adding datasource for autokeyconfig (#12611) (#8986)

[upstream:9ca4299ff15c8f81506bbed2696bd30919c440db]

Signed-off-by: Modular Magician <[email protected]>

Author: modular-magician

.changelog/12611.txt

@@ -0,0 +1,3 @@
+```release-note:new-datasource
+`google_kms_autokey_config`
+```

google-beta/acctest/bootstrap_test_utils.go

@@ -85,6 +85,7 @@ func BootstrapKMSKeyWithPurposeInLocation(t *testing.T, purpose, locationID stri
 }
 
 type BootstrappedKMSAutokey struct {
+	*cloudkms.AutokeyConfig
 	*cloudkms.KeyHandle
 }
 
@@ -96,6 +97,7 @@ func BootstrapKMSAutokeyKeyHandleWithLocation(t *testing.T, locationID string) B
 	config := BootstrapConfig(t)
 	if config == nil {
 		return BootstrappedKMSAutokey{
+			&cloudkms.AutokeyConfig{},
 			&cloudkms.KeyHandle{},
 		}
 	}
@@ -105,7 +107,7 @@ func BootstrapKMSAutokeyKeyHandleWithLocation(t *testing.T, locationID string) B
 	// Enable autokey on autokey test folder
 	kmsClient := config.NewKmsClient(config.UserAgent)
 	autokeyConfigID := fmt.Sprintf("%s/autokeyConfig", autokeyFolder.Name)
-	_, err := kmsClient.Folders.UpdateAutokeyConfig(autokeyConfigID, &cloudkms.AutokeyConfig{
+	autokeyConfig, err := kmsClient.Folders.UpdateAutokeyConfig(autokeyConfigID, &cloudkms.AutokeyConfig{
 		KeyProject: fmt.Sprintf("projects/%s", kmsProject.ProjectId),
 	}).UpdateMask("keyProject").Do()
 	if err != nil {
@@ -154,6 +156,7 @@ func BootstrapKMSAutokeyKeyHandleWithLocation(t *testing.T, locationID string) B
 	}
 
 	return BootstrappedKMSAutokey{
+		autokeyConfig,
 		keyHandle,
 	}
 }

google-beta/provider/provider_mmv1_resources.go

@@ -284,6 +284,7 @@ var handwrittenDatasources = map[string]*schema.Resource{
 	"google_kms_key_ring":                                  kms.DataSourceGoogleKmsKeyRing(),
 	"google_kms_key_rings":                                 kms.DataSourceGoogleKmsKeyRings(),
 	"google_kms_key_handle":                                kms.DataSourceGoogleKmsKeyHandle(),
+	"google_kms_autokey_config":                            kms.DataSourceGoogleKmsAutokeyConfig(),
 	"google_kms_secret":                                    kms.DataSourceGoogleKmsSecret(),
 	"google_kms_secret_ciphertext":                         kms.DataSourceGoogleKmsSecretCiphertext(),
 	"google_kms_secret_asymmetric":                         kms.DataSourceGoogleKmsSecretAsymmetric(),

google-beta/services/kms/data_source_google_kms_auotokey_config.go

@@ -0,0 +1,38 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+package kms
+
+import (
+	"fmt"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-provider-google-beta/google-beta/tpgresource"
+)
+
+func DataSourceGoogleKmsAutokeyConfig() *schema.Resource {
+	dsSchema := tpgresource.DatasourceSchemaFromResourceSchema(ResourceKMSAutokeyConfig().Schema)
+	tpgresource.AddRequiredFieldsToSchema(dsSchema, "folder")
+
+	return &schema.Resource{
+		Read:   dataSourceGoogleKmsAutokeyConfigRead,
+		Schema: dsSchema,
+	}
+
+}
+
+func dataSourceGoogleKmsAutokeyConfigRead(d *schema.ResourceData, meta interface{}) error {
+	configId := KmsAutokeyConfigId{
+		Folder: d.Get("folder").(string),
+	}
+	id := configId.AutokeyConfigId()
+	d.SetId(id)
+	err := resourceKMSAutokeyConfigRead(d, meta)
+	if err != nil {
+		return err
+	}
+
+	if d.Id() == "" {
+		return fmt.Errorf("%s not found", id)
+	}
+	return nil
+}

google-beta/services/kms/data_source_google_kms_auotokey_config_test.go

@@ -0,0 +1,38 @@
+// Copyright (c) HashiCorp, Inc.
+// SPDX-License-Identifier: MPL-2.0
+package kms_test
+
+import (
+	"fmt"
+	"regexp"
+	"strings"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+	"github.com/hashicorp/terraform-provider-google-beta/google-beta/acctest"
+)
+
+func TestAccDataSourceGoogleKmsAutokeyConfig_basic(t *testing.T) {
+	kmsAutokey := acctest.BootstrapKMSAutokeyKeyHandle(t)
+	folder := fmt.Sprintf("folders/%s", strings.Split(kmsAutokey.AutokeyConfig.Name, "/")[1])
+
+	acctest.VcrTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.AccTestPreCheck(t) },
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccDataSourceGoogleKmsAutokeyConfig_basic(folder),
+				Check:  resource.TestMatchResourceAttr("data.google_kms_autokey_config.kms_autokey_config", "id", regexp.MustCompile(kmsAutokey.AutokeyConfig.Name)),
+			},
+		},
+	})
+}
+
+func testAccDataSourceGoogleKmsAutokeyConfig_basic(folder string) string {
+
+	return fmt.Sprintf(`
+data "google_kms_autokey_config" "kms_autokey_config" {
+  folder = "%s"
+}
+`, folder)
+}

google-beta/services/kms/kms_utils.go

@@ -28,6 +28,14 @@ type KmsKeyHandleId struct {
 	Name     string
 }
 
+type KmsAutokeyConfigId struct {
+	Folder string
+}
+
+func (s *KmsAutokeyConfigId) AutokeyConfigId() string {
+	return fmt.Sprintf("%s/autokeyConfig", s.Folder)
+}
+
 func (s *KmsKeyHandleId) KeyHandleId() string {
 	return fmt.Sprintf("projects/%s/locations/%s/keyHandles/%s", s.Project, s.Location, s.Name)
 }

website/docs/d/kms_autokey_config.html.markdown

@@ -0,0 +1,42 @@
+---
+subcategory: "Cloud Key Management Service"
+description: |-
+ Provides access to KMS Autokey config data with Google Cloud KMS.
+---
+
+# google_kms_key_handle
+
+Provides access to Google Cloud Platform KMS AutokeyConfig. A AutokeyConfig is a Cloud KMS resource that helps you safely span the separation of duties to create new Cloud KMS keys for CMEK using Autokey.
+
+~> **Warning:** This resource is in beta, and should be used with the terraform-provider-google-beta provider.
+See [Provider Versions](https://terraform.io/docs/providers/google/guides/provider_versions.html) for more details on beta resources.
+
+
+For more information see
+[the official documentation](https://cloud.google.com/kms/docs/reference/rest/v1/folders)
+and
+[API](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyHandles).
+
+## Example Usage
+
+```hcl
+data "google_kms_autokey_config" "my_autokey_config" {
+  folder     = "folders/123"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `folder` - The folder in which the AutokeyConfig is configured. If it
+    is not provided, the provider folder is used.
+
+## Attributes Reference
+
+In addition to the arguments listed above, the following computed attributes are
+exported:
+
+* `id` - The identifier of the AutokeyConfig. Its format is `folders/{folderId}/autokeyConfig`.
+
+* `key_project` - The identifier of the project hosting KMS KeyRings and Keys generated by Autokey. Its format is `projects/{projectId}`.