diff --git a/internal/services/keymanager/helpers.go b/internal/services/keymanager/helpers.go index b1d8e3e2f2..2e6d8be05a 100644 --- a/internal/services/keymanager/helpers.go +++ b/internal/services/keymanager/helpers.go @@ -13,21 +13,27 @@ import ( "github.com/scaleway/terraform-provider-scaleway/v2/internal/types" ) +const ( + usageSymmetricEncryption = "symmetric_encryption" + usageAsymmetricEncryption = "asymmetric_encryption" + usageAsymmetricSigning = "asymmetric_signing" +) + func UsageToString(u *key_manager.KeyUsage) string { if u == nil { return "" } if u.SymmetricEncryption != nil { - return "symmetric_encryption" + return usageSymmetricEncryption } if u.AsymmetricEncryption != nil { - return "asymmetric_encryption" + return usageAsymmetricEncryption } if u.AsymmetricSigning != nil { - return "asymmetric_signing" + return usageAsymmetricSigning } return "" @@ -55,17 +61,43 @@ func NewKeyManagerAPIWithRegionAndID(m any, id string) (*key_manager.API, scw.Re return client, region, keyID, nil } -func ExpandKeyUsage(usage string) *key_manager.KeyUsage { +func ExpandKeyUsageFromFields(d *schema.ResourceData) *key_manager.KeyUsage { + if v, ok := d.GetOk("usage_symmetric_encryption"); ok { + alg := key_manager.KeyAlgorithmSymmetricEncryption(v.(string)) + + return &key_manager.KeyUsage{SymmetricEncryption: &alg} + } + + if v, ok := d.GetOk("usage_asymmetric_encryption"); ok { + alg := key_manager.KeyAlgorithmAsymmetricEncryption(v.(string)) + + return &key_manager.KeyUsage{AsymmetricEncryption: &alg} + } + + if v, ok := d.GetOk("usage_asymmetric_signing"); ok { + alg := key_manager.KeyAlgorithmAsymmetricSigning(v.(string)) + + return &key_manager.KeyUsage{AsymmetricSigning: &alg} + } + + if v, ok := d.GetOk("usage"); ok { + return ExpandKeyUsageLegacy(v.(string)) + } + + return nil +} + +func ExpandKeyUsageLegacy(usage string) *key_manager.KeyUsage { switch usage { - case "symmetric_encryption": + case usageSymmetricEncryption: alg := key_manager.KeyAlgorithmSymmetricEncryptionAes256Gcm return &key_manager.KeyUsage{SymmetricEncryption: &alg} - case "asymmetric_encryption": + case usageAsymmetricEncryption: alg := key_manager.KeyAlgorithmAsymmetricEncryptionRsaOaep3072Sha256 return &key_manager.KeyUsage{AsymmetricEncryption: &alg} - case "asymmetric_signing": + case usageAsymmetricSigning: alg := key_manager.KeyAlgorithmAsymmetricSigningEcP256Sha256 return &key_manager.KeyUsage{AsymmetricSigning: &alg} @@ -74,6 +106,26 @@ func ExpandKeyUsage(usage string) *key_manager.KeyUsage { } } +func AlgorithmFromKeyUsage(u *key_manager.KeyUsage) string { + if u == nil { + return "" + } + + if u.SymmetricEncryption != nil { + return string(*u.SymmetricEncryption) + } + + if u.AsymmetricEncryption != nil { + return string(*u.AsymmetricEncryption) + } + + if u.AsymmetricSigning != nil { + return string(*u.AsymmetricSigning) + } + + return "" +} + func ExpandKeyRotationPolicy(v any) (*key_manager.KeyRotationPolicy, error) { list, ok := v.([]any) if !ok || len(list) == 0 { @@ -99,7 +151,6 @@ func ExpandKeyRotationPolicy(v any) (*key_manager.KeyRotationPolicy, error) { RotationPeriod: scw.NewDurationFromTimeDuration(period), } - // Handle next_rotation_at if provided if nextRotationStr, ok := m["next_rotation_at"].(string); ok && nextRotationStr != "" { nextRotation, err := time.Parse(time.RFC3339, nextRotationStr) if err != nil { diff --git a/internal/services/keymanager/key_resource.go b/internal/services/keymanager/key_resource.go index 086dde96c3..7eb317c754 100644 --- a/internal/services/keymanager/key_resource.go +++ b/internal/services/keymanager/key_resource.go @@ -2,8 +2,11 @@ package keymanager import ( "context" + "fmt" + "github.com/hashicorp/go-cty/cty" "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/customdiff" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" key_manager "github.com/scaleway/scaleway-sdk-go/api/key_manager/v1alpha1" @@ -11,6 +14,7 @@ import ( "github.com/scaleway/terraform-provider-scaleway/v2/internal/locality/regional" "github.com/scaleway/terraform-provider-scaleway/v2/internal/services/account" "github.com/scaleway/terraform-provider-scaleway/v2/internal/types" + "github.com/scaleway/terraform-provider-scaleway/v2/internal/verify" ) func ResourceKeyManagerKey() *schema.Resource { @@ -19,6 +23,9 @@ func ResourceKeyManagerKey() *schema.Resource { ReadContext: resourceKeyManagerKeyRead, UpdateContext: resourceKeyManagerKeyUpdate, DeleteContext: resourceKeyManagerKeyDelete, + CustomizeDiff: customdiff.All( + validateUsageAlgorithmCombination(), + ), Schema: map[string]*schema.Schema{ "name": { Type: schema.TypeString, @@ -33,7 +40,32 @@ func ResourceKeyManagerKey() *schema.Resource { ValidateFunc: validation.StringInSlice([]string{ "symmetric_encryption", "asymmetric_encryption", "asymmetric_signing", }, false), - Description: "Key usage. Keys with a usage set to 'symmetric_encryption' can encrypt and decrypt data using the AES-256-GCM key algorithm. Possible values: symmetric_encryption, asymmetric_encryption, asymmetric_signing.", + Description: "Key usage type. Possible values: symmetric_encryption, asymmetric_encryption, asymmetric_signing.", + }, + "algorithm": { + Type: schema.TypeString, + Required: true, + Description: "Algorithm to use for the key. The valid algorithms depend on the usage type.", + ValidateDiagFunc: func(i any, p cty.Path) diag.Diagnostics { + var allKnownAlgos []string + + symAlgos := key_manager.KeyAlgorithmSymmetricEncryption("").Values() + for _, algo := range symAlgos { + allKnownAlgos = append(allKnownAlgos, string(algo)) + } + + asymEncAlgos := key_manager.KeyAlgorithmAsymmetricEncryption("").Values() + for _, algo := range asymEncAlgos { + allKnownAlgos = append(allKnownAlgos, string(algo)) + } + + asymSignAlgos := key_manager.KeyAlgorithmAsymmetricSigning("").Values() + for _, algo := range asymSignAlgos { + allKnownAlgos = append(allKnownAlgos, string(algo)) + } + + return verify.ValidateStringInSliceWithWarning(allKnownAlgos, "algorithm")(i, p) + }, }, "description": { Type: schema.TypeString, @@ -116,7 +148,15 @@ func resourceKeyManagerKeyCreate(ctx context.Context, d *schema.ResourceData, m createReq.Origin = key_manager.KeyOrigin(v.(string)) } - createReq.Usage = ExpandKeyUsage(d.Get("usage").(string)) + usage := d.Get("usage").(string) + algorithm := d.Get("algorithm").(string) + + keyUsage, err := expandUsageAlgorithm(usage, algorithm) + if err != nil { + return diag.FromErr(err) + } + + createReq.Usage = keyUsage key, err := api.CreateKey(createReq) if err != nil { @@ -145,7 +185,13 @@ func resourceKeyManagerKeyRead(ctx context.Context, d *schema.ResourceData, m an _ = d.Set("name", key.Name) _ = d.Set("project_id", key.ProjectID) _ = d.Set("region", key.Region.String()) - _ = d.Set("usage", UsageToString(key.Usage)) + + usageType := UsageToString(key.Usage) + algorithm := AlgorithmFromKeyUsage(key.Usage) + + _ = d.Set("usage", usageType) + _ = d.Set("algorithm", algorithm) + _ = d.Set("description", key.Description) _ = d.Set("tags", key.Tags) _ = d.Set("rotation_count", int(key.RotationCount)) @@ -222,3 +268,31 @@ func resourceKeyManagerKeyDelete(ctx context.Context, d *schema.ResourceData, m return nil } + +func validateUsageAlgorithmCombination() schema.CustomizeDiffFunc { + return func(ctx context.Context, diff *schema.ResourceDiff, _ any) error { + return nil + } +} + +func expandUsageAlgorithm(usage, algorithm string) (*key_manager.KeyUsage, error) { + switch usage { + case usageSymmetricEncryption: + typedAlgo := key_manager.KeyAlgorithmSymmetricEncryption(algorithm) + + return &key_manager.KeyUsage{SymmetricEncryption: &typedAlgo}, nil + + case usageAsymmetricEncryption: + typedAlgo := key_manager.KeyAlgorithmAsymmetricEncryption(algorithm) + + return &key_manager.KeyUsage{AsymmetricEncryption: &typedAlgo}, nil + + case usageAsymmetricSigning: + typedAlgo := key_manager.KeyAlgorithmAsymmetricSigning(algorithm) + + return &key_manager.KeyUsage{AsymmetricSigning: &typedAlgo}, nil + + default: + return nil, fmt.Errorf("unknown usage type: %s", usage) + } +} diff --git a/internal/services/keymanager/key_resource_test.go b/internal/services/keymanager/key_resource_test.go index a820fdffab..031b318fa2 100644 --- a/internal/services/keymanager/key_resource_test.go +++ b/internal/services/keymanager/key_resource_test.go @@ -24,18 +24,20 @@ func TestAccKeyManagerKey_Basic(t *testing.T) { { Config: ` resource "scaleway_key_manager_key" "main" { - name = "tf-test-kms-key-unprotected-a" - region = "fr-par" - usage = "symmetric_encryption" - description = "Test key" - tags = ["tf", "test"] - unprotected = true + name = "tf-test-kms-key-unprotected-a" + region = "fr-par" + usage = "symmetric_encryption" + algorithm = "aes_256_gcm" + description = "Test key" + tags = ["tf", "test"] + unprotected = true } `, Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "name", "tf-test-kms-key-unprotected-a"), resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "region", "fr-par"), resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "usage", "symmetric_encryption"), + resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "algorithm", "aes_256_gcm"), resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "description", "Test key"), resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "tags.0", "tf"), resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "tags.1", "test"), @@ -57,34 +59,38 @@ func TestAccKeyManagerKey_Update(t *testing.T) { { Config: ` resource "scaleway_key_manager_key" "main" { - name = "tf-test-kms-key-update" - region = "fr-par" - usage = "symmetric_encryption" - description = "Test key" - tags = ["tf", "test"] - unprotected = true + name = "tf-test-kms-key-update" + region = "fr-par" + usage = "symmetric_encryption" + algorithm = "aes_256_gcm" + description = "Test key" + tags = ["tf", "test"] + unprotected = true } `, Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "name", "tf-test-kms-key-update"), resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "description", "Test key"), + resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "algorithm", "aes_256_gcm"), ), }, { Config: ` resource "scaleway_key_manager_key" "main" { - name = "tf-test-kms-key-updated" - region = "fr-par" - usage = "symmetric_encryption" - description = "Test key updated" - tags = ["tf", "updated"] - unprotected = true + name = "tf-test-kms-key-updated" + region = "fr-par" + usage = "symmetric_encryption" + algorithm = "aes_256_gcm" + description = "Test key updated" + tags = ["tf", "updated"] + unprotected = true } `, Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "name", "tf-test-kms-key-updated"), resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "description", "Test key updated"), resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "tags.1", "updated"), + resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "algorithm", "aes_256_gcm"), ), }, }, @@ -136,11 +142,12 @@ func TestAccKeyManagerKey_WithRotationPolicy(t *testing.T) { { Config: ` resource "scaleway_key_manager_key" "main" { - name = "tf-test-kms-key-rotation" - region = "fr-par" - usage = "symmetric_encryption" - description = "Test key with rotation policy" - unprotected = true + name = "tf-test-kms-key-rotation" + region = "fr-par" + usage = "symmetric_encryption" + algorithm = "aes_256_gcm" + description = "Test key with rotation policy" + unprotected = true rotation_policy { rotation_period = "720h" @@ -151,6 +158,7 @@ func TestAccKeyManagerKey_WithRotationPolicy(t *testing.T) { Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "name", "tf-test-kms-key-rotation"), resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "usage", "symmetric_encryption"), + resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "algorithm", "aes_256_gcm"), resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "description", "Test key with rotation policy"), resource.TestCheckResourceAttr("scaleway_key_manager_key.main", "rotation_policy.0.rotation_period", "720h0m0s"), ), @@ -158,3 +166,65 @@ func TestAccKeyManagerKey_WithRotationPolicy(t *testing.T) { }, }) } + +func TestAccKeyManagerKey_WithCustomAlgorithm(t *testing.T) { + tt := acctest.NewTestTools(t) + defer tt.Cleanup() + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { acctest.PreCheck(t) }, + ProtoV6ProviderFactories: tt.ProviderFactories, + CheckDestroy: IsKeyManagerKeyDestroyed(tt), + Steps: []resource.TestStep{ + { + Config: ` + resource "scaleway_key_manager_key" "rsa_4096" { + name = "tf-test-kms-key-rsa4096" + region = "fr-par" + usage = "asymmetric_encryption" + algorithm = "rsa_oaep_4096_sha256" + description = "Test key with RSA-4096 algorithm" + unprotected = true + } + `, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("scaleway_key_manager_key.rsa_4096", "name", "tf-test-kms-key-rsa4096"), + resource.TestCheckResourceAttr("scaleway_key_manager_key.rsa_4096", "usage", "asymmetric_encryption"), + resource.TestCheckResourceAttr("scaleway_key_manager_key.rsa_4096", "algorithm", "rsa_oaep_4096_sha256"), + resource.TestCheckResourceAttr("scaleway_key_manager_key.rsa_4096", "description", "Test key with RSA-4096 algorithm"), + ), + }, + }, + }) +} + +func TestAccKeyManagerKey_DefaultAlgorithm(t *testing.T) { + tt := acctest.NewTestTools(t) + defer tt.Cleanup() + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { acctest.PreCheck(t) }, + ProtoV6ProviderFactories: tt.ProviderFactories, + CheckDestroy: IsKeyManagerKeyDestroyed(tt), + Steps: []resource.TestStep{ + { + Config: ` + resource "scaleway_key_manager_key" "default_alg" { + name = "tf-test-kms-key-default-alg" + region = "fr-par" + usage = "asymmetric_encryption" + algorithm = "rsa_oaep_3072_sha256" + description = "Test key with RSA-3072 algorithm" + unprotected = true + } + `, + Check: resource.ComposeTestCheckFunc( + resource.TestCheckResourceAttr("scaleway_key_manager_key.default_alg", "name", "tf-test-kms-key-default-alg"), + resource.TestCheckResourceAttr("scaleway_key_manager_key.default_alg", "usage", "asymmetric_encryption"), + resource.TestCheckResourceAttr("scaleway_key_manager_key.default_alg", "algorithm", "rsa_oaep_3072_sha256"), + resource.TestCheckResourceAttr("scaleway_key_manager_key.default_alg", "description", "Test key with RSA-3072 algorithm"), + ), + }, + }, + }) +} diff --git a/internal/services/keymanager/testdata/key-manager-key-basic.cassette.yaml b/internal/services/keymanager/testdata/key-manager-key-basic.cassette.yaml index 8cf0119cc5..14adb46df4 100644 --- a/internal/services/keymanager/testdata/key-manager-key-basic.cassette.yaml +++ b/internal/services/keymanager/testdata/key-manager-key-basic.cassette.yaml @@ -18,7 +18,7 @@ interactions: Content-Type: - application/json User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys method: POST response: @@ -27,20 +27,20 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 522 + content_length: 539 uncompressed: false - body: '{"created_at":"2025-07-09T09:35:20.817469Z","deletion_requested_at":null,"description":"Test key","id":"2b83cb06-a9ed-4470-8373-f1c49e16a3c0","locked":false,"name":"tf-test-kms-key-unprotected-a","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-07-09T09:35:20.822761Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","test"],"updated_at":"2025-07-09T09:35:20.822761Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' + body: '{"created_at":"2025-10-14T13:00:19.553670Z","deletion_requested_at":null,"description":"Test key","id":"62575402-a487-4f50-bba8-48892d00711d","locked":false,"name":"tf-test-kms-key-unprotected-a","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:19.564741Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","test"],"updated_at":"2025-10-14T13:00:19.564741Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' headers: Content-Length: - - "522" + - "539" Content-Security-Policy: - default-src 'none'; frame-ancestors 'none' Content-Type: - application/json Date: - - Wed, 09 Jul 2025 09:35:20 GMT + - Tue, 14 Oct 2025 13:00:19 GMT Server: - - Scaleway API Gateway (fr-par-3;edge03) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -48,10 +48,10 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - c7ba6837-b9c3-451d-9590-38ffdc9ddde5 + - 99508e66-9577-4035-bb44-d5ce99b34e26 status: 200 OK code: 200 - duration: 422.550041ms + duration: 1.911859125s - id: 1 request: proto: HTTP/1.1 @@ -67,8 +67,8 @@ interactions: form: {} headers: User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests - url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/2b83cb06-a9ed-4470-8373-f1c49e16a3c0 + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/62575402-a487-4f50-bba8-48892d00711d method: GET response: proto: HTTP/2.0 @@ -76,20 +76,20 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 522 + content_length: 539 uncompressed: false - body: '{"created_at":"2025-07-09T09:35:20.817469Z","deletion_requested_at":null,"description":"Test key","id":"2b83cb06-a9ed-4470-8373-f1c49e16a3c0","locked":false,"name":"tf-test-kms-key-unprotected-a","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-07-09T09:35:20.822761Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","test"],"updated_at":"2025-07-09T09:35:20.822761Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' + body: '{"created_at":"2025-10-14T13:00:19.553670Z","deletion_requested_at":null,"description":"Test key","id":"62575402-a487-4f50-bba8-48892d00711d","locked":false,"name":"tf-test-kms-key-unprotected-a","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:19.564741Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","test"],"updated_at":"2025-10-14T13:00:19.564741Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' headers: Content-Length: - - "522" + - "539" Content-Security-Policy: - default-src 'none'; frame-ancestors 'none' Content-Type: - application/json Date: - - Wed, 09 Jul 2025 09:35:20 GMT + - Tue, 14 Oct 2025 13:00:19 GMT Server: - - Scaleway API Gateway (fr-par-3;edge03) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -97,10 +97,10 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - 3eb75847-5c1a-403f-90a0-f23e06decc1e + - 549e2825-5777-4941-b982-bc5fdc92f7c2 status: 200 OK code: 200 - duration: 112.297084ms + duration: 275.353541ms - id: 2 request: proto: HTTP/1.1 @@ -116,8 +116,8 @@ interactions: form: {} headers: User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests - url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/2b83cb06-a9ed-4470-8373-f1c49e16a3c0 + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/62575402-a487-4f50-bba8-48892d00711d method: GET response: proto: HTTP/2.0 @@ -125,20 +125,20 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 522 + content_length: 539 uncompressed: false - body: '{"created_at":"2025-07-09T09:35:20.817469Z","deletion_requested_at":null,"description":"Test key","id":"2b83cb06-a9ed-4470-8373-f1c49e16a3c0","locked":false,"name":"tf-test-kms-key-unprotected-a","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-07-09T09:35:20.822761Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","test"],"updated_at":"2025-07-09T09:35:20.822761Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' + body: '{"created_at":"2025-10-14T13:00:19.553670Z","deletion_requested_at":null,"description":"Test key","id":"62575402-a487-4f50-bba8-48892d00711d","locked":false,"name":"tf-test-kms-key-unprotected-a","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:19.564741Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","test"],"updated_at":"2025-10-14T13:00:19.564741Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' headers: Content-Length: - - "522" + - "539" Content-Security-Policy: - default-src 'none'; frame-ancestors 'none' Content-Type: - application/json Date: - - Wed, 09 Jul 2025 09:35:21 GMT + - Tue, 14 Oct 2025 13:00:22 GMT Server: - - Scaleway API Gateway (fr-par-3;edge03) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -146,10 +146,10 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - 36525a48-a1d4-4ab7-a971-dfe88d8b6383 + - 80b64c42-f7d0-447b-80bb-1b777a39db8b status: 200 OK code: 200 - duration: 112.372792ms + duration: 193.933792ms - id: 3 request: proto: HTTP/1.1 @@ -165,8 +165,8 @@ interactions: form: {} headers: User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests - url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/2b83cb06-a9ed-4470-8373-f1c49e16a3c0 + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/62575402-a487-4f50-bba8-48892d00711d method: DELETE response: proto: HTTP/2.0 @@ -183,9 +183,9 @@ interactions: Content-Type: - application/json Date: - - Wed, 09 Jul 2025 09:35:22 GMT + - Tue, 14 Oct 2025 13:00:25 GMT Server: - - Scaleway API Gateway (fr-par-3;edge03) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -193,10 +193,10 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - 1cd8b3c4-c4f3-47fd-a01a-b502def826df + - 0cc83217-66ff-46ec-9762-82ee36b2309c status: 204 No Content code: 204 - duration: 133.9035ms + duration: 189.655583ms - id: 4 request: proto: HTTP/1.1 @@ -212,8 +212,8 @@ interactions: form: {} headers: User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests - url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/2b83cb06-a9ed-4470-8373-f1c49e16a3c0 + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/62575402-a487-4f50-bba8-48892d00711d method: GET response: proto: HTTP/2.0 @@ -221,20 +221,20 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 547 + content_length: 579 uncompressed: false - body: '{"created_at":"2025-07-09T09:35:20.817469Z","deletion_requested_at":"2025-07-09T09:35:22.767315Z","description":"Test key","id":"2b83cb06-a9ed-4470-8373-f1c49e16a3c0","locked":false,"name":"tf-test-kms-key-unprotected-a","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-07-09T09:35:20.822761Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","test"],"updated_at":"2025-07-09T09:35:20.822761Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' + body: '{"created_at":"2025-10-14T13:00:19.553670Z","deletion_requested_at":"2025-10-14T13:00:25.124512Z","description":"Test key","id":"62575402-a487-4f50-bba8-48892d00711d","locked":false,"name":"tf-test-kms-key-unprotected-a","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:19.564741Z","rotation_count":1,"rotation_policy":null,"state":"scheduled_for_deletion","tags":["tf","test"],"updated_at":"2025-10-14T13:00:19.564741Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' headers: Content-Length: - - "547" + - "579" Content-Security-Policy: - default-src 'none'; frame-ancestors 'none' Content-Type: - application/json Date: - - Wed, 09 Jul 2025 09:35:22 GMT + - Tue, 14 Oct 2025 13:00:25 GMT Server: - - Scaleway API Gateway (fr-par-3;edge03) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -242,7 +242,7 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - 7b64ce80-a1ac-4ddc-a874-3714414eed1f + - 9fe20c3d-d857-4870-92f5-4ab3f00fad0e status: 200 OK code: 200 - duration: 165.161125ms + duration: 112.708292ms diff --git a/internal/services/keymanager/testdata/key-manager-key-default-algorithm.cassette.yaml b/internal/services/keymanager/testdata/key-manager-key-default-algorithm.cassette.yaml new file mode 100644 index 0000000000..e185bf19bc --- /dev/null +++ b/internal/services/keymanager/testdata/key-manager-key-default-algorithm.cassette.yaml @@ -0,0 +1,248 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 253 + transfer_encoding: [] + trailer: {} + host: api.scaleway.com + remote_addr: "" + request_uri: "" + body: '{"project_id":"105bdce1-64c0-48ab-899d-868455867ecf","name":"tf-test-kms-key-default-alg","usage":{"asymmetric_encryption":"rsa_oaep_3072_sha256"},"description":"Test key with RSA-3072 algorithm","tags":null,"unprotected":true,"origin":"unknown_origin"}' + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 559 + uncompressed: false + body: '{"created_at":"2025-10-14T13:00:19.132119Z","deletion_requested_at":null,"description":"Test key with RSA-3072 algorithm","id":"a069bc1e-bbf0-4f3a-8519-8c4f840e970f","locked":false,"name":"tf-test-kms-key-default-alg","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:19.463354Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":[],"updated_at":"2025-10-14T13:00:19.463354Z","usage":{"asymmetric_encryption":"rsa_oaep_3072_sha256"}}' + headers: + Content-Length: + - "559" + Content-Security-Policy: + - default-src 'none'; frame-ancestors 'none' + Content-Type: + - application/json + Date: + - Tue, 14 Oct 2025 13:00:19 GMT + Server: + - Scaleway API Gateway (fr-par-2;edge02) + Strict-Transport-Security: + - max-age=63072000 + X-Content-Type-Options: + - nosniff + X-Frame-Options: + - DENY + X-Request-Id: + - a1c7fac6-1f42-4346-912b-03f54b90fcf6 + status: 200 OK + code: 200 + duration: 1.797741375s + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: api.scaleway.