search

localstack / localstack

💻 A fully functional local AWS cloud stack. Develop and test your cloud & Serverless apps offline
https://localstack.cloud
Other
56.6k stars 4.03k forks source link

bug: kms create-key with tags don't appear in resourcegrouptagging API #11922

Open jvilhuber opened 4 days ago

jvilhuber commented 4 days ago

Is there an existing issue for this?

Current Behavior

I ran the command

aws --endpoint-url=http://localhost:4566 kms create-key --key-spec RSA_2048 --tags '[{"TagKey":"source","TagValue":"key-management-service"}, {"TagKey": "keyId", "TagValue": "deadbeef"}, {"TagKey": "label", "TagValue": "testkey"}]' --description "Key generated by key-management-service" --key-usage=SIGN_VERIFY

I can see the key with 

aws --endpoint-url=http://localhost:4566 kms list-keys

output:

{
    "Keys": [
        {
            "KeyId": "5f17ba09-6c11-47b1-9680-a340d17b2810",
            "KeyArn": "arn:aws:kms:us-west-2:000000000000:key/5f17ba09-6c11-47b1-9680-a340d17b2810"
        }
    ]
}

But I can't find them with the resourcegroupstaggingapi:

aws --endpoint-url=http://localhost:4566 resourcegroupstaggingapi get-resources --resource-type-filters "kms:key" --tag-filters Key=source,Values=key-management-service

Output:

{
    "ResourceTagMappingList": []
}

In AWS itself, I do get this result:

$ aws resourcegroupstaggingapi get-resources --resource-type-filters "kms:key" --tag-filters Key=source,Values=key-management-service
{
    "ResourceTagMappingList": [
        {
            "ResourceARN": "arn:aws:kms:us-east-1:123456789:key/ced8cd91-4dc8-4dd3-9684-6ddf81cb0aa9",
            "Tags": [
                {
                    "Key": "keyId",
                    "Value": "deadbeef"
                },
                {
                    "Key": "label",
                    "Value": "testkey"
                },
                {
                    "Key": "source",
                    "Value": "key-management-service"
                }
            ]
        },....

Expected Behavior

As far as I understand the resourcegroupstaggingapi, I should be able to get the ARNs of the KMS key with the filters above.

How are you starting LocalStack?

Custom (please describe below)

Steps To Reproduce

I launched localstack with the helm chart via tilt.

load('ext://helm_remote', 'helm_remote')
helm_remote('localstack', repo_url='https://helm.localstack.cloud', set=['debug=false'])
k8s_resource('localstack', port_forwards=['4566:4566'])

Output on startup:

LocalStack version: 4.0.3.dev4
LocalStack build date: 2024-11-25
LocalStack build git hash: 08ad92b19

Then run the commands above.

Environment

- OS: docker-desktop mac os
- LocalStack:
LocalStack version: 4.0.3.dev4
LocalStack build date: 2024-11-25
LocalStack build git hash: 08ad92b19

[event: pod localstack-7bd66957cf-lf4tj] Pulling image "localstack/localstack:latest"
[event: pod localstack-7bd66957cf-lf4tj] Successfully pulled image "localstack/localstack:latest" in 1m1.432s (1m1.432s including waiting). Image size: 487849163 bytes.

Anything else?

No response

localstack-bot commented 4 days ago

Welcome to LocalStack! Thanks for reporting your first issue and our team will be working towards fixing the issue for you or reach out for more background information. We recommend joining our Slack Community for real-time help and drop a message to LocalStack Pro Support if you are a Pro user! If you are willing to contribute towards fixing this issue, please have a look at our contributing guidelines and our contributing guide.