github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/aws/data_source_aws_kms_secret_test.go (about)

     1  package aws
     2  
     3  import (
     4  	"encoding/base64"
     5  	"fmt"
     6  	"testing"
     7  
     8  	"github.com/aws/aws-sdk-go/aws"
     9  	"github.com/aws/aws-sdk-go/service/kms"
    10  
    11  	"github.com/hashicorp/terraform/helper/resource"
    12  	"github.com/hashicorp/terraform/terraform"
    13  )
    14  
    15  func TestAccAWSKmsSecretDataSource_basic(t *testing.T) {
    16  	// Run a resource test to setup our KMS key
    17  	resource.Test(t, resource.TestCase{
    18  		PreCheck:  func() { testAccPreCheck(t) },
    19  		Providers: testAccProviders,
    20  		Steps: []resource.TestStep{
    21  			{
    22  				Config: testAccCheckAwsKmsSecretDataSourceKey,
    23  				Check: func(s *terraform.State) error {
    24  					encryptedPayload, err := testAccCheckAwsKmsSecretDataSourceCheckKeySetup(s)
    25  					if err != nil {
    26  						return err
    27  					}
    28  
    29  					// We run the actual test on our data source nested in the
    30  					// Check function of the KMS key so we can access the
    31  					// encrypted output, above, and so that the key will be
    32  					// deleted at the end of the test
    33  					resource.Test(t, resource.TestCase{
    34  						PreCheck:  func() { testAccPreCheck(t) },
    35  						Providers: testAccProviders,
    36  						Steps: []resource.TestStep{
    37  							{
    38  								Config: fmt.Sprintf(testAccCheckAwsKmsSecretDataSourceSecret, encryptedPayload),
    39  								Check: resource.ComposeTestCheckFunc(
    40  									resource.TestCheckResourceAttr("data.aws_kms_secret.testing", "secret_name", "PAYLOAD"),
    41  								),
    42  							},
    43  						},
    44  					})
    45  
    46  					return nil
    47  				},
    48  			},
    49  		},
    50  	})
    51  
    52  }
    53  
    54  func testAccCheckAwsKmsSecretDataSourceCheckKeySetup(s *terraform.State) (string, error) {
    55  	rs, ok := s.RootModule().Resources["aws_kms_key.terraform_data_source_testing"]
    56  	if !ok {
    57  		return "", fmt.Errorf("Failed to setup a KMS key for data source testing!")
    58  	}
    59  
    60  	// Now that the key is setup encrypt a string using it
    61  	// XXX TODO: Set up and test with grants
    62  	params := &kms.EncryptInput{
    63  		KeyId:     aws.String(rs.Primary.Attributes["arn"]),
    64  		Plaintext: []byte("PAYLOAD"),
    65  		EncryptionContext: map[string]*string{
    66  			"name": aws.String("value"),
    67  		},
    68  	}
    69  
    70  	kmsconn := testAccProvider.Meta().(*AWSClient).kmsconn
    71  	resp, err := kmsconn.Encrypt(params)
    72  	if err != nil {
    73  		return "", fmt.Errorf("Failed encrypting string with KMS for data source testing: %s", err)
    74  	}
    75  
    76  	return base64.StdEncoding.EncodeToString(resp.CiphertextBlob), nil
    77  }
    78  
    79  const testAccCheckAwsKmsSecretDataSourceKey = `
    80  resource "aws_kms_key" "terraform_data_source_testing" {
    81      description = "Testing the Terraform AWS KMS Secret data_source"
    82  }
    83  `
    84  
    85  const testAccCheckAwsKmsSecretDataSourceSecret = `
    86  data "aws_kms_secret" "testing" {
    87      secret {
    88          name = "secret_name"
    89          payload = "%s"
    90  
    91          context {
    92              name = "value"
    93          }
    94      }
    95  }
    96  `