Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

r/aws_kms_key: Support policy lockout check bypass #18117

Merged
merged 36 commits into from
Aug 3, 2021
Merged

r/aws_kms_key: Support policy lockout check bypass #18117

merged 36 commits into from
Aug 3, 2021

Conversation

tism
Copy link
Contributor

@tism tism commented Mar 16, 2021

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Closes #18036

Output from acceptance testing:

$ make testacc TESTARGS='-run=TestAccAWSKmsKey_'

==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSKmsKey_ -timeout 120m
=== RUN   TestAccAWSKmsKey_basic
=== PAUSE TestAccAWSKmsKey_basic
=== RUN   TestAccAWSKmsKey_asymmetricKey
=== PAUSE TestAccAWSKmsKey_asymmetricKey
=== RUN   TestAccAWSKmsKey_disappears
=== PAUSE TestAccAWSKmsKey_disappears
=== RUN   TestAccAWSKmsKey_policy
=== PAUSE TestAccAWSKmsKey_policy
=== RUN   TestAccAWSKmsKey_policyBypass
=== PAUSE TestAccAWSKmsKey_policyBypass
=== RUN   TestAccAWSKmsKey_policyBypassUpdate
=== PAUSE TestAccAWSKmsKey_policyBypassUpdate
=== RUN   TestAccAWSKmsKey_Policy_IamRole
=== PAUSE TestAccAWSKmsKey_Policy_IamRole
=== RUN   TestAccAWSKmsKey_Policy_IamServiceLinkedRole
=== PAUSE TestAccAWSKmsKey_Policy_IamServiceLinkedRole
=== RUN   TestAccAWSKmsKey_isEnabled
=== PAUSE TestAccAWSKmsKey_isEnabled
=== RUN   TestAccAWSKmsKey_tags
=== PAUSE TestAccAWSKmsKey_tags
=== CONT  TestAccAWSKmsKey_basic
=== CONT  TestAccAWSKmsKey_Policy_IamRole
=== CONT  TestAccAWSKmsKey_policy
=== CONT  TestAccAWSKmsKey_policyBypass
=== CONT  TestAccAWSKmsKey_disappears
=== CONT  TestAccAWSKmsKey_isEnabled
=== CONT  TestAccAWSKmsKey_Policy_IamServiceLinkedRole
=== CONT  TestAccAWSKmsKey_asymmetricKey
=== CONT  TestAccAWSKmsKey_tags
=== CONT  TestAccAWSKmsKey_policyBypassUpdate
--- PASS: TestAccAWSKmsKey_disappears (29.68s)
--- PASS: TestAccAWSKmsKey_asymmetricKey (38.60s)
--- PASS: TestAccAWSKmsKey_basic (45.51s)
--- PASS: TestAccAWSKmsKey_Policy_IamRole (64.45s)
--- PASS: TestAccAWSKmsKey_Policy_IamServiceLinkedRole (69.81s)
--- PASS: TestAccAWSKmsKey_policyBypassUpdate (73.57s)
--- PASS: TestAccAWSKmsKey_tags (78.57s)
--- PASS: TestAccAWSKmsKey_policy (79.04s)
--- PASS: TestAccAWSKmsKey_policyBypass (180.87s)
--- PASS: TestAccAWSKmsKey_isEnabled (374.67s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	377.132s

Oddly if I run the acceptance tests from main in ap-southeast-2 both TestAccAWSKmsKey_policy and TestAccAWSKmsKey_tags both fail, but somewhat intermittently. Works fine on us-west-2.

