github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/avd_docs/aws/ssm/AVD-AWS-0098/Terraform.md

github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/avd_docs/aws/ssm/AVD-AWS-0098/Terraform.md (about)

     1  
     2  Use customer managed keys
     3  
     4  ```hcl
     5   resource "aws_kms_key" "secrets" {
     6   	enable_key_rotation = true
     7   }
     8   
     9   resource "aws_secretsmanager_secret" "good_example" {
    10     name       = "lambda_password"
    11     kms_key_id = aws_kms_key.secrets.arn
    12   }
    13   
    14  ```
    15  
    16  #### Remediation Links
    17   - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/secretsmanager_secret#kms_key_id
    18