public/terraform-provider-google
0
0
Fork 0
mirror of https://github.com/letic/terraform-provider-google.git synced 2024-07-05 17:52:38 +00:00
Code Issues Projects Releases Wiki Activity

Make Disk KMS features GA (#2884)

Browse Source 
<!-- This change is generated by MagicModules. -->
/cc @chrisst
This commit is contained in:
The Magician 2019-01-16 11:52:33 -08:00 committed by Chris Stephens
parent 411bf089d1
commit bb4697dd87
2 changed files with 90 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
google/resource_compute_disk.go
View File

@ -270,6 +270,12 @@ func resourceComputeDisk() *schema.Resource {
MaxItems: 1, MaxItems: 1,
Elem: &schema.Resource{ Elem: &schema.Resource{
Schema: map[string]*schema.Schema{ Schema: map[string]*schema.Schema{
"kms_key_self_link": {
Type: schema.TypeString,
Optional: true,
ForceNew: true,
DiffSuppressFunc: compareSelfLinkRelativePaths,
},
"raw_key": { "raw_key": {
Type: schema.TypeString, Type: schema.TypeString,
Optional: true, Optional: true,
@ -311,6 +317,12 @@ func resourceComputeDisk() *schema.Resource {
MaxItems: 1, MaxItems: 1,
Elem: &schema.Resource{ Elem: &schema.Resource{
Schema: map[string]*schema.Schema{ Schema: map[string]*schema.Schema{
"kms_key_self_link": {
Type: schema.TypeString,
Optional: true,
ForceNew: true,
DiffSuppressFunc: compareSelfLinkRelativePaths,
},
"raw_key": { "raw_key": {
Type: schema.TypeString, Type: schema.TypeString,
Optional: true, Optional: true,
@ -330,6 +342,12 @@ func resourceComputeDisk() *schema.Resource {
MaxItems: 1, MaxItems: 1,
Elem: &schema.Resource{ Elem: &schema.Resource{
Schema: map[string]*schema.Schema{ Schema: map[string]*schema.Schema{
"kms_key_self_link": {
Type: schema.TypeString,
Optional: true,
ForceNew: true,
DiffSuppressFunc: compareSelfLinkRelativePaths,
},
"raw_key": { "raw_key": {
Type: schema.TypeString, Type: schema.TypeString,
Optional: true, Optional: true,
@ -899,6 +917,8 @@ func flattenComputeDiskSourceImageEncryptionKey(v interface{}, d *schema.Resourc
flattenComputeDiskSourceImageEncryptionKeyRawKey(original["rawKey"], d) flattenComputeDiskSourceImageEncryptionKeyRawKey(original["rawKey"], d)
transformed["sha256"] = transformed["sha256"] =
flattenComputeDiskSourceImageEncryptionKeySha256(original["sha256"], d) flattenComputeDiskSourceImageEncryptionKeySha256(original["sha256"], d)
transformed["kms_key_self_link"] =
flattenComputeDiskSourceImageEncryptionKeyKmsKeySelfLink(original["kmsKeyName"], d)
return []interface{}{transformed} return []interface{}{transformed}
} }
func flattenComputeDiskSourceImageEncryptionKeyRawKey(v interface{}, d *schema.ResourceData) interface{} { func flattenComputeDiskSourceImageEncryptionKeyRawKey(v interface{}, d *schema.ResourceData) interface{} {
@ -909,6 +929,10 @@ func flattenComputeDiskSourceImageEncryptionKeySha256(v interface{}, d *schema.R
return v return v
} }
func flattenComputeDiskSourceImageEncryptionKeyKmsKeySelfLink(v interface{}, d *schema.ResourceData) interface{} {
return v
}
func flattenComputeDiskSourceImageId(v interface{}, d *schema.ResourceData) interface{} { func flattenComputeDiskSourceImageId(v interface{}, d *schema.ResourceData) interface{} {
return v return v
} }
@ -926,6 +950,8 @@ func flattenComputeDiskDiskEncryptionKey(v interface{}, d *schema.ResourceData)
flattenComputeDiskDiskEncryptionKeyRawKey(original["rawKey"], d) flattenComputeDiskDiskEncryptionKeyRawKey(original["rawKey"], d)
transformed["sha256"] = transformed["sha256"] =
flattenComputeDiskDiskEncryptionKeySha256(original["sha256"], d) flattenComputeDiskDiskEncryptionKeySha256(original["sha256"], d)
transformed["kms_key_self_link"] =
flattenComputeDiskDiskEncryptionKeyKmsKeySelfLink(original["kmsKeyName"], d)
return []interface{}{transformed} return []interface{}{transformed}
} }
func flattenComputeDiskDiskEncryptionKeyRawKey(v interface{}, d *schema.ResourceData) interface{} { func flattenComputeDiskDiskEncryptionKeyRawKey(v interface{}, d *schema.ResourceData) interface{} {
@ -936,6 +962,10 @@ func flattenComputeDiskDiskEncryptionKeySha256(v interface{}, d *schema.Resource
return v return v
} }
func flattenComputeDiskDiskEncryptionKeyKmsKeySelfLink(v interface{}, d *schema.ResourceData) interface{} {
return v
}
func flattenComputeDiskSnapshot(v interface{}, d *schema.ResourceData) interface{} { func flattenComputeDiskSnapshot(v interface{}, d *schema.ResourceData) interface{} {
if v == nil { if v == nil {
return v return v
@ -954,6 +984,8 @@ func flattenComputeDiskSourceSnapshotEncryptionKey(v interface{}, d *schema.Reso
transformed := make(map[string]interface{}) transformed := make(map[string]interface{})
