resource/aws_efs_file_system: Add support for encryption #1420
Conversation
pavloos
commented
Aug 15, 2017
pavloos
commented
grubernaut
added
the
enhancement
|
|
||
| func testAccAWSEFSFileSystemConfigWithKmsKey(rInt int) string { | ||
| return fmt.Sprintf(` | ||
| resource "aws_kms_key" "foo" { |
There was a problem hiding this comment.
Could you stick lines to the left with an indentation of 2 spaces?
There was a problem hiding this comment.
I actually dont think we need that policy at all, test runs fine without it so I removed it
aws/resource_aws_efs_file_system.go
Outdated
|
|
||
| if v, ok := d.GetOk("kms_key_id"); ok { | ||
| createOpts.KmsKeyId = aws.String(v.(string)) | ||
| } |
There was a problem hiding this comment.
We should check that Encrypted is true if KmsKeyId is set, and catch the related Exception if the API call is made (BadRequest perhaps?).
There was a problem hiding this comment.
Looking into this now, thanks ;)
| "aws_efs_file_system.foo-with-kms", | ||
| "kms_key_id", | ||
| keyRegex, | ||
| ), |
There was a problem hiding this comment.
We should also check that encrypted is well set here :)
There was a problem hiding this comment.
Thanks, good call. Check added
| } | ||
|
|
||
| resource "aws_efs_file_system" "foo-with-kms" { | ||
| encrypted = true |
There was a problem hiding this comment.
encrypted should be aligned with kms_key_id
Actually I cannot see why would we need this policy, test runs fine without it
Ninir
added
the
waiting-response
|
@Ninir seems that |
There was a problem hiding this comment.
Hey @pjfbashton
Made a few modifications of your work, so that it can be merged. For the record, added another acceptance test that actually checks the error you implemented, when encrypted is false and the kms key is defined.
$ make testacc TEST=./aws TESTARGS='-run=TestAccAWSEFSFileSystem_'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -run=TestAccAWSEFSFileSystem_ -timeout 120m
=== RUN TestAccAWSEFSFileSystem_importBasic
--- PASS: TestAccAWSEFSFileSystem_importBasic (66.84s)
=== RUN TestAccAWSEFSFileSystem_basic
--- PASS: TestAccAWSEFSFileSystem_basic (164.57s)
=== RUN TestAccAWSEFSFileSystem_pagedTags
--- PASS: TestAccAWSEFSFileSystem_pagedTags (68.46s)
=== RUN TestAccAWSEFSFileSystem_kmsKey
--- PASS: TestAccAWSEFSFileSystem_kmsKey (123.88s)
=== RUN TestAccAWSEFSFileSystem_kmsConfigurationWithoutEncryption
--- PASS: TestAccAWSEFSFileSystem_kmsConfigurationWithoutEncryption (73.56s)
PASS
ok github.com/terraform-providers/terraform-provider-aws/aws 497.346s
Thanks for the work here, nice 1st contribution! 👍 :)
Ninir
changed the title
Ninir
removed
the
waiting-response
|
That's great @Ninir ! Thanks for your help 👍 ;) |
|
Stupid question, which version of TF will this be added to? I am already on 0.10.4. |
|
Hi @shezaan ! Since the Terraform split, providers (AWS, Google, Azure, Kubernetes, etc...) handle their own releases. The one including EFS encryption will then be in the next AWS release. I can't provide any ETA of it yet, sadly. 'will try to get back to you on that as soon as possible! 👍 |
resource/aws_efs_file_system: Add support for encryption
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
ghost
locked and limited conversation to collaborators
