aws: kms_key - add forgotten policy read call + normalize

This commit is contained in:
Radek Simko 2015-11-14 19:58:54 +00:00 committed by Radek Simko
parent 4c1f8db32d
commit ccedb36a86
1 changed files with 21 additions and 10 deletions

View File

@ -46,9 +46,10 @@ func resourceAwsKmsKey() *schema.Resource {
}, },
}, },
"policy": &schema.Schema{ "policy": &schema.Schema{
Type: schema.TypeString, Type: schema.TypeString,
Optional: true, Optional: true,
Computed: true, Computed: true,
StateFunc: normalizeJson,
}, },
"deletion_window_in_days": &schema.Schema{ "deletion_window_in_days": &schema.Schema{
Type: schema.TypeInt, Type: schema.TypeInt,
@ -85,24 +86,24 @@ func resourceAwsKmsKeyCreate(d *schema.ResourceData, meta interface{}) error {
if err != nil { if err != nil {
return err return err
} }
return resourceAwsKmsKeyReadResult(d, resp.KeyMetadata)
d.SetId(*resp.KeyMetadata.KeyId)
return resourceAwsKmsKeyRead(d, meta)
} }
func resourceAwsKmsKeyRead(d *schema.ResourceData, meta interface{}) error { func resourceAwsKmsKeyRead(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).kmsconn conn := meta.(*AWSClient).kmsconn
keyId := d.Get("key_id").(string)
req := &kms.DescribeKeyInput{ req := &kms.DescribeKeyInput{
KeyId: aws.String(keyId), KeyId: aws.String(d.Id()),
} }
resp, err := conn.DescribeKey(req) resp, err := conn.DescribeKey(req)
if err != nil { if err != nil {
return err return err
} }
return resourceAwsKmsKeyReadResult(d, resp.KeyMetadata) metadata := resp.KeyMetadata
}
func resourceAwsKmsKeyReadResult(d *schema.ResourceData, metadata *kms.KeyMetadata) error {
d.SetId(*metadata.KeyId) d.SetId(*metadata.KeyId)
d.Set("arn", metadata.Arn) d.Set("arn", metadata.Arn)
@ -110,6 +111,16 @@ func resourceAwsKmsKeyReadResult(d *schema.ResourceData, metadata *kms.KeyMetada
d.Set("description", metadata.Description) d.Set("description", metadata.Description)
d.Set("key_usage", metadata.KeyUsage) d.Set("key_usage", metadata.KeyUsage)
p, err := conn.GetKeyPolicy(&kms.GetKeyPolicyInput{
KeyId: metadata.KeyId,
PolicyName: aws.String("default"),
})
if err != nil {
return err
}
d.Set("policy", normalizeJson(*p.Policy))
return nil return nil
} }
@ -151,7 +162,7 @@ func resourceAwsKmsKeyPolicyUpdate(conn *kms.KMS, d *schema.ResourceData) error
req := &kms.PutKeyPolicyInput{ req := &kms.PutKeyPolicyInput{
KeyId: aws.String(keyId), KeyId: aws.String(keyId),
Policy: aws.String(policy), Policy: aws.String(normalizeJson(policy)),
PolicyName: aws.String("default"), PolicyName: aws.String("default"),
} }
_, err := conn.PutKeyPolicy(req) _, err := conn.PutKeyPolicy(req)