From 1cf39956fee8d48a5dbf3c33a0887eb4dcdeb81c Mon Sep 17 00:00:00 2001 From: nikhil-goenka <70277861+nikhil-goenka@users.noreply.github.com> Date: Tue, 8 Sep 2020 11:58:59 +0530 Subject: [PATCH 01/14] aws_fsx_lustre_file_system specify custom KMS Key --- aws/resource_aws_fsx_lustre_file_system.go | 20 +++++- ...esource_aws_fsx_lustre_file_system_test.go | 72 +++++++++++++++++++ 2 files changed, 91 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_fsx_lustre_file_system.go b/aws/resource_aws_fsx_lustre_file_system.go index a5b1e62aa0c..70cafcd39c2 100644 --- a/aws/resource_aws_fsx_lustre_file_system.go +++ b/aws/resource_aws_fsx_lustre_file_system.go @@ -119,6 +119,13 @@ func resourceAwsFsxLustreFileSystem() *schema.Resource { fsx.LustreDeploymentTypePersistent1, }, false), }, + "kms_key_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + ValidateFunc: validateArn, + }, "per_unit_storage_throughput": { Type: schema.TypeInt, Optional: true, @@ -183,14 +190,21 @@ func resourceAwsFsxLustreFileSystemCreate(d *schema.ResourceData, meta interface input.LustreConfiguration.WeeklyMaintenanceStartTime = aws.String(v.(string)) } + var t string if v, ok := d.GetOk("deployment_type"); ok { if input.LustreConfiguration == nil { input.LustreConfiguration = &fsx.CreateFileSystemLustreConfiguration{} } - + t = v.(string) input.LustreConfiguration.DeploymentType = aws.String(v.(string)) } + if v, ok := d.GetOk("kms_key_id"); ok { + if t == fsx.LustreDeploymentTypePersistent1 { + input.KmsKeyId = aws.String(v.(string)) + } + } + if v, ok := d.GetOk("per_unit_storage_throughput"); ok { if input.LustreConfiguration == nil { input.LustreConfiguration = &fsx.CreateFileSystemLustreConfiguration{} @@ -293,6 +307,10 @@ func resourceAwsFsxLustreFileSystemRead(d *schema.ResourceData, meta interface{} d.Set("per_unit_storage_throughput", filesystem.LustreConfiguration.PerUnitStorageThroughput) } + if filesystem.KmsKeyId != nil { + d.Set("kms_key_id", filesystem.KmsKeyId) + } + if err := d.Set("network_interface_ids", aws.StringValueSlice(filesystem.NetworkInterfaceIds)); err != nil { return fmt.Errorf("error setting network_interface_ids: %s", err) } diff --git a/aws/resource_aws_fsx_lustre_file_system_test.go b/aws/resource_aws_fsx_lustre_file_system_test.go index ce91ea68dba..f4d3baafad1 100644 --- a/aws/resource_aws_fsx_lustre_file_system_test.go +++ b/aws/resource_aws_fsx_lustre_file_system_test.go @@ -415,6 +415,44 @@ func TestAccAWSFsxLustreFileSystem_DeploymentTypePersistent1(t *testing.T) { }) } +func TestAccAWSFsxLustreFileSystem_KmsKeyId(t *testing.T) { + var filesystem1, filesystem2 fsx.FileSystem + resourceName := "aws_fsx_lustre_file_system.test" + kmsKeyResourceName1 := "aws_kms_key.test1" + kmsKeyResourceName2 := "aws_kms_key.test2" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckFsxLustreFileSystemDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsFsxLustreFileSystemConfigKmsKeyId1(), + Check: resource.ComposeTestCheckFunc( + testAccCheckFsxLustreFileSystemExists(resourceName, &filesystem1), + resource.TestCheckResourceAttr(resourceName, "deployment_type", fsx.LustreDeploymentTypePersistent1), + resource.TestCheckResourceAttrPair(resourceName, "kms_key_id", kmsKeyResourceName1, "arn"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"security_group_ids"}, + }, + { + Config: testAccAwsFsxLustreFileSystemConfigKmsKeyId2(), + Check: resource.ComposeTestCheckFunc( + testAccCheckFsxLustreFileSystemExists(resourceName, &filesystem2), + resource.TestCheckResourceAttr(resourceName, "deployment_type", fsx.LustreDeploymentTypePersistent1), + testAccCheckFsxWindowsFileSystemRecreated(&filesystem1, &filesystem2), + resource.TestCheckResourceAttrPair(resourceName, "kms_key_id", kmsKeyResourceName2, "arn"), + ), + }, + }, + }) +} + func TestAccAWSFsxLustreFileSystem_DeploymentTypeScratch2(t *testing.T) { var filesystem fsx.FileSystem resourceName := "aws_fsx_lustre_file_system.test" @@ -751,3 +789,37 @@ resource "aws_fsx_lustre_file_system" "test" { } `, perUnitStorageThroughput) } + +func