mirror of
https://github.com/letic/terraform-provider-google.git
synced 2024-10-04 17:51:11 +00:00
Make Disk KMS features GA (#2884)
<!-- This change is generated by MagicModules. --> /cc @chrisst
This commit is contained in:
parent
411bf089d1
commit
bb4697dd87
@ -270,6 +270,12 @@ func resourceComputeDisk() *schema.Resource {
|
|||||||
MaxItems: 1,
|
MaxItems: 1,
|
||||||
Elem: &schema.Resource{
|
Elem: &schema.Resource{
|
||||||
Schema: map[string]*schema.Schema{
|
Schema: map[string]*schema.Schema{
|
||||||
|
"kms_key_self_link": {
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Optional: true,
|
||||||
|
ForceNew: true,
|
||||||
|
DiffSuppressFunc: compareSelfLinkRelativePaths,
|
||||||
|
},
|
||||||
"raw_key": {
|
"raw_key": {
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
Optional: true,
|
Optional: true,
|
||||||
@ -311,6 +317,12 @@ func resourceComputeDisk() *schema.Resource {
|
|||||||
MaxItems: 1,
|
MaxItems: 1,
|
||||||
Elem: &schema.Resource{
|
Elem: &schema.Resource{
|
||||||
Schema: map[string]*schema.Schema{
|
Schema: map[string]*schema.Schema{
|
||||||
|
"kms_key_self_link": {
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Optional: true,
|
||||||
|
ForceNew: true,
|
||||||
|
DiffSuppressFunc: compareSelfLinkRelativePaths,
|
||||||
|
},
|
||||||
"raw_key": {
|
"raw_key": {
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
Optional: true,
|
Optional: true,
|
||||||
@ -330,6 +342,12 @@ func resourceComputeDisk() *schema.Resource {
|
|||||||
MaxItems: 1,
|
MaxItems: 1,
|
||||||
Elem: &schema.Resource{
|
Elem: &schema.Resource{
|
||||||
Schema: map[string]*schema.Schema{
|
Schema: map[string]*schema.Schema{
|
||||||
|
"kms_key_self_link": {
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Optional: true,
|
||||||
|
ForceNew: true,
|
||||||
|
DiffSuppressFunc: compareSelfLinkRelativePaths,
|
||||||
|
},
|
||||||
"raw_key": {
|
"raw_key": {
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
Optional: true,
|
Optional: true,
|
||||||
@ -899,6 +917,8 @@ func flattenComputeDiskSourceImageEncryptionKey(v interface{}, d *schema.Resourc
|
|||||||
flattenComputeDiskSourceImageEncryptionKeyRawKey(original["rawKey"], d)
|
flattenComputeDiskSourceImageEncryptionKeyRawKey(original["rawKey"], d)
|
||||||
transformed["sha256"] =
|
transformed["sha256"] =
|
||||||
flattenComputeDiskSourceImageEncryptionKeySha256(original["sha256"], d)
|
flattenComputeDiskSourceImageEncryptionKeySha256(original["sha256"], d)
|
||||||
|
transformed["kms_key_self_link"] =
|
||||||
|
flattenComputeDiskSourceImageEncryptionKeyKmsKeySelfLink(original["kmsKeyName"], d)
|
||||||
return []interface{}{transformed}
|
return []interface{}{transformed}
|
||||||
}
|
}
|
||||||
func flattenComputeDiskSourceImageEncryptionKeyRawKey(v interface{}, d *schema.ResourceData) interface{} {
|
func flattenComputeDiskSourceImageEncryptionKeyRawKey(v interface{}, d *schema.ResourceData) interface{} {
|
||||||
@ -909,6 +929,10 @@ func flattenComputeDiskSourceImageEncryptionKeySha256(v interface{}, d *schema.R
|
|||||||
return v
|
return v
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func flattenComputeDiskSourceImageEncryptionKeyKmsKeySelfLink(v interface{}, d *schema.ResourceData) interface{} {
|
||||||
|
return v
|
||||||
|
}
|
||||||
|
|
||||||
func flattenComputeDiskSourceImageId(v interface{}, d *schema.ResourceData) interface{} {
|
func flattenComputeDiskSourceImageId(v interface{}, d *schema.ResourceData) interface{} {
|
||||||
return v
|
return v
|
||||||
}
|
}
|
||||||
@ -926,6 +950,8 @@ func flattenComputeDiskDiskEncryptionKey(v interface{}, d *schema.ResourceData)
|
|||||||
flattenComputeDiskDiskEncryptionKeyRawKey(original["rawKey"], d)
|
flattenComputeDiskDiskEncryptionKeyRawKey(original["rawKey"], d)
|
||||||
transformed["sha256"] =
|
transformed["sha256"] =
|
||||||
flattenComputeDiskDiskEncryptionKeySha256(original["sha256"], d)
|
flattenComputeDiskDiskEncryptionKeySha256(original["sha256"], d)
|
||||||
|
transformed["kms_key_self_link"] =
|
||||||
|
flattenComputeDiskDiskEncryptionKeyKmsKeySelfLink(original["kmsKeyName"], d)
|
||||||
return []interface{}{transformed}
|
return []interface{}{transformed}
|
||||||
}
|
}
|
||||||
func flattenComputeDiskDiskEncryptionKeyRawKey(v interface{}, d *schema.ResourceData) interface{} {
|
func flattenComputeDiskDiskEncryptionKeyRawKey(v interface{}, d *schema.ResourceData) interface{} {
|
||||||
@ -936,6 +962,10 @@ func flattenComputeDiskDiskEncryptionKeySha256(v interface{}, d *schema.Resource
|
|||||||
return v
|
return v
