opentelekomcloud · otc-zuul · Jul 13, 2022 · Jul 12, 2022 · Jul 12, 2022 · Jul 12, 2022
diff --git a/docs/resources/kms_key_v1.md b/docs/resources/kms_key_v1.md
@@ -26,6 +26,9 @@ resource "opentelekomcloud_kms_key_v1" "key_1" {
 
 The following arguments are supported:
 
+* `allow_cancel_deletion` - (Optional) Specifies whether the key is enabled from Pending Deletion state. The value `true` indicates
+  that the key state Pending Deletion will be cancelled.
+
 * `key_alias` - (Required) The alias in which to create the key. It is required when
   we create a new key. Changing this updates the alias of key.
 

diff --git a/go.mod b/go.mod
@@ -13,7 +13,7 @@ require (
 	github.com/jen20/awspolicyequivalence v1.1.0
 	github.com/jinzhu/copier v0.3.5
 	github.com/mitchellh/go-homedir v1.1.0
-	github.com/opentelekomcloud/gophertelekomcloud v0.5.15-0.20220706063853-36a17543d6f9
+	github.com/opentelekomcloud/gophertelekomcloud v0.5.16
 	github.com/unknwon/com v1.0.1
 	golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9
 	gopkg.in/yaml.v2 v2.4.0

diff --git a/go.sum b/go.sum
@@ -203,6 +203,8 @@ github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw=
 github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
 github.com/opentelekomcloud/gophertelekomcloud v0.5.15-0.20220706063853-36a17543d6f9 h1:XKv+sTANU9vjZStqYQy9LUCUsvxesItv59QVVqCoA9k=
 github.com/opentelekomcloud/gophertelekomcloud v0.5.15-0.20220706063853-36a17543d6f9/go.mod h1:pzEP1kduNwv+hrI9R6/DFU/NiX7Kr9NiFjpQ7kJQTsM=
+github.com/opentelekomcloud/gophertelekomcloud v0.5.16 h1:LyBLSU8gc5sQHqi2A1YXgEZIEb+Dat40fNSi8f9Bf7g=
+github.com/opentelekomcloud/gophertelekomcloud v0.5.16/go.mod h1:pzEP1kduNwv+hrI9R6/DFU/NiX7Kr9NiFjpQ7kJQTsM=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=

diff --git a/opentelekomcloud/acceptance/kms/resource_opentelekomcloud_kms_key_v1_test.go b/opentelekomcloud/acceptance/kms/resource_opentelekomcloud_kms_key_v1_test.go
@@ -170,6 +170,28 @@ func TestAccKmsKey_rotation(t *testing.T) {
 	})
 }
 
+func TestAccKmsKey_cancelDeletion(t *testing.T) {
+	var key keys.Key
+	createName := "test_key_gopher"
+	resourceName := "opentelekomcloud_kms_key_v1.key_1"
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:          func() { common.TestAccPreCheck(t) },
+		ProviderFactories: common.TestAccProviderFactories,
+		CheckDestroy:      testAccCheckKmsV1KeyDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccKmsV1Key_cancelDeletion(createName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckKmsV1KeyExists(resourceName, &key),
+					resource.TestCheckResourceAttr(resourceName, "key_alias", createName),
+					resource.TestCheckResourceAttr(resourceName, "is_enabled", "true"),
+				),
+			},
+		},
+	})
+}
+
 func testAccKmsV1Key_basic(rName string) string {
 	return fmt.Sprintf(`
 resource "opentelekomcloud_kms_key_v1" "key_1" {
@@ -224,3 +246,17 @@ resource "opentelekomcloud_kms_key_v1" "key_1" {
   rotation_interval = 183
 }`, prefix)
 }
+
+func testAccKmsV1Key_cancelDeletion(rName string) string {
+	return fmt.Sprintf(`
+resource "opentelekomcloud_kms_key_v1" "key_1" {
+  key_alias             = "%s"
+  allow_cancel_deletion = true
+  key_description       = "some description"
+  tags = {
+    muh = "value-create"
+    kuh = "value-create"
+  }
+}
+`, rName)
+}
diff --git a/opentelekomcloud/services/kms/resource_opentelekomcloud_kms_key_v1.go b/opentelekomcloud/services/kms/resource_opentelekomcloud_kms_key_v1.go
@@ -14,7 +14,6 @@ import (
 	golangsdk "github.com/opentelekomcloud/gophertelekomcloud"
 	"github.com/opentelekomcloud/gophertelekomcloud/openstack/common/tags"
 	"github.com/opentelekomcloud/gophertelekomcloud/openstack/kms/v1/keys"
-
 	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/common"
 	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/common/cfg"
 	"github.com/opentelekomcloud/terraform-provider-opentelekomcloud/opentelekomcloud/common/fmterr"
@@ -62,6 +61,10 @@ func ResourceKmsKeyV1() *schema.Resource {
 				Type:     schema.TypeString,
 				Computed: true,
 			},
+			"allow_cancel_deletion": {
+				Type:     schema.TypeBool,
+				Optional: true,
+			},
 			"scheduled_deletion_date": {
 				Type:     schema.TypeString,
 				Computed: true,
@@ -142,6 +145,30 @@ func resourceKmsKeyV1Create(ctx context.Context, d *schema.ResourceData, meta in
 	}
 	log.Printf("[INFO] Key ID: %s", key.KeyID)
 
+	if d.Get("allow_cancel_deletion").(bool) {
+		keyGet, err := keys.Get(client, key.KeyID).ExtractKeyInfo()
+		if err != nil {
+			return diag.FromErr(err)
+		}
+		if keyGet.KeyState == PendingDeletionState {
+			cancelDeleteOpts := keys.CancelDeleteOpts{
+				KeyID: key.KeyID,
+			}
+			_, err = keys.CancelDelete(client, cancelDeleteOpts).Extract()
+			if err != nil {
+				return fmterr.Errorf("error disabling deletion of key: %s", err)
+			}
+
+			key, err := keys.EnableKey(client, key.KeyID).ExtractKeyInfo()
+			if err != nil {
+				return fmterr.Errorf("error enabling key: %s", err)
+			}
+			if key.KeyState != EnabledState {
+				return fmterr.Errorf("error enabling key, the key state is: %s", key.KeyState)
+			}
+		}
+	}
+
 	// Wait for the key to become enabled.
 	log.Printf("[DEBUG] Waiting for key (%s) to become enabled", key.KeyID)
 

diff --git a/releasenotes/notes/kms-desired-state-0d1a2eb41beae6ed.yaml b/releasenotes/notes/kms-desired-state-0d1a2eb41beae6ed.yaml
@@ -0,0 +1,4 @@
+---
+enhancements:
+  - |
+    **[KMS]** Add cancelling deletion via ``allow_cancel_deletion`` in ``resource/opentelekomcloud_kms_key_v1`` (`#1806 <https://github.com/opentelekomcloud/terraform-provider-opentelekomcloud/pull/1806>`_)