From 3c2e72a5f790b0f7ea2c5f80ec3ca2ef049d87d9 Mon Sep 17 00:00:00 2001
From: eesa456 <eesa.mahmood1@nhs.net>
Date: Wed, 2 Aug 2023 17:17:14 +0100
Subject: [PATCH] enable key rotation

---
 modules/cloudfront-logs/kms.tf             | 1 +
 modules/opennext-revalidation-queue/kms.tf | 1 +
 2 files changed, 2 insertions(+)

diff --git a/modules/cloudfront-logs/kms.tf b/modules/cloudfront-logs/kms.tf
index d4e1534..25c59b0 100644
--- a/modules/cloudfront-logs/kms.tf
+++ b/modules/cloudfront-logs/kms.tf
@@ -4,6 +4,7 @@ resource "aws_kms_key" "cloudwatch_logs_key" {
   description             = "KMS Key for ${var.log_group_name} log group"
   deletion_window_in_days = 10
   policy                  = data.aws_iam_policy_document.cloudwatch_logs_key_policy[0].json
+  enable_key_rotation = true
 }
 
 data "aws_iam_policy_document" "cloudwatch_logs_key_policy" {
diff --git a/modules/opennext-revalidation-queue/kms.tf b/modules/opennext-revalidation-queue/kms.tf
index fc566ad..8d6e247 100644
--- a/modules/opennext-revalidation-queue/kms.tf
+++ b/modules/opennext-revalidation-queue/kms.tf
@@ -10,6 +10,7 @@ resource "aws_kms_key" "revalidation_queue_key" {
   deletion_window_in_days = 10
 
   policy = data.aws_iam_policy_document.revalidation_queue_key_policy[0].json
+  enable_key_rotation = true
 }
 
 data "aws_iam_policy_document" "revalidation_queue_key_policy" {