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func flattenComputeDiskDiskEncryptionKeyKmsKeySelfLink(v interface{}, d *schema.ResourceData) interface{} {
|
||||||
|
return v
|
||||||
|
}
|
||||||
|
|
||||||
func flattenComputeDiskSnapshot(v interface{}, d *schema.ResourceData) interface{} {
|
func flattenComputeDiskSnapshot(v interface{}, d *schema.ResourceData) interface{} {
|
||||||
if v == nil {
|
if v == nil {
|
||||||
return v
|
return v
|
||||||
@ -954,6 +984,8 @@ func flattenComputeDiskSourceSnapshotEncryptionKey(v interface{}, d *schema.Reso
|
|||||||
transformed := make(map[string]interface{})
|
transformed := make(map[string]interface{})
|
||||||
transformed["raw_key"] =
|
transformed["raw_key"] =
|
||||||
flattenComputeDiskSourceSnapshotEncryptionKeyRawKey(original["rawKey"], d)
|
flattenComputeDiskSourceSnapshotEncryptionKeyRawKey(original["rawKey"], d)
|
||||||
|
transformed["kms_key_self_link"] =
|
||||||
|
flattenComputeDiskSourceSnapshotEncryptionKeyKmsKeySelfLink(original["kmsKeyName"], d)
|
||||||
transformed["sha256"] =
|
transformed["sha256"] =
|
||||||
flattenComputeDiskSourceSnapshotEncryptionKeySha256(original["sha256"], d)
|
flattenComputeDiskSourceSnapshotEncryptionKeySha256(original["sha256"], d)
|
||||||
return []interface{}{transformed}
|
return []interface{}{transformed}
|
||||||
@ -962,6 +994,10 @@ func flattenComputeDiskSourceSnapshotEncryptionKeyRawKey(v interface{}, d *schem
|
|||||||
return v
|
return v
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func flattenComputeDiskSourceSnapshotEncryptionKeyKmsKeySelfLink(v interface{}, d *schema.ResourceData) interface{} {
|
||||||
|
return v
|
||||||
|
}
|
||||||
|
|
||||||
func flattenComputeDiskSourceSnapshotEncryptionKeySha256(v interface{}, d *schema.ResourceData) interface{} {
|
func flattenComputeDiskSourceSnapshotEncryptionKeySha256(v interface{}, d *schema.ResourceData) interface{} {
|
||||||
return v
|
return v
|
||||||
}
|
}
|
||||||
@ -1040,6 +1076,13 @@ func expandComputeDiskSourceImageEncryptionKey(v interface{}, d *schema.Resource
|
|||||||
transformed["sha256"] = transformedSha256
|
transformed["sha256"] = transformedSha256
|
||||||
}
|
}
|
||||||
|
|
||||||
|
transformedKmsKeySelfLink, err := expandComputeDiskSourceImageEncryptionKeyKmsKeySelfLink(original["kms_key_self_link"], d, config)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
} else if val := reflect.ValueOf(transformedKmsKeySelfLink); val.IsValid() && !isEmptyValue(val) {
|
||||||
|
transformed["kmsKeyName"] = transformedKmsKeySelfLink
|
||||||
|
}
|
||||||
|
|
||||||
return transformed, nil
|
return transformed, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1051,6 +1094,10 @@ func expandComputeDiskSourceImageEncryptionKeySha256(v interface{}, d *schema.Re
|
|||||||
return v, nil
|
return v, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func expandComputeDiskSourceImageEncryptionKeyKmsKeySelfLink(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
|
||||||
|
return v, nil
|
||||||
|
}
|
||||||
|
|
||||||
func expandComputeDiskDiskEncryptionKey(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
|
func expandComputeDiskDiskEncryptionKey(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
|
||||||
l := v.([]interface{})
|
l := v.([]interface{})
|
||||||
if len(l) == 0 || l[0] == nil {
|
if len(l) == 0 || l[0] == nil {
|
||||||
@ -1074,6 +1121,13 @@ func expandComputeDiskDiskEncryptionKey(v interface{}, d *schema.ResourceData, c
|
|||||||
transformed["sha256"] = transformedSha256
|
transformed["sha256"] = transformedSha256
|
||||||
}
|
}
|
||||||
|
|
||||||
|
transformedKmsKeySelfLink, err := expandComputeDiskDiskEncryptionKeyKmsKeySelfLink(original["kms_key_self_link"], d, config)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
} else if val := reflect.ValueOf(transformedKmsKeySelfLink); val.IsValid() && !isEmptyValue(val) {
|
||||||
|
transformed["kmsKeyName"] = transformedKmsKeySelfLink
|
||||||
|
}
|
||||||
|
|
||||||
return transformed, nil
|
return transformed, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1085,6 +1139,10 @@ func expandComputeDiskDiskEncryptionKeySha256(v interface{}, d *schema.ResourceD
|
|||||||
return v, nil
|
return v, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func expandComputeDiskDiskEncryptionKeyKmsKeySelfLink(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
|
||||||
|
return v, nil
|
||||||
|
}
|
||||||
|
|
||||||
func expandComputeDiskSnapshot(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
|
func expandComputeDiskSnapshot(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
