github.com/koding/terraform@v0.6.4-0.20170608090606-5d7e0339779d/website/source/docs/providers/aws/d/kms_ciphertext.html.markdown (about)

     1  ---
     2  layout: "aws"
     3  page_title: "AWS: aws_kms_ciphertext"
     4  sidebar_current: "docs-aws-datasource-kms-ciphertext"
     5  description: |-
     6      Provides ciphertext encrypted using a KMS key
     7  ---
     8  
     9  # aws\_kms\_ciphertext
    10  
    11  The KMS ciphertext data source allows you to encrypt plaintext into ciphertext
    12  by using an AWS KMS customer master key.
    13  
    14  ~> **Note:** All arguments including the plaintext be stored in the raw state as plain-text.
    15  [Read more about sensitive data in state](/docs/state/sensitive-data.html).
    16  
    17  ## Example Usage
    18  
    19  ```hcl
    20  resource "aws_kms_key" "oauth_config" {
    21    description = "oauth config"
    22    is_enabled = true
    23  }
    24  
    25  data "aws_kms_ciphertext" "oauth" {
    26    key_id = "${aws_kms_key.oauth_config.key_id}"
    27    plaintext = <<EOF
    28  {
    29    "client_id": "e587dbae22222f55da22",
    30    "client_secret": "8289575d00000ace55e1815ec13673955721b8a5"
    31  }
    32  EOF
    33  }
    34  ```
    35  
    36  ## Argument Reference
    37  
    38  The following arguments are supported:
    39  
    40  * `plaintext` - (Required) Data to be encrypted. Note that this may show up in logs, and it will be stored in the state file.
    41  * `key_id` - (Required) Globally unique key ID for the customer master key.
    42  * `context` - (Optional) An optional mapping that makes up the encryption context.
    43  
    44  ## Attributes Reference
    45  
    46  All of the argument attributes are also exported as result attributes.
    47  
    48  * `ciphertext_blob` - Base64 encoded ciphertext