use of com.google.cloud.kms.v1.KeyManagementServiceGrpc.KeyManagementServiceBlockingStub in project java-storage by googleapis.
the class ITStorageTest method prepareKmsKeys.
private static void prepareKmsKeys() throws IOException {
// https://cloud.google.com/storage/docs/encryption/using-customer-managed-keys
String projectId = remoteStorageHelper.getOptions().getProjectId();
GoogleCredentials credentials = GoogleCredentials.getApplicationDefault();
ManagedChannel kmsChannel = ManagedChannelBuilder.forTarget("cloudkms.googleapis.com:443").build();
KeyManagementServiceBlockingStub kmsStub = KeyManagementServiceGrpc.newBlockingStub(kmsChannel).withCallCredentials(MoreCallCredentials.from(credentials));
IAMPolicyGrpc.IAMPolicyBlockingStub iamStub = IAMPolicyGrpc.newBlockingStub(kmsChannel).withCallCredentials(MoreCallCredentials.from(credentials));
ensureKmsKeyRingExistsForTests(kmsStub, projectId, KMS_KEY_RING_LOCATION, KMS_KEY_RING_NAME);
ensureKmsKeyRingIamPermissionsForTests(iamStub, projectId, KMS_KEY_RING_LOCATION, KMS_KEY_RING_NAME);
kmsKeyOneResourcePath = ensureKmsKeyExistsForTests(kmsStub, projectId, KMS_KEY_RING_LOCATION, KMS_KEY_RING_NAME, KMS_KEY_ONE_NAME);
kmsKeyTwoResourcePath = ensureKmsKeyExistsForTests(kmsStub, projectId, KMS_KEY_RING_LOCATION, KMS_KEY_RING_NAME, KMS_KEY_TWO_NAME);
}
use of com.google.cloud.kms.v1.KeyManagementServiceGrpc.KeyManagementServiceBlockingStub in project java-storage by googleapis.
the class ITStorageTest method ensureKmsKeyExistsForTests.
private static String ensureKmsKeyExistsForTests(KeyManagementServiceBlockingStub kmsStub, String projectId, String location, String keyRingName, String keyName) throws StatusRuntimeException {
String kmsKeyResourcePath = CryptoKeyName.of(projectId, location, keyRingName, keyName).toString();
try {
// Attempt to Get CryptoKey
requestParamsHeader.put(requestParamsKey, "name=" + kmsKeyResourcePath);
GetCryptoKeyRequest getCryptoKeyRequest = GetCryptoKeyRequest.newBuilder().setName(kmsKeyResourcePath).build();
KeyManagementServiceGrpc.KeyManagementServiceBlockingStub stubForGetCryptoKey = MetadataUtils.attachHeaders(kmsStub, requestParamsHeader);
stubForGetCryptoKey.getCryptoKey(getCryptoKeyRequest);
} catch (StatusRuntimeException ex) {
if (ex.getStatus().getCode() == Status.Code.NOT_FOUND) {
String kmsKeyRingResourcePath = KeyRingName.of(projectId, location, keyRingName).toString();
CryptoKey cryptoKey = CryptoKey.newBuilder().setPurpose(CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT).build();
CreateCryptoKeyRequest createCryptoKeyRequest = CreateCryptoKeyRequest.newBuilder().setCryptoKeyId(keyName).setParent(kmsKeyRingResourcePath).setCryptoKey(cryptoKey).build();
requestParamsHeader.put(requestParamsKey, "parent=" + kmsKeyRingResourcePath);
KeyManagementServiceGrpc.KeyManagementServiceBlockingStub stubForCreateCryptoKey = MetadataUtils.attachHeaders(kmsStub, requestParamsHeader);
stubForCreateCryptoKey.createCryptoKey(createCryptoKeyRequest);
} else {
throw ex;
}
}
return kmsKeyResourcePath;
}
use of com.google.cloud.kms.v1.KeyManagementServiceGrpc.KeyManagementServiceBlockingStub in project java-storage by googleapis.
the class ITStorageTest method ensureKmsKeyRingExistsForTests.
private static String ensureKmsKeyRingExistsForTests(KeyManagementServiceBlockingStub kmsStub, String projectId, String location, String keyRingName) throws StatusRuntimeException {
String kmsKeyRingResourcePath = KeyRingName.of(projectId, location, keyRingName).toString();
try {
// Attempt to Get KeyRing
GetKeyRingRequest getKeyRingRequest = GetKeyRingRequest.newBuilder().setName(kmsKeyRingResourcePath).build();
requestParamsHeader.put(requestParamsKey, "name=" + kmsKeyRingResourcePath);
KeyManagementServiceBlockingStub stubForGetKeyRing = MetadataUtils.attachHeaders(kmsStub, requestParamsHeader);
stubForGetKeyRing.getKeyRing(getKeyRingRequest);
} catch (StatusRuntimeException ex) {
if (ex.getStatus().getCode() == Status.Code.NOT_FOUND) {
// Create KmsKeyRing
String keyRingParent = LocationName.of(projectId, location).toString();
CreateKeyRingRequest createKeyRingRequest = CreateKeyRingRequest.newBuilder().setParent(keyRingParent).setKeyRingId(keyRingName).build();
requestParamsHeader.put(requestParamsKey, "parent=" + keyRingParent);
KeyManagementServiceBlockingStub stubForCreateKeyRing = MetadataUtils.attachHeaders(kmsStub, requestParamsHeader);
stubForCreateKeyRing.createKeyRing(createKeyRingRequest);
} else {
throw ex;
}
}
return kmsKeyRingResourcePath;
}
Aggregations