github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/aws/data_source_aws_kms_secret_test.go (about) 1 package aws 2 3 import ( 4 "encoding/base64" 5 "fmt" 6 "testing" 7 8 "github.com/aws/aws-sdk-go/aws" 9 "github.com/aws/aws-sdk-go/service/kms" 10 11 "github.com/hashicorp/terraform/helper/resource" 12 "github.com/hashicorp/terraform/terraform" 13 ) 14 15 func TestAccAWSKmsSecretDataSource_basic(t *testing.T) { 16 // Run a resource test to setup our KMS key 17 resource.Test(t, resource.TestCase{ 18 PreCheck: func() { testAccPreCheck(t) }, 19 Providers: testAccProviders, 20 Steps: []resource.TestStep{ 21 { 22 Config: testAccCheckAwsKmsSecretDataSourceKey, 23 Check: func(s *terraform.State) error { 24 encryptedPayload, err := testAccCheckAwsKmsSecretDataSourceCheckKeySetup(s) 25 if err != nil { 26 return err 27 } 28 29 // We run the actual test on our data source nested in the 30 // Check function of the KMS key so we can access the 31 // encrypted output, above, and so that the key will be 32 // deleted at the end of the test 33 resource.Test(t, resource.TestCase{ 34 PreCheck: func() { testAccPreCheck(t) }, 35 Providers: testAccProviders, 36 Steps: []resource.TestStep{ 37 { 38 Config: fmt.Sprintf(testAccCheckAwsKmsSecretDataSourceSecret, encryptedPayload), 39 Check: resource.ComposeTestCheckFunc( 40 resource.TestCheckResourceAttr("data.aws_kms_secret.testing", "secret_name", "PAYLOAD"), 41 ), 42 }, 43 }, 44 }) 45 46 return nil 47 }, 48 }, 49 }, 50 }) 51 52 } 53 54 func testAccCheckAwsKmsSecretDataSourceCheckKeySetup(s *terraform.State) (string, error) { 55 rs, ok := s.RootModule().Resources["aws_kms_key.terraform_data_source_testing"] 56 if !ok { 57 return "", fmt.Errorf("Failed to setup a KMS key for data source testing!") 58 } 59 60 // Now that the key is setup encrypt a string using it 61 // XXX TODO: Set up and test with grants 62 params := &kms.EncryptInput{ 63 KeyId: aws.String(rs.Primary.Attributes["arn"]), 64 Plaintext: []byte("PAYLOAD"), 65 EncryptionContext: map[string]*string{ 66 "name": aws.String("value"), 67 }, 68 } 69 70 kmsconn := testAccProvider.Meta().(*AWSClient).kmsconn 71 resp, err := kmsconn.Encrypt(params) 72 if err != nil { 73 return "", fmt.Errorf("Failed encrypting string with KMS for data source testing: %s", err) 74 } 75 76 return base64.StdEncoding.EncodeToString(resp.CiphertextBlob), nil 77 } 78 79 const testAccCheckAwsKmsSecretDataSourceKey = ` 80 resource "aws_kms_key" "terraform_data_source_testing" { 81 description = "Testing the Terraform AWS KMS Secret data_source" 82 } 83 ` 84 85 const testAccCheckAwsKmsSecretDataSourceSecret = ` 86 data "aws_kms_secret" "testing" { 87 secret { 88 name = "secret_name" 89 payload = "%s" 90 91 context { 92 name = "value" 93 } 94 } 95 } 96 `