google-cloud-kms 2.1.0 → 2.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.yardopts +1 -1
- data/AUTHENTICATION.md +15 -33
- data/lib/google/cloud/kms/version.rb +1 -1
- data/lib/google/cloud/kms.rb +54 -0
- metadata +13 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 387ffbafed11c8adfc5d53ab39c6ea4715a523e7660669d4e5c195af5d15b1a7
|
4
|
+
data.tar.gz: 6534e63d832bdf6e32b588b3a9d949ebe87fcb606d54fca3c68208100ef09a08
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f5248ba49fc23d406e368c443bae949e3eb6298a1b779497831b94baf4ece36f27eab758ec39493fa3766437e1ecbb8df0c25fa9d95deed3188aa98445447b29
|
7
|
+
data.tar.gz: 0d0b9bdf6a2dc84427e167d9b427133934177a59799e5d4192b95c9d07fb8d0faa502213e62096bd0a0d6b2a6052cd1c6775a33f7c0ad04d4c70afdede3a015f
|
data/.yardopts
CHANGED
data/AUTHENTICATION.md
CHANGED
@@ -66,11 +66,11 @@ The environment variables that google-cloud-kms
|
|
66
66
|
checks for credentials are configured on the service Credentials class (such as
|
67
67
|
`::Google::Cloud::Kms::V1::KeyManagementService::Credentials`):
|
68
68
|
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
69
|
+
* `KMS_CREDENTIALS` - Path to JSON file, or JSON contents
|
70
|
+
* `KMS_KEYFILE` - Path to JSON file, or JSON contents
|
71
|
+
* `GOOGLE_CLOUD_CREDENTIALS` - Path to JSON file, or JSON contents
|
72
|
+
* `GOOGLE_CLOUD_KEYFILE` - Path to JSON file, or JSON contents
|
73
|
+
* `GOOGLE_APPLICATION_CREDENTIALS` - Path to JSON file
|
74
74
|
|
75
75
|
```ruby
|
76
76
|
require "google/cloud/kms"
|
@@ -82,8 +82,8 @@ client = Google::Cloud::Kms.key_management_service
|
|
82
82
|
|
83
83
|
### Configuration
|
84
84
|
|
85
|
-
The **Credentials JSON** can be configured instead of
|
86
|
-
environment
|
85
|
+
The path to the **Credentials JSON** file can be configured instead of storing
|
86
|
+
it in an environment variable. Either on an individual client initialization:
|
87
87
|
|
88
88
|
```ruby
|
89
89
|
require "google/cloud/kms"
|
@@ -93,7 +93,7 @@ client = Google::Cloud::Kms.key_management_service do |config|
|
|
93
93
|
end
|
94
94
|
```
|
95
95
|
|
96
|
-
Or
|
96
|
+
Or globally for all clients:
|
97
97
|
|
98
98
|
```ruby
|
99
99
|
require "google/cloud/kms"
|
@@ -120,15 +120,6 @@ To configure your system for this, simply:
|
|
120
120
|
**NOTE:** This is _not_ recommended for running in production. The Cloud SDK
|
121
121
|
*should* only be used during development.
|
122
122
|
|
123
|
-
[gce-how-to]: https://cloud.google.com/compute/docs/authentication#using
|
124
|
-
[dev-console]: https://console.cloud.google.com/project
|
125
|
-
|
126
|
-
[enable-apis]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/enable-apis.png
|
127
|
-
|
128
|
-
[create-new-service-account]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/create-new-service-account.png
|
129
|
-
[create-new-service-account-existing-keys]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/create-new-service-account-existing-keys.png
|
130
|
-
[reuse-service-account]: https://raw.githubusercontent.com/GoogleCloudPlatform/gcloud-common/master/authentication/reuse-service-account.png
|
131
|
-
|
132
123
|
## Creating a Service Account
|
133
124
|
|
134
125
|
Google Cloud requires **Service Account Credentials** to
|
@@ -139,31 +130,22 @@ If you are not running this client within
|
|
139
130
|
[Google Cloud Platform environments](#google-cloud-platform-environments), you
|
140
131
|
need a Google Developers service account.
|
141
132
|
|
142
|
-
1. Visit the [Google
|
133
|
+
1. Visit the [Google Cloud Console](https://console.cloud.google.com/project).
|
143
134
|
2. Create a new project or click on an existing project.
|
144
|
-
3. Activate the
|
135
|
+
3. Activate the menu in the upper left and select **APIs & Services**. From
|
145
136
|
here, you will enable the APIs that your application requires.
|
146
137
|
|
147
|
-
![Enable the APIs that your application requires][enable-apis]
|
148
|
-
|
149
138
|
*Note: You may need to enable billing in order to use these services.*
|
150
139
|
|
151
140
|
4. Select **Credentials** from the side navigation.
|
152
141
|
|
153
|
-
|
154
|
-
|
155
|
-
![Create a new service account][create-new-service-account]
|
156
|
-
|
157
|
-
![Create a new service account With Existing Keys][create-new-service-account-existing-keys]
|
158
|
-
|
159
|
-
Find the "Add credentials" drop down and select "Service account" to be
|
160
|
-
guided through downloading a new JSON key file.
|
142
|
+
Find the "Create credentials" drop down near the top of the page, and select
|
143
|
+
"Service account" to be guided through downloading a new JSON key file.