testAccAwsFsxLustreFileSystemConfigKmsKeyId1() string { + return testAccAwsFsxLustreFileSystemConfigBase() + ` +resource "aws_kms_key" "test1" { + description = "FSx KMS Testing key" + deletion_window_in_days = 7 +} + +resource "aws_fsx_lustre_file_system" "test" { + storage_capacity = 1200 + subnet_ids = [aws_subnet.test1.id] + deployment_type = "PERSISTENT_1" + per_unit_storage_throughput = 50 + kms_key_id = aws_kms_key.test1.arn +} +` +} + +func testAccAwsFsxLustreFileSystemConfigKmsKeyId2() string { + return testAccAwsFsxLustreFileSystemConfigBase() + ` +resource "aws_kms_key" "test2" { + description = "FSx KMS Testing key" + deletion_window_in_days = 7 +} + +resource "aws_fsx_lustre_file_system" "test" { + storage_capacity = 1200 + subnet_ids = [aws_subnet.test1.id] + deployment_type = "PERSISTENT_1" + per_unit_storage_throughput = 50 + kms_key_id = aws_kms_key.test2.arn +} +` +} From 1138cb112b5133eaee0c7ab0fd4e613de150a4f9 Mon Sep 17 00:00:00 2001 From: nikhil-goenka <70277861+nikhil-goenka@users.noreply.github.com> Date: Tue, 8 Sep 2020 13:48:44 +0530 Subject: [PATCH 02/14] aws_fsx_lustre_file_system specify custom KMS Key --- website/docs/r/fsx_lustre_file_system.html.markdown | 1 + 1 file changed, 1 insertion(+) diff --git a/website/docs/r/fsx_lustre_file_system.html.markdown b/website/docs/r/fsx_lustre_file_system.html.markdown index d5fa12e32e1..613e086849e 100644 --- a/website/docs/r/fsx_lustre_file_system.html.markdown +++ b/website/docs/r/fsx_lustre_file_system.html.markdown @@ -33,6 +33,7 @@ The following arguments are supported: * `tags` - (Optional) A map of tags to assign to the file system. * `weekly_maintenance_start_time` - (Optional) The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone. * `deployment_type` - (Optional) - The filesystem deployment type. One of: `SCRATCH_1`, `SCRATCH_2`, `PERSISTENT_1`. +* `kms_key_id` - (Optional) ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key, required for the `PERSISTENT_1`. * `per_unit_storage_throughput` - (Optional) - Describes the amount of read and write throughput for each 1 tebibyte of storage, in MB/s/TiB, required for the `PERSISTENT_1` deployment_type. For valid values, see the [AWS documentation](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemLustreConfiguration.html). ## Attributes Reference From 9f6f591fa1852f47f8cb1cbb561fb40a43fc766f Mon Sep 17 00:00:00 2001 From: nikhil-goenka <70277861+nikhil-goenka@users.noreply.github.com> Date: Tue, 8 Sep 2020 13:59:58 +0530 Subject: [PATCH 03/14] aws_fsx_lustre_file_system specify custom KMS Key --- website/docs/r/fsx_lustre_file_system.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/fsx_lustre_file_system.html.markdown b/website/docs/r/fsx_lustre_file_system.html.markdown index 613e086849e..a1a2ce509df 100644 --- a/website/docs/r/fsx_lustre_file_system.html.markdown +++ b/website/docs/r/fsx_lustre_file_system.html.markdown @@ -33,7 +33,7 @@ The following arguments are supported: * `tags` - (Optional) A map of tags to assign to the file system. * `weekly_maintenance_start_time` - (Optional) The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone. * `deployment_type` - (Optional) - The filesystem deployment type. One of: `SCRATCH_1`, `SCRATCH_2`, `PERSISTENT_1`. -* `kms_key_id` - (Optional) ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key, required for the `PERSISTENT_1`. +* `kms_key_id` - (Optional) ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key, required for the `PERSISTENT_1`. * `per_unit_storage_throughput` - (Optional) - Describes the amount of read and write throughput for each 1 tebibyte of storage, in MB/s/TiB, required for the `PERSISTENT_1` deployment_type. For valid values, see the [AWS documentation](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemLustreConfiguration.html). ## Attributes Reference From bc0219f380fd669a4f5dfb74c3469f94436efd9e Mon Sep 17 00:00:00 2001 From: nikhil-goenka <70277861+nikhil-goenka@users.noreply.github.com> Date: Tue, 8 Sep 2020 11:58:59 +0530 Subject: [PATCH 04/14] aws_fsx_lustre_file_system specify custom KMS Key --- aws/resource_aws_fsx_lustre_file_system.go | 20 +++++- ...esource_aws_fsx_lustre_file_system_test.go | 72 +++++++++++++++++++ 2 files changed, 91 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_fsx_lustre_file_system.go b/aws/resource_aws_fsx_lustre_file_system.go index a5b1e62aa0c..70cafcd39c2 100644 --- a/aws/resource_aws_fsx_lustre_file_system.go +++ b/aws/resource_aws_fsx_lustre_file_system.go @@ -119,6 +119,13 @@ func resourceAwsFsxLustreFileSystem() *schema.Resource { fsx.LustreDeploymentTypePersistent1, }, false), }, + "kms_key_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + ValidateFunc: validateArn, + }, "per_unit_storage_throughput": { Type: schema.TypeInt, Optional: true, @@ -183,14 +190,21 @@ func resourceAwsFsxLustreFileSystemCreate(d *schema.ResourceData, meta interface input.LustreConfiguration.WeeklyMaintenanceStartTime = aws.String(v.(string)) } + var t string if v, ok := d.GetOk("deployment_type"); ok { if input.LustreConfiguration == nil { input.LustreConfiguration = &fsx.CreateFileSystemLustreConfiguration{} } - + t = v.(string) input.LustreConfiguration.DeploymentType = aws.String(v.(string)) } + if v, ok := d.GetOk("kms_key_id"); ok { + if t == fsx.LustreDeploymentTypePersistent1 { + input.KmsKeyId = aws.String(v.(string)) + } + } + if v, ok := d.GetOk("per_unit_storage_throughput"); ok { if input.LustreConfiguration == nil { input.LustreConfiguration = &fsx.CreateFileSystemLustreConfiguration{} @@ -293,6 +307,10 @@ func resourceAwsFsxLustreFileSystemRead(d *schema.ResourceData, meta interface{} d.Set("per_unit_storage_throughput", filesystem.LustreConfiguration.PerUnitStorageThroughput) } + if filesystem.KmsKeyId != nil { + d.Set("kms_key_id", filesystem.KmsKeyId) + } + if err := d.Set("network_interface_ids", aws.StringValueSlice(filesystem.NetworkInterfaceIds)); err != nil { return fmt.Errorf("error setting network_interface_ids: %s", err) } diff --git a/aws/resource_aws_fsx_lustre_file_system_test.go b/aws/resource_aws_fsx_lustre_file_system_test.go index ce91ea68dba..f4d3baafad1 100644 --- a/aws/resource_aws_fsx_lustre_file_system_test.go +++ b/aws/resource_aws_fsx_lustre_file_system_test.go @@ -415,6 +415,44 @@ func TestAccAWSFsxLustreFileSystem_DeploymentTypePersistent1(t *testing.T) { }) } +func TestAccAWSFsxLustreFileSystem_KmsKeyId(t *testing.T) { + var filesystem1, filesystem2 fsx.FileSystem + resourceName := "aws_fsx_lustre_file_system.test" + kmsKeyResourceName1 := "aws_kms_key.test1" + kmsKeyResourceName2 := "aws_kms_key.test2" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckFsxLustreFileSystemDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsFsxLustreFileSystemConfigKmsKeyId1(), + Check: resource.ComposeTestCheckFunc( + testAccCheckFsxLustreFileSystemExists(resourceName, &filesystem1), + resource.TestCheckResourceAttr(resourceName, "deployment_type", fsx.LustreDeploymentTypePersistent1), + resource.TestCheckResourceAttrPair(resourceName, "kms_key_id", kmsKeyResourceName1, "arn"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"security_group_ids"}, + }, + { + Config: testAccAwsFsxLustreFileSystemConfigKmsKeyId2(), + Check: resource.ComposeTestCheckFunc( + testAccCheckFsxLustreFileSystemExists(resourceName, &filesystem2), + resource.TestCheckResourceAttr(resourceName, "deployment_type", fsx.LustreDeploymentTypePersistent1), + testAccCheckFsxWindowsFileSystemRecreated(&filesystem1, &filesystem2), + resource.TestCheckResourceAttrPair(resourceName, "kms_key_id", kmsKeyResourceName2, "arn"), + ), + }, + }, + }) +} + func TestAccAWSFsxLustreFileSystem_DeploymentTypeScratch2(t *testing.T) { var filesystem fsx.FileSystem resourceName := "aws_fsx_lustre_file_system.test" @@ -751,3 +789,37 @@ resource "aws_fsx_lustre_file_system" "test" { } `, perUnitStorageThroughput) } + +func testAccAwsFsxLustreFileSystemConfigKmsKeyId1() string { + return testAccAwsFsxLustreFileSystemConfigBase() + ` +resource "aws_kms_key" "test1" { + description = "FSx KMS Testing key" + deletion_window_in_days = 7 +} + +resource "aws_fsx_lustre_file_system" "test" { + storage_capacity = 1200 + subnet_ids = [aws_subnet.test1.id] + deployment_type = "PERSISTENT_1" + per_unit_storage_throughput = 50 + kms_key_id = aws_kms_key.test1.arn +} +` +} + +func testAccAwsFsxLustreFileSystemConfigKmsKeyId2() string { + return testAccAwsFsxLustreFileSystemConfigBase() + ` +resource "aws_kms_key" "test2" { + description = "FSx KMS Testing key" + deletion_window_in_days = 7 +} + +resource "aws_fsx_lustre_file_system" "test" { + storage_capacity = 1200 + subnet_ids = [aws_subnet.test1.id] + deployment_type = "PERSISTENT_1" + per_unit_storage_throughput = 50 + kms_key_id = aws_kms_key.test2.arn +} +` +} From 4875d2f8288361168fda3b9b5776a01802c5e25a Mon Sep 17 00:00:00 2001 From: nikhil-goenka <70277861+nikhil-goenka@users.noreply.github.com> Date: Tue, 8 Sep 2020 13:48:44 +0530 Subject: [PATCH 05/14] aws_fsx_lustre_file_system specify custom KMS Key --- website/docs/r/fsx_lustre_file_system.html.markdown | 1 + 1 file changed, 1 insertion(+) diff --git a/website/docs/r/fsx_lustre_file_system.html.markdown b/website/docs/r/fsx_lustre_file_system.html.markdown index d5fa12e32e1..613e086849e 100644 --- a/website/docs/r/fsx_lustre_file_system.html.markdown +++ b/website/docs/r/fsx_lustre_file_system.html.markdown @@ -33,6 +33,7 @@ The following arguments are supported: * `tags` - (Optional) A map of tags to assign to the file system. * `weekly_maintenance_start_time` - (Optional) The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone. * `deployment_type` - (Optional) - The filesystem deployment type. One of: `SCRATCH_1`, `SCRATCH_2`, `PERSISTENT_1`. +* `kms_key_id` - (Optional) ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key, required for the `PERSISTENT_1`. * `per_unit_storage_throughput` - (Optional) - Describes the amount of read and write throughput for each 1 tebibyte of storage, in MB/s/TiB, required for the `PERSISTENT_1` deployment_type. For valid values, see the [AWS documentation](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemLustreConfiguration.html). ## Attributes Reference From 55a118478020f712384566361d5fbded5ae34d4f Mon Sep 17 00:00:00 2001 From: nikhil-goenka <70277861+nikhil-goenka@users.noreply.github.com> Date: Tue, 8 Sep 2020 13:59:58 +0530 Subject: [PATCH 06/14] aws_fsx_lustre_file_system specify custom KMS Key --- website/docs/r/fsx_lustre_file_system.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/fsx_lustre_file_system.html.markdown b/website/docs/r/fsx_lustre_file_system.html.markdown index 613e086849e..a1a2ce509df 100644 --- a/website/docs/r/fsx_lustre_file_system.html.markdown +++ b/website/docs/r/fsx_lustre_file_system.html.markdown @@ -33,7 +33,7 @@ The following arguments are supported: * `tags` - (Optional) A map of tags to assign to the file system. * `weekly_maintenance_start_time` - (Optional) The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone. * `deployment_type` - (Optional) - The filesystem deployment type. One of: `SCRATCH_1`, `SCRATCH_2`, `PERSISTENT_1`. -* `kms_key_id` - (Optional) ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key, required for the `PERSISTENT_1`. +* `kms_key_id` - (Optional) ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key, required for the `PERSISTENT_1`. * `per_unit_storage_throughput` - (Optional) - Describes the amount of read and write throughput for each 1 tebibyte of storage, in MB/s/TiB, required for the `PERSISTENT_1` deployment_type. For valid values, see the [AWS documentation](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemLustreConfiguration.html). ## Attributes Reference From 8b564f753dde4907a12e3db988eb744a9fff8c39 Mon Sep 17 00:00:00 2001 From: nikhil-goenka <70277861+nikhil-goenka@users.noreply.github.com> Date: Tue, 8 Sep 2020 11:58:59 +0530 Subject: [PATCH 07/14] aws_fsx_lustre_file_system specify custom KMS Key --- aws/resource_aws_fsx_lustre_file_system.go | 20 +++++- ...esource_aws_fsx_lustre_file_system_test.go | 72 +++++++++++++++++++ 2 files changed, 91 insertions(+), 1 deletion(-) diff --git a/aws/resource_aws_fsx_lustre_file_system.go