From 2aab7ac1fca115eff7ddadcd1f8f24955799f43f Mon Sep 17 00:00:00 2001
From: kumashun8 <tiwo3wa4@gmail.com>
Date: Fri, 16 Apr 2021 16:39:15 +0900
Subject: [PATCH] feat: also support bucket_key_enabled to bucket_object

---
 modules/object/main.tf      | 1 +
 modules/object/variables.tf | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/modules/object/main.tf b/modules/object/main.tf
index e091fd9b..a6f9501b 100644
--- a/modules/object/main.tf
+++ b/modules/object/main.tf
@@ -23,6 +23,7 @@ resource "aws_s3_bucket_object" "this" {
 
   server_side_encryption = var.server_side_encryption
   kms_key_id             = var.kms_key_id
+  bucket_key_enabled     = var.bucket_key_enabled
 
   object_lock_legal_hold_status = try(tobool(var.object_lock_legal_hold_status) ? "ON" : upper(var.object_lock_legal_hold_status), var.object_lock_legal_hold_status)
   object_lock_mode              = try(upper(var.object_lock_mode), var.object_lock_mode)
diff --git a/modules/object/variables.tf b/modules/object/variables.tf
index c9159c7d..2bbbcc91 100644
--- a/modules/object/variables.tf
+++ b/modules/object/variables.tf
@@ -100,6 +100,12 @@ variable "kms_key_id" {
   default     = null
 }
 
+variable "bucket_key_enabled" {
+  description = "Whether or not to use Amazon S3 Bucket Keys for SSE-KMS."
+  type        = bool
+  default     = null
+}
+
 variable "metadata" {
   description = "A map of keys/values to provision metadata (will be automatically prefixed by x-amz-meta-, note that only lowercase label are currently supported by the AWS Go API)."
   type        = map(string)