Add Support for SNS Topic KmsMasterKeyId Attribute (#3389)

We do not do any validation of the `KmsMasterKeyId` attribute, and simply store it as-as. This mimics the behavior in AWS, where the key is not validated until it is actually used (when publishing[1]). [1]: https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html Closes #3216
2020-10-16 04:30:07 -07:00 · 2020-10-16 04:30:07 -07:00 · 28c1690fc2
commit 28c1690fc2
parent 6505c893b8
4 changed files with 74 additions and 21 deletions
--- a/moto/sns/models.py
+++ b/moto/sns/models.py
@ -45,6 +45,7 @@ class Topic(CloudFormationModel):
        self.account_id = DEFAULT_ACCOUNT_ID
        self.display_name = ""
        self.delivery_policy = ""
+        self.kms_master_key_id = ""
        self.effective_delivery_policy = json.dumps(DEFAULT_EFFECTIVE_DELIVERY_POLICY)
        self.arn = make_arn_for_topic(self.account_id, name, sns_backend.region_name)

--- a/moto/sns/responses.py
+++ b/moto/sns/responses.py
@ -158,28 +158,28 @@ class SNSResponse(BaseResponse):
        topic = self.backend.get_topic(topic_arn)

        if self.request_json:
-            return json.dumps(
-                {
-                    "GetTopicAttributesResponse": {
-                        "GetTopicAttributesResult": {
-                            "Attributes": {
-                                "Owner": topic.account_id,
-                                "Policy": topic.policy,
-                                "TopicArn": topic.arn,
-                                "DisplayName": topic.display_name,
-                                "SubscriptionsPending": topic.subscriptions_pending,
-                                "SubscriptionsConfirmed": topic.subscriptions_confimed,
-                                "SubscriptionsDeleted": topic.subscriptions_deleted,
-                                "DeliveryPolicy": topic.delivery_policy,
-                                "EffectiveDeliveryPolicy": topic.effective_delivery_policy,
-                            }
-                        },
-                        "ResponseMetadata": {
-                            "RequestId": "057f074c-33a7-11df-9540-99d0768312d3"
-                        },
-                    }
+            attributes = {
+                "Owner": topic.account_id,
+                "Policy": topic.policy,
+                "TopicArn": topic.arn,
+                "DisplayName": topic.display_name,
+                "SubscriptionsPending": topic.subscriptions_pending,
+                "SubscriptionsConfirmed": topic.subscriptions_confimed,
+                "SubscriptionsDeleted": topic.subscriptions_deleted,
+                "DeliveryPolicy": topic.delivery_policy,
+                "EffectiveDeliveryPolicy": topic.effective_delivery_policy,
+            }
+            if topic.kms_master_key_id:
+                attributes["KmsMasterKeyId"] = topic.kms_master_key_id
+            response = {
+                "GetTopicAttributesResponse": {
+                    "GetTopicAttributesResult": {"Attributes": attributes},
+                    "ResponseMetadata": {
+                        "RequestId": "057f074c-33a7-11df-9540-99d0768312d3"
+                    },
                }
-            )
+            }
+            return json.dumps(response)

        template = self.response_template(GET_TOPIC_ATTRIBUTES_TEMPLATE)
        return template.render(topic=topic)
@ -827,6 +827,12 @@ GET_TOPIC_ATTRIBUTES_TEMPLATE = """<GetTopicAttributesResponse xmlns="http://sns
        <key>EffectiveDeliveryPolicy</key>
        <value>{{ topic.effective_delivery_policy }}</value>
      </entry>
+      {% if topic.kms_master_key_id %}
+      <entry>
+        <key>KmsMasterKeyId</key>
+        <value>{{ topic.kms_master_key_id }}</value>
+      </entry>
+      {% endif %}
    </Attributes>
  </GetTopicAttributesResult>
  <ResponseMetadata>