bool is_valid_kms_key

bool is_valid_kms_key_arn()

in aws-encryption-sdk-cpp/source/cpputils.cpp [179:211]
15 lines of code
10 McCabe index (conditional complexity)

bool is_valid_kms_key_arn(const Aws::Utils::ARN &key_arn) {
    if (!(
            //= compliance/framework/aws-kms/aws-kms-key-arn.txt#2.5
            //# MUST start with string "arn"
            bool(key_arn)
            //= compliance/framework/aws-kms/aws-kms-key-arn.txt#2.5
            //# The partition MUST be a non-empty
            && key_arn.GetPartition().size() > 0
            //= compliance/framework/aws-kms/aws-kms-key-arn.txt#2.5
            //# The service MUST be the string "kms"
            && key_arn.GetService() == "kms"
            //= compliance/framework/aws-kms/aws-kms-key-arn.txt#2.5
            //# The region MUST be a non-empty string
            && key_arn.GetRegion().size() > 0
            //= compliance/framework/aws-kms/aws-kms-key-arn.txt#2.5
            //# The account MUST be a non-empty string
            && key_arn.GetAccountId().size() > 0
            //= compliance/framework/aws-kms/aws-kms-key-arn.txt#2.5
            //# The resource section MUST be non-empty and MUST be split by a
            //# single "/" any additional "/" are included in the resource id
            && key_arn.GetResource().size() > 0)) {
        return false;
    }

    const auto resource_parts = split_arn_resource(key_arn.GetResource());
    return resource_parts.size() == 2
           //= compliance/framework/aws-kms/aws-kms-key-arn.txt#2.5
           //# The resource type MUST be either "alias" or "key"
           && (resource_parts[0] == "alias" || resource_parts[0] == "key")
           //= compliance/framework/aws-kms/aws-kms-key-arn.txt#2.5
           //# The resource id MUST be a non-empty string
           && resource_parts[1].size() > 0;
}