Update tests to use bootstrapped KMS keys (#12609) (#877)

[upstream:0974a52691872c92d017186d92f29420f2b3bdf1]

Signed-off-by: Modular Magician <[email protected]>

Author: modular-magician

dataproc_metastore_service_cmek_test/main.tf

@@ -8,7 +8,7 @@ resource "google_dataproc_metastore_service" "default" {
   location   = "us-central1"
 
   encryption_config {
-    kms_key = google_kms_crypto_key.crypto_key.id
+    kms_key = "acctest.BootstrapKMSKeyWithPurposeInLocationAndName(t, "ENCRYPT_DECRYPT", "us-central1", "tf-bootstrap-metastore-service-key1").CryptoKey.Name-${local.name_suffix}"
   }
 
   hive_metastore_config {
@@ -21,27 +21,15 @@ resource "google_dataproc_metastore_service" "default" {
   ]
 }
 
-resource "google_kms_crypto_key" "crypto_key" {
-  name     = "example-key-${local.name_suffix}"
-  key_ring = google_kms_key_ring.key_ring.id
-
-  purpose  = "ENCRYPT_DECRYPT"
-}
-
-resource "google_kms_key_ring" "key_ring" {
-  name     = "example-keyring-${local.name_suffix}"
-  location = "us-central1"
-}
-
 resource "google_kms_crypto_key_iam_member" "crypto_key_member_1" {
-  crypto_key_id = google_kms_crypto_key.crypto_key.id
+  crypto_key_id = "acctest.BootstrapKMSKeyWithPurposeInLocationAndName(t, "ENCRYPT_DECRYPT", "us-central1", "tf-bootstrap-metastore-service-key1").CryptoKey.Name-${local.name_suffix}"
   role          = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
 
   member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-metastore.iam.gserviceaccount.com"
 }
 
 resource "google_kms_crypto_key_iam_member" "crypto_key_member_2" {
-  crypto_key_id = google_kms_crypto_key.crypto_key.id
+  crypto_key_id = "acctest.BootstrapKMSKeyWithPurposeInLocationAndName(t, "ENCRYPT_DECRYPT", "us-central1", "tf-bootstrap-metastore-service-key1").CryptoKey.Name-${local.name_suffix}"
   role          = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
 
   member = "serviceAccount:${data.google_storage_project_service_account.gcs_account.email_address}"

kmsConfig_create/main.tf

@@ -1,17 +1,6 @@
-resource "google_kms_key_ring" "keyring" {
-  name     = "key-ring-${local.name_suffix}"
-  location = "us-central1"
-}
-
-resource "google_kms_crypto_key" "crypto_key" {
-  name            = "crypto-name-${local.name_suffix}"
-  key_ring        = google_kms_key_ring.keyring.id
-  # rotation_period = "7776000s"
-}
-
 resource "google_netapp_kmsconfig" "kmsConfig" {
   name = "kms-test-${local.name_suffix}"
   description="this is a test description"
-  crypto_key_name=google_kms_crypto_key.crypto_key.id
+  crypto_key_name="crypto-name-${local.name_suffix}"
   location="us-central1"
 }

secure_source_manager_instance_cmek/main.tf

@@ -1,15 +1,5 @@
-resource "google_kms_key_ring" "key_ring" {
-  name     = "my-keyring-${local.name_suffix}"
-  location = "us-central1"
-}
-
-resource "google_kms_crypto_key" "crypto_key" {
-  name     = "my-key-${local.name_suffix}"
-  key_ring = google_kms_key_ring.key_ring.id
-}
-
 resource "google_kms_crypto_key_iam_member" "crypto_key_binding" {
-  crypto_key_id = google_kms_crypto_key.crypto_key.id
+  crypto_key_id = "my-key-${local.name_suffix}"
   role          = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
 
   member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-sourcemanager.iam.gserviceaccount.com"
@@ -18,7 +8,7 @@ resource "google_kms_crypto_key_iam_member" "crypto_key_binding" {
 resource "google_secure_source_manager_instance" "default" {
     location = "us-central1"
     instance_id = "my-instance-${local.name_suffix}"
-    kms_key = google_kms_crypto_key.crypto_key.id
+    kms_key = "my-key-${local.name_suffix}"
 
     depends_on = [
       google_kms_crypto_key_iam_member.crypto_key_binding