Skip to content

Commit 2714ec1

Browse files
committed
Respect AwsProfile set in Keygroup Config
1 parent 9124783 commit 2714ec1

File tree

3 files changed

+8
-5
lines changed

3 files changed

+8
-5
lines changed

config/config.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -165,7 +165,7 @@ func getKeyGroupsFromCreationRule(cRule *creationRule, kmsEncryptionContext map[
165165
keyGroup = append(keyGroup, pgp.NewMasterKeyFromFingerprint(k))
166166
}
167167
for _, k := range group.KMS {
168-
keyGroup = append(keyGroup, kms.NewMasterKey(k.Arn, k.Role, k.Context))
168+
keyGroup = append(keyGroup, kms.NewMasterKey(k.Arn, k.Role, k.Context, k.AwsProfile))
169169
}
170170
for _, k := range group.GCPKMS {
171171
keyGroup = append(keyGroup, gcpkms.NewMasterKeyFromResourceID(k.ResourceID))

config/config_test.go

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -93,6 +93,7 @@ creation_rules:
9393
key_groups:
9494
- kms:
9595
- arn: foo
96+
aws_profile: bar
9697
pgp:
9798
- bar
9899
gcp_kms:
@@ -105,6 +106,7 @@ creation_rules:
105106
- 'https://foo.vault:8200/v1/foo/keys/foo-key'
106107
- kms:
107108
- arn: baz
109+
aws_profile: foo
108110
pgp:
109111
- qux
110112
gcp_kms:
@@ -280,14 +282,14 @@ func TestLoadConfigFileWithGroups(t *testing.T) {
280282
PathRegex: "",
281283
KeyGroups: []keyGroup{
282284
{
283-
KMS: []kmsKey{{Arn: "foo"}},
285+
KMS: []kmsKey{{Arn: "foo", AwsProfile: "bar"}},
284286
PGP: []string{"bar"},
285287
GCPKMS: []gcpKmsKey{{ResourceID: "foo"}},
286288
AzureKV: []azureKVKey{{VaultURL: "https://foo.vault.azure.net", Key: "foo-key", Version: "fooversion"}},
287289
Vault: []string{"https://foo.vault:8200/v1/foo/keys/foo-key"},
288290
},
289291
{
290-
KMS: []kmsKey{{Arn: "baz"}},
292+
KMS: []kmsKey{{Arn: "baz", AwsProfile: "foo"}},
291293
PGP: []string{"qux"},
292294
GCPKMS: []gcpKmsKey{
293295
{ResourceID: "bar"},

kms/keysource.go

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -77,13 +77,14 @@ type MasterKey struct {
7777
epResolver aws.EndpointResolverWithOptions
7878
}
7979

80-
// NewMasterKey creates a new MasterKey from an ARN, role and context, setting
80+
// NewMasterKey creates a new MasterKey from an ARN, role, context and awsProfile, setting
8181
// the creation date to the current date.
82-
func NewMasterKey(arn string, role string, context map[string]*string) *MasterKey {
82+
func NewMasterKey(arn string, role string, context map[string]*string, awsProfile string) *MasterKey {
8383
return &MasterKey{
8484
Arn: arn,
8585
Role: role,
8686
EncryptionContext: context,
87+
AwsProfile: awsProfile,
8788
CreationDate: time.Now().UTC(),
8889
}
8990
}

0 commit comments

Comments
 (0)