🧹 Improve KMS key error message.

Signed-off-by: Vasil Sirakov <sirakov97@gmail.com>

Author: VasilSirakov

providers/aws/resources/aws_cloudtrail.go

@@ -185,13 +185,13 @@ func (a *mqlAwsCloudtrailTrail) logGroup() (*mqlAwsCloudwatchLoggroup, error) {
 func (a *mqlAwsCloudtrailTrail) kmsKey() (*mqlAwsKmsKey, error) {
 	// add kms key if there is one
 	if a.trailCache.KmsKeyId != nil {
-		mqlKeyResource, err := NewResource(a.MqlRuntime, "aws.kms.key",
+		mqlKeyResource, err := NewResource(a.MqlRuntime, ResourceAwsKmsKey,
 			map[string]*llx.RawData{"arn": llx.StringDataPtr(a.trailCache.KmsKeyId)},
 		)
 		if err == nil {
 			return mqlKeyResource.(*mqlAwsKmsKey), nil
 		} else {
-			log.Error().Err(err).Msg("cannot get key")
+			log.Error().Err(err).Msg("could not create KMS key resource")
 		}
 	}
 	a.KmsKey.State = plugin.StateIsSet | plugin.StateIsNull

providers/aws/resources/aws_kms.go

@@ -6,6 +6,7 @@ package resources
 import (
 	"context"
 	"errors"
+	"fmt"
 
 	"github.com/aws/aws-sdk-go-v2/aws/arn"
 	"github.com/aws/aws-sdk-go-v2/service/kms"
@@ -187,10 +188,10 @@ func initAwsKmsKey(runtime *plugin.Runtime, args map[string]*llx.RawData) (map[s
 	arnVal, err := arn.Parse(a)
 	if arnVal.AccountID != runtime.Connection.(*connection.AwsConnection).AccountId() {
 		// sometimes there are references to keys in other accounts, like the master account of an org
-		return nil, nil, errors.New("no access to key")
+		return nil, nil, fmt.Errorf("cannot access key from a different AWS account %q", arnVal.AccountID)
 	}
 
-	obj, err := CreateResource(runtime, "aws.kms", map[string]*llx.RawData{})
+	obj, err := CreateResource(runtime, ResourceAwsKms, map[string]*llx.RawData{})
 	if err != nil {
 		return nil, nil, err
 	}