def Run(self, args): client = cloudkms_base.GetClientInstance() messages = cloudkms_base.GetMessagesModule() crypto_key_ref = flags.ParseCryptoKeyName(args) parent_ref = flags.ParseParentFromResource(crypto_key_ref) req = messages.CloudkmsProjectsLocationsKeyRingsCryptoKeysCreateRequest( parent=parent_ref.RelativeName(), cryptoKeyId=crypto_key_ref.Name(), cryptoKey=messages.CryptoKey( # TODO(b/35914817): Find a better way to get the enum value by name. purpose=getattr(messages.CryptoKey.PurposeValueValuesEnum, PURPOSE_MAP[args.purpose]), labels=labels_util.UpdateLabels( None, messages.CryptoKey.LabelsValue, update_labels=labels_util.GetUpdateLabelsDictFromArgs( args))), ) flags.SetNextRotationTime(args, req.cryptoKey) flags.SetRotationPeriod(args, req.cryptoKey) return client.projects_locations_keyRings_cryptoKeys.Create(req)
def Run(self, args): client = cloudkms_base.GetClientInstance() messages = cloudkms_base.GetMessagesModule() key_ring_ref = flags.ParseKeyRingName(args) parent_ref = flags.ParseParentFromResource(key_ring_ref) req = messages.CloudkmsProjectsLocationsKeyRingsCreateRequest( parent=parent_ref.RelativeName(), keyRingId=key_ring_ref.Name(), keyRing=messages.KeyRing()) return client.projects_locations_keyRings.Create(req)
def _CreateRequest(self, args): messages = cloudkms_base.GetMessagesModule() purpose = maps.PURPOSE_MAP[args.purpose] valid_algorithms = maps.VALID_ALGORITHMS_MAP[purpose] # Check default algorithm has been specified for asymmetric keys. For # backward compatibility, the algorithm is google-symmetric-encryption by # default if the purpose is encryption. if not args.default_algorithm: if args.purpose != 'encryption': raise exceptions.ToolException( '--default-algorithm needs to be specified when creating a key with' ' --purpose={}. The valid algorithms are: {}'.format( args.purpose, ', '.join(valid_algorithms))) args.default_algorithm = 'google-symmetric-encryption' # Check default algorithm and purpose are compatible. if args.default_algorithm not in valid_algorithms: raise exceptions.ToolException( 'Default algorithm and purpose are incompatible. Here are the valid ' 'algorithms for --purpose={}: {}'.format( args.purpose, ', '.join(valid_algorithms))) # Raise exception if attestations are requested for software key. if args.attestation_file and args.protection_level != 'hsm': raise exceptions.ToolException( '--attestation-file requires --protection-level=hsm.') crypto_key_ref = flags.ParseCryptoKeyName(args) parent_ref = flags.ParseParentFromResource(crypto_key_ref) req = messages.CloudkmsProjectsLocationsKeyRingsCryptoKeysCreateRequest( parent=parent_ref.RelativeName(), cryptoKeyId=crypto_key_ref.Name(), cryptoKey=messages.CryptoKey( purpose=purpose, versionTemplate=messages.CryptoKeyVersionTemplate( # TODO(b/35914817): Find a better way to get the enum value by # name. protectionLevel=maps.PROTECTION_LEVEL_MAPPER. GetEnumForChoice(args.protection_level), algorithm=maps.ALGORITHM_MAPPER.GetEnumForChoice( args.default_algorithm)), labels=labels_util.ParseCreateArgs( args, messages.CryptoKey.LabelsValue))) flags.SetNextRotationTime(args, req.cryptoKey) flags.SetRotationPeriod(args, req.cryptoKey) return req
def _CreateRequest(self, args): messages = cloudkms_base.GetMessagesModule() crypto_key_ref = flags.ParseCryptoKeyName(args) parent_ref = flags.ParseParentFromResource(crypto_key_ref) req = messages.CloudkmsProjectsLocationsKeyRingsCryptoKeysCreateRequest( parent=parent_ref.RelativeName(), cryptoKeyId=crypto_key_ref.Name(), cryptoKey=messages.CryptoKey( # TODO(b/35914817): Find a better way to get the enum value by name. purpose=maps.PURPOSE_MAP[args.purpose], labels=labels_util.ParseCreateArgs( args, messages.CryptoKey.LabelsValue))) flags.SetNextRotationTime(args, req.cryptoKey) flags.SetRotationPeriod(args, req.cryptoKey) return req
def _CreateRequest(self, args): messages = cloudkms_base.GetMessagesModule() if not args.protection_level: raise exceptions.ToolException( "--protection-level needs to be specified when creating an import job" ) if not args.import_method: raise exceptions.ToolException( "--import-method needs to be specified when creating an import job") import_job_ref = flags.ParseImportJobName(args) parent_ref = flags.ParseParentFromResource(import_job_ref) return messages.CloudkmsProjectsLocationsKeyRingsImportJobsCreateRequest( parent=parent_ref.RelativeName(), importJobId=import_job_ref.Name(), importJob=messages.ImportJob( protectionLevel=maps.IMPORT_PROTECTION_LEVEL_MAPPER .GetEnumForChoice(args.protection_level), importMethod=maps.IMPORT_METHOD_MAPPER.GetEnumForChoice( args.import_method)))