github.com/koding/terraform@v0.6.4-0.20170608090606-5d7e0339779d/website/source/docs/providers/aws/d/kms_ciphertext.html.markdown (about) 1 --- 2 layout: "aws" 3 page_title: "AWS: aws_kms_ciphertext" 4 sidebar_current: "docs-aws-datasource-kms-ciphertext" 5 description: |- 6 Provides ciphertext encrypted using a KMS key 7 --- 8 9 # aws\_kms\_ciphertext 10 11 The KMS ciphertext data source allows you to encrypt plaintext into ciphertext 12 by using an AWS KMS customer master key. 13 14 ~> **Note:** All arguments including the plaintext be stored in the raw state as plain-text. 15 [Read more about sensitive data in state](/docs/state/sensitive-data.html). 16 17 ## Example Usage 18 19 ```hcl 20 resource "aws_kms_key" "oauth_config" { 21 description = "oauth config" 22 is_enabled = true 23 } 24 25 data "aws_kms_ciphertext" "oauth" { 26 key_id = "${aws_kms_key.oauth_config.key_id}" 27 plaintext = <<EOF 28 { 29 "client_id": "e587dbae22222f55da22", 30 "client_secret": "8289575d00000ace55e1815ec13673955721b8a5" 31 } 32 EOF 33 } 34 ``` 35 36 ## Argument Reference 37 38 The following arguments are supported: 39 40 * `plaintext` - (Required) Data to be encrypted. Note that this may show up in logs, and it will be stored in the state file. 41 * `key_id` - (Required) Globally unique key ID for the customer master key. 42 * `context` - (Optional) An optional mapping that makes up the encryption context. 43 44 ## Attributes Reference 45 46 All of the argument attributes are also exported as result attributes. 47 48 * `ciphertext_blob` - Base64 encoded ciphertext