Could Not Generate Key Using Kms Key Alias Credstash

Posted on by
  1. Could Not Generate Key Using Kms Key Alias Credstash Windows 7
  2. Could Not Generate Key Using Kms Key Alias/credstash
Could not generate key using kms key alias credstash key

Could Not Generate Key Using Kms Key Alias Credstash Windows 7

. @param tableName Credstash DynamoDB table name. @param secretName Credstash secret name. @param secret The secret value. @param kmsKeyId The KMS KeyId used to generate a new data key. @param context Encryption context for integrity check. @param version An optional version string to be used when stashing the secret, defaults to '1. Access to these keys is controlled using IAM. Add and configure a KMS key in IAM with the alias credstash, ensure this is created in the correct region as the user interface for this is quite confusing. Run unicreds setup to create the dynamodb table in your region, ensure you have your credentials configured using the awscli. Requests must be signed by using an access key ID and a secret access key. We strongly recommend that you do not use your AWS account (root) access key ID and secret key for everyday work with AWS KMS. Ms office 2007 activation key generator free. Instead, use the access key ID and secret access key for an IAM user, or you can use the AWS Security Token Service to generate temporary. It is possible to use KMS to store your keys but the process is not straight forward as you have described. KMS indeed only generates and manages the keys used to encrypt or decrypt stuff so you will need to develop a middleware like a platform to interacts with KMS and orchestrate this process.

Could Not Generate Key Using Kms Key Alias/credstash

  1. diff --cc accounts/nubis-training-2016/terraform.tfvars
  2. --- a/accounts/nubis-training-2016/terraform.tfvars
  3. +++ b/accounts/nubis-training-2016/terraform.tfvars
  4. diff --git a/modules/consul/main.tf b/modules/consul/main.tf
  5. --- a/modules/consul/main.tf
  6. @@ -1,5 +1,5 @@
  7. - source = 'github.com/nubisproject/nubis-consul//nubis/terraform/multi?ref=v1.2.2'
  8. + source = 'github.com/nubisproject/nubis-consul//nubis/terraform/multi?ref=master'
  9. enabled = '${var.enabled}'
  10. diff --git a/modules/global/meta/main.tf b/modules/global/meta/main.tf
  11. --- a/modules/global/meta/main.tf
  12. @@ -140,8 +140,8 @@ resource 'aws_lambda_function' 'GlobalUUID' {
  13. - s3_bucket = 'nubis-stacks-${var.aws_region}'
  14. + #s3_bucket = 'nubis-stacks-${var.aws_region}'
  15. s3_key = '${var.nubis_version}/lambda/UUID.zip'
  16. description = 'Generate UUIDs for use in Nubis Meta'
  17. diff --git a/modules/global/vpcs/outputs.tf b/modules/global/vpcs/outputs.tf
  18. --- a/modules/global/vpcs/outputs.tf
  19. @@ -4,9 +4,9 @@ output CredstashKeyID {
  20. # - join(',') to make a final coma delimited list
  21. # But somehow, this doesn't work and causes TF to not even try and interpolate the variable ?!
  22. - value = '${module.us-east-1.CredstashKeyID},${module.us-west-2.CredstashKeyID}'
  23. + value = '${module.us-west-2.CredstashKeyID},${module.us-east-1.CredstashKeyID}'
  24. - value = '${module.us-east-1.CredstashDynamoDB},${module.us-west-2.CredstashKeyID}'
  25. + value = '${module.us-west-2.CredstashDynamoDB},${module.us-east-1.CredstashKeyID}'
  26. diff --git a/modules/meta/main.tf b/modules/meta/main.tf
  27. --- a/modules/meta/main.tf
  28. @@ -31,7 +31,7 @@ resource 'aws_route53_record' 'hosted_zone' {
  29. - count = '${var.enabled}'
  30. create_before_destroy = true
  31. }
  32. resource 'aws_dynamodb_table' 'credstash' {
  33. +# count = '${var.enabled}'
  34. lifecycle {
  35. @@ -81,7 +81,7 @@ resource 'aws_dynamodb_table' 'credstash' {
  36. - count = '${var.enabled}'
  37. name = 'alias/credstash'
  38. target_key_id = '${aws_kms_key.credstash.key_id}'
  39. diff --git a/modules/vpc/main.tf b/modules/vpc/main.tf
  40. --- a/modules/vpc/main.tf
  41. @@ -908,7 +908,7 @@ resource 'aws_iam_policy_attachment' 'credstash' {
  42. - source = 'github.com/nubisproject/nubis-jumphost//nubis/terraform?ref=v1.2.2'
  43. + source = 'github.com/nubisproject/nubis-jumphost//nubis/terraform?ref=master'
  44. enabled = '${var.enabled * var.enable_jumphost}'
  45. @@ -935,7 +935,7 @@ module 'jumphost' {
  46. - source = 'github.com/nubisproject/nubis-fluent-collector//nubis/terraform/multi?ref=v1.2.2'
  47. + source = 'github.com/nubisproject/nubis-fluent-collector//nubis/terraform/multi?ref=master'
  48. enabled = '${var.enabled * var.enable_fluent}'