b/aws/resource_aws_fsx_lustre_file_system.go index a5b1e62aa0c..70cafcd39c2 100644 --- a/aws/resource_aws_fsx_lustre_file_system.go +++ b/aws/resource_aws_fsx_lustre_file_system.go @@ -119,6 +119,13 @@ func resourceAwsFsxLustreFileSystem() *schema.Resource { fsx.LustreDeploymentTypePersistent1, }, false), }, + "kms_key_id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + ForceNew: true, + ValidateFunc: validateArn, + }, "per_unit_storage_throughput": { Type: schema.TypeInt, Optional: true, @@ -183,14 +190,21 @@ func resourceAwsFsxLustreFileSystemCreate(d *schema.ResourceData, meta interface input.LustreConfiguration.WeeklyMaintenanceStartTime = aws.String(v.(string)) } + var t string if v, ok := d.GetOk("deployment_type"); ok { if input.LustreConfiguration == nil { input.LustreConfiguration = &fsx.CreateFileSystemLustreConfiguration{} } - + t = v.(string) input.LustreConfiguration.DeploymentType = aws.String(v.(string)) } + if v, ok := d.GetOk("kms_key_id"); ok { + if t == fsx.LustreDeploymentTypePersistent1 { + input.KmsKeyId = aws.String(v.(string)) + } + } + if v, ok := d.GetOk("per_unit_storage_throughput"); ok { if input.LustreConfiguration == nil { input.LustreConfiguration = &fsx.CreateFileSystemLustreConfiguration{} @@ -293,6 +307,10 @@ func resourceAwsFsxLustreFileSystemRead(d *schema.ResourceData, meta interface{} d.Set("per_unit_storage_throughput", filesystem.LustreConfiguration.PerUnitStorageThroughput) } + if filesystem.KmsKeyId != nil { + d.Set("kms_key_id", filesystem.KmsKeyId) + } + if err := d.Set("network_interface_ids", aws.StringValueSlice(filesystem.NetworkInterfaceIds)); err != nil { return fmt.Errorf("error setting network_interface_ids: %s", err) } diff --git a/aws/resource_aws_fsx_lustre_file_system_test.go b/aws/resource_aws_fsx_lustre_file_system_test.go index ce91ea68dba..f4d3baafad1 100644 --- a/aws/resource_aws_fsx_lustre_file_system_test.go +++ b/aws/resource_aws_fsx_lustre_file_system_test.go @@ -415,6 +415,44 @@ func TestAccAWSFsxLustreFileSystem_DeploymentTypePersistent1(t *testing.T) { }) } +func TestAccAWSFsxLustreFileSystem_KmsKeyId(t *testing.T) { + var filesystem1, filesystem2 fsx.FileSystem + resourceName := "aws_fsx_lustre_file_system.test" + kmsKeyResourceName1 := "aws_kms_key.test1" + kmsKeyResourceName2 := "aws_kms_key.test2" + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testAccCheckFsxLustreFileSystemDestroy, + Steps: []resource.TestStep{ + { + Config: testAccAwsFsxLustreFileSystemConfigKmsKeyId1(), + Check: resource.ComposeTestCheckFunc( + testAccCheckFsxLustreFileSystemExists(resourceName, &filesystem1), + resource.TestCheckResourceAttr(resourceName, "deployment_type", fsx.LustreDeploymentTypePersistent1), + resource.TestCheckResourceAttrPair(resourceName, "kms_key_id", kmsKeyResourceName1, "arn"), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + ImportStateVerifyIgnore: []string{"security_group_ids"}, + }, + { + Config: testAccAwsFsxLustreFileSystemConfigKmsKeyId2(), + Check: resource.ComposeTestCheckFunc( + testAccCheckFsxLustreFileSystemExists(resourceName, &filesystem2), + resource.TestCheckResourceAttr(resourceName, "deployment_type", fsx.LustreDeploymentTypePersistent1), + testAccCheckFsxWindowsFileSystemRecreated(&filesystem1, &filesystem2), + resource.TestCheckResourceAttrPair(resourceName, "kms_key_id", kmsKeyResourceName2, "arn"), + ), + }, + }, + }) +} + func TestAccAWSFsxLustreFileSystem_DeploymentTypeScratch2(t *testing.T) { var filesystem fsx.FileSystem resourceName := "aws_fsx_lustre_file_system.test" @@ -751,3 +789,37 @@ resource "aws_fsx_lustre_file_system" "test" { } `, perUnitStorageThroughput) } + +func testAccAwsFsxLustreFileSystemConfigKmsKeyId1() string { + return testAccAwsFsxLustreFileSystemConfigBase() + ` +resource "aws_kms_key" "test1" { + description = "FSx KMS Testing key" + deletion_window_in_days = 7 +} + +resource "aws_fsx_lustre_file_system" "test" { + storage_capacity = 1200 + subnet_ids = [aws_subnet.test1.id] + deployment_type = "PERSISTENT_1" + per_unit_storage_throughput = 50 + kms_key_id = aws_kms_key.test1.arn +} +` +} + +func testAccAwsFsxLustreFileSystemConfigKmsKeyId2() string { + return testAccAwsFsxLustreFileSystemConfigBase() + ` +resource "aws_kms_key" "test2" { + description = "FSx KMS Testing key" + deletion_window_in_days = 7 +} + +resource "aws_fsx_lustre_file_system" "test" { + storage_capacity = 1200 + subnet_ids = [aws_subnet.test1.id] + deployment_type = "PERSISTENT_1" + per_unit_storage_throughput = 50 + kms_key_id = aws_kms_key.test2.arn +} +` +} From 919a1d5527bfc645bc41ad045373947acb1b4adf Mon Sep 17 00:00:00 2001 From: nikhil-goenka <70277861+nikhil-goenka@users.noreply.github.com> Date: Tue, 8 Sep 2020 13:48:44 +0530 Subject: [PATCH 08/14] aws_fsx_lustre_file_system specify custom KMS Key --- website/docs/r/fsx_lustre_file_system.html.markdown | 1 + 1 file changed, 1 insertion(+) diff --git a/website/docs/r/fsx_lustre_file_system.html.markdown b/website/docs/r/fsx_lustre_file_system.html.markdown index d5fa12e32e1..613e086849e 100644 --- a/website/docs/r/fsx_lustre_file_system.html.markdown +++ b/website/docs/r/fsx_lustre_file_system.html.markdown @@ -33,6 +33,7 @@ The following arguments are supported: * `tags` - (Optional) A map of tags to assign to the file system. * `weekly_maintenance_start_time` - (Optional) The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone. * `deployment_type` - (Optional) - The filesystem deployment type. One of: `SCRATCH_1`, `SCRATCH_2`, `PERSISTENT_1`. +* `kms_key_id` - (Optional) ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key, required for the `PERSISTENT_1`. * `per_unit_storage_throughput` - (Optional) - Describes the amount of read and write throughput for each 1 tebibyte of storage, in MB/s/TiB, required for the `PERSISTENT_1` deployment_type. For valid values, see the [AWS documentation](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemLustreConfiguration.html). ## Attributes Reference From 1a0f5dd56d8c6851f577811ca0f0d7075ccf4615 Mon Sep 17 00:00:00 2001 From: nikhil-goenka <70277861+nikhil-goenka@users.noreply.github.com> Date: Tue, 8 Sep 2020 13:59:58 +0530 Subject: [PATCH 09/14] aws_fsx_lustre_file_system specify custom KMS Key --- website/docs/r/fsx_lustre_file_system.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/fsx_lustre_file_system.html.markdown b/website/docs/r/fsx_lustre_file_system.html.markdown index 613e086849e..a1a2ce509df 100644 --- a/website/docs/r/fsx_lustre_file_system.html.markdown +++ b/website/docs/r/fsx_lustre_file_system.html.markdown @@ -33,7 +33,7 @@ The following arguments are supported: * `tags` - (Optional) A map of tags to assign to the file system. * `weekly_maintenance_start_time` - (Optional) The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone. * `deployment_type` - (Optional) - The filesystem deployment type. One of: `SCRATCH_1`, `SCRATCH_2`, `PERSISTENT_1`. -* `kms_key_id` - (Optional) ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key, required for the `PERSISTENT_1`. +* `kms_key_id` - (Optional) ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key, required for the `PERSISTENT_1`. * `per_unit_storage_throughput` - (Optional) - Describes the amount of read and write throughput for each 1 tebibyte of storage, in MB/s/TiB, required for the `PERSISTENT_1` deployment_type. For valid values, see the [AWS documentation](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemLustreConfiguration.html). ## Attributes Reference From 9eab2ac37a2c07dcc92a8cc320337ccef376e245 Mon Sep 17 00:00:00 2001 From: nikhil-goenka <70277861+nikhil-goenka@users.noreply.github.com> Date: Mon, 21 Sep 2020 20:48:05 +0530 Subject: [PATCH 10/14] tech-debt/aws_rds_cluster:TestAccAWSRDSCluster_SnapshotIdentifier_PreferredBackupWindow --- aws/resource_aws_fsx_lustre_file_system.go | 26 +++++++++------------- 1 file changed, 11 insertions(+), 15 deletions(-) diff --git a/aws/resource_aws_fsx_lustre_file_system.go b/aws/resource_aws_fsx_lustre_file_system.go index 50906e202c6..ff7b1d0df99 100644 --- a/aws/resource_aws_fsx_lustre_file_system.go +++ b/aws/resource_aws_fsx_lustre_file_system.go @@ -161,6 +161,17 @@ func resourceAwsFsxLustreFileSystemCreate(d *schema.ResourceData, meta interface }, } + var t string + if v, ok := d.GetOk("deployment_type"); ok { + t = v.