Merge pull request #6148 from hashicorp/backport/dheath-add-key-id-field/trivially-more-caiman

This pull request was automerged via backport-assistant

website/content/docs/configuration/kms/aead.mdx

@@ -29,3 +29,5 @@ kms "aead" {
 - `key` - The base64-encoded 256-bit encryption key.
 
 - `key_id` - The unique name of this key.
+It is used to identify the key when you perform a root key migration.
+You can use the `key_id` field with all KMS stanzas.

website/content/docs/configuration/kms/alicloudkms.mdx

@@ -24,6 +24,7 @@ kms "alicloudkms" {
   access_key = "0wNEpMMlzy7szvai"
   secret_key = "PupkTg8jdmau1cXxYacgE736PJj4cA"
   kms_key_id = "08c33a6f-4e0a-4a1b-a3fa-7ddfa1d4fb73"
+  key_id     = "global_worker-auth"
 }
 ```
 
@@ -54,6 +55,10 @@ These parameters apply to the `kms` stanza in the Boundary configuration file:
   and decryption. May also be specified by the `ALICLOUDKMS_WRAPPER_KEY_ID`
   environment variable.
 
+- `key_id` - The unique name of this key.
+It is used to identify the key when you perform a root key migration.
+You can use the `key_id` field with all KMS stanzas.
+
 ## Authentication
 
 Authentication-related values must be provided, either as environment

website/content/docs/configuration/kms/awskms.mdx

@@ -22,6 +22,7 @@ kms "awskms" {
   secret_key = "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
   kms_key_id = "19ec80b0-dfdd-4d97-8164-c6examplekey"
   endpoint   = "https://vpce-0e1bb1852241f8cc6-pzi0do8n.kms.us-east-1.vpce.amazonaws.com"
+  key_id     = "global_worker-auth"
 }
 ```
 
@@ -78,6 +79,10 @@ These parameters apply to the `kms` stanza in the Boundary configuration file:
   Endpoint](https://docs.aws.amazon.com/kms/latest/developerguide/kms-vpc-endpoint.html).
   If not set, Boundary will use the default API endpoint for your region.
 
+- `key_id` - The unique name of this key.
+It is used to identify the key when you perform a root key migration.
+You can use the `key_id` field with all KMS stanzas.
+
 ## Authentication
 
 Authentication-related values must be provided, either as environment

website/content/docs/configuration/kms/azurekeyvault.mdx

@@ -25,6 +25,7 @@ kms "azurekeyvault" {
   client_secret  = "DUJDS3..."
   vault_name     = "hc-vault"
   key_name       = "vault_key"
+  key_id         = "global_worker-auth"
 }
 ```
 
@@ -53,6 +54,10 @@ These parameters apply to the `kms` stanza in the Vault configuration file:
 - `key_name` `(string: <required>)`: The Key Vault key to use for encryption and decryption. May also be specified by the
   `AZUREKEYVAULT_WRAPPER_KEY_NAME` environment variable.
 
+- `key_id` - The unique name of this key.
+It is used to identify the key when you perform a root key migration.
+You can use the `key_id` field with all KMS stanzas.
+
 ## Authentication
 
 Authentication-related values must be provided, either as environment

website/content/docs/configuration/kms/gcpckms.mdx

@@ -24,6 +24,7 @@ kms "gcpckms" {
   region      = "global"
   key_ring    = "boundary-keyring"
   crypto_key  = "boundary-key"
+  key_id      = "global_worker-auth"
 }
 ```
 
@@ -53,6 +54,10 @@ These parameters apply to the `kms` stanza in the Boundary configuration file:
   encryption and decryption. May also be specified by the `GCPCKMS_WRAPPER_CRYPTO_KEY`
   environment variable.
 
+- `key_id` - The unique name of this key.
+It is used to identify the key when you perform a root key migration.
+You can use the `key_id` field with all KMS stanzas.
+
 ## Authentication & permissions
 
 Authentication-related values must be provided, either as environment

website/content/docs/configuration/kms/transit.mdx

@@ -22,6 +22,7 @@ kms "transit" {
   address            = "https://vault:8200"
   token              = "s.Qf1s5zigZ4OX6akYjQXJC1jY"
   disable_renewal    = "false"
+  key_id             = "global_worker-auth"
 
   // Key configuration
   key_name           = "transit_key_name"
@@ -87,6 +88,10 @@ These parameters apply to the `kms` stanza in the Vault configuration file:
   transmissions to and from the Vault server. This may also be specified using the
   `VAULT_SKIP_VERIFY` environment variable.
 
+- `key_id` - The unique name of this key.
+It is used to identify the key when you perform a root key migration.
+You can use the `key_id` field with all KMS stanzas.
+
 ## Authentication
 
 Authentication-related values must be provided, either as environment