updates KMS service to use TaggingService
This commit is contained in:
Bryan Alexander
parent
6cb0428d20
commit
85207b885b
4 changed files with 85 additions and 45 deletions
|
|
@ -7,13 +7,14 @@ from datetime import datetime, timedelta
|
|||
from boto3 import Session
|
||||
|
||||
from moto.core import BaseBackend, BaseModel
|
||||
from moto.core.exceptions import JsonRESTError
|
||||
from moto.core.utils import iso_8601_datetime_without_milliseconds
|
||||
|
||||
from moto.utilities.tagging_service import TaggingService
|
||||
from .utils import decrypt, encrypt, generate_key_id, generate_master_key
|
||||
|
||||
|
||||
class Key(BaseModel):
|
||||
def __init__(self, policy, key_usage, description, tags, region):
|
||||
def __init__(self, policy, key_usage, description, region):
|
||||
self.id = generate_key_id()
|
||||
self.policy = policy
|
||||
self.key_usage = key_usage
|
||||
|
|
@ -24,7 +25,6 @@ class Key(BaseModel):
|
|||
self.account_id = "012345678912"
|
||||
self.key_rotation_status = False
|
||||
self.deletion_date = None
|
||||
self.tags = tags or {}
|
||||
self.key_material = generate_master_key()
|
||||
|
||||
@property
|
||||
|
|
@ -70,11 +70,12 @@ class Key(BaseModel):
|
|||
policy=properties["KeyPolicy"],
|
||||
key_usage="ENCRYPT_DECRYPT",
|
||||
description=properties["Description"],
|
||||
tags=properties.get("Tags"),
|
||||
region=region_name,
|
||||
)
|
||||
key.key_rotation_status = properties["EnableKeyRotation"]
|
||||
key.enabled = properties["Enabled"]
|
||||
kms_backend.tag_resource(key.id, properties.get("Tags"))
|
||||
|
||||
return key
|
||||
|
||||
def get_cfn_attribute(self, attribute_name):
|
||||
|
|
@ -89,24 +90,19 @@ class KmsBackend(BaseBackend):
|
|||
def __init__(self):
|
||||
self.keys = {}
|
||||
self.key_to_aliases = defaultdict(set)
|
||||
self.tagger = TaggingService(keyName='TagKey', valueName='TagValue')
|
||||
|
||||
def create_key(self, policy, key_usage, description, tags, region):
|
||||
key = Key(policy, key_usage, description, tags, region)
|
||||
key = Key(policy, key_usage, description, region)
|
||||
self.keys[key.id] = key
|
||||
if tags != None and len(tags) > 0:
|
||||
self.tag_resource(key.id, tags)
|
||||
return key
|
||||
|
||||
def update_key_description(self, key_id, description):
|
||||
key = self.keys[self.get_key_id(key_id)]
|
||||
key.description = description
|
||||
|
||||
def tag_resource(self, key_id, tags):
|
||||
key = self.keys[self.get_key_id(key_id)]
|
||||
key.tags = tags
|
||||
|
||||
def list_resource_tags(self, key_id):
|
||||
key = self.keys[self.get_key_id(key_id)]
|
||||
return key.tags
|
||||
|
||||
def delete_key(self, key_id):
|
||||
if key_id in self.keys:
|
||||
if key_id in self.key_to_aliases:
|
||||
|
|
@ -282,6 +278,29 @@ class KmsBackend(BaseBackend):
|
|||
|
||||
return plaintext, ciphertext_blob, arn
|
||||
|
||||
def list_resource_tags(self, key_id):
|
||||
if key_id in self.keys:
|
||||
return self.tagger.list_tags_for_resource(key_id)
|
||||
raise JsonRESTError(
|
||||
"NotFoundException", "The request was rejected because the specified entity or resource could not be found."
|
||||
)
|
||||
|
||||
def tag_resource(self, key_id, tags):
|
||||
if key_id in self.keys:
|
||||
self.tagger.tag_resource(key_id, tags)
|
||||
return {}
|
||||
raise JsonRESTError(
|
||||
"NotFoundException", "The request was rejected because the specified entity or resource could not be found."
|
||||
)
|
||||
|
||||
def untag_resource(self, key_id, tag_names):
|
||||
if key_id in self.keys:
|
||||
self.tagger.untag_resource_using_names(key_id, tag_names)
|
||||
return {}
|
||||
raise JsonRESTError(
|
||||
"NotFoundException", "The request was rejected because the specified entity or resource could not be found."
|
||||
)
|
||||
|
||||
|
||||
kms_backends = {}
|
||||
for region in Session().get_available_regions("kms"):
|
||||
|
|
|
|||
|
|
@ -143,17 +143,27 @@ class KmsResponse(BaseResponse):
|
|||
|
||||
self._validate_cmk_id(key_id)
|
||||
|
||||
self.kms_backend.tag_resource(key_id, tags)
|
||||
return json.dumps({})
|
||||
result = self.kms_backend.tag_resource(key_id, tags)
|
||||
return json.dumps(result)
|
||||
|
||||
def untag_resource(self):
|
||||
"""https://docs.aws.amazon.com/kms/latest/APIReference/API_UntagResource.html"""
|
||||
key_id = self.parameters.get("KeyId")
|
||||
tag_names = self.parameters.get("TagKeys")
|
||||
|
||||
self._validate_cmk_id(key_id)
|
||||
|
||||
result = self.kms_backend.untag_resource(key_id, tag_names)
|
||||
return json.dumps(result)
|
||||
|
||||
def list_resource_tags(self):
|
||||
"""https://docs.aws.amazon.com/kms/latest/APIReference/API_ListResourceTags.html"""
|
||||
key_id = self.parameters.get("KeyId")
|
||||
|
||||
self._validate_cmk_id(key_id)
|
||||
|
||||
tags = self.kms_backend.list_resource_tags(key_id)
|
||||
return json.dumps({"Tags": tags, "NextMarker": None, "Truncated": False})
|
||||
tags.update({"NextMarker": None, "Truncated": False})
|
||||
return json.dumps(tags)
|
||||
|
||||
def describe_key(self):
|
||||
"""https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html"""
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue