Add Support for SNS Topic KmsMasterKeyId Attribute (#3389)

We do not do any validation of the `KmsMasterKeyId` attribute, and simply store it as-as. This mimics the behavior in AWS, where the key is not validated until it is actually used (when publishing[1]). [1]: https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html Closes #3216
2020-10-16 04:30:07 -07:00 · 2020-10-16 04:30:07 -07:00 · 28c1690fc2
commit 28c1690fc2
parent 6505c893b8
4 changed files with 74 additions and 21 deletions
--- a/tests/test_sns/test_topics.py
+++ b/tests/test_sns/test_topics.py
@ -168,3 +168,25 @@ def test_topic_paging():

    topics_list.should.have.length_of(int(DEFAULT_PAGE_SIZE / 2))
    next_token.should.equal(None)
+
+
+@mock_sns_deprecated
+def test_topic_kms_master_key_id_attribute():
+    conn = boto.connect_sns()
+
+    conn.create_topic("test-sns-no-key-attr")
+    topics_json = conn.get_all_topics()
+    topic_arn = topics_json["ListTopicsResponse"]["ListTopicsResult"]["Topics"][0][
+        "TopicArn"
+    ]
+    attributes = conn.get_topic_attributes(topic_arn)["GetTopicAttributesResponse"][
+        "GetTopicAttributesResult"
+    ]["Attributes"]
+    attributes.should_not.have.key("KmsMasterKeyId")
+
+    conn.set_topic_attributes(topic_arn, "KmsMasterKeyId", "test-key")
+    attributes = conn.get_topic_attributes(topic_arn)["GetTopicAttributesResponse"][
+        "GetTopicAttributesResult"
+    ]["Attributes"]
+    attributes.should.have.key("KmsMasterKeyId")
+    attributes["KmsMasterKeyId"].should.equal("test-key")
--- a/tests/test_sns/test_topics_boto3.py
+++ b/tests/test_sns/test_topics_boto3.py
@ -520,3 +520,27 @@ def test_untag_resource_error():
    conn.untag_resource.when.called_with(
        ResourceArn="not-existing-topic", TagKeys=["tag_key_1"]
    ).should.throw(ClientError, "Resource does not exist")
+
+
+@mock_sns
+def test_topic_kms_master_key_id_attribute():
+    client = boto3.client("sns", region_name="us-west-2")
+    resp = client.create_topic(Name="test-sns-no-key-attr",)
+    topic_arn = resp["TopicArn"]
+    resp = client.get_topic_attributes(TopicArn=topic_arn)
+    resp["Attributes"].should_not.have.key("KmsMasterKeyId")
+
+    client.set_topic_attributes(
+        TopicArn=topic_arn, AttributeName="KmsMasterKeyId", AttributeValue="test-key"
+    )
+    resp = client.get_topic_attributes(TopicArn=topic_arn)
+    resp["Attributes"].should.have.key("KmsMasterKeyId")
+    resp["Attributes"]["KmsMasterKeyId"].should.equal("test-key")
+
+    resp = client.create_topic(
+        Name="test-sns-with-key-attr", Attributes={"KmsMasterKeyId": "key-id",}
+    )
+    topic_arn = resp["TopicArn"]
+    resp = client.get_topic_attributes(TopicArn=topic_arn)
+    resp["Attributes"].should.have.key("KmsMasterKeyId")
+    resp["Attributes"]["KmsMasterKeyId"].should.equal("key-id")