From 9eef74dc89e0084b9d693a0a528afca44f8d2f19 Mon Sep 17 00:00:00 2001
From: Eugene Zagidullin <e.asphyx@gmail.com>
Date: Mon, 17 Jul 2023 20:55:33 +0300
Subject: [PATCH] AWS GetPublicKey error handling fix (#389)

---
 pkg/vault/aws/awskms.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/pkg/vault/aws/awskms.go b/pkg/vault/aws/awskms.go
index 02fdb784..b0469c06 100644
--- a/pkg/vault/aws/awskms.go
+++ b/pkg/vault/aws/awskms.go
@@ -108,7 +108,11 @@ func (i *awsKMSIterator) Next() (key vault.StoredKey, err error) {
 
 		if err == nil {
 			return key, nil
-		} else if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() != "AccessDeniedException" || err != crypt.ErrUnsupportedKeyType {
+		} else if awsErr, ok := err.(awserr.Error); ok {
+			if awsErr.Code() != "AccessDeniedException" {
+				return nil, err
+			}
+		} else if err != crypt.ErrUnsupportedKeyType {
 			return nil, err
 		}
 	}