From 4a6c834f454223f6762b866df345753e5a4de21f Mon Sep 17 00:00:00 2001 From: Paul Harrington Date: Mon, 16 May 2022 14:03:47 +1000 Subject: [PATCH] added data source aws_kms_custom_key_store --- internal/provider/provider.go | 13 +-- .../kms/custom_key_store_data_source.go | 92 +++++++++++++++++++ .../docs/d/kms_custom_key_store.html.markdown | 33 +++++++ 3 files changed, 132 insertions(+), 6 deletions(-) create mode 100644 internal/service/kms/custom_key_store_data_source.go create mode 100644 website/docs/d/kms_custom_key_store.html.markdown diff --git a/internal/provider/provider.go b/internal/provider/provider.go index 033b465d1fc4..f414f9dd687d 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -708,12 +708,13 @@ func Provider() *schema.Provider { "aws_kinesis_stream": kinesis.DataSourceStream(), "aws_kinesis_stream_consumer": kinesis.DataSourceStreamConsumer(), - "aws_kms_alias": kms.DataSourceAlias(), - "aws_kms_ciphertext": kms.DataSourceCiphertext(), - "aws_kms_key": kms.DataSourceKey(), - "aws_kms_public_key": kms.DataSourcePublicKey(), - "aws_kms_secret": kms.DataSourceSecret(), - "aws_kms_secrets": kms.DataSourceSecrets(), + "aws_kms_alias": kms.DataSourceAlias(), + "aws_kms_ciphertext": kms.DataSourceCiphertext(), + "aws_kms_custom_key_store": kms.DataSourceCustomKeyStore(), + "aws_kms_key": kms.DataSourceKey(), + "aws_kms_public_key": kms.DataSourcePublicKey(), + "aws_kms_secret": kms.DataSourceSecret(), + "aws_kms_secrets": kms.DataSourceSecrets(), "aws_lakeformation_data_lake_settings": lakeformation.DataSourceDataLakeSettings(), "aws_lakeformation_permissions": lakeformation.DataSourcePermissions(), diff --git a/internal/service/kms/custom_key_store_data_source.go b/internal/service/kms/custom_key_store_data_source.go new file mode 100644 index 000000000000..55d54ee790c3 --- /dev/null +++ b/internal/service/kms/custom_key_store_data_source.go @@ -0,0 +1,92 @@ +package kms + +import ( + "fmt" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/service/kms" + "github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2/tfawserr" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/hashicorp/terraform-provider-aws/internal/conns" + "github.com/hashicorp/terraform-provider-aws/internal/tfresource" +) + +func DataSourceCustomKeyStore() *schema.Resource { + return &schema.Resource{ + Read: dataSourceCustomKeyStoreRead, + Schema: map[string]*schema.Schema{ + "id": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + }, + "cloudhsm_cluster_id": { + Type: schema.TypeString, + Computed: true, + }, + "connection_state": { + Type: schema.TypeString, + Computed: true, + }, + "creation_date": { + Type: schema.TypeString, + Computed: true, + }, + "trust_anchor_certificate": { + Type: schema.TypeString, + Computed: true, + }, + }, + } +} + +func dataSourceCustomKeyStoreRead(d *schema.ResourceData, meta interface{}) error { + conn := meta.(*conns.AWSClient).KMSConn + + input := &kms.DescribeCustomKeyStoresInput{} + + if v, ok := d.GetOk("id"); ok { + input.CustomKeyStoreId = aws.String(v.(string)) + } + if v, ok := d.GetOk("name"); ok { + input.CustomKeyStoreName = aws.String(v.(string)) + } + + output, err := conn.DescribeCustomKeyStores(input) + + if tfawserr.ErrCodeEquals(err, kms.ErrCodeCustomKeyStoreNotFoundException) { + return &resource.NotFoundError{ + LastError: err, + LastRequest: input, + } + } + + if err != nil { + return fmt.Errorf("error reading KMS Custom Key Store: %w", err) + } + + if output == nil || len(output.CustomKeyStores) == 0 || output.CustomKeyStores[0] == nil { + return tfresource.NewEmptyResultError(input) + } + + if count := len(output.CustomKeyStores); count > 1 { + return tfresource.NewTooManyResultsError(count, input) + } + + keyStore := output.CustomKeyStores[0] + d.SetId(aws.StringValue(keyStore.CustomKeyStoreId)) + d.Set("name", keyStore.CustomKeyStoreName) + d.Set("cloudhsm_cluster_id", keyStore.CloudHsmClusterId) + d.Set("connection_state", keyStore.ConnectionState) + d.Set("creation_date", keyStore.CreationDate.Format(time.RFC3339)) + d.Set("trust_anchor_certificate", keyStore.TrustAnchorCertificate) + + return nil +} diff --git a/website/docs/d/kms_custom_key_store.html.markdown b/website/docs/d/kms_custom_key_store.html.markdown new file mode 100644 index 000000000000..c25879b69221 --- /dev/null +++ b/website/docs/d/kms_custom_key_store.html.markdown @@ -0,0 +1,33 @@ +--- +subcategory: "KMS (Key Management)" +layout: "aws" +page_title: "AWS: aws_kms_custom_key_store" +description: |- + Get information on a AWS Key Management Service (KMS) Custom Key Store +--- + +# Data Source: aws_kms_custom_key_store + +Use this data source to get the metadata KMS custom key store. +By using this data source, you can reference KMS custom key store +without having to hard code the ID as input. + +## Example Usage + +```terraform +data "aws_kms_custom_key_store" "keystore" { + name = "my_cloudhsm" +} +``` + +## Argument Reference + +* `name` - (Optional) The user-specified friendly name for the custom key store. +* `id` - (Optional) The ID for the custom key store. + +## Attributes Reference + +* `cloudhsm_cluster_id` - ID for the CloudHSM cluster that is associated with the custom key store. +* `connection_state` - Indicates whether the custom key store is connected to its CloudHSM cluster. +* `creation_date` - The date and time when the custom key store was created. +* `trust_anchor_certificate` - The trust anchor certificate of the associated CloudHSM cluster.