Search in sources :

Example 1 with KeyManagementServiceBlockingStub

use of com.google.cloud.kms.v1.KeyManagementServiceGrpc.KeyManagementServiceBlockingStub in project java-storage by googleapis.

the class ITStorageTest method prepareKmsKeys.

private static void prepareKmsKeys() throws IOException {
    // https://cloud.google.com/storage/docs/encryption/using-customer-managed-keys
    String projectId = remoteStorageHelper.getOptions().getProjectId();
    GoogleCredentials credentials = GoogleCredentials.getApplicationDefault();
    ManagedChannel kmsChannel = ManagedChannelBuilder.forTarget("cloudkms.googleapis.com:443").build();
    KeyManagementServiceBlockingStub kmsStub = KeyManagementServiceGrpc.newBlockingStub(kmsChannel).withCallCredentials(MoreCallCredentials.from(credentials));
    IAMPolicyGrpc.IAMPolicyBlockingStub iamStub = IAMPolicyGrpc.newBlockingStub(kmsChannel).withCallCredentials(MoreCallCredentials.from(credentials));
    ensureKmsKeyRingExistsForTests(kmsStub, projectId, KMS_KEY_RING_LOCATION, KMS_KEY_RING_NAME);
    ensureKmsKeyRingIamPermissionsForTests(iamStub, projectId, KMS_KEY_RING_LOCATION, KMS_KEY_RING_NAME);
    kmsKeyOneResourcePath = ensureKmsKeyExistsForTests(kmsStub, projectId, KMS_KEY_RING_LOCATION, KMS_KEY_RING_NAME, KMS_KEY_ONE_NAME);
    kmsKeyTwoResourcePath = ensureKmsKeyExistsForTests(kmsStub, projectId, KMS_KEY_RING_LOCATION, KMS_KEY_RING_NAME, KMS_KEY_TWO_NAME);
}
Also used : GoogleCredentials(com.google.auth.oauth2.GoogleCredentials) ManagedChannel(io.grpc.ManagedChannel) IAMPolicyGrpc(com.google.iam.v1.IAMPolicyGrpc) KeyManagementServiceBlockingStub(com.google.cloud.kms.v1.KeyManagementServiceGrpc.KeyManagementServiceBlockingStub)

Example 2 with KeyManagementServiceBlockingStub

use of com.google.cloud.kms.v1.KeyManagementServiceGrpc.KeyManagementServiceBlockingStub in project java-storage by googleapis.

the class ITStorageTest method ensureKmsKeyExistsForTests.

private static String ensureKmsKeyExistsForTests(KeyManagementServiceBlockingStub kmsStub, String projectId, String location, String keyRingName, String keyName) throws StatusRuntimeException {
    String kmsKeyResourcePath = CryptoKeyName.of(projectId, location, keyRingName, keyName).toString();
    try {
        // Attempt to Get CryptoKey
        requestParamsHeader.put(requestParamsKey, "name=" + kmsKeyResourcePath);
        GetCryptoKeyRequest getCryptoKeyRequest = GetCryptoKeyRequest.newBuilder().setName(kmsKeyResourcePath).build();
        KeyManagementServiceGrpc.KeyManagementServiceBlockingStub stubForGetCryptoKey = MetadataUtils.attachHeaders(kmsStub, requestParamsHeader);
        stubForGetCryptoKey.getCryptoKey(getCryptoKeyRequest);
    } catch (StatusRuntimeException ex) {
        if (ex.getStatus().getCode() == Status.Code.NOT_FOUND) {
            String kmsKeyRingResourcePath = KeyRingName.of(projectId, location, keyRingName).toString();
            CryptoKey cryptoKey = CryptoKey.newBuilder().setPurpose(CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT).build();
            CreateCryptoKeyRequest createCryptoKeyRequest = CreateCryptoKeyRequest.newBuilder().setCryptoKeyId(keyName).setParent(kmsKeyRingResourcePath).setCryptoKey(cryptoKey).build();
            requestParamsHeader.put(requestParamsKey, "parent=" + kmsKeyRingResourcePath);
            KeyManagementServiceGrpc.KeyManagementServiceBlockingStub stubForCreateCryptoKey = MetadataUtils.attachHeaders(kmsStub, requestParamsHeader);
            stubForCreateCryptoKey.createCryptoKey(createCryptoKeyRequest);
        } else {
            throw ex;
        }
    }
    return kmsKeyResourcePath;
}
Also used : GetCryptoKeyRequest(com.google.cloud.kms.v1.GetCryptoKeyRequest) KeyManagementServiceBlockingStub(com.google.cloud.kms.v1.KeyManagementServiceGrpc.KeyManagementServiceBlockingStub) StatusRuntimeException(io.grpc.StatusRuntimeException) CryptoKey(com.google.cloud.kms.v1.CryptoKey) KeyManagementServiceGrpc(com.google.cloud.kms.v1.KeyManagementServiceGrpc) CreateCryptoKeyRequest(com.google.cloud.kms.v1.CreateCryptoKeyRequest) KeyManagementServiceBlockingStub(com.google.cloud.kms.v1.KeyManagementServiceGrpc.KeyManagementServiceBlockingStub)