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + User-Agent: + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/a069bc1e-bbf0-4f3a-8519-8c4f840e970f + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 559 + uncompressed: false + body: '{"created_at":"2025-10-14T13:00:19.132119Z","deletion_requested_at":null,"description":"Test key with RSA-3072 algorithm","id":"a069bc1e-bbf0-4f3a-8519-8c4f840e970f","locked":false,"name":"tf-test-kms-key-default-alg","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:19.463354Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":[],"updated_at":"2025-10-14T13:00:19.463354Z","usage":{"asymmetric_encryption":"rsa_oaep_3072_sha256"}}' + headers: + Content-Length: + - "559" + Content-Security-Policy: + - default-src 'none'; frame-ancestors 'none' + Content-Type: + - application/json + Date: + - Tue, 14 Oct 2025 13:00:19 GMT + Server: + - Scaleway API Gateway (fr-par-2;edge02) + Strict-Transport-Security: + - max-age=63072000 + X-Content-Type-Options: + - nosniff + X-Frame-Options: + - DENY + X-Request-Id: + - 7da6daff-bf3d-42b0-adcf-0b77ee4375fd + status: 200 OK + code: 200 + duration: 275.825209ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: api.scaleway.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + User-Agent: + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/a069bc1e-bbf0-4f3a-8519-8c4f840e970f + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 559 + uncompressed: false + body: '{"created_at":"2025-10-14T13:00:19.132119Z","deletion_requested_at":null,"description":"Test key with RSA-3072 algorithm","id":"a069bc1e-bbf0-4f3a-8519-8c4f840e970f","locked":false,"name":"tf-test-kms-key-default-alg","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:19.463354Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":[],"updated_at":"2025-10-14T13:00:19.463354Z","usage":{"asymmetric_encryption":"rsa_oaep_3072_sha256"}}' + headers: + Content-Length: + - "559" + Content-Security-Policy: + - default-src 'none'; frame-ancestors 'none' + Content-Type: + - application/json + Date: + - Tue, 14 Oct 2025 13:00:23 GMT + Server: + - Scaleway API Gateway (fr-par-2;edge02) + Strict-Transport-Security: + - max-age=63072000 + X-Content-Type-Options: + - nosniff + X-Frame-Options: + - DENY + X-Request-Id: + - 62657e0d-9cfd-4b01-928a-1e2a4b182652 + status: 200 OK + code: 200 + duration: 226.063ms + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: api.scaleway.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + User-Agent: + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/a069bc1e-bbf0-4f3a-8519-8c4f840e970f + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Security-Policy: + - default-src 'none'; frame-ancestors 'none' + Content-Type: + - application/json + Date: + - Tue, 14 Oct 2025 13:00:25 GMT + Server: + - Scaleway API Gateway (fr-par-2;edge02) + Strict-Transport-Security: + - max-age=63072000 + X-Content-Type-Options: + - nosniff + X-Frame-Options: + - DENY + X-Request-Id: + - bab81a1f-b6be-4d9b-b515-cc0d1efb20cf + status: 204 No Content + code: 204 + duration: 195.826166ms + - id: 4 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: api.scaleway.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + User-Agent: + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/a069bc1e-bbf0-4f3a-8519-8c4f840e970f + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 599 + uncompressed: false + body: '{"created_at":"2025-10-14T13:00:19.132119Z","deletion_requested_at":"2025-10-14T13:00:25.193839Z","description":"Test key with RSA-3072 algorithm","id":"a069bc1e-bbf0-4f3a-8519-8c4f840e970f","locked":false,"name":"tf-test-kms-key-default-alg","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:19.463354Z","rotation_count":1,"rotation_policy":null,"state":"scheduled_for_deletion","tags":[],"updated_at":"2025-10-14T13:00:19.463354Z","usage":{"asymmetric_encryption":"rsa_oaep_3072_sha256"}}' + headers: + Content-Length: + - "599" + Content-Security-Policy: + - default-src 'none'; frame-ancestors 'none' + Content-Type: + - application/json + Date: + - Tue, 14 Oct 2025 13:00:25 GMT + Server: + - Scaleway API Gateway (fr-par-2;edge02) + Strict-Transport-Security: + - max-age=63072000 + X-Content-Type-Options: + - nosniff + X-Frame-Options: + - DENY + X-Request-Id: + - 6e4899e1-86a5-4f60-9f25-aec7f3e02d81 + status: 200 OK + code: 200 + duration: 202.117958ms diff --git a/internal/services/keymanager/testdata/key-manager-key-update.cassette.yaml b/internal/services/keymanager/testdata/key-manager-key-update.cassette.yaml index a9398c5ba6..5b6a868611 100644 --- a/internal/services/keymanager/testdata/key-manager-key-update.cassette.yaml +++ b/internal/services/keymanager/testdata/key-manager-key-update.cassette.yaml @@ -18,7 +18,7 @@ interactions: Content-Type: - application/json User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys method: POST response: @@ -27,20 +27,20 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 515 + content_length: 532 uncompressed: false - body: '{"created_at":"2025-07-09T09:35:30.170991Z","deletion_requested_at":null,"description":"Test key","id":"9187cb2c-30e3-4e00-b35a-8c289f389e2c","locked":false,"name":"tf-test-kms-key-update","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-07-09T09:35:30.174818Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","test"],"updated_at":"2025-07-09T09:35:30.174818Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' + body: '{"created_at":"2025-10-14T13:00:18.401165Z","deletion_requested_at":null,"description":"Test key","id":"abf58253-debe-4f2b-b63c-b37ed7abae6d","locked":false,"name":"tf-test-kms-key-update","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:18.408485Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","test"],"updated_at":"2025-10-14T13:00:18.408485Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' headers: Content-Length: - - "515" + - "532" Content-Security-Policy: - default-src 'none'; frame-ancestors 'none' Content-Type: - application/json Date: - - Wed, 09 Jul 2025 09:35:30 GMT + - Tue, 14 Oct 2025 13:00:18 GMT Server: - - Scaleway API Gateway (fr-par-3;edge01) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -48,10 +48,10 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - 4510b348-2a9c-4983-b6bf-2fd411b362a8 + - 34db048a-3f70-409c-a46d-96f524b1400b status: 200 OK code: 200 - duration: 385.926458ms + duration: 633.294875ms - id: 1 request: proto: HTTP/1.1 @@ -67,8 +67,8 @@ interactions: form: {} headers: User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests - url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/9187cb2c-30e3-4e00-b35a-8c289f389e2c + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/abf58253-debe-4f2b-b63c-b37ed7abae6d method: GET response: proto: HTTP/2.0 @@ -76,20 +76,20 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 515 + content_length: 532 uncompressed: false - body: '{"created_at":"2025-07-09T09:35:30.170991Z","deletion_requested_at":null,"description":"Test key","id":"9187cb2c-30e3-4e00-b35a-8c289f389e2c","locked":false,"name":"tf-test-kms-key-update","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-07-09T09:35:30.174818Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","test"],"updated_at":"2025-07-09T09:35:30.174818Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' + body: '{"created_at":"2025-10-14T13:00:18.401165Z","deletion_requested_at":null,"description":"Test key","id":"abf58253-debe-4f2b-b63c-b37ed7abae6d","locked":false,"name":"tf-test-kms-key-update","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:18.408485Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","test"],"updated_at":"2025-10-14T13:00:18.408485Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' headers: Content-Length: - - "515" + - "532" Content-Security-Policy: - default-src 'none'; frame-ancestors 'none' Content-Type: - application/json Date: - - Wed, 09 Jul 2025 09:35:30 GMT + - Tue, 14 Oct 2025 13:00:18 GMT Server: - - Scaleway API Gateway (fr-par-3;edge01) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -97,10 +97,10 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - 8f1d4755-3e75-4b88-afbf-99c28e355b9d + - 9d7bc38a-b634-488e-9487-f5e4e534d0b3 status: 200 OK code: 200 - duration: 120.929042ms + duration: 97.712583ms - id: 