def Run(self, args):
client = cloudkms_base.GetClientInstance()
messages = cloudkms_base.GetMessagesModule()
key_ring_ref = flags.ParseKeyRingName(args)
return client.projects_locations_keyRings.Get(
messages.CloudkmsProjectsLocationsKeyRingsGetRequest(
name=key_ring_ref.RelativeName()))
def Run(self, args):
messages = cloudkms_base.GetMessagesModule()
policy = iam_util.ParseJsonPolicyFile(args.policy_file,
messages.Policy)
return iam.SetKeyRingIamPolicy(flags.ParseKeyRingName(args), policy)
def Run(self, args):
messages = cloudkms_base.GetMessagesModule()
policy, update_mask = iam_util.ParseYamlOrJsonPolicyFile(
args.policy_file, messages.Policy)
keyring_ref = flags.ParseKeyRingName(args)
result = iam.SetKeyRingIamPolicy(keyring_ref, policy, update_mask)
iam_util.LogSetIamPolicy(keyring_ref.Name(), 'keyring')
return result
def Run(self, args):
client = cloudkms_base.GetClientInstance()
messages = cloudkms_base.GetMessagesModule()
key_ring_ref = flags.ParseKeyRingName(args)
if not key_ring_ref.Name():
raise exceptions.InvalidArgumentException('keyring',
'keyring id must be non-empty.')
return client.projects_locations_keyRings.Get(
messages.CloudkmsProjectsLocationsKeyRingsGetRequest(
name=key_ring_ref.RelativeName()))
def Run(self, args):
client = cloudkms_base.GetClientInstance()
messages = cloudkms_base.GetMessagesModule()
key_ring_ref = flags.ParseKeyRingName(args)
parent_ref = flags.ParseParentFromResource(key_ring_ref)
req = messages.CloudkmsProjectsLocationsKeyRingsCreateRequest(
parent=parent_ref.RelativeName(),
keyRingId=key_ring_ref.Name(),
keyRing=messages.KeyRing())
return client.projects_locations_keyRings.Create(req)
def Run(self, args):
client = cloudkms_base.GetClientInstance()
messages = cloudkms_base.GetMessagesModule()
key_ring_ref = flags.ParseKeyRingName(args)
req = messages.CloudkmsProjectsLocationsKeyRingsCreateRequest(
projectsId=key_ring_ref.projectsId,
locationsId=key_ring_ref.locationsId,
keyRingId=key_ring_ref.keyRingsId)
return client.projects_locations_keyRings.Create(req)
def Run(self, args):
client = cloudkms_base.GetClientInstance()
messages = cloudkms_base.GetMessagesModule()
key_ring_ref = flags.ParseKeyRingName(args)
request = messages.CloudkmsProjectsLocationsKeyRingsCryptoKeysListRequest(
parent=key_ring_ref.RelativeName())
return list_pager.YieldFromList(
client.projects_locations_keyRings_cryptoKeys,
request,
field='cryptoKeys',
limit=args.limit,
batch_size_attribute='pageSize')
def Run(self, args):
client = cloudkms_base.GetClientInstance()
messages = cloudkms_base.GetMessagesModule()
crypto_key_ref = flags.ParseCryptoKeyName(args)
parent_ref = flags.ParseKeyRingName(args)
req = messages.CloudkmsProjectsLocationsKeyRingsCryptoKeysCreateRequest(
parent=parent_ref.RelativeName(),
cryptoKeyId=crypto_key_ref.Name(),
cryptoKey=messages.CryptoKey(
# TODO(b/35914817): Find a better way to get the enum value by name.
purpose=getattr(messages.CryptoKey.PurposeValueValuesEnum,
PURPOSE_MAP[args.purpose]),),)
flags.SetNextRotationTime(args, req.cryptoKey)
flags.SetRotationPeriod(args, req.cryptoKey)
return client.projects_locations_keyRings_cryptoKeys.Create(req)
def Run(self, args):
return iam.GetKeyRingIamPolicy(flags.ParseKeyRingName(args))
def Run(self, args):
key_ring_ref = flags.ParseKeyRingName(args)
return iam.AddPolicyBindingToKeyRing(key_ring_ref, args.member,
args.role)
def Run(self, args):
return iam.RemovePolicyBindingFromKeyRing(flags.ParseKeyRingName(args),
args.member, args.role)
