From d88f9ea857a24392552e1737d1bc6a9c7cb2935a Mon Sep 17 00:00:00 2001
From: Jacob Parker <jacob@solidangle.ca>
Date: Fri, 9 Oct 2020 09:32:11 -0400
Subject: [PATCH 01/10] CodeArtifact encryption_key argument should be optional

---
 aws/resource_aws_codeartifact_domain.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/aws/resource_aws_codeartifact_domain.go b/aws/resource_aws_codeartifact_domain.go
index 612d46edde6..1698e63787a 100644
--- a/aws/resource_aws_codeartifact_domain.go
+++ b/aws/resource_aws_codeartifact_domain.go
@@ -35,7 +35,7 @@ func resourceAwsCodeArtifactDomain() *schema.Resource {
 			},
 			"encryption_key": {
 				Type:         schema.TypeString,
-				Required:     true,
+				Optional:     true,
 				ForceNew:     true,
 				ValidateFunc: validateArn,
 			},

From a250ee9e0d12aaf8d8020337faca15dd05d8cd93 Mon Sep 17 00:00:00 2001
From: Jacob Parker <jacob@solidangle.ca>
Date: Wed, 14 Oct 2020 11:52:25 -0400
Subject: [PATCH 02/10] Set encryption_key to be a computed attribute

---
 aws/resource_aws_codeartifact_domain.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/aws/resource_aws_codeartifact_domain.go b/aws/resource_aws_codeartifact_domain.go
index 1698e63787a..63159d9785b 100644
--- a/aws/resource_aws_codeartifact_domain.go
+++ b/aws/resource_aws_codeartifact_domain.go
@@ -36,6 +36,7 @@ func resourceAwsCodeArtifactDomain() *schema.Resource {
 			"encryption_key": {
 				Type:         schema.TypeString,
 				Optional:     true,
+				Computed:     true,
 				ForceNew:     true,
 				ValidateFunc: validateArn,
 			},

From 6f9f0c3aab5161f341440b254813ead216036216 Mon Sep 17 00:00:00 2001
From: Jacob Parker <jacob@solidangle.ca>
Date: Wed, 14 Oct 2020 13:53:54 -0400
Subject: [PATCH 03/10] Add acceptance test + docs

---
 aws/resource_aws_codeartifact_domain_test.go  | 41 +++++++++++++++++++
 .../docs/r/codeartifact_domain.html.markdown  |  7 +---
 2 files changed, 42 insertions(+), 6 deletions(-)

diff --git a/aws/resource_aws_codeartifact_domain_test.go b/aws/resource_aws_codeartifact_domain_test.go
index b7817c0d098..18132b1dce3 100644
--- a/aws/resource_aws_codeartifact_domain_test.go
+++ b/aws/resource_aws_codeartifact_domain_test.go
@@ -98,7 +98,41 @@ func TestAccAWSCodeArtifactDomain_basic(t *testing.T) {
 	})
 }
 
+<<<<<<< HEAD
 func TestAccAWSCodeArtifactDomain_tags(t *testing.T) {
+=======
+func TestAccAWSCodeArtifactDomain_defaultencryptionkey(t *testing.T) {
+	rName := acctest.RandomWithPrefix("tf-acc-test")
+	resourceName := "aws_codeartifact_domain.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t); testAccPartitionHasServicePreCheck("codeartifact", t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSCodeArtifactDomainDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSCodeArtifactDomainDefaultEncryptionKeyConfig(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSCodeArtifactDomainExists(resourceName),
+					testAccCheckResourceAttrRegionalARN(resourceName, "arn", "codeartifact", fmt.Sprintf("domain/%s", rName)),
+					resource.TestCheckResourceAttr(resourceName, "domain", rName),
+					resource.TestCheckResourceAttr(resourceName, "asset_size_bytes", "0"),
+					resource.TestCheckResourceAttr(resourceName, "repository_count", "0"),
+					resource.TestCheckResourceAttrSet(resourceName, "created_time"),
+					testAccCheckResourceAttrAccountID(resourceName, "owner"),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
+func TestAccAWSCodeArtifactDomain_disappears(t *testing.T) {
+>>>>>>> a4649a922 (Add acceptance test + docs)
 	rName := acctest.RandomWithPrefix("tf-acc-test")
 	resourceName := "aws_codeartifact_domain.test"
 