transformed["raw_key"] = transformed["raw_key"] =
flattenComputeDiskSourceSnapshotEncryptionKeyRawKey(original["rawKey"], d) flattenComputeDiskSourceSnapshotEncryptionKeyRawKey(original["rawKey"], d)
transformed["kms_key_self_link"] =
flattenComputeDiskSourceSnapshotEncryptionKeyKmsKeySelfLink(original["kmsKeyName"], d)
transformed["sha256"] = transformed["sha256"] =
flattenComputeDiskSourceSnapshotEncryptionKeySha256(original["sha256"], d) flattenComputeDiskSourceSnapshotEncryptionKeySha256(original["sha256"], d)
return []interface{}{transformed} return []interface{}{transformed}
@ -962,6 +994,10 @@ func flattenComputeDiskSourceSnapshotEncryptionKeyRawKey(v interface{}, d *schem
return v return v
} }
func flattenComputeDiskSourceSnapshotEncryptionKeyKmsKeySelfLink(v interface{}, d *schema.ResourceData) interface{} {
return v
}
func flattenComputeDiskSourceSnapshotEncryptionKeySha256(v interface{}, d *schema.ResourceData) interface{} { func flattenComputeDiskSourceSnapshotEncryptionKeySha256(v interface{}, d *schema.ResourceData) interface{} {
return v return v
} }
@ -1040,6 +1076,13 @@ func expandComputeDiskSourceImageEncryptionKey(v interface{}, d *schema.Resource
transformed["sha256"] = transformedSha256 transformed["sha256"] = transformedSha256
} }
transformedKmsKeySelfLink, err := expandComputeDiskSourceImageEncryptionKeyKmsKeySelfLink(original["kms_key_self_link"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedKmsKeySelfLink); val.IsValid() && !isEmptyValue(val) {
transformed["kmsKeyName"] = transformedKmsKeySelfLink
}
return transformed, nil return transformed, nil
} }
@ -1051,6 +1094,10 @@ func expandComputeDiskSourceImageEncryptionKeySha256(v interface{}, d *schema.Re
return v, nil return v, nil
} }
func expandComputeDiskSourceImageEncryptionKeyKmsKeySelfLink(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
return v, nil
}
func expandComputeDiskDiskEncryptionKey(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) { func expandComputeDiskDiskEncryptionKey(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
l := v.([]interface{}) l := v.([]interface{})
if len(l) == 0 || l[0] == nil { if len(l) == 0 || l[0] == nil {
@ -1074,6 +1121,13 @@ func expandComputeDiskDiskEncryptionKey(v interface{}, d *schema.ResourceData, c
transformed["sha256"] = transformedSha256 transformed["sha256"] = transformedSha256
} }
transformedKmsKeySelfLink, err := expandComputeDiskDiskEncryptionKeyKmsKeySelfLink(original["kms_key_self_link"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedKmsKeySelfLink); val.IsValid() && !isEmptyValue(val) {
transformed["kmsKeyName"] = transformedKmsKeySelfLink
}
return transformed, nil return transformed, nil
} }
@ -1085,6 +1139,10 @@ func expandComputeDiskDiskEncryptionKeySha256(v interface{}, d *schema.ResourceD
return v, nil return v, nil
} }
func expandComputeDiskDiskEncryptionKeyKmsKeySelfLink(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
return v, nil
}
func expandComputeDiskSnapshot(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) { func expandComputeDiskSnapshot(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
f, err := parseGlobalFieldValue("snapshots", v.(string), "project", d, config, true) f, err := parseGlobalFieldValue("snapshots", v.(string), "project", d, config, true)
if err != nil { if err != nil {
@ -1109,6 +1167,13 @@ func expandComputeDiskSourceSnapshotEncryptionKey(v interface{}, d *schema.Resou
transformed["rawKey"] = transformedRawKey transformed["rawKey"] = transformedRawKey
} }
transformedKmsKeySelfLink, err := expandComputeDiskSourceSnapshotEncryptionKeyKmsKeySelfLink(original["kms_key_self_link"], d, config)
if err != nil {
return nil, err
} else if val := reflect.ValueOf(transformedKmsKeySelfLink); val.IsValid() && !isEmptyValue(val) {
transformed["kmsKeyName"] = transformedKmsKeySelfLink
}
transformedSha256, err := expandComputeDiskSourceSnapshotEncryptionKeySha256(original["sha256"], d, config) transformedSha256, err := expandComputeDiskSourceSnapshotEncryptionKeySha256(original["sha256"], d, config)
if err != nil { if err != nil {
return nil, err return nil, err
@ -1123,6 +1188,10 @@ func expandComputeDiskSourceSnapshotEncryptionKeyRawKey(v interface{}, d *schema
return v, nil return v, nil
} }
func expandComputeDiskSourceSnapshotEncryptionKeyKmsKeySelfLink(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
return v, nil
}
func expandComputeDiskSourceSnapshotEncryptionKeySha256(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) { func expandComputeDiskSourceSnapshotEncryptionKeySha256(v interface{}, d *schema.ResourceData, config *Config) (interface{}, error) {
return v, nil return v, nil
} }

