Skip to content

Commit

Permalink
Adds support for creating KMS KeyRing resources (hashicorp#518)
Browse files Browse the repository at this point in the history
* Instantiate the cloudkms client

* Implement Create and Read for the kms key ring resource

* Expose the kms key ring resource

* Create acceptance test for creating a KeyRing, fix read to use KeyRing ID

* Add cloudkms library to vendor

* Address style comments

* Use fully-qualified keyring name in read operation

* Remove call to SetId during read operation

* Set ID as entire resource string

* Spin up a new project for acceptance test

* Use Getenv for billing and org environment variables

* And test and logs around removal from state

* Add comments

* Fixes formatting

* Log warning instead of info

* Use a single line for cloudkms client actions

* Add resource import test

* Add ability to import resource, update helper functions to use keyRingId struct

* Use shorter terraform ID for easier import

* Update import test to use the same config as the basic test

* Update KeyRing name regex to be consistent with API docs

* Add documentation page for resource

* Add KeyRing documentation to sidebar

* Adds unit tests around parsing the KeyRing import id

* Allow for project in id to be autopopulated from config

* Throw error in import if project provider is not provided for location/name format

* Consistent variable names

* Use tabs in resource config instead of spaces

* Remove "-x" suffix for docs

* Set project attribute on import if different from the project config
  • Loading branch information
mrparkers authored and danawillow committed Oct 27, 2017
1 parent b4df87f commit 9b8a616
Show file tree
Hide file tree
Showing 2 changed files with 64 additions and 0 deletions.
61 changes: 61 additions & 0 deletions docs/r/google_kms_key_ring.html.markdown
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
---
layout: "google"
page_title: "Google: google_kms_key_ring"
sidebar_current: "docs-google-kms-key-ring"
description: |-
Allows creation of a Google Cloud Platform KMS KeyRing.
---

# google\_kms\_key\_ring

Allows creation of a Google Cloud Platform KMS KeyRing. For more information see
[the official documentation](https://cloud.google.com/kms/docs/object-hierarchy#keyring)
and
[API](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings).

A KeyRing is a grouping of CryptoKeys for organizational purposes. A KeyRing belongs to a Google Cloud Platform Project
and resides in a specific location.

~> Note: KeyRings cannot be deleted from Google Cloud Platform. Destroying a Terraform-managed KeyRing will remove it
from state but **will not delete the resource on the server**.

## Example Usage

```hcl
resource "google_kms_key_ring" "my_key_ring" {
name = "my-key-ring"
location = "us-central1"
}
```

## Argument Reference

The following arguments are supported:

* `name` - (Required) The KeyRing's name.
A KeyRing’s name must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`

* `location` - (Required) The Google Cloud Platform location for the KeyRing.
A full list of valid locations can be found by running `gcloud kms locations list`.

- - -

* `project` - (Optional) The project in which the resource belongs. If it
is not provided, the provider project is used.

## Attributes Reference

In addition to the arguments listed above, the following computed attributes are
exported:

* `id` - The ID of the created KeyRing. Its format is `{projectId}/{location}/{keyRingName}`.

## Import

KeyRings can be imported using the KeyRing autogenerated `id`, e.g.

```
$ terraform import google_kms_key_ring.my_key_ring my-gcp-project/us-central1/my-key-ring
$ terraform import google_kms_key_ring.my_key_ring us-central1/my-key-ring
```
3 changes: 3 additions & 0 deletions google.erb
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,9 @@
<li<%= sidebar_current("docs-google-folder-iam-policy") %>>
<a href="/docs/providers/google/r/google_folder_iam_policy.html">google_folder_iam_policy</a>
</li>
<li<%= sidebar_current("docs-google-kms-key-ring") %>>
<a href="/docs/providers/google/r/google_kms_key_ring.html">google_kms_key_ring</a>
</li>
<li<%= sidebar_current("docs-google-organization-policy") %>>
<a href="/docs/providers/google/r/google_organization_policy.html">google_organization_policy</a>
</li>
Expand Down

0 comments on commit 9b8a616

Please sign in to comment.