From 6744658c21c8e604a0f81e2fffd8ef5c86ab0d93 Mon Sep 17 00:00:00 2001
From: Dennis van der Meulen <dvandermeulen@schubergphilis.com>
Date: Thu, 12 Dec 2024 09:12:40 +0100
Subject: [PATCH] update keyvault module

---
 main.tf      | 5 ++++-
 variables.tf | 4 +++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/main.tf b/main.tf
index 83534f0..9cd25fd 100644
--- a/main.tf
+++ b/main.tf
@@ -12,7 +12,7 @@ resource "azurerm_resource_group" "this" {
 }
 
 module "keyvault_with_cmk" {
-  source = "github.com/schubergphilis/terraform-azure-mcaf-key-vault.git?ref=v0.2.2"
+  source = "github.com/schubergphilis/terraform-azure-mcaf-key-vault.git?ref=v0.3.1"
 
   key_vault = {
     name                            = var.key_vault.name
@@ -32,6 +32,9 @@ module "keyvault_with_cmk" {
     subnet_ids                      = length(var.key_vault.subnet_ids) == 0 ? null : var.key_vault.subnet_ids
     network_bypass                  = "AzureServices"
     cmk_keys_create                 = true
+    cmk_rotation_period             = var.key_vault.cmk_rotation_period
+    cmk_expiry_period               = var.key_vault.cmk_expiry_period
+    cmk_notify_period               = var.key_vault.cmk_notify_period
     cmkrsa_key_name                 = var.key_vault.cmkrsa_key_name
     cmkec_key_name                  = var.key_vault.cmkec_key_name
   }
diff --git a/variables.tf b/variables.tf
index a033542..55a9a7f 100644
--- a/variables.tf
+++ b/variables.tf
@@ -24,7 +24,9 @@ variable "key_vault" {
     cmk_keys_create                 = optional(bool, true)
     cmkrsa_key_name                 = optional(string, "cmkrsa")
     cmkec_key_name                  = optional(string, "cmkec")
-    cmk_rotation_period             = optional(string, "P90D")
+    cmk_rotation_period             = optional(string, "P18M")
+    cmk_expiry_period               = optional(string, "P2Y")
+    cmk_notify_period               = optional(string, "P30D")
   })
 }