@tism tism requested a review from a team as a code owner March 16, 2021 05:57
@ghost ghost added size/M Managed by automation to categorize the size of a PR. documentation Introduces or discusses updates to documentation. service/kms Issues and PRs that pertain to the kms service. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. labels Mar 16, 2021
@github-actions github-actions bot added the needs-triage Waiting for first response or review from a maintainer. label Mar 16, 2021
@ewbankkit ewbankkit removed the needs-triage Waiting for first response or review from a maintainer. label Jul 17, 2021
@ewbankkit
r/aws_kms_alias: Add and use 'finder.AliasByName'.
95bcab6
@ewbankkit
r/aws_kms_alias: Add 'AliasARNToKeyARN'.
60b0404
@ewbankkit
Error check.
4130ed6
@ewbankkit
Add 'KeyARNOrIDEqual'.
6acc07e
@ewbankkit
r/aws_kms_alias: name and name_prefix are Computed.
c449de0 
Acceptance test output:

%  make testacc TESTARGS='-run=TestAccAWSKmsAlias_\|TestAccAWSEBSDefaultKmsKey_basic'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSKmsAlias_\|TestAccAWSEBSDefaultKmsKey_basic -timeout 180m
=== RUN   TestAccAWSEBSDefaultKmsKey_basic
=== PAUSE TestAccAWSEBSDefaultKmsKey_basic
=== RUN   TestAccAWSKmsAlias_basic
=== PAUSE TestAccAWSKmsAlias_basic
=== RUN   TestAccAWSKmsAlias_disappears
=== PAUSE TestAccAWSKmsAlias_disappears
=== RUN   TestAccAWSKmsAlias_Name_Generated
=== PAUSE TestAccAWSKmsAlias_Name_Generated
=== RUN   TestAccAWSKmsAlias_NamePrefix
=== PAUSE TestAccAWSKmsAlias_NamePrefix
=== RUN   TestAccAWSKmsAlias_UpdateKeyID
=== PAUSE TestAccAWSKmsAlias_UpdateKeyID
=== RUN   TestAccAWSKmsAlias_MultipleAliasesForSameKey
=== PAUSE TestAccAWSKmsAlias_MultipleAliasesForSameKey
=== RUN   TestAccAWSKmsAlias_ArnDiffSuppress
=== PAUSE TestAccAWSKmsAlias_ArnDiffSuppress
=== CONT  TestAccAWSEBSDefaultKmsKey_basic
=== CONT  TestAccAWSKmsAlias_UpdateKeyID
=== CONT  TestAccAWSKmsAlias_ArnDiffSuppress
=== CONT  TestAccAWSKmsAlias_MultipleAliasesForSameKey
=== CONT  TestAccAWSKmsAlias_Name_Generated
=== CONT  TestAccAWSKmsAlias_disappears
=== CONT  TestAccAWSKmsAlias_NamePrefix
=== CONT  TestAccAWSKmsAlias_basic
--- PASS: TestAccAWSKmsAlias_disappears (20.97s)
--- PASS: TestAccAWSKmsAlias_Name_Generated (23.93s)
--- PASS: TestAccAWSKmsAlias_basic (23.96s)
--- PASS: TestAccAWSKmsAlias_NamePrefix (24.19s)
--- PASS: TestAccAWSKmsAlias_MultipleAliasesForSameKey (24.28s)
--- PASS: TestAccAWSEBSDefaultKmsKey_basic (24.39s)
--- PASS: TestAccAWSKmsAlias_ArnDiffSuppress (31.42s)
--- PASS: TestAccAWSKmsAlias_UpdateKeyID (35.92s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	39.542s
@ewbankkit
d/aws_kms_alias: Use internal finder package.
97d68e6 
Acceptance test output:

% make testacc TESTARGS='-run=TestAccDataSourceAwsKmsAlias_'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccDataSourceAwsKmsAlias_ -timeout 180m
=== RUN   TestAccDataSourceAwsKmsAlias_AwsService
=== PAUSE TestAccDataSourceAwsKmsAlias_AwsService
=== RUN   TestAccDataSourceAwsKmsAlias_CMK
=== PAUSE TestAccDataSourceAwsKmsAlias_CMK
=== CONT  TestAccDataSourceAwsKmsAlias_AwsService
=== CONT  TestAccDataSourceAwsKmsAlias_CMK
--- PASS: TestAccDataSourceAwsKmsAlias_AwsService (12.56s)
--- PASS: TestAccDataSourceAwsKmsAlias_CMK (21.23s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	24.461s
@ewbankkit
r/aws_kms_external_key: Use internal packages.
4398730
@ewbankkit
Add and use 'findKmsKey'.
c3bbe28
@ewbankkit
r/aws_kms_external_key: Add bypass_policy_lockout_safety_check argu…
2c10ec1 
…ment.

Acceptance test output:

% make testacc TESTARGS='-run=TestAccAWSKmsExternalKey_'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSKmsExternalKey_ -timeout 180m
=== RUN   TestAccAWSKmsExternalKey_basic
=== PAUSE TestAccAWSKmsExternalKey_basic
=== RUN   TestAccAWSKmsExternalKey_disappears
=== PAUSE TestAccAWSKmsExternalKey_disappears
=== RUN   TestAccAWSKmsExternalKey_DeletionWindowInDays
=== PAUSE TestAccAWSKmsExternalKey_DeletionWindowInDays
=== RUN   TestAccAWSKmsExternalKey_Description
=== PAUSE TestAccAWSKmsExternalKey_Description
=== RUN   TestAccAWSKmsExternalKey_Enabled
=== PAUSE TestAccAWSKmsExternalKey_Enabled
=== RUN   TestAccAWSKmsExternalKey_KeyMaterialBase64
=== PAUSE TestAccAWSKmsExternalKey_KeyMaterialBase64
=== RUN   TestAccAWSKmsExternalKey_Policy
=== PAUSE TestAccAWSKmsExternalKey_Policy
=== RUN   TestAccAWSKmsExternalKey_PolicyBypass
=== PAUSE TestAccAWSKmsExternalKey_PolicyBypass
=== RUN   TestAccAWSKmsExternalKey_Tags
=== PAUSE TestAccAWSKmsExternalKey_Tags
=== RUN   TestAccAWSKmsExternalKey_ValidTo
=== PAUSE TestAccAWSKmsExternalKey_ValidTo
=== CONT  TestAccAWSKmsExternalKey_basic
=== CONT  TestAccAWSKmsExternalKey_Policy
=== CONT  TestAccAWSKmsExternalKey_Description
=== CONT  TestAccAWSKmsExternalKey_Enabled
=== CONT  TestAccAWSKmsExternalKey_disappears
=== CONT  TestAccAWSKmsExternalKey_ValidTo
=== CONT  TestAccAWSKmsExternalKey_Tags
=== CONT  TestAccAWSKmsExternalKey_PolicyBypass
=== CONT  TestAccAWSKmsExternalKey_KeyMaterialBase64
=== CONT  TestAccAWSKmsExternalKey_DeletionWindowInDays
--- PASS: TestAccAWSKmsExternalKey_disappears (17.41s)
--- PASS: TestAccAWSKmsExternalKey_basic (26.35s)
--- PASS: TestAccAWSKmsExternalKey_PolicyBypass (26.47s)
--- PASS: TestAccAWSKmsExternalKey_Description (38.35s)
--- PASS: TestAccAWSKmsExternalKey_DeletionWindowInDays (38.49s)
--- PASS: TestAccAWSKmsExternalKey_Policy (42.59s)
--- PASS: TestAccAWSKmsExternalKey_Tags (50.91s)
--- PASS: TestAccAWSKmsExternalKey_KeyMaterialBase64 (108.03s)
--- PASS: TestAccAWSKmsExternalKey_ValidTo (179.40s)
--- PASS: TestAccAWSKmsExternalKey_Enabled (205.79s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	210.650s
@ewbankkit
r/aws_kms_key: Test completely empty configuration.
3eb202a
@ewbankkit
r/aws_kms_external_key: Add 'waiter.KeyMaterialImported'.
dfc1480
@ewbankkit
Add 'updateKmsKeyDescription' and 'waiter.KeyValidToPropagated'.
adcb59f
@ewbankkit ewbankkit force-pushed the f-aws_kms_key-bypass_policy_check branch from bbb1b6a to 3fa5fc8 Compare August 3, 2021 13:47
@github-actions github-actions bot added provider Pertains to the provider itself, rather than any interaction with AWS. service/ec2 Issues and PRs that pertain to the ec2 service. size/XL Managed by automation to categorize the size of a PR. and removed size/M Managed by automation to categorize the size of a PR. labels Aug 3, 2021
@ewbankkit ewbankkit force-pushed the f-aws_kms_key-bypass_policy_check branch from 3fa5fc8 to c111d91 Compare August 3, 2021 13:55
ewbankkit
ewbankkit approved these changes Aug 3, 2021
View reviewed changes
Copy link
Contributor

@ewbankkit ewbankkit left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

Commercial
% make testacc TESTARGS='-run=TestAccAWSKmsExternalKey_\|TestAccDataSourceAwsKmsAlias_\|TestAccAWSKmsAlias_\|TestAccAWSKmsKey_'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSKmsExternalKey_\|TestAccDataSourceAwsKmsAlias_\|TestAccAWSKmsAlias_\|TestAccAWSKmsKey_ -timeout 180m
=== RUN   TestAccDataSourceAwsKmsAlias_AwsService
=== PAUSE TestAccDataSourceAwsKmsAlias_AwsService
=== RUN   TestAccDataSourceAwsKmsAlias_CMK
=== PAUSE TestAccDataSourceAwsKmsAlias_CMK
=== RUN   TestAccAWSKmsAlias_basic
=== PAUSE TestAccAWSKmsAlias_basic
=== RUN   TestAccAWSKmsAlias_disappears
=== PAUSE TestAccAWSKmsAlias_disappears
=== RUN   TestAccAWSKmsAlias_Name_Generated
=== PAUSE TestAccAWSKmsAlias_Name_Generated
=== RUN   TestAccAWSKmsAlias_NamePrefix
=== PAUSE TestAccAWSKmsAlias_NamePrefix
=== RUN   TestAccAWSKmsAlias_UpdateKeyID
=== PAUSE TestAccAWSKmsAlias_UpdateKeyID
=== RUN   TestAccAWSKmsAlias_MultipleAliasesForSameKey
=== PAUSE TestAccAWSKmsAlias_MultipleAliasesForSameKey
=== RUN   TestAccAWSKmsAlias_ArnDiffSuppress
=== PAUSE TestAccAWSKmsAlias_ArnDiffSuppress
=== RUN   TestAccAWSKmsExternalKey_basic
=== PAUSE TestAccAWSKmsExternalKey_basic
=== RUN   TestAccAWSKmsExternalKey_disappears
=== PAUSE TestAccAWSKmsExternalKey_disappears
=== RUN   TestAccAWSKmsExternalKey_DeletionWindowInDays
=== PAUSE TestAccAWSKmsExternalKey_DeletionWindowInDays
=== RUN   TestAccAWSKmsExternalKey_Description
=== PAUSE TestAccAWSKmsExternalKey_Description
=== RUN   TestAccAWSKmsExternalKey_Enabled
=== PAUSE TestAccAWSKmsExternalKey_Enabled
=== RUN   TestAccAWSKmsExternalKey_KeyMaterialBase64
=== PAUSE TestAccAWSKmsExternalKey_KeyMaterialBase64
=== RUN   TestAccAWSKmsExternalKey_Policy
=== PAUSE TestAccAWSKmsExternalKey_Policy
=== RUN   TestAccAWSKmsExternalKey_PolicyBypass
=== PAUSE TestAccAWSKmsExternalKey_PolicyBypass
=== RUN   TestAccAWSKmsExternalKey_Tags
=== PAUSE TestAccAWSKmsExternalKey_Tags
=== RUN   TestAccAWSKmsExternalKey_ValidTo
=== PAUSE TestAccAWSKmsExternalKey_ValidTo
=== RUN   TestAccAWSKmsKey_basic
=== PAUSE TestAccAWSKmsKey_basic
=== RUN   TestAccAWSKmsKey_asymmetricKey
=== PAUSE TestAccAWSKmsKey_asymmetricKey
=== RUN   TestAccAWSKmsKey_disappears
=== PAUSE TestAccAWSKmsKey_disappears
=== RUN   TestAccAWSKmsKey_policy
=== PAUSE TestAccAWSKmsKey_policy
=== RUN   TestAccAWSKmsKey_policyBypass
=== PAUSE TestAccAWSKmsKey_policyBypass
=== RUN   TestAccAWSKmsKey_policyBypassUpdate
=== PAUSE TestAccAWSKmsKey_policyBypassUpdate
=== RUN   TestAccAWSKmsKey_Policy_IamRole
=== PAUSE TestAccAWSKmsKey_Policy_IamRole
=== RUN   TestAccAWSKmsKey_Policy_IamServiceLinkedRole
=== PAUSE TestAccAWSKmsKey_Policy_IamServiceLinkedRole
=== RUN   TestAccAWSKmsKey_isEnabled
=== PAUSE TestAccAWSKmsKey_isEnabled
=== RUN   TestAccAWSKmsKey_tags
=== PAUSE TestAccAWSKmsKey_tags
=== CONT  TestAccDataSourceAwsKmsAlias_AwsService
=== CONT  TestAccAWSKmsAlias_ArnDiffSuppress
=== CONT  TestAccAWSKmsAlias_disappears
=== CONT  TestAccAWSKmsKey_asymmetricKey
=== CONT  TestAccAWSKmsExternalKey_Policy
=== CONT  TestAccAWSKmsAlias_Name_Generated
=== CONT  TestAccAWSKmsKey_policy
=== CONT  TestAccAWSKmsKey_disappears
=== CONT  TestAccAWSKmsAlias_basic
=== CONT  TestAccAWSKmsExternalKey_KeyMaterialBase64
=== CONT  TestAccAWSKmsExternalKey_Enabled
=== CONT  TestAccAWSKmsExternalKey_Description
=== CONT  TestAccAWSKmsExternalKey_DeletionWindowInDays
=== CONT  TestAccAWSKmsExternalKey_disappears
=== CONT  TestAccAWSKmsAlias_MultipleAliasesForSameKey
=== CONT  TestAccAWSKmsKey_policyBypass
=== CONT  TestAccAWSKmsExternalKey_ValidTo
=== CONT  TestAccAWSKmsExternalKey_basic
=== CONT  TestAccAWSKmsKey_Policy_IamServiceLinkedRole
=== CONT  TestAccAWSKmsKey_basic
--- PASS: TestAccDataSourceAwsKmsAlias_AwsService (57.21s)
=== CONT  TestAccAWSKmsAlias_UpdateKeyID
--- PASS: TestAccAWSKmsExternalKey_disappears (63.66s)
=== CONT  TestAccAWSKmsKey_Policy_IamRole
--- PASS: TestAccAWSKmsKey_disappears (66.05s)
=== CONT  TestAccAWSKmsKey_tags
--- PASS: TestAccAWSKmsKey_asymmetricKey (74.90s)
=== CONT  TestAccDataSourceAwsKmsAlias_CMK
--- PASS: TestAccAWSKmsAlias_disappears (78.97s)
=== CONT  TestAccAWSKmsKey_isEnabled
--- PASS: TestAccAWSKmsExternalKey_basic (83.84s)
=== CONT  TestAccAWSKmsKey_policyBypassUpdate
--- PASS: TestAccAWSKmsKey_basic (88.40s)
=== CONT  TestAccAWSKmsExternalKey_Tags
--- PASS: TestAccAWSKmsAlias_basic (91.06s)
=== CONT  TestAccAWSKmsExternalKey_PolicyBypass
--- PASS: TestAccAWSKmsAlias_Name_Generated (93.53s)
=== CONT  TestAccAWSKmsAlias_NamePrefix
--- PASS: TestAccAWSKmsAlias_MultipleAliasesForSameKey (97.45s)
=== CONT  TestAccAWSKmsExternalKey_Enabled
--- PASS: TestAccAWSKmsExternalKey_Enabled (276.58s)
--- PASS: TestAccAWSKmsKey_Policy_IamServiceLinkedRole (123.86s)
--- PASS: TestAccAWSKmsAlias_ArnDiffSuppress (130.98s)
--- PASS: TestAccAWSKmsExternalKey_DeletionWindowInDays (138.40s)
--- PASS: TestAccAWSKmsKey_policy (143.96s)
--- PASS: TestAccAWSKmsExternalKey_Description (148.19s)
--- PASS: TestAccAWSKmsExternalKey_Policy (148.36s)
--- PASS: TestAccDataSourceAwsKmsAlias_CMK (73.84s)
--- PASS: TestAccAWSKmsExternalKey_PolicyBypass (66.76s)
--- PASS: TestAccAWSKmsAlias_NamePrefix (65.38s)
--- PASS: TestAccAWSKmsKey_Policy_IamRole (97.58s)
--- PASS: TestAccAWSKmsAlias_UpdateKeyID (109.54s)
--- PASS: TestAccAWSKmsKey_policyBypassUpdate (91.69s)
--- PASS: TestAccAWSKmsKey_policyBypass (183.78s)
--- PASS: TestAccAWSKmsExternalKey_Tags (110.76s)
--- PASS: TestAccAWSKmsKey_tags (133.46s)
--- PASS: TestAccAWSKmsExternalKey_KeyMaterialBase64 (203.73s)
--- PASS: TestAccAWSKmsExternalKey_ValidTo (247.03s)
--- PASS: TestAccAWSKmsKey_isEnabled (186.75s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	279.534s
GovCloud
% make testacc TESTARGS='-run=TestAccAWSKmsExternalKey_\|TestAccDataSourceAwsKmsAlias_\|TestAccAWSKmsAlias_\|TestAccAWSKmsKey_'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSKmsExternalKey_\|TestAccDataSourceAwsKmsAlias_\|TestAccAWSKmsAlias_\|TestAccAWSKmsKey_ -timeout 180m
=== RUN   TestAccDataSourceAwsKmsAlias_AwsService
=== PAUSE TestAccDataSourceAwsKmsAlias_AwsService
=== RUN   TestAccDataSourceAwsKmsAlias_CMK
=== PAUSE TestAccDataSourceAwsKmsAlias_CMK
=== RUN   TestAccAWSKmsAlias_basic
=== PAUSE TestAccAWSKmsAlias_basic
=== RUN   TestAccAWSKmsAlias_disappears
=== PAUSE TestAccAWSKmsAlias_disappears
=== RUN   TestAccAWSKmsAlias_Name_Generated
=== PAUSE TestAccAWSKmsAlias_Name_Generated
=== RUN   TestAccAWSKmsAlias_NamePrefix
=== PAUSE TestAccAWSKmsAlias_NamePrefix
=== RUN   TestAccAWSKmsAlias_UpdateKeyID
=== PAUSE TestAccAWSKmsAlias_UpdateKeyID
=== RUN   TestAccAWSKmsAlias_MultipleAliasesForSameKey
=== PAUSE TestAccAWSKmsAlias_MultipleAliasesForSameKey
=== RUN   TestAccAWSKmsAlias_ArnDiffSuppress
=== PAUSE TestAccAWSKmsAlias_ArnDiffSuppress
=== RUN   TestAccAWSKmsExternalKey_basic
=== PAUSE TestAccAWSKmsExternalKey_basic
=== RUN   TestAccAWSKmsExternalKey_disappears
=== PAUSE TestAccAWSKmsExternalKey_disappears
=== RUN   TestAccAWSKmsExternalKey_DeletionWindowInDays
=== PAUSE TestAccAWSKmsExternalKey_DeletionWindowInDays
=== RUN   TestAccAWSKmsExternalKey_Description
=== PAUSE TestAccAWSKmsExternalKey_Description
=== RUN   TestAccAWSKmsExternalKey_Enabled
=== PAUSE TestAccAWSKmsExternalKey_Enabled
=== RUN   TestAccAWSKmsExternalKey_KeyMaterialBase64
=== PAUSE TestAccAWSKmsExternalKey_KeyMaterialBase64
=== RUN   TestAccAWSKmsExternalKey_Policy
=== PAUSE TestAccAWSKmsExternalKey_Policy
=== RUN   TestAccAWSKmsExternalKey_PolicyBypass
=== PAUSE TestAccAWSKmsExternalKey_PolicyBypass
=== RUN   TestAccAWSKmsExternalKey_Tags
=== PAUSE TestAccAWSKmsExternalKey_Tags
=== RUN   TestAccAWSKmsExternalKey_ValidTo
=== PAUSE TestAccAWSKmsExternalKey_ValidTo
=== RUN   TestAccAWSKmsKey_basic
=== PAUSE TestAccAWSKmsKey_basic
=== RUN   TestAccAWSKmsKey_asymmetricKey
=== PAUSE TestAccAWSKmsKey_asymmetricKey
=== RUN   TestAccAWSKmsKey_disappears
=== PAUSE TestAccAWSKmsKey_disappears
=== RUN   TestAccAWSKmsKey_policy
=== PAUSE TestAccAWSKmsKey_policy
=== RUN   TestAccAWSKmsKey_policyBypass
=== PAUSE TestAccAWSKmsKey_policyBypass
=== RUN   TestAccAWSKmsKey_policyBypassUpdate
=== PAUSE TestAccAWSKmsKey_policyBypassUpdate
=== RUN   TestAccAWSKmsKey_Policy_IamRole
=== PAUSE TestAccAWSKmsKey_Policy_IamRole
=== RUN   TestAccAWSKmsKey_Policy_IamServiceLinkedRole
=== PAUSE TestAccAWSKmsKey_Policy_IamServiceLinkedRole
=== RUN   TestAccAWSKmsKey_isEnabled
=== PAUSE TestAccAWSKmsKey_isEnabled
=== RUN   TestAccAWSKmsKey_tags
=== PAUSE TestAccAWSKmsKey_tags
=== CONT  TestAccDataSourceAwsKmsAlias_AwsService
=== CONT  TestAccAWSKmsExternalKey_Policy
=== CONT  TestAccAWSKmsKey_policyBypass
=== CONT  TestAccAWSKmsKey_asymmetricKey
=== CONT  TestAccAWSKmsAlias_ArnDiffSuppress
=== CONT  TestAccAWSKmsExternalKey_KeyMaterialBase64
=== CONT  TestAccAWSKmsExternalKey_Enabled
=== CONT  TestAccAWSKmsExternalKey_Description
=== CONT  TestAccAWSKmsExternalKey_DeletionWindowInDays
=== CONT  TestAccAWSKmsExternalKey_disappears
=== CONT  TestAccAWSKmsExternalKey_basic
=== CONT  TestAccAWSKmsExternalKey_Tags
=== CONT  TestAccAWSKmsExternalKey_ValidTo
=== CONT  TestAccAWSKmsKey_basic
=== CONT  TestAccAWSKmsKey_policy
=== CONT  TestAccAWSKmsKey_disappears
=== CONT  TestAccAWSKmsKey_tags
=== CONT  TestAccAWSKmsExternalKey_PolicyBypass
=== CONT  TestAccAWSKmsAlias_basic
=== CONT  TestAccAWSKmsAlias_Name_Generated
--- PASS: TestAccDataSourceAwsKmsAlias_AwsService (62.45s)
=== CONT  TestAccAWSKmsKey_isEnabled
--- PASS: TestAccAWSKmsExternalKey_disappears (66.94s)
=== CONT  TestAccAWSKmsKey_Policy_IamServiceLinkedRole
--- PASS: TestAccAWSKmsKey_disappears (69.81s)
=== CONT  TestAccAWSKmsKey_Policy_IamRole
--- PASS: TestAccAWSKmsKey_asymmetricKey (82.26s)
=== CONT  TestAccAWSKmsKey_policyBypassUpdate
--- PASS: TestAccAWSKmsKey_basic (91.10s)
=== CONT  TestAccAWSKmsAlias_disappears
--- PASS: TestAccAWSKmsExternalKey_basic (91.29s)
=== CONT  TestAccAWSKmsAlias_UpdateKeyID
--- PASS: TestAccAWSKmsExternalKey_PolicyBypass (93.12s)
--- PASS: TestAccAWSKmsAlias_basic (93.23s)
=== CONT  TestAccAWSKmsAlias_NamePrefix
=== CONT  TestAccAWSKmsAlias_MultipleAliasesForSameKey
--- PASS: TestAccAWSKmsAlias_Name_Generated (93.58s)
=== CONT  TestAccDataSourceAwsKmsAlias_CMK
--- PASS: TestAccAWSKmsAlias_ArnDiffSuppress (122.14s)
--- PASS: TestAccAWSKmsExternalKey_DeletionWindowInDays (125.76s)
=== CONT  TestAccAWSKmsExternalKey_Description
--- PASS: TestAccAWSKmsKey_policy (135.77s)
--- PASS: TestAccAWSKmsExternalKey_Policy (136.17s)
--- PASS: TestAccAWSKmsExternalKey_Description (102.58s)
--- PASS: TestAccAWSKmsAlias_disappears (51.87s)
--- PASS: TestAccDataSourceAwsKmsAlias_CMK (51.72s)
--- PASS: TestAccAWSKmsAlias_NamePrefix (57.29s)
--- PASS: TestAccAWSKmsAlias_MultipleAliasesForSameKey (57.76s)
--- PASS: TestAccAWSKmsKey_Policy_IamRole (81.49s)
--- PASS: TestAccAWSKmsKey_Policy_IamServiceLinkedRole (91.69s)
--- PASS: TestAccAWSKmsAlias_UpdateKeyID (77.80s)
--- PASS: TestAccAWSKmsKey_policyBypass (188.35s)
--- PASS: TestAccAWSKmsExternalKey_Tags (206.31s)
--- PASS: TestAccAWSKmsKey_policyBypassUpdate (147.55s)
--- PASS: TestAccAWSKmsKey_tags (291.59s)
--- PASS: TestAccAWSKmsExternalKey_Enabled (357.66s)
--- PASS: TestAccAWSKmsExternalKey_KeyMaterialBase64 (371.76s)
--- PASS: TestAccAWSKmsKey_isEnabled (471.43s)
--- PASS: TestAccAWSKmsExternalKey_ValidTo (673.05s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	683.496s

@ewbankkit
Copy link
Contributor

@tism Thanks for the contribution 🎉 👏.
I went ahead and made the same changes to the aws_kms_external_key resource.

@ewbankkit ewbankkit merged commit ce03236 into hashicorp:main Aug 3, 2021
@github-actions github-actions bot added this to the v3.53.0 milestone Aug 3, 2021
@github-actions
Copy link

github-actions bot commented Aug 5, 2021

This functionality has been released in v3.53.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@jniebuhr jniebuhr mentioned this pull request Aug 9, 2021
Open
@dzandt dzandt mentioned this pull request Aug 26, 2021
Closed
@github-actions
Copy link

github-actions bot commented Sep 5, 2021

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 5, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ewbankkit ewbankkit ewbankkit approved these changes

Assignees
No one assigned
Labels
documentation Introduces or discusses updates to documentation. provider Pertains to the provider itself, rather than any interaction with AWS. service/ec2 Issues and PRs that pertain to the ec2 service. service/kms Issues and PRs that pertain to the kms service. size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v3.53.0
Development

Successfully merging this pull request may close these issues.

Support for BypassPolicyLockoutSafetyCheck on aws_kms_key
2 participants
@tism @ewbankkit