add count

clouddrove · Dec 25, 2019 · aaa0c58 · aaa0c58
1 parent ebd77ca
commit aaa0c58
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -174,6 +174,7 @@ Here is an example of how you can use this module in your inventory structure:
 | enable_key_rotation | Specifies whether key rotation is enabled. | bool | `true` | no |
 | environment | Environment (e.g. `prod`, `dev`, `staging`). | string | `` | no |
 | is_enabled | Specifies whether the key is enabled. | bool | `true` | no |
+| enabled | Specifies whether the kms is enabled or disabled. | bool | `true` | no |
 | key_usage | Specifies the intended use of the key. Defaults to ENCRYPT_DECRYPT, and only symmetric encryption and decryption are supported. | string | `ENCRYPT_DECRYPT` | no |
 | label_order | label order, e.g. `name`,`application`. | list | `<list>` | no |
 | name | Name  (e.g. `app` or `cluster`). | string | `` | no |

diff --git a/main.tf b/main.tf
@@ -18,6 +18,7 @@ module "labels" {
 # Module      : KMS KEY
 # Description : This terraform module creates a KMS Customer Master Key (CMK) and its alias.
 resource "aws_kms_key" "default" {
+  count = var.enabled ? 1 : 0
   description             = var.description
   key_usage               = var.key_usage
   deletion_window_in_days = var.deletion_window_in_days
@@ -30,6 +31,7 @@ resource "aws_kms_key" "default" {
 # Module      : KMS ALIAS
 # Description : Provides an alias for a KMS customer master key..
 resource "aws_kms_alias" "default" {
+  count = var.enabled ? 1 : 0
   name          = coalesce(var.alias, format("alias/%v", module.labels.id))
   target_key_id = aws_kms_key.default.id
 }
diff --git a/outputs.tf b/outputs.tf
@@ -1,22 +1,22 @@
 # Module      : KMS KEY
 # Description : This terraform module creates a KMS Customer Master Key (CMK) and its alias.
 output "key_arn" {
-  value       = aws_kms_key.default.arn
+  value       = join("", aws_kms_key.default.*.arn)
   description = "Key ARN."
 }
 
 output "key_id" {
-  value       = aws_kms_key.default.key_id
+  value       = join("", aws_kms_key.default.*.key_id)
   description = "Key ID."
 }
 
 output "alias_arn" {
-  value       = aws_kms_alias.default.arn
+  value       = join("", aws_kms_alias.default.*.arn)
   description = "Alias ARN."
 }
 
 output "alias_name" {
-  value       = aws_kms_alias.default.name
+  value       = join("", aws_kms_alias.default.*.name)
   description = "Alias name."
 }
 

diff --git a/variables.tf b/variables.tf
@@ -62,6 +62,12 @@ variable "is_enabled" {
   description = "Specifies whether the key is enabled."
 }
 
+variable "enabled" {
+  type        = bool
+  default     = true
+  description = "Specifies whether the kms is enabled or disabled."
+}
+
 variable "key_usage" {
   type        = string
   default     = "ENCRYPT_DECRYPT"