2 request: proto: HTTP/1.1 @@ -116,8 +116,8 @@ interactions: form: {} headers: User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests - url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/9187cb2c-30e3-4e00-b35a-8c289f389e2c + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/abf58253-debe-4f2b-b63c-b37ed7abae6d method: GET response: proto: HTTP/2.0 @@ -125,20 +125,20 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 515 + content_length: 532 uncompressed: false - body: '{"created_at":"2025-07-09T09:35:30.170991Z","deletion_requested_at":null,"description":"Test key","id":"9187cb2c-30e3-4e00-b35a-8c289f389e2c","locked":false,"name":"tf-test-kms-key-update","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-07-09T09:35:30.174818Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","test"],"updated_at":"2025-07-09T09:35:30.174818Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' + body: '{"created_at":"2025-10-14T13:00:18.401165Z","deletion_requested_at":null,"description":"Test key","id":"abf58253-debe-4f2b-b63c-b37ed7abae6d","locked":false,"name":"tf-test-kms-key-update","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:18.408485Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","test"],"updated_at":"2025-10-14T13:00:18.408485Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' headers: Content-Length: - - "515" + - "532" Content-Security-Policy: - default-src 'none'; frame-ancestors 'none' Content-Type: - application/json Date: - - Wed, 09 Jul 2025 09:35:31 GMT + - Tue, 14 Oct 2025 13:00:20 GMT Server: - - Scaleway API Gateway (fr-par-3;edge01) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -146,10 +146,10 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - 10b3d5c6-4ae2-4057-b708-34693696b577 + - 43a8819d-02c8-4688-8ffe-afa8e8b1b8f1 status: 200 OK code: 200 - duration: 139.53725ms + duration: 209.542208ms - id: 3 request: proto: HTTP/1.1 @@ -165,8 +165,8 @@ interactions: form: {} headers: User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests - url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/9187cb2c-30e3-4e00-b35a-8c289f389e2c + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/abf58253-debe-4f2b-b63c-b37ed7abae6d method: GET response: proto: HTTP/2.0 @@ -174,20 +174,20 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 515 + content_length: 532 uncompressed: false - body: '{"created_at":"2025-07-09T09:35:30.170991Z","deletion_requested_at":null,"description":"Test key","id":"9187cb2c-30e3-4e00-b35a-8c289f389e2c","locked":false,"name":"tf-test-kms-key-update","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-07-09T09:35:30.174818Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","test"],"updated_at":"2025-07-09T09:35:30.174818Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' + body: '{"created_at":"2025-10-14T13:00:18.401165Z","deletion_requested_at":null,"description":"Test key","id":"abf58253-debe-4f2b-b63c-b37ed7abae6d","locked":false,"name":"tf-test-kms-key-update","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:18.408485Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","test"],"updated_at":"2025-10-14T13:00:18.408485Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' headers: Content-Length: - - "515" + - "532" Content-Security-Policy: - default-src 'none'; frame-ancestors 'none' Content-Type: - application/json Date: - - Wed, 09 Jul 2025 09:35:32 GMT + - Tue, 14 Oct 2025 13:00:22 GMT Server: - - Scaleway API Gateway (fr-par-3;edge01) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -195,10 +195,10 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - a3719c3c-2172-4088-b283-177b7bf701f1 + - 65861e0e-07ef-4cc3-80e1-22e030c7f6c3 status: 200 OK code: 200 - duration: 144.34225ms + duration: 92.062792ms - id: 4 request: proto: HTTP/1.1 @@ -216,8 +216,8 @@ interactions: Content-Type: - application/json User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests - url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/9187cb2c-30e3-4e00-b35a-8c289f389e2c + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/abf58253-debe-4f2b-b63c-b37ed7abae6d method: PATCH response: proto: HTTP/2.0 @@ -225,20 +225,20 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 527 + content_length: 544 uncompressed: false - body: '{"created_at":"2025-07-09T09:35:30.170991Z","deletion_requested_at":null,"description":"Test key updated","id":"9187cb2c-30e3-4e00-b35a-8c289f389e2c","locked":false,"name":"tf-test-kms-key-updated","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-07-09T09:35:30.174818Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","updated"],"updated_at":"2025-07-09T09:35:32.949117Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' + body: '{"created_at":"2025-10-14T13:00:18.401165Z","deletion_requested_at":null,"description":"Test key updated","id":"abf58253-debe-4f2b-b63c-b37ed7abae6d","locked":false,"name":"tf-test-kms-key-updated","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:18.408485Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","updated"],"updated_at":"2025-10-14T13:00:23.731667Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' headers: Content-Length: - - "527" + - "544" Content-Security-Policy: - default-src 'none'; frame-ancestors 'none' Content-Type: - application/json Date: - - Wed, 09 Jul 2025 09:35:32 GMT + - Tue, 14 Oct 2025 13:00:23 GMT Server: - - Scaleway API Gateway (fr-par-3;edge01) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -246,10 +246,10 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - 69a08da8-19d7-4d26-a998-9cc49ffeb132 + - a1f11ad1-d0af-497f-ae2e-446f5440f5ef status: 200 OK code: 200 - duration: 153.157042ms + duration: 324.69975ms - id: 5 request: proto: HTTP/1.1 @@ -265,8 +265,8 @@ interactions: form: {} headers: User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests - url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/9187cb2c-30e3-4e00-b35a-8c289f389e2c + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/abf58253-debe-4f2b-b63c-b37ed7abae6d method: GET response: proto: HTTP/2.0 @@ -274,20 +274,20 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 527 + content_length: 544 uncompressed: false - body: '{"created_at":"2025-07-09T09:35:30.170991Z","deletion_requested_at":null,"description":"Test key updated","id":"9187cb2c-30e3-4e00-b35a-8c289f389e2c","locked":false,"name":"tf-test-kms-key-updated","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-07-09T09:35:30.174818Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","updated"],"updated_at":"2025-07-09T09:35:32.949117Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' + body: '{"created_at":"2025-10-14T13:00:18.401165Z","deletion_requested_at":null,"description":"Test key updated","id":"abf58253-debe-4f2b-b63c-b37ed7abae6d","locked":false,"name":"tf-test-kms-key-updated","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:18.408485Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","updated"],"updated_at":"2025-10-14T13:00:23.731667Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' headers: Content-Length: - - "527" + - "544" Content-Security-Policy: - default-src 'none'; frame-ancestors 'none' Content-Type: - application/json Date: - - Wed, 09 Jul 2025 09:35:33 GMT + - Tue, 14 Oct 2025 13:00:23 GMT Server: - - Scaleway API Gateway (fr-par-3;edge01) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -295,10 +295,10 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - 0a8668cb-820f-4acc-860a-b7bbe0a1dd51 + - 4ea8bd57-6d99-4b3b-ab6a-0c5c34fac3dd status: 200 OK code: 200 - duration: 141.29925ms + duration: 91.847875ms - id: 6 request: proto: HTTP/1.1 @@ -314,8 +314,8 @@ interactions: form: {} headers: User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests - url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/9187cb2c-30e3-4e00-b35a-8c289f389e2c + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/abf58253-debe-4f2b-b63c-b37ed7abae6d method: GET response: proto: HTTP/2.0 @@ -323,20 +323,20 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 527 + content_length: 544 uncompressed: false - body: '{"created_at":"2025-07-09T09:35:30.170991Z","deletion_requested_at":null,"description":"Test key updated","id":"9187cb2c-30e3-4e00-b35a-8c289f389e2c","locked":false,"name":"tf-test-kms-key-updated","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-07-09T09:35:30.174818Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","updated"],"updated_at":"2025-07-09T09:35:32.949117Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' + body: '{"created_at":"2025-10-14T13:00:18.401165Z","deletion_requested_at":null,"description":"Test key updated","id":"abf58253-debe-4f2b-b63c-b37ed7abae6d","locked":false,"name":"tf-test-kms-key-updated","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:18.408485Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","updated"],"updated_at":"2025-10-14T13:00:23.731667Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' headers: Content-Length: - - "527" + - "544" Content-Security-Policy: - default-src 'none'; frame-ancestors 'none' Content-Type: - application/json Date: - - Wed, 09 Jul 2025 09:35:33 GMT + - Tue, 14 Oct 2025 13:00:26 GMT Server: - - Scaleway API Gateway (fr-par-3;edge01) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -344,10 +344,10 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - 7da18c74-4479-4409-991e-d5a75b9fc183 + - 26a0d8bd-9d9b-4bb6-946a-ced21a658d17 status: 200 OK code: 200 - duration: 110.767042ms + duration: 90.273125ms - id: 7 request: proto: HTTP/1.1 @@ -363,8 +363,8 @@ interactions: form: {} headers: User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests - url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/9187cb2c-30e3-4e00-b35a-8c289f389e2c + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/abf58253-debe-4f2b-b63c-b37ed7abae6d method: DELETE response: proto: HTTP/2.0 @@ -381,9 +381,9 @@ interactions: Content-Type: - application/json Date: - - Wed, 09 Jul 2025 09:35:34 GMT + - Tue, 14 Oct 2025 13:00:28 GMT Server: - - Scaleway API Gateway (fr-par-3;edge01) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -391,10 +391,10 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - 6aa8845f-bc7c-426b-bb58-56efd5bda6e7 + - fd6e37b4-2da2-4d37-bc73-853d193ec4e6 status: 204 No Content code: 204 - duration: 137.206042ms + duration: 162.973125ms - id: 8 request: proto: HTTP/1.1 @@ -410,8 +410,8 @@ interactions: form: {} headers: User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests - url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/9187cb2c-30e3-4e00-b35a-8c289f389e2c + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/abf58253-debe-4f2b-b63c-b37ed7abae6d method: GET response: proto: HTTP/2.0 @@ -419,20 +419,20 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 552 + content_length: 584 uncompressed: false - body: '{"created_at":"2025-07-09T09:35:30.170991Z","deletion_requested_at":"2025-07-09T09:35:34.815199Z","description":"Test key updated","id":"9187cb2c-30e3-4e00-b35a-8c289f389e2c","locked":false,"name":"tf-test-kms-key-updated","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-07-09T09:35:30.174818Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":["tf","updated"],"updated_at":"2025-07-09T09:35:32.949117Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' + body: '{"created_at":"2025-10-14T13:00:18.401165Z","deletion_requested_at":"2025-10-14T13:00:28.082671Z","description":"Test key updated","id":"abf58253-debe-4f2b-b63c-b37ed7abae6d","locked":false,"name":"tf-test-kms-key-updated","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:18.408485Z","rotation_count":1,"rotation_policy":null,"state":"scheduled_for_deletion","tags":["tf","updated"],"updated_at":"2025-10-14T13:00:23.731667Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' headers: Content-Length: - - "552" + - "584" Content-Security-Policy: - default-src 'none'; frame-ancestors 'none' Content-Type: - application/json Date: - - Wed, 09 Jul 2025 09:35:34 GMT + - Tue, 14 Oct 2025 13:00:28 GMT Server: - - Scaleway API Gateway (fr-par-3;edge01) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -440,7 +440,7 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - 53739f2c-95fc-484c-b235-c4c5c5ca7be7 + - 7a39a7de-2f74-4f05-aab5-d344016dfdc5 status: 200 OK code: 200 - duration: 116.598666ms + duration: 240.7745ms diff --git a/internal/services/keymanager/testdata/key-manager-key-with-custom-algorithm.cassette.yaml b/internal/services/keymanager/testdata/key-manager-key-with-custom-algorithm.cassette.yaml new file mode 100644 index 0000000000..6caf9d38cf --- /dev/null +++ b/internal/services/keymanager/testdata/key-manager-key-with-custom-algorithm.cassette.yaml @@ -0,0 +1,248 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 249 + transfer_encoding: [] + trailer: {} + host: api.scaleway.com + remote_addr: "" + request_uri: "" + body: '{"project_id":"105bdce1-64c0-48ab-899d-868455867ecf","name":"tf-test-kms-key-rsa4096","usage":{"asymmetric_encryption":"rsa_oaep_4096_sha256"},"description":"Test key with RSA-4096 algorithm","tags":null,"unprotected":true,"origin":"unknown_origin"}' + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 555 + uncompressed: false + body: '{"created_at":"2025-10-14T13:00:18.493346Z","deletion_requested_at":null,"description":"Test key with RSA-4096 algorithm","id":"328290aa-9f95-4b76-846e-9f6e1f815582","locked":false,"name":"tf-test-kms-key-rsa4096","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:19.048343Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":[],"updated_at":"2025-10-14T13:00:19.048343Z","usage":{"asymmetric_encryption":"rsa_oaep_4096_sha256"}}' + headers: + Content-Length: + - "555" + Content-Security-Policy: + - default-src 'none'; frame-ancestors 'none' + Content-Type: + - application/json + Date: + - Tue, 14 Oct 2025 13:00:19 GMT + Server: + - Scaleway API Gateway (fr-par-2;edge02) + Strict-Transport-Security: + - max-age=63072000 + X-Content-Type-Options: + - nosniff + X-Frame-Options: + - DENY + X-Request-Id: + - 6cc77f5f-f9f3-44f2-8f1b-f7e80f15c621 + status: 200 OK + code: 200 + duration: 1.397133333s + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: api.scaleway.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + User-Agent: + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/328290aa-9f95-4b76-846e-9f6e1f815582 + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 555 + uncompressed: false + body: '{"created_at":"2025-10-14T13:00:18.493346Z","deletion_requested_at":null,"description":"Test key with RSA-4096 algorithm","id":"328290aa-9f95-4b76-846e-9f6e1f815582","locked":false,"name":"tf-test-kms-key-rsa4096","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:19.048343Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":[],"updated_at":"2025-10-14T13:00:19.048343Z","usage":{"asymmetric_encryption":"rsa_oaep_4096_sha256"}}' + headers: + Content-Length: + - "555" + Content-Security-Policy: + - default-src 'none'; frame-ancestors 'none' + Content-Type: + - application/json + Date: + - Tue, 14 Oct 2025 13:00:19 GMT + Server: + - Scaleway API Gateway (fr-par-2;edge02) + Strict-Transport-Security: + - max-age=63072000 + X-Content-Type-Options: + - nosniff + X-Frame-Options: + - DENY + X-Request-Id: + - 3cb370c6-a15d-40d5-8d58-fe6b62daa6fe + status: 200 OK + code: 200 + duration: 341.261333ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: api.scaleway.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + User-Agent: + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/328290aa-9f95-4b76-846e-9f6e1f815582 + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 555 + uncompressed: false + body: '{"created_at":"2025-10-14T13:00:18.493346Z","deletion_requested_at":null,"description":"Test key with RSA-4096 algorithm","id":"328290aa-9f95-4b76-846e-9f6e1f815582","locked":false,"name":"tf-test-kms-key-rsa4096","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:19.048343Z","rotation_count":1,"rotation_policy":null,"state":"enabled","tags":[],"updated_at":"2025-10-14T13:00:19.048343Z","usage":{"asymmetric_encryption":"rsa_oaep_4096_sha256"}}' + headers: + Content-Length: + - "555" + Content-Security-Policy: + - default-src 'none'; frame-ancestors 'none' + Content-Type: + - application/json + Date: + - Tue, 14 Oct 2025 13:00:22 GMT + Server: + - Scaleway API Gateway (fr-par-2;edge02) + Strict-Transport-Security: + - max-age=63072000 + X-Content-Type-Options: + - nosniff + X-Frame-Options: + - DENY + X-Request-Id: + - 10ea07a2-f785-437f-a566-aaad25f9bae7 + status: 200 OK + code: 200 + duration: 174.866792ms + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: api.scaleway.