(string) + } + + if v, ok := d.GetOk("kms_key_id"); ok { + if t == fsx.LustreDeploymentTypePersistent1 { + input.KmsKeyId = aws.String(v.(string)) + } + } + if v, ok := d.GetOk("automatic_backup_retention_days"); ok { input.LustreConfiguration.AutomaticBackupRetentionDays = aws.Int64(int64(v.(int))) } @@ -189,21 +200,6 @@ func resourceAwsFsxLustreFileSystemCreate(d *schema.ResourceData, meta interface input.LustreConfiguration.WeeklyMaintenanceStartTime = aws.String(v.(string)) } - var t string - if v, ok := d.GetOk("deployment_type"); ok { - if input.LustreConfiguration == nil { - input.LustreConfiguration = &fsx.CreateFileSystemLustreConfiguration{} - } - t = v.(string) - input.LustreConfiguration.DeploymentType = aws.String(v.(string)) - } - - if v, ok := d.GetOk("kms_key_id"); ok { - if t == fsx.LustreDeploymentTypePersistent1 { - input.KmsKeyId = aws.String(v.(string)) - } - } - if v, ok := d.GetOk("per_unit_storage_throughput"); ok { input.LustreConfiguration.PerUnitStorageThroughput = aws.Int64(int64(v.(int))) } From e37270565913e699596cc69324be98361e0bc9f5 Mon Sep 17 00:00:00 2001 From: nikhil-goenka <70277861+nikhil-goenka@users.noreply.github.com> Date: Mon, 21 Sep 2020 21:45:12 +0530 Subject: [PATCH 11/14] tech-debt/aws_rds_cluster:TestAccAWSRDSCluster_SnapshotIdentifier_PreferredBackupWindow --- aws/resource_aws_fsx_lustre_file_system.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aws/resource_aws_fsx_lustre_file_system.go b/aws/resource_aws_fsx_lustre_file_system.go index ff7b1d0df99..f0c36c5c64c 100644 --- a/aws/resource_aws_fsx_lustre_file_system.go +++ b/aws/resource_aws_fsx_lustre_file_system.go @@ -161,7 +161,7 @@ func resourceAwsFsxLustreFileSystemCreate(d *schema.ResourceData, meta interface }, } - var t string + var t string if v, ok := d.GetOk("deployment_type"); ok { t = v.(string) } From 2301bd05d9f4b97602f86401cbd0306159f1f6a7 Mon Sep 17 00:00:00 2001 From: nikhil-goenka <70277861+nikhil-goenka@users.noreply.github.com> Date: Mon, 21 Sep 2020 22:37:12 +0530 Subject: [PATCH 12/14] tech-debt/aws_rds_cluster:TestAccAWSRDSCluster_SnapshotIdentifier_PreferredBackupWindow --- aws/resource_aws_fsx_lustre_file_system.go | 10 ++-------- website/docs/r/fsx_lustre_file_system.html.markdown | 2 +- 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/aws/resource_aws_fsx_lustre_file_system.go b/aws/resource_aws_fsx_lustre_file_system.go index f0c36c5c64c..05ce2e7f4e5 100644 --- a/aws/resource_aws_fsx_lustre_file_system.go +++ b/aws/resource_aws_fsx_lustre_file_system.go @@ -161,15 +161,9 @@ func resourceAwsFsxLustreFileSystemCreate(d *schema.ResourceData, meta interface }, } - var t string - if v, ok := d.GetOk("deployment_type"); ok { - t = v.(string) - } - + //Applicable only for TypePersistent1 if v, ok := d.GetOk("kms_key_id"); ok { - if t == fsx.LustreDeploymentTypePersistent1 { - input.KmsKeyId = aws.String(v.(string)) - } + input.KmsKeyId = aws.String(v.(string)) } if v, ok := d.GetOk("automatic_backup_retention_days"); ok { diff --git a/website/docs/r/fsx_lustre_file_system.html.markdown b/website/docs/r/fsx_lustre_file_system.html.markdown index 0381456b88c..5044a62b0c6 100644 --- a/website/docs/r/fsx_lustre_file_system.html.markdown +++ b/website/docs/r/fsx_lustre_file_system.html.markdown @@ -33,7 +33,7 @@ The following arguments are supported: * `tags` - (Optional) A map of tags to assign to the file system. * `weekly_maintenance_start_time` - (Optional) The preferred start time (in `d:HH:MM` format) to perform weekly maintenance, in the UTC time zone. * `deployment_type` - (Optional) - The filesystem deployment type. One of: `SCRATCH_1`, `SCRATCH_2`, `PERSISTENT_1`. -* `kms_key_id` - (Optional) ARN for the KMS Key to encrypt the file system at rest. Defaults to an AWS managed KMS Key, required for the `PERSISTENT_1`. +* `kms_key_id` - (Optional) ARN for the KMS Key to encrypt the file system at rest, applicable for `PERSISTENT_1`. Defaults to an AWS managed KMS Key. * `per_unit_storage_throughput` - (Optional) - Describes the amount of read and write throughput for each 1 tebibyte of storage, in MB/s/TiB, required for the `PERSISTENT_1` deployment_type. For valid values, see the [AWS documentation](https://docs.aws.amazon.com/fsx/latest/APIReference/API_CreateFileSystemLustreConfiguration.html). * `automatic_backup_retention_days` - (Optional) The number of days to retain automatic backups. Setting this to 0 disables automatic backups. You can retain automatic backups for a maximum of 35 days. only valid for `PERSISTENT_1` deployment_type. From ca7d23aa0f3a35f0b4f9b528d80a7771d95f5420 Mon Sep 17 00:00:00 2001 From: nikhil-goenka <70277861+nikhil-goenka@users.noreply.github.com> Date: Tue, 22 Sep 2020 10:01:06 +0530 Subject: [PATCH 13/14] f/aws_fsx_lustre_file_system specify custom KMS Key --- aws/resource_aws_fsx_lustre_file_system_test.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/aws/resource_aws_fsx_lustre_file_system_test.go b/aws/resource_aws_fsx_lustre_file_system_test.go index 96d1a1c2bf9..582fa167339 100644 --- a/aws/resource_aws_fsx_lustre_file_system_test.go +++ b/aws/resource_aws_fsx_lustre_file_system_test.go @@ -432,6 +432,7 @@ func TestAccAWSFsxLustreFileSystem_automaticBackupRetentionDays(t *testing.T) { func TestAccAWSFsxLustreFileSystem_DeploymentTypePersistent1(t *testing.T) { var filesystem fsx.FileSystem resourceName := "aws_fsx_lustre_file_system.test" + datakmsKeyArn := "data.aws_kms_alias.fsx" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -446,6 +447,7 @@ func TestAccAWSFsxLustreFileSystem_DeploymentTypePersistent1(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "per_unit_storage_throughput", "50"), resource.TestCheckResourceAttr(resourceName, "deployment_type", fsx.LustreDeploymentTypePersistent1), resource.TestCheckResourceAttr(resourceName, "automatic_backup_retention_days", "0"), + resource.TestCheckResourceAttrPair(resourceName, "kms_key_id", datakmsKeyArn, "target_key_arn"), ), }, { @@ -824,6 +826,10 @@ resource "aws_fsx_lustre_file_system" "test" { deployment_type = "PERSISTENT_1" per_unit_storage_throughput = %[1]d } + +data "aws_kms_alias" "fsx" { + name = "alias/aws/fsx" +} `, perUnitStorageThroughput) } From 07ac2944435fcb34f7bab425c15c3c6413963e3e Mon Sep 17 00:00:00 2001 From: nikhil-goenka <70277861+nikhil-goenka@users.noreply.github.com> Date: Tue, 22 Sep 2020 18:43:53 +0530 Subject: [PATCH 14/14] f/aws_fsx_lustre_file_system specify custom KMS Key --- aws/resource_aws_fsx_lustre_file_system_test.go | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/aws/resource_aws_fsx_lustre_file_system_test.go b/aws/resource_aws_fsx_lustre_file_system_test.go index 582fa167339..6f862028f75 100644 --- a/aws/resource_aws_fsx_lustre_file_system_test.go +++ b/aws/resource_aws_fsx_lustre_file_system_test.go @@ -432,7 +432,6 @@ func TestAccAWSFsxLustreFileSystem_automaticBackupRetentionDays(t *testing.T) { func TestAccAWSFsxLustreFileSystem_DeploymentTypePersistent1(t *testing.T) { var filesystem fsx.FileSystem resourceName := "aws_fsx_lustre_file_system.test" - datakmsKeyArn := "data.aws_kms_alias.fsx" resource.ParallelTest(t, resource.TestCase{ PreCheck: func() { testAccPreCheck(t) }, @@ -447,7 +446,7 @@ func TestAccAWSFsxLustreFileSystem_DeploymentTypePersistent1(t *testing.T) { resource.TestCheckResourceAttr(resourceName, "per_unit_storage_throughput", "50"), resource.TestCheckResourceAttr(resourceName, "deployment_type", fsx.LustreDeploymentTypePersistent1), resource.TestCheckResourceAttr(resourceName, "automatic_backup_retention_days", "0"), - resource.TestCheckResourceAttrPair(resourceName, "kms_key_id", datakmsKeyArn, "target_key_arn"), + testAccMatchResourceAttrRegionalARN(resourceName, "kms_key_id", "kms", regexp.MustCompile(`key/.+`)), ), }, { @@ -826,10 +825,6 @@ resource "aws_fsx_lustre_file_system" "test" { deployment_type = "PERSISTENT_1" per_unit_storage_throughput = %[1]d } - -data "aws_kms_alias" "fsx" { - name = "alias/aws/fsx" -} `, perUnitStorageThroughput) }