Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

AWS KMS External Key Store #28092

Open
ewbankkit opened this issue Nov 30, 2022 · 6 comments
Open

AWS KMS External Key Store #28092

ewbankkit opened this issue Nov 30, 2022 · 6 comments
Labels
enhancement Requests to existing resources that expand the functionality or scope. service/kms Issues and PRs that pertain to the kms service.

Comments

@ewbankkit
Copy link
Contributor

ewbankkit commented Nov 30, 2022

Today, AWS Key Management Service (AWS KMS) introduces the External Key Store (XKS), a new feature for customers who want to protect their data with encryption keys stored in an external key management system under their control.

Announcement.
Blog post.

Requires AWS SDK for Go v1.44.148: #28085.

Affected Resource(s)

@github-actions
Copy link

Community Note

Voting for Prioritization

  • Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

  • If you are interested in working on this issue, please leave a comment.
  • If this would be your first contribution, please review the contribution guide.

@ewbankkit ewbankkit added enhancement Requests to existing resources that expand the functionality or scope. service/kms Issues and PRs that pertain to the kms service. labels Nov 30, 2022
@bschaatsbergen
Copy link
Member

I'll happily pick this up in a few days.

@bschaatsbergen
Copy link
Member

Starting on this now 👍

@albgus
Copy link
Contributor

albgus commented Feb 7, 2023

I believe this affects the aws_kms_key resource as well. The docs for CreateKey states:

To create a KMS key in an external key store, use the Origin parameter with a value of EXTERNAL_KEY_STORE and an XksKeyId parameter that identifies an existing external key.

So to actually be able to create keys using the external store these parameters would need to be added on the aws_kms_key resource.

@bschaatsbergen
Copy link
Member

Thanks for flagging this @albgus. I'll update the PR accordingly.

@mmianl
Copy link

mmianl commented Apr 4, 2024

Any chance this gets picked up again?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement Requests to existing resources that expand the functionality or scope. service/kms Issues and PRs that pertain to the kms service.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants