add kms_key_id, fix #7 (#8)

Author: sblack4

README.md

@@ -38,6 +38,7 @@ module "random_password" {
 | create\_secret | If false, this module does nothing (since tf doesn't support conditional modules) | `bool` | `true` | no |
 | description | Description to add to Secret | `string` | `""` | no |
 | enable\_secret\_access\_notification | Notify SNS topic on secret access (not recommended for most use cases) | `bool` | `false` | no |
+| kms\_key\_id | Optional. The KMS Key ID to encrypt the secret. KMS key arn or alias can be used. | `any` | `null` | no |
 | length | Length of string | `number` | n/a | yes |
 | min\_lower | Minimum number of lower case characters | `number` | `0` | no |
 | min\_numeric | Minimum number of numbers | `number` | `0` | no |

main.tf

@@ -27,6 +27,7 @@ resource "aws_secretsmanager_secret" "secret" {
   name        = var.name == "" ? null : var.name
   name_prefix = var.name == "" ? var.name_prefix : null
   description = var.description
+  kms_key_id  = var.kms_key_id
   tags        = var.tags
 }
 

variables.tf

@@ -13,6 +13,11 @@ variable "description" {
   type        = string
 }
 
+variable "kms_key_id" {
+  default     = null
+  description = "Optional. The KMS Key ID to encrypt the secret. KMS key arn or alias can be used."
+}
+
 variable "name" {
   default     = ""
   description = "Name (omit to use name_prefix)"
@@ -72,7 +77,6 @@ variable "secret_access_notification_arn" {
 variable "length" {
   description = "Length of string"
   type        = number
-
 }
 
 variable "min_lower" {