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + User-Agent: + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/328290aa-9f95-4b76-846e-9f6e1f815582 + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Security-Policy: + - default-src 'none'; frame-ancestors 'none' + Content-Type: + - application/json + Date: + - Tue, 14 Oct 2025 13:00:24 GMT + Server: + - Scaleway API Gateway (fr-par-2;edge02) + Strict-Transport-Security: + - max-age=63072000 + X-Content-Type-Options: + - nosniff + X-Frame-Options: + - DENY + X-Request-Id: + - 254b1df7-04e5-4f29-af6b-c15ad08a2f90 + status: 204 No Content + code: 204 + duration: 189.858ms + - id: 4 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: api.scaleway.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + User-Agent: + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/328290aa-9f95-4b76-846e-9f6e1f815582 + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 595 + uncompressed: false + body: '{"created_at":"2025-10-14T13:00:18.493346Z","deletion_requested_at":"2025-10-14T13:00:24.754811Z","description":"Test key with RSA-4096 algorithm","id":"328290aa-9f95-4b76-846e-9f6e1f815582","locked":false,"name":"tf-test-kms-key-rsa4096","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:19.048343Z","rotation_count":1,"rotation_policy":null,"state":"scheduled_for_deletion","tags":[],"updated_at":"2025-10-14T13:00:19.048343Z","usage":{"asymmetric_encryption":"rsa_oaep_4096_sha256"}}' + headers: + Content-Length: + - "595" + Content-Security-Policy: + - default-src 'none'; frame-ancestors 'none' + Content-Type: + - application/json + Date: + - Tue, 14 Oct 2025 13:00:24 GMT + Server: + - Scaleway API Gateway (fr-par-2;edge02) + Strict-Transport-Security: + - max-age=63072000 + X-Content-Type-Options: + - nosniff + X-Frame-Options: + - DENY + X-Request-Id: + - 3e62f995-b994-4173-bd20-36fc163410fc + status: 200 OK + code: 200 + duration: 203.319708ms diff --git a/internal/services/keymanager/testdata/key-manager-key-with-rotation-policy.cassette.yaml b/internal/services/keymanager/testdata/key-manager-key-with-rotation-policy.cassette.yaml index ab4f235ca5..c6364a4d34 100644 --- a/internal/services/keymanager/testdata/key-manager-key-with-rotation-policy.cassette.yaml +++ b/internal/services/keymanager/testdata/key-manager-key-with-rotation-policy.cassette.yaml @@ -18,7 +18,7 @@ interactions: Content-Type: - application/json User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys method: POST response: @@ -27,20 +27,20 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 595 + content_length: 612 uncompressed: false - body: '{"created_at":"2025-09-01T14:08:23.132185Z","deletion_requested_at":null,"description":"Test key with rotation policy","id":"449ede52-42cd-4692-8ad6-8d3d60b31b1f","locked":false,"name":"tf-test-kms-key-rotation","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-09-01T14:08:23.140726Z","rotation_count":1,"rotation_policy":{"next_rotation_at":"2026-01-01T00:00:00Z","rotation_period":"2592000s"},"state":"enabled","tags":[],"updated_at":"2025-09-01T14:08:23.140726Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' + body: '{"created_at":"2025-10-14T13:00:19.658034Z","deletion_requested_at":null,"description":"Test key with rotation policy","id":"ab923517-f12f-47ff-b6e2-fbe796255f36","locked":false,"name":"tf-test-kms-key-rotation","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:19.663181Z","rotation_count":1,"rotation_policy":{"next_rotation_at":"2026-01-01T00:00:00Z","rotation_period":"2592000s"},"state":"enabled","tags":[],"updated_at":"2025-10-14T13:00:19.663181Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' headers: Content-Length: - - "595" + - "612" Content-Security-Policy: - default-src 'none'; frame-ancestors 'none' Content-Type: - application/json Date: - - Mon, 01 Sep 2025 14:08:23 GMT + - Tue, 14 Oct 2025 13:00:19 GMT Server: - - Scaleway API Gateway (fr-par-3;edge01) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -48,10 +48,10 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - 26922321-731c-4928-8fec-69e3fb748202 + - 37f26934-2e9c-4eec-b0e3-b2d4793ac5c7 status: 200 OK code: 200 - duration: 441.486459ms + duration: 1.663990375s - id: 1 request: proto: HTTP/1.1 @@ -67,8 +67,8 @@ interactions: form: {} headers: User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests - url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/449ede52-42cd-4692-8ad6-8d3d60b31b1f + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/ab923517-f12f-47ff-b6e2-fbe796255f36 method: GET response: proto: HTTP/2.0 @@ -76,20 +76,20 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 595 + content_length: 612 uncompressed: false - body: '{"created_at":"2025-09-01T14:08:23.132185Z","deletion_requested_at":null,"description":"Test key with rotation policy","id":"449ede52-42cd-4692-8ad6-8d3d60b31b1f","locked":false,"name":"tf-test-kms-key-rotation","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-09-01T14:08:23.140726Z","rotation_count":1,"rotation_policy":{"next_rotation_at":"2026-01-01T00:00:00Z","rotation_period":"2592000s"},"state":"enabled","tags":[],"updated_at":"2025-09-01T14:08:23.140726Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' + body: '{"created_at":"2025-10-14T13:00:19.658034Z","deletion_requested_at":null,"description":"Test key with rotation policy","id":"ab923517-f12f-47ff-b6e2-fbe796255f36","locked":false,"name":"tf-test-kms-key-rotation","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:19.663181Z","rotation_count":1,"rotation_policy":{"next_rotation_at":"2026-01-01T00:00:00Z","rotation_period":"2592000s"},"state":"enabled","tags":[],"updated_at":"2025-10-14T13:00:19.663181Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' headers: Content-Length: - - "595" + - "612" Content-Security-Policy: - default-src 'none'; frame-ancestors 'none' Content-Type: - application/json Date: - - Mon, 01 Sep 2025 14:08:23 GMT + - Tue, 14 Oct 2025 13:00:20 GMT Server: - - Scaleway API Gateway (fr-par-3;edge01) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -97,10 +97,10 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - a38c873d-0db5-4b18-be3d-6702c5221289 + - 60779012-0d6c-4531-aca0-734c50d89dce status: 200 OK code: 200 - duration: 116.597417ms + duration: 190.039375ms - id: 2 request: proto: HTTP/1.1 @@ -116,8 +116,8 @@ interactions: form: {} headers: User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests - url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/449ede52-42cd-4692-8ad6-8d3d60b31b1f + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/ab923517-f12f-47ff-b6e2-fbe796255f36 method: GET response: proto: HTTP/2.0 @@ -125,20 +125,20 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 595 + content_length: 612 uncompressed: false - body: '{"created_at":"2025-09-01T14:08:23.132185Z","deletion_requested_at":null,"description":"Test key with rotation policy","id":"449ede52-42cd-4692-8ad6-8d3d60b31b1f","locked":false,"name":"tf-test-kms-key-rotation","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-09-01T14:08:23.140726Z","rotation_count":1,"rotation_policy":{"next_rotation_at":"2026-01-01T00:00:00Z","rotation_period":"2592000s"},"state":"enabled","tags":[],"updated_at":"2025-09-01T14:08:23.140726Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' + body: '{"created_at":"2025-10-14T13:00:19.658034Z","deletion_requested_at":null,"description":"Test key with rotation policy","id":"ab923517-f12f-47ff-b6e2-fbe796255f36","locked":false,"name":"tf-test-kms-key-rotation","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:19.663181Z","rotation_count":1,"rotation_policy":{"next_rotation_at":"2026-01-01T00:00:00Z","rotation_period":"2592000s"},"state":"enabled","tags":[],"updated_at":"2025-10-14T13:00:19.663181Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' headers: Content-Length: - - "595" + - "612" Content-Security-Policy: - default-src 'none'; frame-ancestors 'none' Content-Type: - application/json Date: - - Mon, 01 Sep 2025 14:08:24 GMT + - Tue, 14 Oct 2025 13:00:23 GMT Server: - - Scaleway API Gateway (fr-par-3;edge01) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -146,10 +146,10 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - c856061a-4f5d-4f30-b213-7a18e9ab9206 + - 78a11c7e-5b7f-4fb9-986a-748eb50f5734 status: 200 OK code: 200 - duration: 123.934916ms + duration: 194.284916ms - id: 3 request: proto: HTTP/1.1 @@ -165,8 +165,8 @@ interactions: form: {} headers: User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests - url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/449ede52-42cd-4692-8ad6-8d3d60b31b1f + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/ab923517-f12f-47ff-b6e2-fbe796255f36 method: DELETE response: proto: HTTP/2.0 @@ -183,9 +183,9 @@ interactions: Content-Type: - application/json Date: - - Mon, 01 Sep 2025 14:08:25 GMT + - Tue, 14 Oct 2025 13:00:25 GMT Server: - - Scaleway API Gateway (fr-par-3;edge01) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -193,10 +193,10 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - dbc7b22c-f2d3-477f-b5ba-9c620a566ed4 + - b70a8b4d-0c96-4d21-bf65-611034c85349 status: 204 No Content code: 204 - duration: 139.486584ms + duration: 197.276458ms - id: 4 request: proto: HTTP/1.1 @@ -212,8 +212,8 @@ interactions: form: {} headers: User-Agent: - - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.24.0; darwin; arm64) terraform-provider/develop terraform/terraform-tests - url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/449ede52-42cd-4692-8ad6-8d3d60b31b1f + - scaleway-sdk-go/v1.0.0-beta.7+dev (go1.25.0; darwin; amd64) terraform-provider/develop terraform/terraform-tests + url: https://api.scaleway.com/key-manager/v1alpha1/regions/fr-par/keys/ab923517-f12f-47ff-b6e2-fbe796255f36 method: GET response: proto: HTTP/2.0 @@ -221,20 +221,20 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 635 + content_length: 652 uncompressed: false - body: '{"created_at":"2025-09-01T14:08:23.132185Z","deletion_requested_at":"2025-09-01T14:08:25.319098Z","description":"Test key with rotation policy","id":"449ede52-42cd-4692-8ad6-8d3d60b31b1f","locked":false,"name":"tf-test-kms-key-rotation","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-09-01T14:08:23.140726Z","rotation_count":1,"rotation_policy":{"next_rotation_at":"2026-01-01T00:00:00Z","rotation_period":"2592000s"},"state":"scheduled_for_deletion","tags":[],"updated_at":"2025-09-01T14:08:23.140726Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' + body: '{"created_at":"2025-10-14T13:00:19.658034Z","deletion_requested_at":"2025-10-14T13:00:25.470543Z","description":"Test key with rotation policy","id":"ab923517-f12f-47ff-b6e2-fbe796255f36","locked":false,"name":"tf-test-kms-key-rotation","origin":"scaleway_kms","project_id":"105bdce1-64c0-48ab-899d-868455867ecf","protected":false,"region":"fr-par","rotated_at":"2025-10-14T13:00:19.663181Z","rotation_count":1,"rotation_policy":{"next_rotation_at":"2026-01-01T00:00:00Z","rotation_period":"2592000s"},"state":"scheduled_for_deletion","tags":[],"updated_at":"2025-10-14T13:00:19.663181Z","usage":{"symmetric_encryption":"aes_256_gcm"}}' headers: Content-Length: - - "635" + - "652" Content-Security-Policy: - default-src 'none'; frame-ancestors 'none' Content-Type: - application/json Date: - - Mon, 01 Sep 2025 14:08:25 GMT + - Tue, 14 Oct 2025 13:00:25 GMT Server: - - Scaleway API Gateway (fr-par-3;edge01) + - Scaleway API Gateway (fr-par-2;edge02) Strict-Transport-Security: - max-age=63072000 X-Content-Type-Options: @@ -242,7 +242,7 @@ interactions: X-Frame-Options: - DENY X-Request-Id: - - 9e3d94eb-96df-4b75-83aa-48814dba6768 + - e9883e1d-f96d-4815-ad7a-cfcdee945926 status: 200 OK code: 200 - duration: 108.039625ms + duration: 134.127708ms diff --git a/templates/resources/key_manager_key.md.tmpl b/templates/resources/key_manager_key.md.tmpl index 2ce9f61bbe..fd3234010c 100644 --- a/templates/resources/key_manager_key.md.tmpl +++ b/templates/resources/key_manager_key.md.tmpl @@ -10,15 +10,18 @@ This resource allows you to create and manage cryptographic keys in Scaleway Key ## Example Usage +### Symmetric Encryption Key + ```terraform -resource "scaleway_key_manager_key" "main" { - name = "my-kms-key" - region = "fr-par" - project_id = "your-project-id" # optional, will use provider default if omitted - usage = "symmetric_encryption" - description = "Key for encrypting secrets" - tags = ["env:prod", "kms"] - unprotected = true +resource "scaleway_key_manager_key" "symmetric" { + name = "my-kms-key" + region = "fr-par" + project_id = "your-project-id" # optional, will use provider default if omitted + usage = "symmetric_encryption" + algorithm = "aes_256_gcm" + description = "Key for encrypting secrets" + tags = ["env:prod", "kms"] + unprotected = true rotation_policy { rotation_period = "720h" # 30 days @@ -26,17 +29,61 @@ resource "scaleway_key_manager_key" "main" { } ``` +### Asymmetric Encryption Key with RSA-4096 + +```terraform +resource "scaleway_key_manager_key" "rsa_4096" { + name = "rsa-4096-key" + region = "fr-par" + usage = "asymmetric_encryption" + algorithm = "rsa_oaep_4096_sha256" + description = "Key for encrypting large files with RSA-4096" + unprotected = true +} +``` + +### Asymmetric Signing Key + +```terraform +resource "scaleway_key_manager_key" "signing" { + name = "signing-key" + region = "fr-par" + usage = "asymmetric_signing" + algorithm = "rsa_pss_2048_sha256" + description = "Key for signing documents" + unprotected = true +} +``` + ## Argument Reference The following arguments are supported: - `name` (String) – The name of the key. - `region` (String) – The region in which to create the key (e.g., `fr-par`). -- `project_id` (String, Optional) – The ID of the project the key belongs to. -- `usage` (String, **Required**) – The usage of the key. Valid values are: - - `symmetric_encryption` - - `asymmetric_encryption` - - `asymmetric_signing` +- `project_id` (String, Optional) – The ID of the project the key belongs to. + +**Key Usage and Algorithm (both required):** + +- `usage` (String, Required) – The usage type of the key. Valid values: + - `symmetric_encryption` – For symmetric encryption operations + - `asymmetric_encryption` – For asymmetric encryption operations + - `asymmetric_signing` – For digital signing operations + +- `algorithm` (String, Required) – The cryptographic algorithm to use. Valid values depend on the `usage`: + - For `symmetric_encryption`: + - `aes_256_gcm` + - For `asymmetric_encryption`: + - `rsa_oaep_2048_sha256` + - `rsa_oaep_3072_sha256` + - `rsa_oaep_4096_sha256` + - For `asymmetric_signing`: + - `ec_p256_sha256` + - `rsa_pss_2048_sha256` + - `rsa_pkcs1_2048_sha256` + +**Other arguments:** + - `description` (String, Optional) – A description for the key. - `tags` (List of String, Optional) – A list of tags to assign to the key. - `unprotected` (Boolean, Optional) – If `true`, the key can be deleted. Defaults to `false` (protected). @@ -58,8 +105,6 @@ In addition to all arguments above, the following attributes are exported: - `protected` – Whether the key is protected from deletion. - `locked` – Whether the key is locked. - `rotated_at` – The date and time when the key was last rotated. -- `origin_read` – The origin of the key as returned by the API. -- `region_read` – The region of the key as returned by the API. - `rotation_policy` (Block) - `rotation_period` – The period between key rotations. - `next_rotation_at` – The date and time of the next scheduled rotation. @@ -78,15 +123,5 @@ terraform import scaleway_key_manager_key.main fr-par/11111111-2222-3333-4444-55 - **Rotation Policy**: The `rotation_policy` block allows you to set automatic rotation for your key. - **Origin**: The `origin` argument is optional and defaults to `scaleway_kms`. Use `external` if you want to import an external key (see Scaleway documentation for details). - **Project and Region**: If not specified, `project_id` and `region` will default to the provider configuration. +- **Algorithm Validation**: The provider validates that the specified `algorithm` is compatible with the `usage` type at plan time, providing early feedback on configuration errors. -## Example: Asymmetric Key - -```terraform -resource "scaleway_key_manager_key" "asym" { - name = "asymmetric-key" - region = "fr-par" - usage = "asymmetric_signing" - description = "Key for signing documents" - unprotected = true -} -```