provider/aws: Add support for `encryption` and `kms_key_id` to `aws_ami` (#7181)

This fixes #7157. It doesn't change the way aws_ami works

```
make testacc TEST=./builtin/providers/aws
TESTARGS='-run=TestAccAWSAMICopy'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSAMICopy
-timeout 120m
=== RUN   TestAccAWSAMICopy
--- PASS: TestAccAWSAMICopy (479.75s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    479.769s
```
This commit is contained in:
Paul Stack 2016-07-05 15:50:48 +01:00 committed by Clint
parent be2469a05c
commit 58c324676d
2 changed files with 24 additions and 0 deletions

View File

@ -24,6 +24,20 @@ func resourceAwsAmiCopy() *schema.Resource {
ForceNew: true, ForceNew: true,
} }
resourceSchema["encrypted"] = &schema.Schema{
Type: schema.TypeBool,
Optional: true,
Default: false,
ForceNew: true,
}
resourceSchema["kms_key_id"] = &schema.Schema{
Type: schema.TypeString,
Optional: true,
Computed: true,
ForceNew: true,
}
return &schema.Resource{ return &schema.Resource{
Create: resourceAwsAmiCopyCreate, Create: resourceAwsAmiCopyCreate,
@ -45,6 +59,11 @@ func resourceAwsAmiCopyCreate(d *schema.ResourceData, meta interface{}) error {
Description: aws.String(d.Get("description").(string)), Description: aws.String(d.Get("description").(string)),
SourceImageId: aws.String(d.Get("source_ami_id").(string)), SourceImageId: aws.String(d.Get("source_ami_id").(string)),
SourceRegion: aws.String(d.Get("source_ami_region").(string)), SourceRegion: aws.String(d.Get("source_ami_region").(string)),
Encrypted: aws.Bool(d.Get("encrypted").(bool)),
}
if v, ok := d.GetOk("kms_key_id"); ok {
req.KmsKeyId = aws.String(v.(string))
} }
res, err := client.CopyImage(req) res, err := client.CopyImage(req)

View File

@ -78,6 +78,11 @@ Nested `ebs_block_device` blocks have the following structure:
as the selected snapshot. as the selected snapshot.
* `volume_type` - (Optional) The type of EBS volume to create. Can be one of "standard" (the * `volume_type` - (Optional) The type of EBS volume to create. Can be one of "standard" (the
default), "io1" or "gp2". default), "io1" or "gp2".
* `encrypted` - (Optional) Specifies whether the destination snapshots of the copied image should be encrypted.
The default CMK for EBS is used unless a non-default AWS Key Management Service (AWS KMS) CMK is specified with KmsKeyId.
* `kms_key_id` - (Optional) The full ARN of the AWS Key Management Service (AWS KMS) CMK to use when encrypting the snapshots of
an image during a copy operation. This parameter is only required if you want to use a non-default CMK;
if this parameter is not specified, the default CMK for EBS is used
Nested `ephemeral_block_device` blocks have the following structure: Nested `ephemeral_block_device` blocks have the following structure: