Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

r/kms_key: add support for rotation_period_in_days #37140

Merged
merged 5 commits into from May 6, 2024
Merged

r/kms_key: add support for rotation_period_in_days #37140

merged 5 commits into from May 6, 2024

Conversation

aristosvo
Copy link
Contributor

@aristosvo aristosvo commented Apr 27, 2024
edited

Description

rotation_period_in_days enables a custom rotation period when you enable key rotation.

I've included it as an argument instead of using a separate resource, as enablement of key rotation was already included in the aws_kms_key resource.

Edit: I've rebased on main as #37092 is now merged

Relations

Closes #36948

References

RotationPeriodInDays AWS docs

Output from Acceptance Testing

% make testacc TESTS=TestAccKMSKey_rotation PKG=kms 
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.22.2 test ./internal/service/kms/... -v -count 1 -parallel 20 -run='TestAccKMSKey_rotation'  -timeout 360m
=== RUN   TestAccKMSKey_rotation
=== PAUSE TestAccKMSKey_rotation
=== CONT  TestAccKMSKey_rotation
--- PASS: TestAccKMSKey_rotation (44.54s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/kms        48.404s

@github-actions GitHub Actions
Copy link

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/s3 Issues and PRs that pertain to the s3 service. service/kms Issues and PRs that pertain to the kms service. sweeper Pertains to changes to or issues with the sweeper. tags Pertains to resource tagging. client-connections Pertains to the AWS Client and service connections. generators Relates to code generators. service/ec2ebs Issues and PRs that pertain to the ec2ebs service. labels Apr 27, 2024
@terraform-aws-provider terraform-aws-provider bot added the needs-triage Waiting for first response or review from a maintainer. label Apr 27, 2024
@github-actions GitHub Actions
Copy link

Thank you for your contribution! 🚀

Please note that typically Go dependency changes are handled in this repository by dependabot or the maintainers. This is to prevent pull request merge conflicts and further delay reviews of contributions. Remove any changes to the go.mod or go.sum files and commit them into this pull request.

Additional details:

  • Check open pull requests with the dependencies label to view other dependency updates.
  • If this pull request includes an update the AWS Go SDK (or any other dependency) version, only updates submitted via dependabot will be merged. This pull request will need to remove these changes and will need to be rebased after the existing dependency update via dependabot has been merged for this pull request to be reviewed.
  • If this pull request is for supporting a new AWS service:
    • Ensure the new AWS service changes are following the Contributing Guide section on new services, in particular that the dependency addition and initial provider support are in a separate pull request from other changes (e.g. new resources). Contributions not following this item will not be reviewed until the changes are split.
    • If this pull request is already a separate pull request from the above item, you can ignore this message.

@github-actions github-actions bot added the documentation Introduces or discusses updates to documentation. label Apr 27, 2024
@aristosvo aristosvo force-pushed the key/automatic-rotation branch 2 times, most recently from 166e3a5 to 2f01102 Compare April 27, 2024 14:19
@aristosvo aristosvo marked this pull request as ready for review April 27, 2024 14:30
@justinretzolk justinretzolk added enhancement Requests to existing resources that expand the functionality or scope. and removed needs-triage Waiting for first response or review from a maintainer. labels Apr 30, 2024
@github-actions github-actions bot added size/M Managed by automation to categorize the size of a PR. and removed size/XL Managed by automation to categorize the size of a PR. labels May 5, 2024
@aristosvo
Copy link
Contributor Author

Rebased based on main as #37092 is now merged.

@ewbankkit ewbankkit self-assigned this May 6, 2024
@terraform-aws-provider terraform-aws-provider bot added the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label May 6, 2024
ewbankkit
ewbankkit approved these changes May 6, 2024
View reviewed changes
Copy link
Contributor

@ewbankkit ewbankkit left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀.