|
161
144
|
|
162
145
|
If you want to re-use an existing service account, you can easily generate a
|
163
|
-
new key file. Just select the account you wish to re-use,
|
164
|
-
|
165
|
-
|
166
|
-
![Re-use an existing service account][reuse-service-account]
|
146
|
+
new key file. Just select the account you wish to re-use, click the pencil
|
147
|
+
tool on the right side to edit the service account, select the **Keys** tab,
|
148
|
+
and then select **Add Key**.
|
167
149
|
|
168
150
|
The key file you download will be used by this library to authenticate API
|
169
151
|
requests and should be stored in a secure location.
|
data/lib/google/cloud/kms.rb
CHANGED
@@ -85,6 +85,60 @@ module Google
|
|
85
85
|
package_module.const_get(:KeyManagementService).const_get(:Client).new(&block)
|
86
86
|
end
|
87
87
|
|
88
|
+
##
|
89
|
+
# Create a new client object for IAMPolicy.
|
90
|
+
#
|
91
|
+
# By default, this returns an instance of
|
92
|
+
# [Google::Cloud::Kms::V1::IAMPolicy::Client](https://googleapis.dev/ruby/google-cloud-kms-v1/latest/Google/Cloud/Kms/V1/IAMPolicy/Client.html)
|
93
|
+
# for version V1 of the API.
|
94
|
+
# However, you can specify specify a different API version by passing it in the
|
95
|
+
# `version` parameter. If the IAMPolicy service is
|
96
|
+
# supported by that API version, and the corresponding gem is available, the
|
97
|
+
# appropriate versioned client will be returned.
|
98
|
+
#
|
99
|
+
# ## About IAMPolicy
|
100
|
+
#
|
101
|
+
# ## API Overview
|
102
|
+
#
|
103
|
+
# Manages Identity and Access Management (IAM) policies.
|
104
|
+
#
|
105
|
+
# Any implementation of an API that offers access control features
|
106
|
+
# implements the google.iam.v1.IAMPolicy interface.
|
107
|
+
#
|
108
|
+
# ## Data model
|
109
|
+
#
|
110
|
+
# Access control is applied when a principal (user or service account), takes
|
111
|
+
# some action on a resource exposed by a service. Resources, identified by
|
112
|
+
# URI-like names, are the unit of access control specification. Service
|
113
|
+
# implementations can choose the granularity of access control and the
|
114
|
+
# supported permissions for their resources.
|
115
|
+
# For example one database service may allow access control to be
|
116
|
+
# specified only at the Table level, whereas another might allow access control
|
117
|
+
# to also be specified at the Column level.
|
118
|
+
#
|
119
|
+
# ## Policy Structure
|
120
|
+
#
|
121
|
+
# See google.iam.v1.Policy
|
122
|
+
#
|
123
|
+
# This is intentionally not a CRUD style API because access control policies
|
124
|
+
# are created and deleted implicitly with the resources to which they are
|
125
|
+
# attached.
|
126
|
+
#
|
127
|
+
# @param version [::String, ::Symbol] The API version to connect to. Optional.
|
128
|
+
# Defaults to `:v1`.
|
129
|
+
# @return [IAMPolicy::Client] A client object for the specified version.
|
130
|
+
#
|
131
|
+
def self.iam_policy version: :v1, &block
|
132
|
+
require "google/cloud/kms/#{version.to_s.downcase}"
|
133
|
+
|
134
|
+
package_name = Google::Cloud::Kms
|
135
|
+
.constants
|
136
|
+
.select { |sym| sym.to_s.downcase == version.to_s.downcase.tr("_", "") }
|
137
|
+
.first
|
138
|
+
package_module = Google::Cloud::Kms.const_get package_name
|
139
|
+
package_module.const_get(:IAMPolicy).const_get(:Client).new(&block)
|
140
|
+
end
|
141
|
+
|
88
142
|
##
|
89
143
|
# Configure the google-cloud-kms library.
|
90
144
|
#
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-kms
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.1
|
4
|
+
version: 2.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-01-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: google-cloud-core
|
@@ -16,28 +16,34 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '1.
|
19
|
+
version: '1.6'
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: '1.
|
26
|
+
version: '1.6'
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: google-cloud-kms-v1
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
|
-
- - "
|
31
|
+
- - ">="
|
32
32
|
- !ruby/object:Gem::Version
|
33
33
|
version: '0.0'
|
34
|
+
- - "<"
|
35
|
+
- !ruby/object:Gem::Version
|
36
|
+
version: 2.a
|
34
37
|
type: :runtime
|
35
38
|
prerelease: false
|
36
39
|
version_requirements: !ruby/object:Gem::Requirement
|
37
40
|
requirements:
|
38
|
-
- - "
|
41
|
+
- - ">="
|
39
42
|
- !ruby/object:Gem::Version
|
40
43
|
version: '0.0'
|
44
|
+
- - "<"
|
45
|
+
- !ruby/object:Gem::Version
|
46
|
+
version: 2.a
|
41
47
|
- !ruby/object:Gem::Dependency
|
42
48
|
name: google-style
|
43
49
|
requirement: !ruby/object:Gem::Requirement
|
@@ -184,7 +190,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
184
190
|
- !ruby/object:Gem::Version
|
185
191
|
version: '0'
|
186
192
|
requirements: []
|
187
|
-
rubygems_version: 3.
|
193
|
+
rubygems_version: 3.3.4
|
188
194
|
signing_key:
|
189
195
|
specification_version: 4
|
190
196
|
summary: API Client library for the Cloud Key Management Service (KMS) API
|