21
website/docs/r/compute_disk.html.markdown
View File

@ -175,6 +175,13 @@ The `source_image_encryption_key` block supports:
The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
encryption key that protects this resource. encryption key that protects this resource.
* `kms_key_self_link` -
(Optional)
The self link of the encryption key used to encrypt the disk. Also called KmsKeyName
in the cloud console. In order to use this additional
IAM permissions need to be set on the Compute Engine Service Agent. See
https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys
The `disk_encryption_key` block supports: The `disk_encryption_key` block supports:
* `raw_key` - * `raw_key` -
@ -186,6 +193,13 @@ The `disk_encryption_key` block supports:
The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
encryption key that protects this resource. encryption key that protects this resource.
* `kms_key_self_link` -
(Optional)
The self link of the encryption key used to encrypt the disk. Also called KmsKeyName
in the cloud console. In order to use this additional
IAM permissions need to be set on the Compute Engine Service Agent. See
https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys
The `source_snapshot_encryption_key` block supports: The `source_snapshot_encryption_key` block supports:
* `raw_key` - * `raw_key` -
@ -193,6 +207,13 @@ The `source_snapshot_encryption_key` block supports:
Specifies a 256-bit customer-supplied encryption key, encoded in Specifies a 256-bit customer-supplied encryption key, encoded in
RFC 4648 base64 to either encrypt or decrypt this resource. RFC 4648 base64 to either encrypt or decrypt this resource.
* `kms_key_self_link` -
(Optional)
The self link of the encryption key used to encrypt the disk. Also called KmsKeyName
in the cloud console. In order to use this additional
IAM permissions need to be set on the Compute Engine Service Agent. See
https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys
* `sha256` - * `sha256` -
The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
encryption key that protects this resource. encryption key that protects this resource.