% ACCTEST_TIMEOUT=720m make testacc TESTARGS='-run=TestAccKMSKey_' PKG=kms ACCTEST_PARALLELISM=3
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.22.2 test ./internal/service/kms/... -v -count 1 -parallel 3  -run=TestAccKMSKey_ -timeout 720m
=== RUN   TestAccKMSKey_basic
=== PAUSE TestAccKMSKey_basic
=== RUN   TestAccKMSKey_disappears
=== PAUSE TestAccKMSKey_disappears
=== RUN   TestAccKMSKey_multiRegion
=== PAUSE TestAccKMSKey_multiRegion
=== RUN   TestAccKMSKey_asymmetricKey
=== PAUSE TestAccKMSKey_asymmetricKey
=== RUN   TestAccKMSKey_hmacKey
=== PAUSE TestAccKMSKey_hmacKey
=== RUN   TestAccKMSKey_Policy_basic
=== PAUSE TestAccKMSKey_Policy_basic
=== RUN   TestAccKMSKey_Policy_bypass
=== PAUSE TestAccKMSKey_Policy_bypass
=== RUN   TestAccKMSKey_Policy_bypassUpdate
=== PAUSE TestAccKMSKey_Policy_bypassUpdate
=== RUN   TestAccKMSKey_Policy_iamRole
=== PAUSE TestAccKMSKey_Policy_iamRole
=== RUN   TestAccKMSKey_Policy_iamRoleUpdate
=== PAUSE TestAccKMSKey_Policy_iamRoleUpdate
=== RUN   TestAccKMSKey_Policy_iamRoleOrder
=== PAUSE TestAccKMSKey_Policy_iamRoleOrder
=== RUN   TestAccKMSKey_Policy_iamServiceLinkedRole
=== PAUSE TestAccKMSKey_Policy_iamServiceLinkedRole
=== RUN   TestAccKMSKey_Policy_booleanCondition
=== PAUSE TestAccKMSKey_Policy_booleanCondition
=== RUN   TestAccKMSKey_isEnabled
=== PAUSE TestAccKMSKey_isEnabled
=== RUN   TestAccKMSKey_rotation
=== PAUSE TestAccKMSKey_rotation
=== RUN   TestAccKMSKey_tags
=== PAUSE TestAccKMSKey_tags
=== RUN   TestAccKMSKey_ignoreTags
=== PAUSE TestAccKMSKey_ignoreTags
=== RUN   TestAccKMSKey_updateTagsEmptyValue
=== PAUSE TestAccKMSKey_updateTagsEmptyValue
=== CONT  TestAccKMSKey_basic
=== CONT  TestAccKMSKey_Policy_iamRoleUpdate
=== CONT  TestAccKMSKey_Policy_basic
--- PASS: TestAccKMSKey_basic (38.20s)
=== CONT  TestAccKMSKey_Policy_bypassUpdate
--- PASS: TestAccKMSKey_Policy_basic (41.78s)
=== CONT  TestAccKMSKey_Policy_iamRole
--- PASS: TestAccKMSKey_Policy_iamRoleUpdate (53.85s)
=== CONT  TestAccKMSKey_rotation
--- PASS: TestAccKMSKey_Policy_bypassUpdate (39.18s)
=== CONT  TestAccKMSKey_updateTagsEmptyValue
--- PASS: TestAccKMSKey_Policy_iamRole (37.94s)
=== CONT  TestAccKMSKey_ignoreTags
--- PASS: TestAccKMSKey_rotation (59.19s)
=== CONT  TestAccKMSKey_tags
--- PASS: TestAccKMSKey_updateTagsEmptyValue (43.68s)
=== CONT  TestAccKMSKey_Policy_bypass
--- PASS: TestAccKMSKey_ignoreTags (54.16s)
=== CONT  TestAccKMSKey_Policy_booleanCondition
--- PASS: TestAccKMSKey_Policy_booleanCondition (21.87s)
=== CONT  TestAccKMSKey_isEnabled
--- PASS: TestAccKMSKey_tags (80.34s)
=== CONT  TestAccKMSKey_asymmetricKey
--- PASS: TestAccKMSKey_asymmetricKey (16.75s)
=== CONT  TestAccKMSKey_hmacKey
--- PASS: TestAccKMSKey_hmacKey (16.13s)
=== CONT  TestAccKMSKey_Policy_iamServiceLinkedRole
--- PASS: TestAccKMSKey_Policy_iamServiceLinkedRole (44.01s)
=== CONT  TestAccKMSKey_Policy_iamRoleOrder
--- PASS: TestAccKMSKey_Policy_bypass (153.01s)
=== CONT  TestAccKMSKey_multiRegion
--- PASS: TestAccKMSKey_isEnabled (122.18s)
=== CONT  TestAccKMSKey_disappears
--- PASS: TestAccKMSKey_Policy_iamRoleOrder (54.43s)
--- PASS: TestAccKMSKey_disappears (18.95s)
--- PASS: TestAccKMSKey_multiRegion (23.33s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/kms	307.830s

@ewbankkit
Copy link
Contributor

@aristosvo Thanks for the contribution 🎉 👏.

@ewbankkit ewbankkit merged commit a48f1ac into hashicorp:main May 6, 2024
43 checks passed
@github-actions github-actions bot added this to the v5.49.0 milestone May 6, 2024
@github-actions github-actions bot removed the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label May 10, 2024
@github-actions GitHub Actions
Copy link

This functionality has been released in v5.49.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@magreenbaum magreenbaum mentioned this pull request May 11, 2024
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ewbankkit ewbankkit ewbankkit approved these changes

@fabio-sv fabio-sv fabio-sv approved these changes

Assignees

@ewbankkit ewbankkit

Labels
client-connections Pertains to the AWS Client and service connections. documentation Introduces or discusses updates to documentation. enhancement Requests to existing resources that expand the functionality or scope. generators Relates to code generators. service/ec2ebs Issues and PRs that pertain to the ec2ebs service. service/kms Issues and PRs that pertain to the kms service. service/s3 Issues and PRs that pertain to the s3 service. size/M Managed by automation to categorize the size of a PR. sweeper Pertains to changes to or issues with the sweeper. tags Pertains to resource tagging. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Milestone
v5.49.0
Development

Successfully merging this pull request may close these issues.

[Enhancement]: Add support for KMS Flexible key rotation
4 participants
@aristosvo @ewbankkit @fabio-sv @justinretzolk