aws: kms_key - add forgotten policy read call + normalize
This commit is contained in:
parent
4c1f8db32d
commit
ccedb36a86
|
@ -46,9 +46,10 @@ func resourceAwsKmsKey() *schema.Resource {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
"policy": &schema.Schema{
|
"policy": &schema.Schema{
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
Optional: true,
|
Optional: true,
|
||||||
Computed: true,
|
Computed: true,
|
||||||
|
StateFunc: normalizeJson,
|
||||||
},
|
},
|
||||||
"deletion_window_in_days": &schema.Schema{
|
"deletion_window_in_days": &schema.Schema{
|
||||||
Type: schema.TypeInt,
|
Type: schema.TypeInt,
|
||||||
|
@ -85,24 +86,24 @@ func resourceAwsKmsKeyCreate(d *schema.ResourceData, meta interface{}) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
return resourceAwsKmsKeyReadResult(d, resp.KeyMetadata)
|
|
||||||
|
d.SetId(*resp.KeyMetadata.KeyId)
|
||||||
|
|
||||||
|
return resourceAwsKmsKeyRead(d, meta)
|
||||||
}
|
}
|
||||||
|
|
||||||
func resourceAwsKmsKeyRead(d *schema.ResourceData, meta interface{}) error {
|
func resourceAwsKmsKeyRead(d *schema.ResourceData, meta interface{}) error {
|
||||||
conn := meta.(*AWSClient).kmsconn
|
conn := meta.(*AWSClient).kmsconn
|
||||||
keyId := d.Get("key_id").(string)
|
|
||||||
|
|
||||||
req := &kms.DescribeKeyInput{
|
req := &kms.DescribeKeyInput{
|
||||||
KeyId: aws.String(keyId),
|
KeyId: aws.String(d.Id()),
|
||||||
}
|
}
|
||||||
resp, err := conn.DescribeKey(req)
|
resp, err := conn.DescribeKey(req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
return resourceAwsKmsKeyReadResult(d, resp.KeyMetadata)
|
metadata := resp.KeyMetadata
|
||||||
}
|
|
||||||
|
|
||||||
func resourceAwsKmsKeyReadResult(d *schema.ResourceData, metadata *kms.KeyMetadata) error {
|
|
||||||
d.SetId(*metadata.KeyId)
|
d.SetId(*metadata.KeyId)
|
||||||
|
|
||||||
d.Set("arn", metadata.Arn)
|
d.Set("arn", metadata.Arn)
|
||||||
|
@ -110,6 +111,16 @@ func resourceAwsKmsKeyReadResult(d *schema.ResourceData, metadata *kms.KeyMetada
|
||||||
d.Set("description", metadata.Description)
|
d.Set("description", metadata.Description)
|
||||||
d.Set("key_usage", metadata.KeyUsage)
|
d.Set("key_usage", metadata.KeyUsage)
|
||||||
|
|
||||||
|
p, err := conn.GetKeyPolicy(&kms.GetKeyPolicyInput{
|
||||||
|
KeyId: metadata.KeyId,
|
||||||
|
PolicyName: aws.String("default"),
|
||||||
|
})
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
d.Set("policy", normalizeJson(*p.Policy))
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -151,7 +162,7 @@ func resourceAwsKmsKeyPolicyUpdate(conn *kms.KMS, d *schema.ResourceData) error
|
||||||
|
|
||||||
req := &kms.PutKeyPolicyInput{
|
req := &kms.PutKeyPolicyInput{
|
||||||
KeyId: aws.String(keyId),
|
KeyId: aws.String(keyId),
|
||||||
Policy: aws.String(policy),
|
Policy: aws.String(normalizeJson(policy)),
|
||||||
PolicyName: aws.String("default"),
|
PolicyName: aws.String("default"),
|
||||||
}
|
}
|
||||||
_, err := conn.PutKeyPolicy(req)
|
_, err := conn.PutKeyPolicy(req)
|
||||||
|
|
Loading…
Reference in New Issue