update kms (#4)

* Update base aws provider to v5 and tf to 1.5

* Update tflint

* Update precommit config

* Update comment

---------

Co-authored-by: Poh Peng <[email protected]>

.pre-commit-config.yaml

@@ -1,6 +1,6 @@
 repos:
   - repo: https://github.com/gruntwork-io/pre-commit
-    rev: v0.1.17
+    rev: v0.1.22
     hooks:
       - id: terraform-fmt
       - id: terraform-validate
@@ -12,7 +12,7 @@ repos:
       - id: shellcheck
 
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.64.0
+    rev: v1.83.0
     hooks:
       - id: terraform_docs
         args:
@@ -22,7 +22,7 @@ repos:
           - --args=--exclude-downloaded-modules
       - id: checkov
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.1.0
+    rev: v4.4.0
     hooks:
       # Git style
       - id: check-added-large-files

.tflint.hcl

@@ -1,8 +1,8 @@
-# plugin "aws" {
-#   enabled = true
-#   version = "0.12.0"
-#   source  = "github.com/terraform-linters/tflint-ruleset-aws"
-# }
+plugin "aws" {
+  enabled = true
+  version = "0.26.0"
+  source  = "github.com/terraform-linters/tflint-ruleset-aws"
+}
 
 rule "terraform_deprecated_interpolation" {
   enabled = true

main.tf

@@ -29,8 +29,9 @@ resource "aws_kms_alias" "key" {
 data "aws_iam_policy_document" "iam_key_policy" {
   #checkov:skip=CKV_AWS_109:The policy is deliberately wide because it allows IAM control of the KMS
   #checkov:skip=CKV_AWS_111:The policy is deliberately wide because it allows IAM control of the KMS
+  #checkov:skip=CKV_AWS_356:The policyi s kept wide for IAM control of KMS
   statement {
-    sid = "Enable IAM User Permissions"
+    sid = "Allow administration of the key by key creator account"
 
     principals {
       type        = "AWS"

versions.tf

@@ -1,9 +1,9 @@
 terraform {
-  required_version = ">= 0.15"
+  required_version = ">= 1.5"
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 3.40"
+      version = ">= 5.0"
     }
   }
 }