnssec\_sources](#input\_route53\_dnssec\_sources) | A list of maps containing `account_ids` and Route53 `hosted_zone_arn` that will be allowed to sign DNSSEC records | `list(any)` | `[]` | no |
| [source\_policy\_documents](#input\_source\_policy\_documents) | List of IAM policy documents that are merged together into the exported document. Statements must have unique `sid`s | `list(string)` | `[]` | no |
| [tags](#input\_tags) | A map of tags to add to all resources | `map(string)` | `{}` | no |
diff --git a/examples/complete/README.md b/examples/complete/README.md
index 48d306d..c8147aa 100644
--- a/examples/complete/README.md
+++ b/examples/complete/README.md
@@ -24,14 +24,14 @@ Note that this example may create resources which will incur monetary charges on
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 4.33 |
+| [terraform](#requirement\_terraform) | >= 1.3 |
+| [aws](#requirement\_aws) | >= 5.49 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 4.33 |
+| [aws](#provider\_aws) | >= 5.49 |
## Modules
diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf
index 14a7ee2..f96e1b1 100644
--- a/examples/complete/versions.tf
+++ b/examples/complete/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 1.0"
+ required_version = ">= 1.3"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 4.33"
+ version = ">= 5.49"
}
}
}
diff --git a/main.tf b/main.tf
index 5f3d7bb..819de11 100644
--- a/main.tf
+++ b/main.tf
@@ -28,6 +28,7 @@ resource "aws_kms_key" "this" {
key_usage = var.key_usage
multi_region = var.multi_region
policy = coalesce(var.policy, data.aws_iam_policy_document.this[0].json)
+ rotation_period_in_days = var.rotation_period_in_days
tags = var.tags
}
diff --git a/variables.tf b/variables.tf
index 0eb9b90..b66b126 100644
--- a/variables.tf
+++ b/variables.tf
@@ -182,6 +182,12 @@ variable "route53_dnssec_sources" {
default = []
}
+variable "rotation_period_in_days" {
+ description = "Custom period of time between each rotation date. Must be a number between 90 and 2560 (inclusive)"
+ type = number
+ default = null
+}
+
################################################################################
# Replica Key
################################################################################
diff --git a/versions.tf b/versions.tf
index 14a7ee2..f96e1b1 100644
--- a/versions.tf
+++ b/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 1.0"
+ required_version = ">= 1.3"
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 4.33"
+ version = ">= 5.49"
}
}
}
diff --git a/wrappers/main.tf b/wrappers/main.tf
index c9f4f98..6e2ebca 100644
--- a/wrappers/main.tf
+++ b/wrappers/main.tf
@@ -37,6 +37,7 @@ module "wrapper" {
policy = try(each.value.policy, var.defaults.policy, null)
primary_external_key_arn = try(each.value.primary_external_key_arn, var.defaults.primary_external_key_arn, null)
primary_key_arn = try(each.value.primary_key_arn, var.defaults.primary_key_arn, null)
+ rotation_period_in_days = try(each.value.rotation_period_in_days, var.defaults.rotation_period_in_days, null)
route53_dnssec_sources = try(each.value.route53_dnssec_sources, var.defaults.route53_dnssec_sources, [])
source_policy_documents = try(each.value.source_policy_documents, var.defaults.source_policy_documents, [])
tags = try(each.value.tags, var.defaults.tags, {})