@@ -271,4 +305,11 @@ resource "aws_codeartifact_domain" "test" {
   }
 }
 `, rName, tagKey1, tagValue1, tagKey2, tagValue2)
+
+func testAccAWSCodeArtifactDomainDefaultEncryptionKeyConfig(rName string) string {
+	return fmt.Sprintf(`
+resource "aws_codeartifact_domain" "test" {
+  domain = %[1]q
+}
+`, rName)
 }
diff --git a/website/docs/r/codeartifact_domain.html.markdown b/website/docs/r/codeartifact_domain.html.markdown
index 83274cec4ba..b875cc10c69 100644
--- a/website/docs/r/codeartifact_domain.html.markdown
+++ b/website/docs/r/codeartifact_domain.html.markdown
@@ -13,13 +13,8 @@ Provides a CodeArtifact Domain Resource.
 ## Example Usage
 
 ```hcl
-resource "aws_kms_key" "example" {
-  description = "domain key"
-}
-
 resource "aws_codeartifact_domain" "example" {
   domain         = "example"
-  encryption_key = aws_kms_key.example.arn
 }
 ```
 
@@ -28,7 +23,7 @@ resource "aws_codeartifact_domain" "example" {
 The following arguments are supported:
 
 * `domain` - (Required) The name of the domain to create. All domain names in an AWS Region that are in the same AWS account must be unique. The domain name is used as the prefix in DNS hostnames. Do not use sensitive information in a domain name because it is publicly discoverable.
-* `encryption_key` - (Required) The encryption key for the domain. This is used to encrypt content stored in a domain. The KMS Key Amazon Resource Name (ARN).
+* `encryption_key` - (Optional) The encryption key for the domain. This is used to encrypt content stored in a domain. The KMS Key Amazon Resource Name (ARN). The default aws/codeartifact AWS KMS master key is used if this element is absent.
 * `tags` - (Optional) Key-value map of resource tags.
 
 ## Attributes Reference

From 340600b6c97e6f2143facd1994170b43f9198b7f Mon Sep 17 00:00:00 2001
From: Jacob Parker <jacob@solidangle.ca>
Date: Wed, 14 Oct 2020 14:27:29 -0400
Subject: [PATCH 04/10] Fix format in docs

---
 website/docs/r/codeartifact_domain.html.markdown | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/docs/r/codeartifact_domain.html.markdown b/website/docs/r/codeartifact_domain.html.markdown
index b875cc10c69..e8832269a9e 100644
--- a/website/docs/r/codeartifact_domain.html.markdown
+++ b/website/docs/r/codeartifact_domain.html.markdown
@@ -14,7 +14,7 @@ Provides a CodeArtifact Domain Resource.
 
 ```hcl
 resource "aws_codeartifact_domain" "example" {
-  domain         = "example"
+  domain = "example"
 }
 ```
 

From 63050b5d3d6777e0d0f8ddb4f8004f7cbdfccc5f Mon Sep 17 00:00:00 2001
From: Jacob Parker <jacob@solidangle.ca>
Date: Fri, 6 Nov 2020 11:32:48 -0500
Subject: [PATCH 05/10] Fix broken merge

---
 aws/resource_aws_codeartifact_domain_test.go | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/aws/resource_aws_codeartifact_domain_test.go b/aws/resource_aws_codeartifact_domain_test.go
index 18132b1dce3..189a43e9f39 100644
--- a/aws/resource_aws_codeartifact_domain_test.go
+++ b/aws/resource_aws_codeartifact_domain_test.go
@@ -98,9 +98,6 @@ func TestAccAWSCodeArtifactDomain_basic(t *testing.T) {
 	})
 }
 
-<<<<<<< HEAD
-func TestAccAWSCodeArtifactDomain_tags(t *testing.T) {
-=======
 func TestAccAWSCodeArtifactDomain_defaultencryptionkey(t *testing.T) {
 	rName := acctest.RandomWithPrefix("tf-acc-test")
 	resourceName := "aws_codeartifact_domain.test"
@@ -131,8 +128,7 @@ func TestAccAWSCodeArtifactDomain_defaultencryptionkey(t *testing.T) {
 	})
 }
 
-func TestAccAWSCodeArtifactDomain_disappears(t *testing.T) {
->>>>>>> a4649a922 (Add acceptance test + docs)
+func TestAccAWSCodeArtifactDomain_tags(t *testing.T) {
 	rName := acctest.RandomWithPrefix("tf-acc-test")
 	resourceName := "aws_codeartifact_domain.test"
 
@@ -305,6 +301,7 @@ resource "aws_codeartifact_domain" "test" {
   }
 }
 `, rName, tagKey1, tagValue1, tagKey2, tagValue2)
+}
 
 func testAccAWSCodeArtifactDomainDefaultEncryptionKeyConfig(rName string) string {
 	return fmt.Sprintf(`

From f3c4876e4c316f96669152efdf2d4cdcc75b051b Mon Sep 17 00:00:00 2001
From: drfaust92 <ilia.lazebnik@gmail.com>
Date: Sat, 23 Jan 2021 13:47:55 +0200
Subject: [PATCH 06/10] optional kms

---
 aws/resource_aws_codeartifact_domain.go | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/aws/resource_aws_codeartifact_domain.go b/aws/resource_aws_codeartifact_domain.go
index 63159d9785b..7d789b0dbbd 100644
--- a/aws/resource_aws_codeartifact_domain.go
+++ b/aws/resource_aws_codeartifact_domain.go
@@ -66,9 +66,12 @@ func resourceAwsCodeArtifactDomainCreate(d *schema.ResourceData, meta interface{
 	log.Print("[DEBUG] Creating CodeArtifact Domain")
 
 	params := &codeartifact.CreateDomainInput{
-		Domain:        aws.String(d.Get("domain").(string)),
-		EncryptionKey: aws.String(d.Get("encryption_key").(string)),
-		Tags:          keyvaluetags.New(d.Get("tags").(map[string]interface{})).IgnoreAws().CodeartifactTags(),
+		Domain: aws.String(d.Get("domain").(string)),
+		Tags:   keyvaluetags.New(d.Get("tags").(map[string]interface{})).IgnoreAws().CodeartifactTags(),
+	}
+
+	if v, ok := d.GetOk("encryption_key"); ok {
+		params.EncryptionKey = aws.String(v.(string))
 	}
 
 	domain, err := conn.CreateDomain(params)

From 1d15079a1f61b24fef035c67fe59a58adc257d39 Mon Sep 17 00:00:00 2001
From: drfaust92 <ilia.lazebnik@gmail.com>
Date: Sat, 23 Jan 2021 13:48:20 +0200
Subject: [PATCH 07/10] refactor tests to not explictly create kms keys unless
 needed

---
 aws/resource_aws_codeartifact_domain_test.go | 16 +++-------------
 1 file changed, 3 insertions(+), 13 deletions(-)

diff --git a/aws/resource_aws_codeartifact_domain_test.go b/aws/resource_aws_codeartifact_domain_test.go
index 189a43e9f39..67db2241c86 100644
--- a/aws/resource_aws_codeartifact_domain_test.go
+++ b/aws/resource_aws_codeartifact_domain_test.go
@@ -3,6 +3,7 @@ package aws
 import (
 	"fmt"
 	"log"
+	"regexp"
 	"testing"
 
 	"github.com/aws/aws-sdk-go/aws"
@@ -112,6 +113,7 @@ func TestAccAWSCodeArtifactDomain_defaultencryptionkey(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeArtifactDomainExists(resourceName),
 					testAccCheckResourceAttrRegionalARN(resourceName, "arn", "codeartifact", fmt.Sprintf("domain/%s", rName)),
+					testAccMatchResourceAttrRegionalARN(resourceName, "encryption_key", "kms", regexp.MustCompile(`key/.+`)),
 					resource.TestCheckResourceAttr(resourceName, "domain", rName),
 					resource.TestCheckResourceAttr(resourceName, "asset_size_bytes", "0"),
 					resource.TestCheckResourceAttr(resourceName, "repository_count", "0"),
@@ -180,7 +182,7 @@ func TestAccAWSCodeArtifactDomain_disappears(t *testing.T) {
 		CheckDestroy: testAccCheckAWSCodeArtifactDomainDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCodeArtifactDomainBasicConfig(rName),
+				Config: testAccAWSCodeArtifactDomainDefaultEncryptionKeyConfig(rName),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeArtifactDomainExists(resourceName),
 					testAccCheckResourceDisappears(testAccProvider, resourceAwsCodeArtifactDomain(), resourceName),
@@ -268,14 +270,8 @@ resource "aws_codeartifact_domain" "test" {
 
 func testAccAWSCodeArtifactDomainConfigTags1(rName, tagKey1, tagValue1 string) string {
 	return fmt.Sprintf(`
-resource "aws_kms_key" "test" {
-  description             = %[1]q
-  deletion_window_in_days = 7
-}
-
 resource "aws_codeartifact_domain" "test" {
   domain         = %[1]q
-  encryption_key = aws_kms_key.test.arn
 
   tags = {
     %[2]q = %[3]q
@@ -286,14 +282,8 @@ resource "aws_codeartifact_domain" "test" {
 
 func testAccAWSCodeArtifactDomainConfigTags2(rName, tagKey1, tagValue1, tagKey2, tagValue2 string) string {
 	return fmt.Sprintf(`
-resource "aws_kms_key" "test" {
-  description             = %[1]q
-  deletion_window_in_days = 7
-}
-
 resource "aws_codeartifact_domain" "test" {
   domain         = %[1]q
-  encryption_key = aws_kms_key.test.arn
 
   tags = {
     %[2]q = %[3]q

From 2cc584713a017e36b6b3e4ee0f28ec6b7243d57e Mon Sep 17 00:00:00 2001
From: drfaust92 <ilia.lazebnik@gmail.com>
Date: Sat, 23 Jan 2021 13:58:29 +0200
Subject: [PATCH 08/10] changelog

---
 .changelog/17262.txt | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 .changelog/17262.txt

diff --git a/.changelog/17262.txt b/.changelog/17262.txt
new file mode 100644
index 00000000000..01928c213a2
--- /dev/null
+++ b/.changelog/17262.txt
@@ -0,0 +1,3 @@
+```release-note:enhancement
+resource/aws_codeartifact_domain: make `encryption_key` optional
+```
\ No newline at end of file

From 3024eb3a5e2590d2907642b1a7e4b1474562b399 Mon Sep 17 00:00:00 2001
From: drfaust92 <ilia.lazebnik@gmail.com>
Date: Sat, 23 Jan 2021 14:02:00 +0200
Subject: [PATCH 09/10] fmt

---
 aws/resource_aws_codeartifact_domain_test.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/aws/resource_aws_codeartifact_domain_test.go b/aws/resource_aws_codeartifact_domain_test.go
index 67db2241c86..2ef97e4a645 100644
--- a/aws/resource_aws_codeartifact_domain_test.go
+++ b/aws/resource_aws_codeartifact_domain_test.go
@@ -271,7 +271,7 @@ resource "aws_codeartifact_domain" "test" {
 func testAccAWSCodeArtifactDomainConfigTags1(rName, tagKey1, tagValue1 string) string {
 	return fmt.Sprintf(`
 resource "aws_codeartifact_domain" "test" {
-  domain         = %[1]q
+  domain = %[1]q
 
   tags = {
     %[2]q = %[3]q
@@ -283,7 +283,7 @@ resource "aws_codeartifact_domain" "test" {
 func testAccAWSCodeArtifactDomainConfigTags2(rName, tagKey1, tagValue1, tagKey2, tagValue2 string) string {
 	return fmt.Sprintf(`
 resource "aws_codeartifact_domain" "test" {
-  domain         = %[1]q
+  domain = %[1]q
 
   tags = {
     %[2]q = %[3]q

From 84d377812e7a31d407f37e0c5c7faa76a32c8903 Mon Sep 17 00:00:00 2001
From: Ilia Lazebnik <Ilia.lazebnik@gmail.com>
Date: Sat, 23 Jan 2021 23:48:13 +0200
Subject: [PATCH 10/10] Update .changelog/17262.txt

Co-authored-by: Kit Ewbank <Kit_Ewbank@hotmail.com>
---
 .changelog/17262.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.changelog/17262.txt b/.changelog/17262.txt
index 01928c213a2..a1453e12534 100644
--- a/.changelog/17262.txt
+++ b/.changelog/17262.txt
@@ -1,3 +1,3 @@
 ```release-note:enhancement
-resource/aws_codeartifact_domain: make `encryption_key` optional
-```
\ No newline at end of file
+resource/aws_codeartifact_domain: Make `encryption_key` optional
+```