Skip to content

Commit 784cf6a

Browse files
committed
Warning about changing KMS key
1 parent 1224e79 commit 784cf6a

File tree

3 files changed

+3
-3
lines changed

3 files changed

+3
-3
lines changed

modules/database/variables.tf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -51,7 +51,7 @@ variable "database_security_group_ids" {
5151
}
5252

5353
variable "kms_key_arn" {
54-
description = "KMS key ARN to use for encrypting resources. If not provided, the default AWS managed key is used."
54+
description = "KMS key ARN to use for encrypting resources. If not provided, the default AWS managed key is used. DO NOT change this after deployment. If you do, it will attempt to destroy your DB."
5555
type = string
5656
default = null
5757
}

modules/services/variables.tf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -157,7 +157,7 @@ variable "custom_certificate_arn" {
157157
}
158158

159159
variable "kms_key_arn" {
160-
description = "KMS key ARN to use for encrypting resources. If not provided, the default AWS managed key is used."
160+
description = "KMS key ARN to use for encrypting resources. If not provided, the default AWS managed key is used. DO NOT change this after deployment. If you do, prior S3 objects will no longer be readable."
161161
type = string
162162
default = null
163163
}

variables.tf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ variable "deployment_name" {
2828
}
2929

3030
variable "kms_key_arn" {
31-
description = "Existing KMS key ARN to use for encrypting resources. If not provided, a new key will be created."
31+
description = "Existing KMS key ARN to use for encrypting resources. If not provided, a new key will be created. DO NOT change this after deployment. If you do, it will attempt to destroy your DB and prior S3 objects will no longer be readable."
3232
type = string
3333
default = null
3434
}

0 commit comments

Comments
 (0)