Skip to content

Commit

Permalink
service/ec2: Finish aws_instance implementation of ebs_block_device a…
Browse files Browse the repository at this point in the history
…nd root_block_device configuration block encryption and kms_key_arn arguments

Reference: #4861
Reference: #7757

Having combined and resolved conflicts between #4861 and #7757, performed the following changes:

* Ensured that existing acceptance testing was untouched and only new tests were added
* Ensured data source added new attributes to match resource to prevent panics
* Renamed kms_key_id to kms_key_arn for clarity
* Mark new arguments as Computed: true to only show operators differences when a value is configured

Output from acceptance testing:

```
--- PASS: TestAccAWSInstance_EbsBlockDevice_KmsKeyArn (122.98s)
--- PASS: TestAccAWSInstance_RootBlockDevice_KmsKeyArn (127.93s)
--- PASS: TestAccAWSInstanceDataSource_RootBlockDevice_KmsKeyArn (132.34s)
--- PASS: TestAccAWSInstanceDataSource_EbsBlockDevice_KmsKeyArn (140.01s)
```
  • Loading branch information
bflad committed Aug 2, 2019
1 parent 7442df2 commit af0be6d
Show file tree
Hide file tree
Showing 6 changed files with 179 additions and 81 deletions.
18 changes: 14 additions & 4 deletions aws/data_source_aws_instance.go
Original file line number Diff line number Diff line change
Expand Up @@ -182,13 +182,13 @@ func dataSourceAwsInstance() *schema.Resource {
Computed: true,
},

"kms_key_id": {
Type: schema.TypeString,
"iops": {
Type: schema.TypeInt,
Computed: true,
},

"iops": {
Type: schema.TypeInt,
"kms_key_arn": {
Type: schema.TypeString,
Computed: true,
},

Expand Down Expand Up @@ -224,11 +224,21 @@ func dataSourceAwsInstance() *schema.Resource {
Computed: true,
},

"encrypted": {
Type: schema.TypeBool,
Computed: true,
},

"iops": {
Type: schema.TypeInt,
Computed: true,
},

"kms_key_arn": {
Type: schema.TypeString,
Computed: true,
},

"volume_size": {
Type: schema.TypeInt,
Computed: true,
Expand Down
87 changes: 77 additions & 10 deletions aws/data_source_aws_instance_test.go
Original file line number Diff line number Diff line change
@@ -1,11 +1,9 @@
package aws

import (
"regexp"
"testing"

"fmt"
"regexp"
"testing"

"github.com/hashicorp/terraform/helper/acctest"
"github.com/hashicorp/terraform/helper/resource"
Expand Down Expand Up @@ -102,13 +100,38 @@ func TestAccAWSInstanceDataSource_blockDevices(t *testing.T) {
resource.TestCheckResourceAttr("aws_instance.foo", "root_block_device.0.volume_type", "gp2"),
resource.TestCheckResourceAttr("aws_instance.foo", "ebs_block_device.#", "3"),
resource.TestCheckResourceAttr("aws_instance.foo", "ephemeral_block_device.#", "1"),
resource.TestMatchResourceAttr("aws_instance.foo", "ebs_block_device.2634515331.kms_key_id", regexp.MustCompile("^arn:aws[\\w-]*:kms:us-west-2:[0-9]{12}:key/[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}")),
),
},
},
})
}

// Test to verify that ebs_block_device kms_key_arn does not elicit a panic
func TestAccAWSInstanceDataSource_EbsBlockDevice_KmsKeyArn(t *testing.T) {
resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
Steps: []resource.TestStep{
{
Config: testAccInstanceDataSourceConfig_EbsBlockDevice_KmsKeyArn,
},
},
})
}

// Test to verify that root_block_device kms_key_arn does not elicit a panic
func TestAccAWSInstanceDataSource_RootBlockDevice_KmsKeyArn(t *testing.T) {
resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
Steps: []resource.TestStep{
{
Config: testAccInstanceDataSourceConfig_RootBlockDevice_KmsKeyArn,
},
},
})
}

func TestAccAWSInstanceDataSource_rootInstanceStore(t *testing.T) {
resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Expand Down Expand Up @@ -450,11 +473,6 @@ data "aws_instance" "foo" {

