Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make sure KMS key "deletion" disables rotation #1761

Merged
merged 3 commits into from
May 15, 2019
Merged

Make sure KMS key "deletion" disables rotation #1761

merged 3 commits into from
May 15, 2019

Conversation

emilymye
Copy link
Contributor

Fixes hashicorp/terraform-provider-google#3612

Also change some comment styling

[all]

[terraform]

Make sure KMS key "deletion" disables rotation

[terraform-beta]

Make sure KMS key "deletion" disables rotation

[ansible]

[inspec]

@emilymye emilymye requested review from chrisst and danawillow May 14, 2019 23:02
@modular-magician
Copy link
Collaborator

Hi! I'm the modular magician, I work on Magic Modules.
This PR seems not to have generated downstream PRs before, as of 22dbe72.

Pull request statuses

No diff detected in terraform-google-conversion.
No diff detected in Ansible.
No diff detected in Inspec.

New Pull Requests

I built this PR into one or more new PRs on other repositories, and when those are closed, this PR will also be merged and closed.
depends: hashicorp/terraform-provider-google-beta#705
depends: hashicorp/terraform-provider-google#3624

chrisst
chrisst approved these changes May 15, 2019
View reviewed changes
Copy link
Contributor

@chrisst chrisst left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there any reason somebody would have relied on keys continuing to rotate after deletion? I'm wondering if this needs to be opt it or if it's just further cleaning an inert keyring.
Otherwise 👍

@emilymye
Copy link
Contributor Author

@chrisst from what I could tell (talking to seth) this was the intended behavior of destroy before, and so it's a bug that we probably shouldn't make a feature. I think if someone is destroying a resource via Terraform, they want to treat the ring like it's been completely deleted/made unusable. We can add a message to the changelog. @paddycarver do you think this counts as a breaking change?

@modular-magician
Copy link
Collaborator

Hi! I'm the modular magician, I work on Magic Modules.
I see that this PR has already had some downstream PRs generated. Any open downstreams are already updated to your most recent commit, e186724.

Pull request statuses

terraform-provider-google-beta already has an open PR.
No diff detected in terraform-google-conversion.
terraform-provider-google already has an open PR.
No diff detected in Ansible.
No diff detected in Inspec.

New Pull Requests

I didn't open any new pull requests because of this PR.

@modular-magician
Update tracked submodules -> HEAD on Wed May 15 17:28:51 UTC 2019
41245b0 
Tracked submodules are build/terraform-beta build/terraform-mapper build/terraform build/ansible build/inspec.
@modular-magician modular-magician merged commit 62bd73e into GoogleCloudPlatform:master May 15, 2019
@steved steved mentioned this pull request Jun 7, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chrisst chrisst chrisst approved these changes

@danawillow danawillow danawillow approved these changes

Assignees
No one assigned
Labels
automerged cla: yes downstream-generated terraform-provider-google terraform-provider-google-beta
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add feature to delete key material and disable key rotation on destroy of a TF stack
5 participants
@emilymye @modular-magician @danawillow @chrisst @googlebot