|
||||||
f, err := parseGlobalFieldValue("snapshots", v.(string), "project", d, config, true)
|
f, err := parseGlobalFieldValue("snapshots", v.(string), "project", d, config, true)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@ -1109,6 +1167,13 @@ func expandComputeDiskSourceSnapshotEncryptionKey(v interface{}, d *schema.Resou
|
|||||||
transformed["rawKey"] = transformedRawKey
|
transformed["rawKey"] = transformedRawKey
|
||||||
}
|
}
|
||||||
|
|
||||||
|
transformedKmsKeySelfLink, err := expandComputeDiskSourceSnapshotEncryptionKeyKmsKeySelfLink(original["kms_key_self_link"], d, config)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
} else if val := reflect.ValueOf(transformedKmsKeySelfLink); val.IsValid() && !isEmptyValue(val) {
|
||||||
|
transformed["kmsKeyName"] = transformedKmsKeySelfLink
|
||||||
|
}
|
||||||
|
|
||||||
transformedSha256, err := expandComputeDiskSourceSnapshotEncryptionKeySha256(original["sha256"], d, config)
|
transformedSha256, err := expandComputeDiskSourceSnapshotEncryptionKeySha256(original["sha256"], d, config)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
@ -1123,6 +1188,10 @@ func expandComputeDiskSourceSnapshotEncryptionKeyRawKey(v interface{}, d *schema
|
|||||||
return v, nil
|
return v, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func expandComputeDiskSourceSnapshotEncryptionKeyKmsKeySelfLink(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
|
||||||
|
return v, nil
|
||||||
|
}
|
||||||
|
|
||||||
func expandComputeDiskSourceSnapshotEncryptionKeySha256(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
|
func expandComputeDiskSourceSnapshotEncryptionKeySha256(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
|
||||||
return v, nil
|
return v, nil
|
||||||
}
|
}
|
||||||
|
@ -175,6 +175,13 @@ The `source_image_encryption_key` block supports:
|
|||||||
The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
|
The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
|
||||||
encryption key that protects this resource.
|
encryption key that protects this resource.
|
||||||
|
|
||||||
|
* `kms_key_self_link` -
|
||||||
|
(Optional)
|
||||||
|
The self link of the encryption key used to encrypt the disk. Also called KmsKeyName
|
||||||
|
in the cloud console. In order to use this additional
|
||||||
|
IAM permissions need to be set on the Compute Engine Service Agent. See
|
||||||
|
https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys
|
||||||
|
|
||||||
The `disk_encryption_key` block supports:
|
The `disk_encryption_key` block supports:
|
||||||
|
|
||||||
* `raw_key` -
|
* `raw_key` -
|
||||||
@ -186,6 +193,13 @@ The `disk_encryption_key` block supports:
|
|||||||
The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
|
The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
|
||||||
encryption key that protects this resource.
|
encryption key that protects this resource.
|
||||||
|
|
||||||
|
* `kms_key_self_link` -
|
||||||
|
(Optional)
|
||||||
|
The self link of the encryption key used to encrypt the disk. Also called KmsKeyName
|
||||||
|
in the cloud console. In order to use this additional
|
||||||
|
IAM permissions need to be set on the Compute Engine Service Agent. See
|
||||||
|
https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys
|
||||||
|
|
||||||
The `source_snapshot_encryption_key` block supports:
|
The `source_snapshot_encryption_key` block supports:
|
||||||
|
|
||||||
* `raw_key` -
|
* `raw_key` -
|
||||||
@ -193,6 +207,13 @@ The `source_snapshot_encryption_key` block supports:
|
|||||||
Specifies a 256-bit customer-supplied encryption key, encoded in
|
Specifies a 256-bit customer-supplied encryption key, encoded in
|
||||||
RFC 4648 base64 to either encrypt or decrypt this resource.
|
RFC 4648 base64 to either encrypt or decrypt this resource.
|
||||||
|
|
||||||
|
* `kms_key_self_link` -
|
||||||
|
(Optional)
|
||||||
|
The self link of the encryption key used to encrypt the disk. Also called KmsKeyName
|
||||||
|
in the cloud console. In order to use this additional
|
||||||
|
IAM permissions need to be set on the Compute Engine Service Agent. See
|
||||||
|
https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys
|
||||||
|
|
||||||
* `sha256` -
|
* `sha256` -
|
||||||
The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
|
The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
|
||||||
encryption key that protects this resource.
|
encryption key that protects this resource.
|
||||||
|
Loading…
Reference in New Issue
Block a user