// Block Device
const testAccInstanceDataSourceConfig_blockDevices = `
resource "aws_kms_key" "foo" {
description = "Dummy key for terraform test"
deletion_window_in_days = 7
}
resource "aws_instance" "foo" {
# us-west-2
ami = "ami-55a7ea65"
Expand All @@ -480,7 +498,6 @@ resource "aws_instance" "foo" {
device_name = "/dev/sdd"
volume_size = 12
encrypted = true
kms_key_id = "${aws_kms_key.foo.arn}"
}
ephemeral_block_device {
Expand All @@ -494,6 +511,56 @@ data "aws_instance" "foo" {
}
`

const testAccInstanceDataSourceConfig_EbsBlockDevice_KmsKeyArn = `
resource "aws_kms_key" "foo" {
deletion_window_in_days = 7
}
resource "aws_instance" "foo" {
# us-west-2
ami = "ami-55a7ea65"
instance_type = "m3.medium"
root_block_device {
volume_type = "gp2"
volume_size = 11
}
ebs_block_device {
device_name = "/dev/sdb"
encrypted = true
kms_key_arn = "${aws_kms_key.foo.arn}"
volume_size = 9
}
}
data "aws_instance" "foo" {
instance_id = "${aws_instance.foo.id}"
}
`

const testAccInstanceDataSourceConfig_RootBlockDevice_KmsKeyArn = `
resource "aws_kms_key" "foo" {
deletion_window_in_days = 7
}
resource "aws_instance" "foo" {
# us-west-2
ami = "ami-55a7ea65"
instance_type = "m3.medium"
root_block_device {
encrypted = true
kms_key_arn = "${aws_kms_key.foo.arn}"
volume_type = "gp2"
volume_size = 11
}
}
data "aws_instance" "foo" {
instance_id = "${aws_instance.foo.id}"
}
`

const testAccInstanceDataSourceConfig_rootInstanceStore = `
resource "aws_instance" "foo" {
ami = "ami-44c36524"
Expand Down
19 changes: 12 additions & 7 deletions aws/resource_aws_instance.go
Original file line number Diff line number Diff line change
Expand Up @@ -336,9 +336,10 @@ func resourceAwsInstance() *schema.Resource {
ForceNew: true,
},

"kms_key_id": {
"kms_key_arn": {
Type: schema.TypeString,
Optional: true,
Computed: true,
ForceNew: true,
},

Expand Down Expand Up @@ -445,9 +446,10 @@ func resourceAwsInstance() *schema.Resource {
ForceNew: true,
},

"kms_key_id": {
"kms_key_arn": {
Type: schema.TypeString,
Optional: true,
Computed: true,
ForceNew: true,
},

Expand Down Expand Up @@ -1351,7 +1353,7 @@ func readBlockDevicesFromInstance(instance *ec2.Instance, conn *ec2.EC2) (map[st
bd["encrypted"] = *vol.Encrypted
}
if vol.KmsKeyId != nil {
bd["kms_key_id"] = *vol.KmsKeyId
bd["kms_key_arn"] = *vol.KmsKeyId
}

if blockDeviceIsRoot(instanceBd, instance) {
Expand Down Expand Up @@ -1520,7 +1522,7 @@ func readBlockDeviceMappingsFromConfig(
ebs.Encrypted = aws.Bool(v)
}

if v, ok := bd["kms_key_id"].(string); ok && v != "" {
if v, ok := bd["kms_key_arn"].(string); ok && v != "" {
ebs.KmsKeyId = aws.String(v)
}

Expand Down Expand Up @@ -1579,11 +1581,14 @@ func readBlockDeviceMappingsFromConfig(
bd := v.(map[string]interface{})
ebs := &ec2.EbsBlockDevice{
DeleteOnTermination: aws.Bool(bd["delete_on_termination"].(bool)),
Encrypted: aws.Bool(bd["encrypted"].(bool)),
}

if v, ok := bd["kms_key_id"].(int); ok && v != 0 {
ebs.KmsKeyId = aws.String(bd["kms_key_id"].(string))
if v, ok := bd["encrypted"].(bool); ok && v {
ebs.Encrypted = aws.Bool(v)
}

if v, ok := bd["kms_key_arn"].(string); ok && v != "" {
ebs.KmsKeyId = aws.String(bd["kms_key_arn"].(string))
}

if v, ok := bd["volume_size"].(int); ok && v != 0 {
Expand Down
Loading

0 comments on commit af0be6d

Please sign in to comment.