1414import os
1515
1616import botocore .session
17+ import pytest
1718
1819from aws_encryption_sdk .key_providers .kms import KMSMasterKeyProvider
20+ from aws_encryption_sdk .keyrings .aws_kms import KmsKeyring
1921
2022AWS_KMS_KEY_ID = "AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID"
2123_KMS_MKP = None
2224_KMS_MKP_BOTO = None
25+ _KMS_KEYRING = None
2326
2427
2528def get_cmk_arn ():
@@ -37,7 +40,7 @@ def get_cmk_arn():
3740
3841
3942def setup_kms_master_key_provider (cache = True ):
40- """Reads the test_values config file and builds the requested KMS Master Key Provider."""
43+ """Build an AWS KMS Master Key Provider."""
4144 global _KMS_MKP # pylint: disable=global-statement
4245 if cache and _KMS_MKP is not None :
4346 return _KMS_MKP
@@ -53,7 +56,7 @@ def setup_kms_master_key_provider(cache=True):
5356
5457
5558def setup_kms_master_key_provider_with_botocore_session (cache = True ):
56- """Reads the test_values config file and builds the requested KMS Master Key Provider with botocore_session."""
59+ """Build an AWS KMS Master Key Provider with an explicit botocore_session."""
5760 global _KMS_MKP_BOTO # pylint: disable=global-statement
5861 if cache and _KMS_MKP_BOTO is not None :
5962 return _KMS_MKP_BOTO
@@ -66,3 +69,29 @@ def setup_kms_master_key_provider_with_botocore_session(cache=True):
6669 _KMS_MKP_BOTO = kms_master_key_provider
6770
6871 return kms_master_key_provider
72+
73+
74+ def build_aws_kms_keyring (generate = True , cache = True ):
75+ """Build an AWS KMS keyring."""
76+ global _KMS_KEYRING # pylint: disable=global-statement
77+ if cache and _KMS_KEYRING is not None :
78+ return _KMS_KEYRING
79+
80+ cmk_arn = get_cmk_arn ()
81+
82+ if generate :
83+ kwargs = dict (generator_key_id = cmk_arn )
84+ else :
85+ kwargs = dict (child_key_ids = [cmk_arn ])
86+
87+ keyring = KmsKeyring (** kwargs )
88+
89+ if cache :
90+ _KMS_KEYRING = keyring
91+
92+ return keyring
93+
94+
95+ @pytest .fixture
96+ def aws_kms_keyring ():
97+ return build_aws_kms_keyring ()
0 commit comments