-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
data-source/aws_kms_alias: Prevent crash on aliases without target key #3203
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @bflad,
Good job fixing that! 🚀 🚗
Just left a nitpick, non-blocking at all to me!
$ make testacc TEST=./aws TESTARGS='-run=TestAccDataSourceAwsKmsAlias'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -run=TestAccDataSourceAwsKmsAlias -timeout 120m
=== RUN TestAccDataSourceAwsKmsAlias_AwsService
--- PASS: TestAccDataSourceAwsKmsAlias_AwsService (24.56s)
=== RUN TestAccDataSourceAwsKmsAlias_CMK
--- PASS: TestAccDataSourceAwsKmsAlias_CMK (54.35s)
PASS
ok github.com/terraform-providers/terraform-provider-aws/aws 78.963s
aws/data_source_aws_kms_alias.go
Outdated
Resource: fmt.Sprintf("key/%s", *alias.TargetKeyId), | ||
} | ||
d.Set("target_key_arn", targetKeyARN.String()) | ||
// AWS service aliases do not return TargetKeyId: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nitpick: I would probably enhance this message so that we add the context ... do not return TargetKeyId when not associated with a Customer Managed Key (CMK)
. What do you think?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agree with @Ninir, there are cases where the key is associated, it is just not the case all the time
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll update this comment 👍
Sweet! I know it's a bit demanding but can we get that one released in a 1.8.1 release? |
This has been released in terraform-provider-aws version 1.9.0. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
According to the KMS API documentation, AWS service KMS aliases (e.g.
alias/aws/redshift
) do not return TargetKeyId. This PR adds testing against those aliases and ensures the data source does not returntarget_key_arn
ortarget_key_id
in that scenario.New acceptance test without data source changes:
After: