ResiLien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #8900 from kwilczynski/feature/json-validation-aws_kms_key 

provider/aws: Add JSON validation to the aws_kms_key resource.
This commit is contained in:
Paul Stack 2016-09-22 09:26:12 +01:00 committed by GitHub
parent 7a8bfa13b5 8f689812d1
commit c5afc1ad03
1 changed files with 15 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
builtin/providers/aws/resource_aws_kms_key.go
View File

@ -5,11 +5,11 @@ import (
"log"
"time"
"github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/helper/schema"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/service/kms"
"github.com/hashicorp/errwrap"
"github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/helper/schema"
)
func resourceAwsKmsKey() *schema.Resource {
@ -55,6 +55,7 @@ func resourceAwsKmsKey() *schema.Resource {
Type: schema.TypeString,
Optional: true,
Computed: true,
ValidateFunc: validateJsonString,
DiffSuppressFunc: suppressEquivalentAwsPolicyDiffs,
},
"is_enabled": &schema.Schema{
@ -143,7 +144,11 @@ func resourceAwsKmsKeyRead(d *schema.ResourceData, meta interface{}) error {
return err
}
d.Set("policy", normalizeJson(*p.Policy))
policy, err := normalizeJsonString(*p.Policy)
if err != nil {
return errwrap.Wrapf("policy contains an invalid JSON: {{err}}", err)
}
d.Set("policy", policy)
krs, err := conn.GetKeyRotationStatus(&kms.GetKeyRotationStatusInput{
KeyId: metadata.KeyId,
@ -216,17 +221,20 @@ func resourceAwsKmsKeyDescriptionUpdate(conn *kms.KMS, d *schema.ResourceData) e
}
func resourceAwsKmsKeyPolicyUpdate(conn *kms.KMS, d *schema.ResourceData) error {
policy := d.Get("policy").(string)
policy, err := normalizeJsonString(d.Get("policy").(string))
if err != nil {
return errwrap.Wrapf("policy contains an invalid JSON: {{err}}", err)
}
keyId := d.Get("key_id").(string)
log.Printf("[DEBUG] KMS key: %s, update policy: %s", keyId, policy)
req := &kms.PutKeyPolicyInput{
KeyId: aws.String(keyId),
Policy: aws.String(normalizeJson(policy)),
Policy: aws.String(policy),
PolicyName: aws.String("default"),
}
_, err := conn.PutKeyPolicy(req)
_, err = conn.PutKeyPolicy(req)
return err
}