Example 3 with KeyManagementServiceBlockingStub

use of com.google.cloud.kms.v1.KeyManagementServiceGrpc.KeyManagementServiceBlockingStub in project java-storage by googleapis.

the class ITStorageTest method ensureKmsKeyRingExistsForTests.

private static String ensureKmsKeyRingExistsForTests(KeyManagementServiceBlockingStub kmsStub, String projectId, String location, String keyRingName) throws StatusRuntimeException {
    String kmsKeyRingResourcePath = KeyRingName.of(projectId, location, keyRingName).toString();
    try {
        // Attempt to Get KeyRing
        GetKeyRingRequest getKeyRingRequest = GetKeyRingRequest.newBuilder().setName(kmsKeyRingResourcePath).build();
        requestParamsHeader.put(requestParamsKey, "name=" + kmsKeyRingResourcePath);
        KeyManagementServiceBlockingStub stubForGetKeyRing = MetadataUtils.attachHeaders(kmsStub, requestParamsHeader);
        stubForGetKeyRing.getKeyRing(getKeyRingRequest);
    } catch (StatusRuntimeException ex) {
        if (ex.getStatus().getCode() == Status.Code.NOT_FOUND) {
            // Create KmsKeyRing
            String keyRingParent = LocationName.of(projectId, location).toString();
            CreateKeyRingRequest createKeyRingRequest = CreateKeyRingRequest.newBuilder().setParent(keyRingParent).setKeyRingId(keyRingName).build();
            requestParamsHeader.put(requestParamsKey, "parent=" + keyRingParent);
            KeyManagementServiceBlockingStub stubForCreateKeyRing = MetadataUtils.attachHeaders(kmsStub, requestParamsHeader);
            stubForCreateKeyRing.createKeyRing(createKeyRingRequest);
        } else {
            throw ex;
        }
    }
    return kmsKeyRingResourcePath;
}
Also used : GetKeyRingRequest(com.google.cloud.kms.v1.GetKeyRingRequest) CreateKeyRingRequest(com.google.cloud.kms.v1.CreateKeyRingRequest) StatusRuntimeException(io.grpc.StatusRuntimeException) KeyManagementServiceBlockingStub(com.google.cloud.kms.v1.KeyManagementServiceGrpc.KeyManagementServiceBlockingStub)

Aggregations

KeyManagementServiceBlockingStub (com.google.cloud.kms.v1.KeyManagementServiceGrpc.KeyManagementServiceBlockingStub)3 StatusRuntimeException (io.grpc.StatusRuntimeException)2 GoogleCredentials (com.google.auth.oauth2.GoogleCredentials)1 CreateCryptoKeyRequest (com.google.cloud.kms.v1.CreateCryptoKeyRequest)1 CreateKeyRingRequest (com.google.cloud.kms.v1.CreateKeyRingRequest)1 CryptoKey (com.google.cloud.kms.v1.CryptoKey)1 GetCryptoKeyRequest (com.google.cloud.kms.v1.GetCryptoKeyRequest)1 GetKeyRingRequest (com.google.cloud.kms.v1.GetKeyRingRequest)1 KeyManagementServiceGrpc (com.google.cloud.kms.v1.KeyManagementServiceGrpc)1 IAMPolicyGrpc (com.google.iam.v1.IAMPolicyGrpc)1 ManagedChannel (io.grpc.ManagedChannel)1