-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New Data Source: aws_kms_key #2224
Conversation
|
While I certainly see the value here, it seems it would also be fairly simple to provide a See also CreateAlias documentation:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@trung awesome work here! This is looking pretty good, just a few minor items to take care of then I believe this is good to go. Please let us know if you don't have time to finish this up. 😄
For what its worth given the ability for this to accept alias inputs as well, we might consider this data source for deprecating or aliasing the aws_kms_alias
data source to this one in the future.
aws/data_source_aws_kms_key.go
Outdated
|
||
func dataSourceAwsKmsKeyRead(d *schema.ResourceData, meta interface{}) error { | ||
conn := meta.(*AWSClient).kmsconn | ||
keyId, keyIdOk := d.GetOk("key_id") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Required: true
is set, so this can simply be keyId := d.Get("key_id")
aws/data_source_aws_kms_key.go
Outdated
} | ||
var grantTokens []*string | ||
if v, ok := d.GetOk("grant_tokens"); ok { | ||
for _, token := range v.([]interface{}) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe you can simplify this to just grantTokens = aws.StringSlice(v.([]string))
aws/data_source_aws_kms_key_test.go
Outdated
"github.com/hashicorp/terraform/terraform" | ||
) | ||
|
||
func TestAccDataSourceAwsKmsKey(t *testing.T) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nitpick: can you append _basic
to this function name please? Just a consistent convention we try to use everywhere
aws/data_source_aws_kms_key_test.go
Outdated
resource.TestStep{ | ||
Config: testAccDataSourceAwsKmsKeyConfig, | ||
Check: resource.ComposeTestCheckFunc( | ||
testAccDataSourceAwsKmsKeyCheck("data.aws_kms_key.arbitrary"), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nitpick: Can you add simple state checks for other attributes we're expecting to set? This helps with future maintainability. 👍 e.g. (not exhaustive below)
resource.TestMatchResourceAttr("data.aws_kms_key.arbitrary", "arn", regexp.MustCompile("^arn:[^:]+:kms:[^:]+:[^:]+:key/.+")),
resource.TestCheckResourceAttr("data.aws_kms_key.arbitrary", "enabled", "true"),
resource.TestCheckResourceAttrSet("data.aws_kms_key.arbitrary", "valid_to"),
aws/validators.go
Outdated
|
||
func validateKmsKey(v interface{}, k string) (ws []string, errors []error) { | ||
value := v.(string) | ||
arnPrefixPattern := `arn:[\w-]+:([a-zA-Z0-9\-])+:([a-z]{2}-(gov-)?[a-z]+-\d{1})?:(\d{12})?:` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we switch this to not assume anything about the format of AWS partitions, regions, and account IDs in the future please? arn:[^:]+:kms:[^:]+:[^:]+:
website/docs/d/kms_key.html.markdown
Outdated
Get information on a AWS Key Management Service (KMS) Key | ||
--- | ||
|
||
# aws\_kms\_key |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nitpick: Backslashes are no longer required in the documentation headers
@bflad thanks for the review |
@trung No worries at all, please enjoy your holiday! 🎉 |
@bflad I've made some changes per your review
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks great! Thanks for your work here! 🚀
make testacc TEST=./aws TESTARGS='-run=TestAccDataSourceAwsKmsKey'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -run=TestAccDataSourceAwsKmsKey -timeout 120m
=== RUN TestAccDataSourceAwsKmsKey_basic
--- PASS: TestAccDataSourceAwsKmsKey_basic (175.97s)
PASS
ok github.com/terraform-providers/terraform-provider-aws/aws 176.013s
This has been released in version 1.11.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
To fix #2009