Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

resource/aws_mq_broker: Add encryption_options configuration block (support AWS and customer managed KMS CMKs) #10276

Merged
merged 2 commits into from
Sep 27, 2019
Merged

resource/aws_mq_broker: Add encryption_options configuration block (support AWS and customer managed KMS CMKs) #10276

merged 2 commits into from
Sep 27, 2019

Conversation

bflad
Copy link
Contributor

@bflad bflad commented Sep 27, 2019

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" comments, they generate extra noise for pull request followers and do not help prioritize the request

Closes #9455

Release note for CHANGELOG:

resource/aws_mq_broker: Add `encryption_options` configuration block (support AWS and customer managed KMS CMKs)

Output from acceptance testing:

--- PASS: TestAccAWSMqBroker_allFieldsCustomVpc (1906.75s)
--- PASS: TestAccAWSMqBroker_allFieldsDefaultVpc (1859.86s)
--- PASS: TestAccAWSMqBroker_basic (1213.98s)
--- PASS: TestAccAWSMqBroker_EncryptionOptions_KmsKeyId (1219.72s)
--- PASS: TestAccAWSMqBroker_EncryptionOptions_UseAwsOwnedKey_Disabled (1200.00s)
--- PASS: TestAccAWSMqBroker_EncryptionOptions_UseAwsOwnedKey_Enabled (1151.79s)
--- PASS: TestAccAWSMqBroker_updateTags (1549.03s)
--- PASS: TestAccAWSMqBroker_updateUsers (1610.53s)
--- PASS: TestAccDataSourceAWSMqBroker_basic (1232.58s)

@bflad bflad added enhancement Requests to existing resources that expand the functionality or scope. service/mq Issues and PRs that pertain to the mq service. labels Sep 27, 2019
@bflad bflad requested a review from a team September 27, 2019 17:43
@ghost ghost added documentation Introduces or discusses updates to documentation. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. size/L Managed by automation to categorize the size of a PR. labels Sep 27, 2019
@bflad
resource/aws_mq_broker: Add encryption_options configuration block (s…
c80a2d1 
…upport AWS and customer managed KMS CMKs)

Reference: #9455

Output from acceptance testing:

```
--- PASS: TestAccAWSMqBroker_allFieldsCustomVpc (1906.75s)
--- PASS: TestAccAWSMqBroker_allFieldsDefaultVpc (1859.86s)
--- PASS: TestAccAWSMqBroker_basic (1213.98s)
--- PASS: TestAccAWSMqBroker_EncryptionOptions_KmsKeyId (1219.72s)
--- PASS: TestAccAWSMqBroker_EncryptionOptions_UseAwsOwnedKey_Disabled (1200.00s)
--- PASS: TestAccAWSMqBroker_EncryptionOptions_UseAwsOwnedKey_Enabled (1151.79s)
--- PASS: TestAccAWSMqBroker_updateTags (1549.03s)
--- PASS: TestAccAWSMqBroker_updateUsers (1610.53s)
--- PASS: TestAccDataSourceAWSMqBroker_basic (1232.58s)
```
@bflad bflad force-pushed the f-aws_mq_broker-kms branch from 2cc5b1d to c80a2d1 Compare September 27, 2019 18:26
nywilken
nywilken reviewed Sep 27, 2019
View reviewed changes
website/docs/r/mq_broker.html.markdown Outdated
@@ -76,6 +77,11 @@ The following arguments are supported:
* `id` - (Optional) The Configuration ID.
* `revision` - (Optional) Revision of the Configuration.

#### `encryption_options`

* `kms_key_id` - (Optional) Amazon Resource Name (ARN) of Key Management Service (KMS) Customer Master Key (CMK) to use for encryption at rest. Requires setting `use_aws_owned_key` to `false`. To perform drift detection when AWS managed CMKs or customer managed CMKs are in use, the value must be configured.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is not clear what value must be configured. Is it the use_aws_owned_key set to false or are you saying that the kms_key_id should be set?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll switch the value must be configured to this value must be configured -- we're not the best at documenting Computed: true attributes and admittedly I was having a hard time wording it.

nywilken
nywilken approved these changes Sep 27, 2019
View reviewed changes
Copy link
Contributor

@nywilken nywilken left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Left a comment on the kms_key_id documentation but this is otherwise good to go 👍 👍

@bflad bflad added this to the v2.31.0 milestone Sep 27, 2019
@bflad bflad merged commit ad26bea into master Sep 27, 2019
@bflad bflad deleted the f-aws_mq_broker-kms branch September 27, 2019 20:21
bflad added a commit that referenced this pull request Sep 27, 2019
@bflad
Update CHANGELOG for #10276
835c9e3
@ghost
Copy link

ghost commented Oct 3, 2019

This has been released in version 2.31.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks!

@ghost
Copy link

ghost commented Nov 1, 2019

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Nov 1, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@nywilken nywilken nywilken approved these changes

Assignees
No one assigned
Labels
documentation Introduces or discusses updates to documentation. enhancement Requests to existing resources that expand the functionality or scope. service/mq Issues and PRs that pertain to the mq service. size/L Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v2.31.0
Development

Successfully merging this pull request may close these issues.

r/aws_mq_broker: Add support for KMS to offer server-side encryption
2 participants
@bflad @nywilken