diff --git a/aws/data_source_aws_kms_alias.go b/aws/data_source_aws_kms_alias.go index 5117504ea52..e9d786f9536 100644 --- a/aws/data_source_aws_kms_alias.go +++ b/aws/data_source_aws_kms_alias.go @@ -5,6 +5,7 @@ import ( "log" "time" + "github.com/aws/aws-sdk-go/aws/arn" "github.com/aws/aws-sdk-go/service/kms" "github.com/hashicorp/errwrap" "github.com/hashicorp/terraform/helper/schema" @@ -23,6 +24,10 @@ func dataSourceAwsKmsAlias() *schema.Resource { Type: schema.TypeString, Computed: true, }, + "target_key_arn": { + Type: schema.TypeString, + Computed: true, + }, "target_key_id": { Type: schema.TypeString, Computed: true, @@ -58,6 +63,20 @@ func dataSourceAwsKmsAliasRead(d *schema.ResourceData, meta interface{}) error { d.SetId(time.Now().UTC().String()) d.Set("arn", alias.AliasArn) + + aliasARN, err := arn.Parse(*alias.AliasArn) + if err != nil { + return err + } + targetKeyARN := arn.ARN{ + Partition: aliasARN.Partition, + Service: aliasARN.Service, + Region: aliasARN.Region, + AccountID: aliasARN.AccountID, + Resource: fmt.Sprintf("key/%s", *alias.TargetKeyId), + } + d.Set("target_key_arn", targetKeyARN.String()) + d.Set("target_key_id", alias.TargetKeyId) return nil diff --git a/aws/data_source_aws_kms_alias_test.go b/aws/data_source_aws_kms_alias_test.go index c498d5168ca..ee735e20995 100644 --- a/aws/data_source_aws_kms_alias_test.go +++ b/aws/data_source_aws_kms_alias_test.go @@ -2,6 +2,7 @@ package aws import ( "fmt" + "strings" "testing" "github.com/hashicorp/terraform/helper/acctest" @@ -47,6 +48,15 @@ func testAccDataSourceAwsKmsAliasCheck(name string) resource.TestCheckFunc { ) } + expectedTargetKeyArnSuffix := fmt.Sprintf("key/%s", kmsKeyRs.Primary.Attributes["target_key_id"]) + if !strings.HasSuffix(attr["target_key_arn"], expectedTargetKeyArnSuffix) { + return fmt.Errorf( + "target_key_arn is %s; want suffix %s", + attr["target_key_arn"], + expectedTargetKeyArnSuffix, + ) + } + if attr["target_key_id"] != kmsKeyRs.Primary.Attributes["target_key_id"] { return fmt.Errorf( "target_key_id is %s; want %s", diff --git a/website/docs/d/kms_alias.html.markdown b/website/docs/d/kms_alias.html.markdown index 354685732b3..3c5558a282c 100644 --- a/website/docs/d/kms_alias.html.markdown +++ b/website/docs/d/kms_alias.html.markdown @@ -28,3 +28,4 @@ data "aws_kms_alias" "s3" { * `arn` - The Amazon Resource Name(ARN) of the key alias. * `target_key_id` - Key identifier pointed to by the alias. +* `target_key_arn` - ARN pointed to by the alias.