service/ec2: Finish aws_instance implementation of ebs_block_device a…

…nd root_block_device configuration block encryption and kms_key_arn arguments Reference: #4861 Reference: #7757 Having combined and resolved conflicts between #4861 and #7757, performed the following changes: * Ensured that existing acceptance testing was untouched and only new tests were added * Ensured data source added new attributes to match resource to prevent panics * Mark new arguments as Computed: true to only show operators differences when a value is configured Output from acceptance testing: ``` --- PASS: TestAccAWSInstance_addSecondaryInterface (105.67s) --- PASS: TestAccAWSInstance_addSecurityGroupNetworkInterface (217.17s) --- PASS: TestAccAWSInstance_associatePublic_defaultPrivate (44.58s) --- PASS: TestAccAWSInstance_associatePublic_defaultPublic (50.90s) --- PASS: TestAccAWSInstance_associatePublic_explicitPrivate (71.19s) --- PASS: TestAccAWSInstance_associatePublic_explicitPublic (71.06s) --- PASS: TestAccAWSInstance_associatePublic_overridePrivate (50.87s) --- PASS: TestAccAWSInstance_associatePublic_overridePublic (50.79s) --- PASS: TestAccAWSInstance_associatePublicIPAndPrivateIP (70.96s) --- PASS: TestAccAWSInstance_basic (115.07s) --- PASS: TestAccAWSInstance_blockDevices (94.01s) --- PASS: TestAccAWSInstance_changeInstanceType (339.11s) --- PASS: TestAccAWSInstance_creditSpecification_isNotAppliedToNonBurstable (91.99s) --- PASS: TestAccAWSInstance_creditSpecification_standardCpuCredits (77.48s) --- PASS: TestAccAWSInstance_creditSpecification_standardCpuCredits_t2Tot3Taint (459.91s) --- PASS: TestAccAWSInstance_creditSpecification_unknownCpuCredits_t2 (111.79s) --- PASS: TestAccAWSInstance_creditSpecification_unknownCpuCredits_t3 (293.73s) --- PASS: TestAccAWSInstance_creditSpecification_unlimitedCpuCredits (76.85s) --- PASS: TestAccAWSInstance_creditSpecification_unlimitedCpuCredits_t2Tot3Taint (350.73s) --- PASS: TestAccAWSInstance_creditSpecification_unspecifiedDefaultsToStandard (193.72s) --- PASS: TestAccAWSInstance_creditSpecification_updateCpuCredits (92.51s) --- PASS: TestAccAWSInstance_creditSpecificationT3_standardCpuCredits (279.61s) --- PASS: TestAccAWSInstance_creditSpecificationT3_unlimitedCpuCredits (312.14s) --- PASS: TestAccAWSInstance_creditSpecificationT3_unspecifiedDefaultsToUnlimited (305.64s) --- PASS: TestAccAWSInstance_creditSpecificationT3_updateCpuCredits (129.74s) --- PASS: TestAccAWSInstance_disableApiTermination (106.76s) --- PASS: TestAccAWSInstance_disappears (208.33s) --- PASS: TestAccAWSInstance_EbsBlockDevice_KmsKeyArn (96.43s) --- PASS: TestAccAWSInstance_forceNewAndTagsDrift (91.27s) --- PASS: TestAccAWSInstance_getPasswordData_falseToTrue (157.57s) --- PASS: TestAccAWSInstance_getPasswordData_trueToFalse (187.90s) --- PASS: TestAccAWSInstance_GP2IopsDevice (178.60s) --- PASS: TestAccAWSInstance_GP2WithIopsValue (192.05s) --- PASS: TestAccAWSInstance_importBasic (206.86s) --- PASS: TestAccAWSInstance_importInDefaultVpcBySgId (196.44s) --- PASS: TestAccAWSInstance_importInDefaultVpcBySgName (198.84s) --- PASS: TestAccAWSInstance_instanceProfileChange (284.21s) --- PASS: TestAccAWSInstance_ipv6_supportAddressCount (91.12s) --- PASS: TestAccAWSInstance_ipv6_supportAddressCountWithIpv4 (61.07s) --- PASS: TestAccAWSInstance_ipv6_supportAddressCountWithIpv4 (91.69s) --- PASS: TestAccAWSInstance_ipv6AddressCountAndSingleAddressCausesError (6.80s) --- PASS: TestAccAWSInstance_keyPairCheck (71.27s) --- PASS: TestAccAWSInstance_multipleRegions (130.07s) --- PASS: TestAccAWSInstance_NetworkInstanceRemovingAllSecurityGroups (75.58s) --- PASS: TestAccAWSInstance_NetworkInstanceSecurityGroups (82.36s) --- PASS: TestAccAWSInstance_NetworkInstanceVPCSecurityGroupIDs (72.07s) --- PASS: TestAccAWSInstance_noAMIEphemeralDevices (172.12s) --- PASS: TestAccAWSInstance_placementGroup (171.05s) --- PASS: TestAccAWSInstance_primaryNetworkInterface (62.85s) --- PASS: TestAccAWSInstance_primaryNetworkInterfaceSourceDestCheck (45.98s) --- PASS: TestAccAWSInstance_privateIP (215.31s) --- PASS: TestAccAWSInstance_RootBlockDevice_KmsKeyArn (294.73s) --- PASS: TestAccAWSInstance_rootBlockDeviceMismatch (60.88s) --- PASS: TestAccAWSInstance_rootInstanceStore (77.11s) --- PASS: TestAccAWSInstance_sourceDestCheck (106.55s) --- PASS: TestAccAWSInstance_tags (344.66s) --- PASS: TestAccAWSInstance_UserData_EmptyStringToUnspecified (83.89s) --- PASS: TestAccAWSInstance_UserData_UnspecifiedToEmptyString (84.78s) --- PASS: TestAccAWSInstance_userDataBase64 (209.29s) --- PASS: TestAccAWSInstance_volumeTags (106.31s) --- PASS: TestAccAWSInstance_volumeTagsComputed (121.81s) --- PASS: TestAccAWSInstance_vpc (109.39s) --- PASS: TestAccAWSInstance_withIamInstanceProfile (118.89s) --- PASS: TestAccAWSInstanceDataSource_AzUserData (229.07s) --- PASS: TestAccAWSInstanceDataSource_basic (118.88s) --- PASS: TestAccAWSInstanceDataSource_blockDevices (88.20s) --- PASS: TestAccAWSInstanceDataSource_creditSpecification (86.16s) --- PASS: TestAccAWSInstanceDataSource_EbsBlockDevice_KmsKeyArn (110.83s) --- PASS: TestAccAWSInstanceDataSource_getPasswordData_falseToTrue (161.42s) --- PASS: TestAccAWSInstanceDataSource_getPasswordData_trueToFalse (169.14s) --- PASS: TestAccAWSInstanceDataSource_GetUserData (163.49s) --- PASS: TestAccAWSInstanceDataSource_GetUserData_NoUserData (116.04s) --- PASS: TestAccAWSInstanceDataSource_gp2IopsDevice (186.51s) --- PASS: TestAccAWSInstanceDataSource_keyPair (84.88s) --- PASS: TestAccAWSInstanceDataSource_PlacementGroup (71.30s) --- PASS: TestAccAWSInstanceDataSource_privateIP (57.50s) --- PASS: TestAccAWSInstanceDataSource_RootBlockDevice_KmsKeyArn (106.82s) --- PASS: TestAccAWSInstanceDataSource_rootInstanceStore (86.51s) --- PASS: TestAccAWSInstanceDataSource_tags (243.25s) --- PASS: TestAccAWSInstanceDataSource_VPC (105.44s) --- PASS: TestAccAWSInstanceDataSource_VPCSecurityGroups (131.62s) --- SKIP: TestAccAWSInstance_importInEc2Classic (1.10s) ```
hashicorp · Aug 2, 2019 · 80cb0f2 · 80cb0f2
1 parent 7442df2
commit 80cb0f2
Show file tree

Hide file tree

Showing 6 changed files with 177 additions and 79 deletions.
diff --git a/aws/data_source_aws_instance.go b/aws/data_source_aws_instance.go
@@ -182,13 +182,13 @@ func dataSourceAwsInstance() *schema.Resource {
 							Computed: true,
 						},
 
-						"kms_key_id": {
-							Type:     schema.TypeString,
+						"iops": {
+							Type:     schema.TypeInt,
 							Computed: true,
 						},
 
-						"iops": {
-							Type:     schema.TypeInt,
+						"kms_key_id": {
+							Type:     schema.TypeString,
 							Computed: true,
 						},
 
@@ -224,11 +224,21 @@ func dataSourceAwsInstance() *schema.Resource {
 							Computed: true,
 						},
 
+						"encrypted": {
+							Type:     schema.TypeBool,
+							Computed: true,
+						},
+
 						"iops": {
 							Type:     schema.TypeInt,
 							Computed: true,
 						},
 
+						"kms_key_id": {
+							Type:     schema.TypeString,
+							Computed: true,
+						},
+
 						"volume_size": {
 							Type:     schema.TypeInt,
 							Computed: true,

diff --git a/aws/data_source_aws_instance_test.go b/aws/data_source_aws_instance_test.go
@@ -1,11 +1,9 @@
 package aws
 
 import (
-	"regexp"
-	"testing"
-
 	"fmt"
 	"regexp"
+	"testing"
 
 	"github.com/hashicorp/terraform/helper/acctest"
 	"github.com/hashicorp/terraform/helper/resource"
@@ -102,13 +100,38 @@ func TestAccAWSInstanceDataSource_blockDevices(t *testing.T) {
 					resource.TestCheckResourceAttr("aws_instance.foo", "root_block_device.0.volume_type", "gp2"),
 					resource.TestCheckResourceAttr("aws_instance.foo", "ebs_block_device.#", "3"),
 					resource.TestCheckResourceAttr("aws_instance.foo", "ephemeral_block_device.#", "1"),
-					resource.TestMatchResourceAttr("aws_instance.foo", "ebs_block_device.2634515331.kms_key_id", regexp.MustCompile("^arn:aws[\\w-]*:kms:us-west-2:[0-9]{12}:key/[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}")),
 				),
 			},
 		},
 	})
 }
 
+// Test to verify that ebs_block_device kms_key_id does not elicit a panic
+func TestAccAWSInstanceDataSource_EbsBlockDevice_KmsKeyId(t *testing.T) {
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccInstanceDataSourceConfig_EbsBlockDevice_KmsKeyId,
+			},
+		},
+	})
+}
+
+// Test to verify that root_block_device kms_key_id does not elicit a panic
+func TestAccAWSInstanceDataSource_RootBlockDevice_KmsKeyId(t *testing.T) {
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccInstanceDataSourceConfig_RootBlockDevice_KmsKeyId,
+			},
+		},
+	})
+}
+
 func TestAccAWSInstanceDataSource_rootInstanceStore(t *testing.T) {
 	resource.ParallelTest(t, resource.TestCase{
 		PreCheck:  func() { testAccPreCheck(t) },
@@ -450,11 +473,6 @@ data "aws_instance" "foo" {
 
 // Block Device
 const testAccInstanceDataSourceConfig_blockDevices = `
-resource "aws_kms_key" "foo" {
-	description = "Dummy key for terraform test"
-	deletion_window_in_days = 7
-}
-
 resource "aws_instance" "foo" {
   # us-west-2
   ami = "ami-55a7ea65"
@@ -480,7 +498,6 @@ resource "aws_instance" "foo" {
     device_name = "/dev/sdd"
     volume_size = 12
     encrypted = true
-    kms_key_id = "${aws_kms_key.foo.arn}"
   }
 
   ephemeral_block_device {
@@ -494,6 +511,56 @@ data "aws_instance" "foo" {
 }
 `
 
+const testAccInstanceDataSourceConfig_EbsBlockDevice_KmsKeyId = `
+resource "aws_kms_key" "foo" {
+  deletion_window_in_days = 7
+}
+
+resource "aws_instance" "foo" {
+  # us-west-2
+  ami = "ami-55a7ea65"
+  instance_type = "m3.medium"
+
+  root_block_device {
+    volume_type = "gp2"
+    volume_size = 11
+  }
+  ebs_block_device {
+    device_name = "/dev/sdb"
+    encrypted   = true
+    kms_key_id = "${aws_kms_key.foo.arn}"
+    volume_size = 9
+  }
+}
+
+data "aws_instance" "foo" {
+  instance_id = "${aws_instance.foo.id}"
+}
+`
+
+const testAccInstanceDataSourceConfig_RootBlockDevice_KmsKeyId = `
+resource "aws_kms_key" "foo" {
+  deletion_window_in_days = 7
+}
+
+resource "aws_instance" "foo" {
+  # us-west-2
+  ami = "ami-55a7ea65"
+  instance_type = "m3.medium"
+
+  root_block_device {
+    encrypted   = true
+    kms_key_id = "${aws_kms_key.foo.arn}"
+    volume_type = "gp2"
+    volume_size = 11
+  }
+}
+
+data "aws_instance" "foo" {
+  instance_id = "${aws_instance.foo.id}"
+}
+`
+
 const testAccInstanceDataSourceConfig_rootInstanceStore = `
 resource "aws_instance" "foo" {
   ami = "ami-44c36524"

diff --git a/aws/resource_aws_instance.go b/aws/resource_aws_instance.go
@@ -339,6 +339,7 @@ func resourceAwsInstance() *schema.Resource {
 						"kms_key_id": {
 							Type:     schema.TypeString,
 							Optional: true,
+							Computed: true,
 							ForceNew: true,
 						},
 
@@ -448,6 +449,7 @@ func resourceAwsInstance() *schema.Resource {
 						"kms_key_id": {
 							Type:     schema.TypeString,
 							Optional: true,
+							Computed: true,
 							ForceNew: true,
 						},
 
@@ -1579,10 +1581,13 @@ func readBlockDeviceMappingsFromConfig(
 			bd := v.(map[string]interface{})
 			ebs := &ec2.EbsBlockDevice{
 				DeleteOnTermination: aws.Bool(bd["delete_on_termination"].(bool)),
-				Encrypted:           aws.Bool(bd["encrypted"].(bool)),
 			}
 
-			if v, ok := bd["kms_key_id"].(int); ok && v != 0 {
+			if v, ok := bd["encrypted"].(bool); ok && v {
+				ebs.Encrypted = aws.Bool(v)
+			}
+
+			if v, ok := bd["kms_key_id"].(string); ok && v != "" {
 				ebs.KmsKeyId = aws.String(bd["kms_key_id"].(string))
 			}