adds 'purpose' to kms_crypto_key (#845)

Signed-off-by: Modular Magician <magic-modules@google.com>
hashicorp · Jun 12, 2019 · 603b83f · 603b83f
1 parent 9cc9183
commit 603b83f
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 4 deletions.
diff --git a/google-beta/resource_dataproc_cluster.go b/google-beta/resource_dataproc_cluster.go
@@ -12,7 +12,7 @@ import (
 	"github.com/hashicorp/terraform/helper/schema"
 	"github.com/hashicorp/terraform/helper/validation"
 
-	"google.golang.org/api/dataproc/v1beta2"
+	dataproc "google.golang.org/api/dataproc/v1beta2"
 )
 
 func resourceDataprocCluster() *schema.Resource {
@@ -206,14 +206,12 @@ func resourceDataprocCluster() *schema.Resource {
 									// API does not honour this if set ...
 									// It always uses whatever is specified for the worker_config
 									// "machine_type": { ... }
-
 									"min_cpu_platform": {
 										Type:     schema.TypeString,
 										Optional: true,
 										Computed: true,
 										ForceNew: true,
 									},
-
 									"disk_config": {
 										Type:     schema.TypeList,
 										Optional: true,

diff --git a/google-beta/resource_kms_crypto_key.go b/google-beta/resource_kms_crypto_key.go
@@ -40,6 +40,13 @@ func resourceKmsCryptoKey() *schema.Resource {
 				Optional:     true,
 				ValidateFunc: orEmpty(validateKmsCryptoKeyRotationPeriod),
 			},
+			"purpose": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ForceNew:     true,
+				Default:      "ENCRYPT_DECRYPT",
+				ValidateFunc: validation.StringInSlice([]string{"ENCRYPT_DECRYPT", "ASYMMETRIC_SIGN", "ASYMMETRIC_DECRYPT"}, false),
+			},
 			"version_template": {
 				Type:     schema.TypeList,
 				MaxItems: 1,
@@ -107,7 +114,7 @@ func resourceKmsCryptoKeyCreate(d *schema.ResourceData, meta interface{}) error
 	}
 
 	key := cloudkms.CryptoKey{
-		Purpose:         "ENCRYPT_DECRYPT",
+		Purpose:         d.Get("purpose").(string),
 		VersionTemplate: expandVersionTemplate(d.Get("version_template").([]interface{})),
 	}
 
@@ -193,6 +200,7 @@ func resourceKmsCryptoKeyRead(d *schema.ResourceData, meta interface{}) error {
 	d.Set("name", cryptoKeyId.Name)
 	d.Set("rotation_period", cryptoKey.RotationPeriod)
 	d.Set("self_link", cryptoKey.Name)
+	d.Set("purpose", cryptoKey.Purpose)
 
 	if err = d.Set("version_template", flattenVersionTemplate(cryptoKey.VersionTemplate)); err != nil {
 		return fmt.Errorf("Error setting version_template in state: %s", err.Error())

diff --git a/google-beta/resource_kms_crypto_key_test.go b/google-beta/resource_kms_crypto_key_test.go
@@ -288,6 +288,7 @@ resource "google_kms_crypto_key" "crypto_key" {
 	name            = "%s"
 	key_ring        = "${google_kms_key_ring.key_ring.self_link}"
 	rotation_period = "1000000s"
+	purpose         = "ENCRYPT_DECRYPT"
 	version_template {
 		algorithm =        "GOOGLE_SYMMETRIC_ENCRYPTION"
 		protection_level = "SOFTWARE"

diff --git a/website/docs/d/google_kms_crypto_key.html.markdown b/website/docs/d/google_kms_crypto_key.html.markdown
@@ -48,5 +48,7 @@ exported:
     the primary. The first rotation will take place after the specified period. The rotation period has the format
     of a decimal number with up to 9 fractional digits, followed by the letter s (seconds).
 
+* `purpose` - Defines the cryptographic capabilities of the key.
+
 * `self_link` - The self link of the created CryptoKey. Its format is `projects/{projectId}/locations/{location}/keyRings/{keyRingName}/cryptoKeys/{cryptoKeyName}`.
 
diff --git a/website/docs/r/google_kms_crypto_key.html.markdown b/website/docs/r/google_kms_crypto_key.html.markdown
@@ -60,6 +60,8 @@ The following arguments are supported:
     of a decimal number with up to 9 fractional digits, followed by the letter s (seconds). It must be greater than
     a day (ie, 86400).
 
+* `purpose` - (Optional) Defines the cryptographic capabilities of the key.
+
 * `version_template` - (Optional) A template describing settings for new crypto key versions. Structure is documented below.
 
 ---