enable key rotation

modules/cloudfront-logs/kms.tf

@@ -4,6 +4,7 @@ resource "aws_kms_key" "cloudwatch_logs_key" {
   description             = "KMS Key for ${var.log_group_name} log group"
   deletion_window_in_days = 10
   policy                  = data.aws_iam_policy_document.cloudwatch_logs_key_policy[0].json
+  enable_key_rotation = true
 }
 
 data "aws_iam_policy_document" "cloudwatch_logs_key_policy" {

modules/opennext-revalidation-queue/kms.tf

@@ -10,6 +10,7 @@ resource "aws_kms_key" "revalidation_queue_key" {
   deletion_window_in_days = 10
 
   policy = data.aws_iam_policy_document.revalidation_queue_key_policy[0].json
+  enable_key_rotation = true
 }
 
 data "aws_iam_policy_document" "revalidation_queue_key_policy" {