Merge pull request #8900 from kwilczynski/feature/json-validation-aws_kms_key
provider/aws: Add JSON validation to the aws_kms_key resource.
This commit is contained in:
Paul Stack
GitHub
commit
c5afc1ad03
|
|
@ -5,11 +5,11 @@ import (
|
||||||
"log"
|
"log"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/hashicorp/terraform/helper/resource"
|
|
||||||
"github.com/hashicorp/terraform/helper/schema"
|
|
||||||
|
|
||||||
"github.com/aws/aws-sdk-go/aws"
|
"github.com/aws/aws-sdk-go/aws"
|
||||||
"github.com/aws/aws-sdk-go/service/kms"
|
"github.com/aws/aws-sdk-go/service/kms"
|
||||||
|
"github.com/hashicorp/errwrap"
|
||||||
|
"github.com/hashicorp/terraform/helper/resource"
|
||||||
|
"github.com/hashicorp/terraform/helper/schema"
|
||||||
)
|
)
|
||||||
|
|
||||||
func resourceAwsKmsKey() *schema.Resource {
|
func resourceAwsKmsKey() *schema.Resource {
|
||||||
|
|
@ -55,6 +55,7 @@ func resourceAwsKmsKey() *schema.Resource {
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
Optional: true,
|
Optional: true,
|
||||||
Computed: true,
|
Computed: true,
|
||||||
|
ValidateFunc: validateJsonString,
|
||||||
DiffSuppressFunc: suppressEquivalentAwsPolicyDiffs,
|
DiffSuppressFunc: suppressEquivalentAwsPolicyDiffs,
|
||||||
},
|
},
|
||||||
"is_enabled": &schema.Schema{
|
"is_enabled": &schema.Schema{
|
||||||
|
|
@ -143,7 +144,11 @@ func resourceAwsKmsKeyRead(d *schema.ResourceData, meta interface{}) error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
d.Set("policy", normalizeJson(*p.Policy))
|
policy, err := normalizeJsonString(*p.Policy)
|
||||||
|
if err != nil {
|
||||||
|
return errwrap.Wrapf("policy contains an invalid JSON: {{err}}", err)
|
||||||
|
}
|
||||||
|
d.Set("policy", policy)
|
||||||
|
|
||||||
krs, err := conn.GetKeyRotationStatus(&kms.GetKeyRotationStatusInput{
|
krs, err := conn.GetKeyRotationStatus(&kms.GetKeyRotationStatusInput{
|
||||||
KeyId: metadata.KeyId,
|
KeyId: metadata.KeyId,
|
||||||
|
|
@ -216,17 +221,20 @@ func resourceAwsKmsKeyDescriptionUpdate(conn *kms.KMS, d *schema.ResourceData) e
|
||||||
}
|
}
|
||||||
|
|
||||||
func resourceAwsKmsKeyPolicyUpdate(conn *kms.KMS, d *schema.ResourceData) error {
|
func resourceAwsKmsKeyPolicyUpdate(conn *kms.KMS, d *schema.ResourceData) error {
|
||||||
policy := d.Get("policy").(string)
|
policy, err := normalizeJsonString(d.Get("policy").(string))
|
||||||
|
if err != nil {
|
||||||
|
return errwrap.Wrapf("policy contains an invalid JSON: {{err}}", err)
|
||||||
|
}
|
||||||
keyId := d.Get("key_id").(string)
|
keyId := d.Get("key_id").(string)
|
||||||
|
|
||||||
log.Printf("[DEBUG] KMS key: %s, update policy: %s", keyId, policy)
|
log.Printf("[DEBUG] KMS key: %s, update policy: %s", keyId, policy)
|
||||||
|
|
||||||
req := &kms.PutKeyPolicyInput{
|
req := &kms.PutKeyPolicyInput{
|
||||||
KeyId: aws.String(keyId),
|
KeyId: aws.String(keyId),
|
||||||
Policy: aws.String(normalizeJson(policy)),
|
Policy: aws.String(policy),
|
||||||
PolicyName: aws.String("default"),
|
PolicyName: aws.String("default"),
|
||||||
}
|
}
|
||||||
_, err := conn.PutKeyPolicy(req)
|
_, err = conn.PutKeyPolicy(req)
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue