tccli-intl-en 3.0.1168.1__py2.py3-none-any.whl → 3.1.16.1__py2.py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- tccli/__init__.py +1 -1
- tccli/argument.py +1 -1
- tccli/plugins/sso/__init__.py +14 -0
- tccli/plugins/sso/login.py +23 -6
- tccli/plugins/sso/texts.py +4 -0
- tccli/services/__init__.py +49 -2
- tccli/services/advisor/advisor_client.py +10 -4
- tccli/services/ai3d/__init__.py +4 -0
- tccli/services/ai3d/ai3d_client.py +266 -0
- tccli/services/ai3d/v20250513/api.json +264 -0
- tccli/services/ai3d/v20250513/examples.json +20 -0
- tccli/services/aiart/aiart_client.py +5 -2
- tccli/services/ams/ams_client.py +20 -8
- tccli/services/antiddos/antiddos_client.py +350 -140
- tccli/services/apigateway/apigateway_client.py +465 -186
- tccli/services/apm/apm_client.py +835 -68
- tccli/services/apm/v20210622/api.json +3936 -1145
- tccli/services/apm/v20210622/examples.json +133 -23
- tccli/services/asr/asr_client.py +10 -4
- tccli/services/autoscaling/autoscaling_client.py +341 -114
- tccli/services/autoscaling/v20180419/api.json +514 -333
- tccli/services/autoscaling/v20180419/examples.json +46 -38
- tccli/services/batch/batch_client.py +140 -56
- tccli/services/bi/__init__.py +4 -0
- tccli/services/bi/bi_client.py +1498 -0
- tccli/services/bi/v20220105/api.json +5769 -0
- tccli/services/bi/v20220105/examples.json +215 -0
- tccli/services/billing/billing_client.py +1055 -134
- tccli/services/billing/v20180709/api.json +1654 -243
- tccli/services/billing/v20180709/examples.json +169 -25
- tccli/services/cam/cam_client.py +405 -162
- tccli/services/captcha/captcha_client.py +5 -2
- tccli/services/captcha/v20190722/api.json +16 -6
- tccli/services/captcha/v20190722/examples.json +3 -3
- tccli/services/car/car_client.py +165 -66
- tccli/services/cbs/cbs_client.py +190 -76
- tccli/services/ccc/ccc_client.py +1167 -268
- tccli/services/ccc/v20200210/api.json +2263 -202
- tccli/services/ccc/v20200210/examples.json +116 -12
- tccli/services/cdb/cdb_client.py +665 -266
- tccli/services/cdb/v20170320/api.json +426 -173
- tccli/services/cdb/v20170320/examples.json +6 -6
- tccli/services/cdc/cdc_client.py +100 -40
- tccli/services/cdc/v20201214/api.json +2 -2
- tccli/services/cdc/v20201214/examples.json +4 -4
- tccli/services/cdn/cdn_client.py +220 -88
- tccli/services/cdwdoris/cdwdoris_client.py +385 -154
- tccli/services/cdwpg/cdwpg_client.py +120 -48
- tccli/services/cdz/__init__.py +4 -0
- tccli/services/cdz/cdz_client.py +210 -0
- tccli/services/cdz/v20221123/api.json +233 -0
- tccli/services/cdz/v20221123/examples.json +12 -0
- tccli/services/cfg/cfg_client.py +80 -32
- tccli/services/cfg/v20210820/api.json +30 -10
- tccli/services/cfg/v20210820/examples.json +1 -1
- tccli/services/cfs/cfs_client.py +195 -78
- tccli/services/cfw/cfw_client.py +330 -132
- tccli/services/chdfs/chdfs_client.py +145 -58
- tccli/services/ciam/ciam_client.py +80 -32
- tccli/services/ckafka/ckafka_client.py +1033 -255
- tccli/services/ckafka/v20190819/api.json +3378 -1681
- tccli/services/ckafka/v20190819/examples.json +254 -160
- tccli/services/clb/clb_client.py +1054 -469
- tccli/services/clb/v20180317/api.json +2307 -1024
- tccli/services/clb/v20180317/examples.json +186 -126
- tccli/services/cloudaudit/cloudaudit_client.py +90 -36
- tccli/services/cls/cls_client.py +434 -173
- tccli/services/cmq/cmq_client.py +14 -803
- tccli/services/cmq/v20190304/api.json +173 -1367
- tccli/services/cmq/v20190304/examples.json +0 -120
- tccli/services/config/config_client.py +30 -12
- tccli/services/controlcenter/controlcenter_client.py +229 -2
- tccli/services/controlcenter/v20230110/api.json +528 -5
- tccli/services/controlcenter/v20230110/examples.json +32 -0
- tccli/services/csip/csip_client.py +339 -78
- tccli/services/csip/v20221121/api.json +1011 -38
- tccli/services/csip/v20221121/examples.json +24 -0
- tccli/services/ctsdb/__init__.py +4 -0
- tccli/services/ctsdb/ctsdb_client.py +266 -0
- tccli/services/ctsdb/v20230202/api.json +677 -0
- tccli/services/ctsdb/v20230202/examples.json +20 -0
- tccli/services/cvm/cvm_client.py +706 -189
- tccli/services/cvm/v20170312/api.json +1141 -510
- tccli/services/cvm/v20170312/examples.json +174 -128
- tccli/services/cwp/cwp_client.py +2325 -930
- tccli/services/cynosdb/cynosdb_client.py +3051 -575
- tccli/services/cynosdb/v20190107/api.json +14074 -7139
- tccli/services/cynosdb/v20190107/examples.json +597 -287
- tccli/services/dataintegration/dataintegration_client.py +5 -2
- tccli/services/dayu/dayu_client.py +515 -206
- tccli/services/dbbrain/dbbrain_client.py +210 -84
- tccli/services/dc/dc_client.py +90 -36
- tccli/services/dcdb/dcdb_client.py +310 -124
- tccli/services/dlc/dlc_client.py +859 -214
- tccli/services/dlc/v20210125/api.json +637 -13
- tccli/services/dlc/v20210125/examples.json +48 -0
- tccli/services/dms/dms_client.py +10 -4
- tccli/services/dnspod/dnspod_client.py +390 -111
- tccli/services/dnspod/v20210323/api.json +196 -0
- tccli/services/dnspod/v20210323/examples.json +24 -0
- tccli/services/domain/domain_client.py +120 -48
- tccli/services/dts/dts_client.py +415 -166
- tccli/services/eb/eb_client.py +130 -52
- tccli/services/ecdn/ecdn_client.py +75 -30
- tccli/services/ecm/ecm_client.py +620 -248
- tccli/services/eiam/eiam_client.py +200 -80
- tccli/services/emr/emr_client.py +3104 -117
- tccli/services/emr/v20190103/api.json +15311 -4361
- tccli/services/emr/v20190103/examples.json +452 -42
- tccli/services/es/es_client.py +105 -42
- tccli/services/facefusion/facefusion_client.py +15 -6
- tccli/services/faceid/faceid_client.py +95 -38
- tccli/services/faceid/v20180301/api.json +172 -45
- tccli/services/faceid/v20180301/examples.json +3 -3
- tccli/services/gaap/gaap_client.py +440 -176
- tccli/services/gme/gme_client.py +50 -20
- tccli/services/gpm/gpm_client.py +90 -36
- tccli/services/gse/gse_client.py +110 -44
- tccli/services/gwlb/gwlb_client.py +90 -36
- tccli/services/hunyuan/__init__.py +4 -0
- tccli/services/hunyuan/hunyuan_client.py +266 -0
- tccli/services/hunyuan/v20230901/api.json +270 -0
- tccli/services/hunyuan/v20230901/examples.json +20 -0
- tccli/services/iai/iai_client.py +145 -58
- tccli/services/iai/v20200303/api.json +187 -51
- tccli/services/iai/v20200303/examples.json +30 -12
- tccli/services/iap/iap_client.py +30 -12
- tccli/services/ims/ims_client.py +5 -2
- tccli/services/ims/v20201229/api.json +133 -141
- tccli/services/ims/v20201229/examples.json +3 -3
- tccli/services/intlpartnersmgt/intlpartnersmgt_client.py +516 -72
- tccli/services/intlpartnersmgt/v20220928/api.json +976 -60
- tccli/services/intlpartnersmgt/v20220928/examples.json +50 -2
- tccli/services/iotcloud/iotcloud_client.py +100 -40
- tccli/services/iotcloud/v20210408/api.json +216 -107
- tccli/services/iotcloud/v20210408/examples.json +9 -9
- tccli/services/ip/ip_client.py +30 -12
- tccli/services/kms/kms_client.py +1226 -227
- tccli/services/kms/v20190118/api.json +1562 -144
- tccli/services/kms/v20190118/examples.json +204 -78
- tccli/services/lcic/lcic_client.py +265 -106
- tccli/services/lighthouse/lighthouse_client.py +370 -148
- tccli/services/lighthouse/v20200324/api.json +14 -14
- tccli/services/lighthouse/v20200324/examples.json +5 -5
- tccli/services/live/live_client.py +804 -232
- tccli/services/live/v20180801/api.json +272 -0
- tccli/services/live/v20180801/examples.json +32 -0
- tccli/services/lke/__init__.py +4 -0
- tccli/services/lke/lke_client.py +5194 -0
- tccli/services/lke/v20231130/api.json +14803 -0
- tccli/services/lke/v20231130/examples.json +736 -0
- tccli/services/lkeap/__init__.py +4 -0
- tccli/services/lkeap/lkeap_client.py +602 -0
- tccli/services/lkeap/v20240522/api.json +953 -0
- tccli/services/lkeap/v20240522/examples.json +92 -0
- tccli/services/mariadb/mariadb_client.py +250 -100
- tccli/services/mdc/mdc_client.py +90 -36
- tccli/services/mdl/mdl_client.py +402 -82
- tccli/services/mdl/v20200326/api.json +1144 -58
- tccli/services/mdl/v20200326/examples.json +48 -16
- tccli/services/mdp/mdp_client.py +785 -122
- tccli/services/mdp/v20200527/api.json +1168 -44
- tccli/services/mdp/v20200527/examples.json +151 -79
- tccli/services/message/__init__.py +4 -0
- tccli/services/message/message_client.py +210 -0
- tccli/services/message/v20181225/api.json +72 -0
- tccli/services/message/v20181225/examples.json +13 -0
- tccli/services/mongodb/mongodb_client.py +1452 -136
- tccli/services/mongodb/v20190725/api.json +4393 -1462
- tccli/services/mongodb/v20190725/examples.json +265 -71
- tccli/services/monitor/monitor_client.py +1008 -296
- tccli/services/monitor/v20180724/api.json +660 -11
- tccli/services/monitor/v20180724/examples.json +152 -4
- tccli/services/mps/mps_client.py +1573 -354
- tccli/services/mps/v20190612/api.json +12394 -7243
- tccli/services/mps/v20190612/examples.json +244 -84
- tccli/services/msp/msp_client.py +35 -14
- tccli/services/ocr/ocr_client.py +596 -102
- tccli/services/ocr/v20181119/api.json +2271 -181
- tccli/services/ocr/v20181119/examples.json +70 -8
- tccli/services/omics/omics_client.py +100 -40
- tccli/services/organization/organization_client.py +580 -232
- tccli/services/postgres/postgres_client.py +455 -182
- tccli/services/postgres/v20170312/api.json +134 -109
- tccli/services/postgres/v20170312/examples.json +14 -14
- tccli/services/privatedns/privatedns_client.py +206 -60
- tccli/services/privatedns/v20201028/api.json +179 -0
- tccli/services/privatedns/v20201028/examples.json +8 -0
- tccli/services/pts/pts_client.py +240 -96
- tccli/services/quota/__init__.py +4 -0
- tccli/services/quota/quota_client.py +434 -0
- tccli/services/quota/v20241204/api.json +548 -0
- tccli/services/quota/v20241204/examples.json +51 -0
- tccli/services/rce/rce_client.py +5 -2
- tccli/services/redis/redis_client.py +698 -212
- tccli/services/redis/v20180412/api.json +968 -563
- tccli/services/redis/v20180412/examples.json +98 -56
- tccli/services/region/__init__.py +4 -0
- tccli/services/region/region_client.py +322 -0
- tccli/services/region/v20220627/api.json +399 -0
- tccli/services/region/v20220627/examples.json +29 -0
- tccli/services/rum/rum_client.py +300 -120
- tccli/services/scf/scf_client.py +210 -84
- tccli/services/ses/ses_client.py +368 -69
- tccli/services/ses/v20201002/api.json +240 -0
- tccli/services/ses/v20201002/examples.json +32 -0
- tccli/services/smh/__init__.py +4 -0
- tccli/services/smh/smh_client.py +714 -0
- tccli/services/smh/v20210712/api.json +1287 -0
- tccli/services/smh/v20210712/examples.json +85 -0
- tccli/services/sms/sms_client.py +90 -36
- tccli/services/sqlserver/sqlserver_client.py +3855 -470
- tccli/services/sqlserver/v20180328/api.json +9757 -3347
- tccli/services/sqlserver/v20180328/examples.json +480 -20
- tccli/services/ssl/ssl_client.py +504 -72
- tccli/services/ssl/v20191205/api.json +789 -21
- tccli/services/ssl/v20191205/examples.json +54 -0
- tccli/services/ssm/ssm_client.py +120 -48
- tccli/services/sts/sts_client.py +25 -10
- tccli/services/tag/tag_client.py +150 -60
- tccli/services/tat/tat_client.py +95 -38
- tccli/services/tbaas/__init__.py +4 -0
- tccli/services/tbaas/tbaas_client.py +378 -0
- tccli/services/tbaas/v20180416/api.json +551 -0
- tccli/services/tbaas/v20180416/examples.json +37 -0
- tccli/services/tcaplusdb/tcaplusdb_client.py +260 -104
- tccli/services/tcaplusdb/v20190823/api.json +836 -760
- tccli/services/tcaplusdb/v20190823/examples.json +3 -3
- tccli/services/tchd/tchd_client.py +5 -2
- tccli/services/tcmpp/tcmpp_client.py +520 -208
- tccli/services/tcr/tcr_client.py +380 -152
- tccli/services/tcsas/tcsas_client.py +295 -118
- tccli/services/tcsas/v20250106/api.json +155 -79
- tccli/services/tcsas/v20250106/examples.json +3 -3
- tccli/services/tcss/tcss_client.py +1650 -660
- tccli/services/tdid/tdid_client.py +240 -96
- tccli/services/tdmq/tdmq_client.py +2876 -466
- tccli/services/tdmq/v20200217/api.json +11607 -3958
- tccli/services/tdmq/v20200217/examples.json +562 -264
- tccli/services/tem/tem_client.py +280 -112
- tccli/services/teo/teo_client.py +4507 -966
- tccli/services/teo/v20220901/api.json +7341 -1405
- tccli/services/teo/v20220901/examples.json +679 -99
- tccli/services/tione/__init__.py +4 -0
- tccli/services/tione/tione_client.py +210 -0
- tccli/services/tione/v20211111/api.json +3074 -0
- tccli/services/tione/v20211111/examples.json +12 -0
- tccli/services/tiw/tiw_client.py +255 -102
- tccli/services/tke/tke_client.py +741 -274
- tccli/services/tke/v20180525/api.json +132 -7
- tccli/services/tke/v20180525/examples.json +42 -16
- tccli/services/tms/tms_client.py +5 -2
- tccli/services/tms/v20201229/api.json +91 -100
- tccli/services/tmt/tmt_client.py +5 -2
- tccli/services/trabbit/__init__.py +4 -0
- tccli/services/trabbit/trabbit_client.py +1778 -0
- tccli/services/trabbit/v20230418/api.json +4772 -0
- tccli/services/trabbit/v20230418/examples.json +237 -0
- tccli/services/trocket/__init__.py +4 -0
- tccli/services/trocket/trocket_client.py +2450 -0
- tccli/services/trocket/v20230308/api.json +6062 -0
- tccli/services/trocket/v20230308/examples.json +339 -0
- tccli/services/trro/trro_client.py +95 -38
- tccli/services/trtc/trtc_client.py +928 -192
- tccli/services/trtc/v20190722/api.json +1810 -256
- tccli/services/trtc/v20190722/examples.json +100 -6
- tccli/services/tts/tts_client.py +5 -2
- tccli/services/vclm/vclm_client.py +10 -4
- tccli/services/vm/v20210922/api.json +61 -30
- tccli/services/vm/v20210922/examples.json +0 -12
- tccli/services/vm/vm_client.py +20 -8
- tccli/services/vod/v20180717/api.json +332 -52
- tccli/services/vod/v20180717/examples.json +9 -1
- tccli/services/vod/v20240718/api.json +1105 -0
- tccli/services/vod/v20240718/examples.json +97 -0
- tccli/services/vod/vod_client.py +1316 -350
- tccli/services/vpc/v20170312/api.json +1166 -106
- tccli/services/vpc/v20170312/examples.json +197 -23
- tccli/services/vpc/vpc_client.py +2413 -739
- tccli/services/waf/v20180125/api.json +1372 -194
- tccli/services/waf/v20180125/examples.json +89 -1
- tccli/services/waf/waf_client.py +1149 -245
- tccli/services/wedata/v20210820/api.json +1577 -231
- tccli/services/wedata/v20210820/examples.json +74 -12
- tccli/services/wedata/v20250806/api.json +13644 -0
- tccli/services/wedata/v20250806/examples.json +621 -0
- tccli/services/wedata/wedata_client.py +6366 -1191
- tccli/services/yunjing/yunjing_client.py +355 -142
- {tccli_intl_en-3.0.1168.1.dist-info → tccli_intl_en-3.1.16.1.dist-info}/METADATA +4 -7
- {tccli_intl_en-3.0.1168.1.dist-info → tccli_intl_en-3.1.16.1.dist-info}/RECORD +294 -230
- {tccli_intl_en-3.0.1168.1.dist-info → tccli_intl_en-3.1.16.1.dist-info}/WHEEL +1 -1
- {tccli_intl_en-3.0.1168.1.dist-info → tccli_intl_en-3.1.16.1.dist-info}/entry_points.txt +0 -1
- {tccli_intl_en-3.0.1168.1.dist-info → tccli_intl_en-3.1.16.1.dist-info}/LICENSE +0 -0
- {tccli_intl_en-3.0.1168.1.dist-info → tccli_intl_en-3.1.16.1.dist-info}/top_level.txt +0 -0
tccli/services/kms/kms_client.py
CHANGED
|
@@ -17,6 +17,61 @@ from tencentcloud.kms.v20190118 import models as models_v20190118
|
|
|
17
17
|
from jmespath import search
|
|
18
18
|
import time
|
|
19
19
|
|
|
20
|
+
def doListDataKeys(args, parsed_globals):
|
|
21
|
+
g_param = parse_global_arg(parsed_globals)
|
|
22
|
+
|
|
23
|
+
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
24
|
+
cred = credential.CVMRoleCredential()
|
|
25
|
+
elif g_param[OptionsDefine.RoleArn.replace('-', '_')] and g_param[OptionsDefine.RoleSessionName.replace('-', '_')]:
|
|
26
|
+
cred = credential.STSAssumeRoleCredential(
|
|
27
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
28
|
+
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
29
|
+
)
|
|
30
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
31
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
32
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
33
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
34
|
+
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
35
|
+
else:
|
|
36
|
+
cred = credential.Credential(
|
|
37
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.Token]
|
|
38
|
+
)
|
|
39
|
+
http_profile = HttpProfile(
|
|
40
|
+
reqTimeout=60 if g_param[OptionsDefine.Timeout] is None else int(g_param[OptionsDefine.Timeout]),
|
|
41
|
+
reqMethod="POST",
|
|
42
|
+
endpoint=g_param[OptionsDefine.Endpoint],
|
|
43
|
+
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
44
|
+
)
|
|
45
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
46
|
+
if g_param[OptionsDefine.Language]:
|
|
47
|
+
profile.language = g_param[OptionsDefine.Language]
|
|
48
|
+
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
49
|
+
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
50
|
+
client._sdkVersion += ("_CLI_" + __version__)
|
|
51
|
+
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
52
|
+
model = models.ListDataKeysRequest()
|
|
53
|
+
model.from_json_string(json.dumps(args))
|
|
54
|
+
start_time = time.time()
|
|
55
|
+
while True:
|
|
56
|
+
rsp = client.ListDataKeys(model)
|
|
57
|
+
result = rsp.to_json_string()
|
|
58
|
+
try:
|
|
59
|
+
json_obj = json.loads(result)
|
|
60
|
+
except TypeError as e:
|
|
61
|
+
json_obj = json.loads(result.decode('utf-8')) # python3.3
|
|
62
|
+
if not g_param[OptionsDefine.Waiter] or search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj) == g_param['OptionsDefine.WaiterInfo']['to']:
|
|
63
|
+
break
|
|
64
|
+
cur_time = time.time()
|
|
65
|
+
if cur_time - start_time >= g_param['OptionsDefine.WaiterInfo']['timeout']:
|
|
66
|
+
raise ClientError('Request timeout, wait `%s` to `%s` timeout, last request is %s' %
|
|
67
|
+
(g_param['OptionsDefine.WaiterInfo']['expr'], g_param['OptionsDefine.WaiterInfo']['to'],
|
|
68
|
+
search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj)))
|
|
69
|
+
else:
|
|
70
|
+
print('Inquiry result is %s.' % search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj))
|
|
71
|
+
time.sleep(g_param['OptionsDefine.WaiterInfo']['interval'])
|
|
72
|
+
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
73
|
+
|
|
74
|
+
|
|
20
75
|
def doDeleteImportedKeyMaterial(args, parsed_globals):
|
|
21
76
|
g_param = parse_global_arg(parsed_globals)
|
|
22
77
|
|
|
@@ -27,7 +82,10 @@ def doDeleteImportedKeyMaterial(args, parsed_globals):
|
|
|
27
82
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
28
83
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
29
84
|
)
|
|
30
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
85
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
86
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
87
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
88
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
31
89
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
32
90
|
else:
|
|
33
91
|
cred = credential.Credential(
|
|
@@ -39,7 +97,7 @@ def doDeleteImportedKeyMaterial(args, parsed_globals):
|
|
|
39
97
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
40
98
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
41
99
|
)
|
|
42
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
100
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
43
101
|
if g_param[OptionsDefine.Language]:
|
|
44
102
|
profile.language = g_param[OptionsDefine.Language]
|
|
45
103
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
@@ -50,7 +108,722 @@ def doDeleteImportedKeyMaterial(args, parsed_globals):
|
|
|
50
108
|
model.from_json_string(json.dumps(args))
|
|
51
109
|
start_time = time.time()
|
|
52
110
|
while True:
|
|
53
|
-
rsp = client.DeleteImportedKeyMaterial(model)
|
|
111
|
+
rsp = client.DeleteImportedKeyMaterial(model)
|
|
112
|
+
result = rsp.to_json_string()
|
|
113
|
+
try:
|
|
114
|
+
json_obj = json.loads(result)
|
|
115
|
+
except TypeError as e:
|
|
116
|
+
json_obj = json.loads(result.decode('utf-8')) # python3.3
|
|
117
|
+
if not g_param[OptionsDefine.Waiter] or search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj) == g_param['OptionsDefine.WaiterInfo']['to']:
|
|
118
|
+
break
|
|
119
|
+
cur_time = time.time()
|
|
120
|
+
if cur_time - start_time >= g_param['OptionsDefine.WaiterInfo']['timeout']:
|
|
121
|
+
raise ClientError('Request timeout, wait `%s` to `%s` timeout, last request is %s' %
|
|
122
|
+
(g_param['OptionsDefine.WaiterInfo']['expr'], g_param['OptionsDefine.WaiterInfo']['to'],
|
|
123
|
+
search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj)))
|
|
124
|
+
else:
|
|
125
|
+
print('Inquiry result is %s.' % search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj))
|
|
126
|
+
time.sleep(g_param['OptionsDefine.WaiterInfo']['interval'])
|
|
127
|
+
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
128
|
+
|
|
129
|
+
|
|
130
|
+
def doPostQuantumCryptoVerify(args, parsed_globals):
|
|
131
|
+
g_param = parse_global_arg(parsed_globals)
|
|
132
|
+
|
|
133
|
+
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
134
|
+
cred = credential.CVMRoleCredential()
|
|
135
|
+
elif g_param[OptionsDefine.RoleArn.replace('-', '_')] and g_param[OptionsDefine.RoleSessionName.replace('-', '_')]:
|
|
136
|
+
cred = credential.STSAssumeRoleCredential(
|
|
137
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
138
|
+
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
139
|
+
)
|
|
140
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
141
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
142
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
143
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
144
|
+
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
145
|
+
else:
|
|
146
|
+
cred = credential.Credential(
|
|
147
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.Token]
|
|
148
|
+
)
|
|
149
|
+
http_profile = HttpProfile(
|
|
150
|
+
reqTimeout=60 if g_param[OptionsDefine.Timeout] is None else int(g_param[OptionsDefine.Timeout]),
|
|
151
|
+
reqMethod="POST",
|
|
152
|
+
endpoint=g_param[OptionsDefine.Endpoint],
|
|
153
|
+
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
154
|
+
)
|
|
155
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
156
|
+
if g_param[OptionsDefine.Language]:
|
|
157
|
+
profile.language = g_param[OptionsDefine.Language]
|
|
158
|
+
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
159
|
+
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
160
|
+
client._sdkVersion += ("_CLI_" + __version__)
|
|
161
|
+
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
162
|
+
model = models.PostQuantumCryptoVerifyRequest()
|
|
163
|
+
model.from_json_string(json.dumps(args))
|
|
164
|
+
start_time = time.time()
|
|
165
|
+
while True:
|
|
166
|
+
rsp = client.PostQuantumCryptoVerify(model)
|
|
167
|
+
result = rsp.to_json_string()
|
|
168
|
+
try:
|
|
169
|
+
json_obj = json.loads(result)
|
|
170
|
+
except TypeError as e:
|
|
171
|
+
json_obj = json.loads(result.decode('utf-8')) # python3.3
|
|
172
|
+
if not g_param[OptionsDefine.Waiter] or search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj) == g_param['OptionsDefine.WaiterInfo']['to']:
|
|
173
|
+
break
|
|
174
|
+
cur_time = time.time()
|
|
175
|
+
if cur_time - start_time >= g_param['OptionsDefine.WaiterInfo']['timeout']:
|
|
176
|
+
raise ClientError('Request timeout, wait `%s` to `%s` timeout, last request is %s' %
|
|
177
|
+
(g_param['OptionsDefine.WaiterInfo']['expr'], g_param['OptionsDefine.WaiterInfo']['to'],
|
|
178
|
+
search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj)))
|
|
179
|
+
else:
|
|
180
|
+
print('Inquiry result is %s.' % search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj))
|
|
181
|
+
time.sleep(g_param['OptionsDefine.WaiterInfo']['interval'])
|
|
182
|
+
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
183
|
+
|
|
184
|
+
|
|
185
|
+
def doAsymmetricRsaDecrypt(args, parsed_globals):
|
|
186
|
+
g_param = parse_global_arg(parsed_globals)
|
|
187
|
+
|
|
188
|
+
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
189
|
+
cred = credential.CVMRoleCredential()
|
|
190
|
+
elif g_param[OptionsDefine.RoleArn.replace('-', '_')] and g_param[OptionsDefine.RoleSessionName.replace('-', '_')]:
|
|
191
|
+
cred = credential.STSAssumeRoleCredential(
|
|
192
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
193
|
+
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
194
|
+
)
|
|
195
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
196
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
197
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
198
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
199
|
+
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
200
|
+
else:
|
|
201
|
+
cred = credential.Credential(
|
|
202
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.Token]
|
|
203
|
+
)
|
|
204
|
+
http_profile = HttpProfile(
|
|
205
|
+
reqTimeout=60 if g_param[OptionsDefine.Timeout] is None else int(g_param[OptionsDefine.Timeout]),
|
|
206
|
+
reqMethod="POST",
|
|
207
|
+
endpoint=g_param[OptionsDefine.Endpoint],
|
|
208
|
+
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
209
|
+
)
|
|
210
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
211
|
+
if g_param[OptionsDefine.Language]:
|
|
212
|
+
profile.language = g_param[OptionsDefine.Language]
|
|
213
|
+
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
214
|
+
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
215
|
+
client._sdkVersion += ("_CLI_" + __version__)
|
|
216
|
+
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
217
|
+
model = models.AsymmetricRsaDecryptRequest()
|
|
218
|
+
model.from_json_string(json.dumps(args))
|
|
219
|
+
start_time = time.time()
|
|
220
|
+
while True:
|
|
221
|
+
rsp = client.AsymmetricRsaDecrypt(model)
|
|
222
|
+
result = rsp.to_json_string()
|
|
223
|
+
try:
|
|
224
|
+
json_obj = json.loads(result)
|
|
225
|
+
except TypeError as e:
|
|
226
|
+
json_obj = json.loads(result.decode('utf-8')) # python3.3
|
|
227
|
+
if not g_param[OptionsDefine.Waiter] or search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj) == g_param['OptionsDefine.WaiterInfo']['to']:
|
|
228
|
+
break
|
|
229
|
+
cur_time = time.time()
|
|
230
|
+
if cur_time - start_time >= g_param['OptionsDefine.WaiterInfo']['timeout']:
|
|
231
|
+
raise ClientError('Request timeout, wait `%s` to `%s` timeout, last request is %s' %
|
|
232
|
+
(g_param['OptionsDefine.WaiterInfo']['expr'], g_param['OptionsDefine.WaiterInfo']['to'],
|
|
233
|
+
search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj)))
|
|
234
|
+
else:
|
|
235
|
+
print('Inquiry result is %s.' % search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj))
|
|
236
|
+
time.sleep(g_param['OptionsDefine.WaiterInfo']['interval'])
|
|
237
|
+
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
238
|
+
|
|
239
|
+
|
|
240
|
+
def doEncrypt(args, parsed_globals):
|
|
241
|
+
g_param = parse_global_arg(parsed_globals)
|
|
242
|
+
|
|
243
|
+
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
244
|
+
cred = credential.CVMRoleCredential()
|
|
245
|
+
elif g_param[OptionsDefine.RoleArn.replace('-', '_')] and g_param[OptionsDefine.RoleSessionName.replace('-', '_')]:
|
|
246
|
+
cred = credential.STSAssumeRoleCredential(
|
|
247
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
248
|
+
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
249
|
+
)
|
|
250
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
251
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
252
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
253
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
254
|
+
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
255
|
+
else:
|
|
256
|
+
cred = credential.Credential(
|
|
257
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.Token]
|
|
258
|
+
)
|
|
259
|
+
http_profile = HttpProfile(
|
|
260
|
+
reqTimeout=60 if g_param[OptionsDefine.Timeout] is None else int(g_param[OptionsDefine.Timeout]),
|
|
261
|
+
reqMethod="POST",
|
|
262
|
+
endpoint=g_param[OptionsDefine.Endpoint],
|
|
263
|
+
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
264
|
+
)
|
|
265
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
266
|
+
if g_param[OptionsDefine.Language]:
|
|
267
|
+
profile.language = g_param[OptionsDefine.Language]
|
|
268
|
+
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
269
|
+
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
270
|
+
client._sdkVersion += ("_CLI_" + __version__)
|
|
271
|
+
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
272
|
+
model = models.EncryptRequest()
|
|
273
|
+
model.from_json_string(json.dumps(args))
|
|
274
|
+
start_time = time.time()
|
|
275
|
+
while True:
|
|
276
|
+
rsp = client.Encrypt(model)
|
|
277
|
+
result = rsp.to_json_string()
|
|
278
|
+
try:
|
|
279
|
+
json_obj = json.loads(result)
|
|
280
|
+
except TypeError as e:
|
|
281
|
+
json_obj = json.loads(result.decode('utf-8')) # python3.3
|
|
282
|
+
if not g_param[OptionsDefine.Waiter] or search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj) == g_param['OptionsDefine.WaiterInfo']['to']:
|
|
283
|
+
break
|
|
284
|
+
cur_time = time.time()
|
|
285
|
+
if cur_time - start_time >= g_param['OptionsDefine.WaiterInfo']['timeout']:
|
|
286
|
+
raise ClientError('Request timeout, wait `%s` to `%s` timeout, last request is %s' %
|
|
287
|
+
(g_param['OptionsDefine.WaiterInfo']['expr'], g_param['OptionsDefine.WaiterInfo']['to'],
|
|
288
|
+
search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj)))
|
|
289
|
+
else:
|
|
290
|
+
print('Inquiry result is %s.' % search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj))
|
|
291
|
+
time.sleep(g_param['OptionsDefine.WaiterInfo']['interval'])
|
|
292
|
+
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
293
|
+
|
|
294
|
+
|
|
295
|
+
def doCreateWhiteBoxKey(args, parsed_globals):
|
|
296
|
+
g_param = parse_global_arg(parsed_globals)
|
|
297
|
+
|
|
298
|
+
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
299
|
+
cred = credential.CVMRoleCredential()
|
|
300
|
+
elif g_param[OptionsDefine.RoleArn.replace('-', '_')] and g_param[OptionsDefine.RoleSessionName.replace('-', '_')]:
|
|
301
|
+
cred = credential.STSAssumeRoleCredential(
|
|
302
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
303
|
+
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
304
|
+
)
|
|
305
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
306
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
307
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
308
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
309
|
+
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
310
|
+
else:
|
|
311
|
+
cred = credential.Credential(
|
|
312
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.Token]
|
|
313
|
+
)
|
|
314
|
+
http_profile = HttpProfile(
|
|
315
|
+
reqTimeout=60 if g_param[OptionsDefine.Timeout] is None else int(g_param[OptionsDefine.Timeout]),
|
|
316
|
+
reqMethod="POST",
|
|
317
|
+
endpoint=g_param[OptionsDefine.Endpoint],
|
|
318
|
+
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
319
|
+
)
|
|
320
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
321
|
+
if g_param[OptionsDefine.Language]:
|
|
322
|
+
profile.language = g_param[OptionsDefine.Language]
|
|
323
|
+
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
324
|
+
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
325
|
+
client._sdkVersion += ("_CLI_" + __version__)
|
|
326
|
+
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
327
|
+
model = models.CreateWhiteBoxKeyRequest()
|
|
328
|
+
model.from_json_string(json.dumps(args))
|
|
329
|
+
start_time = time.time()
|
|
330
|
+
while True:
|
|
331
|
+
rsp = client.CreateWhiteBoxKey(model)
|
|
332
|
+
result = rsp.to_json_string()
|
|
333
|
+
try:
|
|
334
|
+
json_obj = json.loads(result)
|
|
335
|
+
except TypeError as e:
|
|
336
|
+
json_obj = json.loads(result.decode('utf-8')) # python3.3
|
|
337
|
+
if not g_param[OptionsDefine.Waiter] or search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj) == g_param['OptionsDefine.WaiterInfo']['to']:
|
|
338
|
+
break
|
|
339
|
+
cur_time = time.time()
|
|
340
|
+
if cur_time - start_time >= g_param['OptionsDefine.WaiterInfo']['timeout']:
|
|
341
|
+
raise ClientError('Request timeout, wait `%s` to `%s` timeout, last request is %s' %
|
|
342
|
+
(g_param['OptionsDefine.WaiterInfo']['expr'], g_param['OptionsDefine.WaiterInfo']['to'],
|
|
343
|
+
search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj)))
|
|
344
|
+
else:
|
|
345
|
+
print('Inquiry result is %s.' % search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj))
|
|
346
|
+
time.sleep(g_param['OptionsDefine.WaiterInfo']['interval'])
|
|
347
|
+
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
348
|
+
|
|
349
|
+
|
|
350
|
+
def doImportDataKey(args, parsed_globals):
|
|
351
|
+
g_param = parse_global_arg(parsed_globals)
|
|
352
|
+
|
|
353
|
+
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
354
|
+
cred = credential.CVMRoleCredential()
|
|
355
|
+
elif g_param[OptionsDefine.RoleArn.replace('-', '_')] and g_param[OptionsDefine.RoleSessionName.replace('-', '_')]:
|
|
356
|
+
cred = credential.STSAssumeRoleCredential(
|
|
357
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
358
|
+
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
359
|
+
)
|
|
360
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
361
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
362
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
363
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
364
|
+
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
365
|
+
else:
|
|
366
|
+
cred = credential.Credential(
|
|
367
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.Token]
|
|
368
|
+
)
|
|
369
|
+
http_profile = HttpProfile(
|
|
370
|
+
reqTimeout=60 if g_param[OptionsDefine.Timeout] is None else int(g_param[OptionsDefine.Timeout]),
|
|
371
|
+
reqMethod="POST",
|
|
372
|
+
endpoint=g_param[OptionsDefine.Endpoint],
|
|
373
|
+
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
374
|
+
)
|
|
375
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
376
|
+
if g_param[OptionsDefine.Language]:
|
|
377
|
+
profile.language = g_param[OptionsDefine.Language]
|
|
378
|
+
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
379
|
+
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
380
|
+
client._sdkVersion += ("_CLI_" + __version__)
|
|
381
|
+
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
382
|
+
model = models.ImportDataKeyRequest()
|
|
383
|
+
model.from_json_string(json.dumps(args))
|
|
384
|
+
start_time = time.time()
|
|
385
|
+
while True:
|
|
386
|
+
rsp = client.ImportDataKey(model)
|
|
387
|
+
result = rsp.to_json_string()
|
|
388
|
+
try:
|
|
389
|
+
json_obj = json.loads(result)
|
|
390
|
+
except TypeError as e:
|
|
391
|
+
json_obj = json.loads(result.decode('utf-8')) # python3.3
|
|
392
|
+
if not g_param[OptionsDefine.Waiter] or search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj) == g_param['OptionsDefine.WaiterInfo']['to']:
|
|
393
|
+
break
|
|
394
|
+
cur_time = time.time()
|
|
395
|
+
if cur_time - start_time >= g_param['OptionsDefine.WaiterInfo']['timeout']:
|
|
396
|
+
raise ClientError('Request timeout, wait `%s` to `%s` timeout, last request is %s' %
|
|
397
|
+
(g_param['OptionsDefine.WaiterInfo']['expr'], g_param['OptionsDefine.WaiterInfo']['to'],
|
|
398
|
+
search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj)))
|
|
399
|
+
else:
|
|
400
|
+
print('Inquiry result is %s.' % search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj))
|
|
401
|
+
time.sleep(g_param['OptionsDefine.WaiterInfo']['interval'])
|
|
402
|
+
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
403
|
+
|
|
404
|
+
|
|
405
|
+
def doEnableWhiteBoxKeys(args, parsed_globals):
|
|
406
|
+
g_param = parse_global_arg(parsed_globals)
|
|
407
|
+
|
|
408
|
+
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
409
|
+
cred = credential.CVMRoleCredential()
|
|
410
|
+
elif g_param[OptionsDefine.RoleArn.replace('-', '_')] and g_param[OptionsDefine.RoleSessionName.replace('-', '_')]:
|
|
411
|
+
cred = credential.STSAssumeRoleCredential(
|
|
412
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
413
|
+
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
414
|
+
)
|
|
415
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
416
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
417
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
418
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
419
|
+
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
420
|
+
else:
|
|
421
|
+
cred = credential.Credential(
|
|
422
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.Token]
|
|
423
|
+
)
|
|
424
|
+
http_profile = HttpProfile(
|
|
425
|
+
reqTimeout=60 if g_param[OptionsDefine.Timeout] is None else int(g_param[OptionsDefine.Timeout]),
|
|
426
|
+
reqMethod="POST",
|
|
427
|
+
endpoint=g_param[OptionsDefine.Endpoint],
|
|
428
|
+
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
429
|
+
)
|
|
430
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
431
|
+
if g_param[OptionsDefine.Language]:
|
|
432
|
+
profile.language = g_param[OptionsDefine.Language]
|
|
433
|
+
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
434
|
+
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
435
|
+
client._sdkVersion += ("_CLI_" + __version__)
|
|
436
|
+
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
437
|
+
model = models.EnableWhiteBoxKeysRequest()
|
|
438
|
+
model.from_json_string(json.dumps(args))
|
|
439
|
+
start_time = time.time()
|
|
440
|
+
while True:
|
|
441
|
+
rsp = client.EnableWhiteBoxKeys(model)
|
|
442
|
+
result = rsp.to_json_string()
|
|
443
|
+
try:
|
|
444
|
+
json_obj = json.loads(result)
|
|
445
|
+
except TypeError as e:
|
|
446
|
+
json_obj = json.loads(result.decode('utf-8')) # python3.3
|
|
447
|
+
if not g_param[OptionsDefine.Waiter] or search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj) == g_param['OptionsDefine.WaiterInfo']['to']:
|
|
448
|
+
break
|
|
449
|
+
cur_time = time.time()
|
|
450
|
+
if cur_time - start_time >= g_param['OptionsDefine.WaiterInfo']['timeout']:
|
|
451
|
+
raise ClientError('Request timeout, wait `%s` to `%s` timeout, last request is %s' %
|
|
452
|
+
(g_param['OptionsDefine.WaiterInfo']['expr'], g_param['OptionsDefine.WaiterInfo']['to'],
|
|
453
|
+
search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj)))
|
|
454
|
+
else:
|
|
455
|
+
print('Inquiry result is %s.' % search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj))
|
|
456
|
+
time.sleep(g_param['OptionsDefine.WaiterInfo']['interval'])
|
|
457
|
+
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
458
|
+
|
|
459
|
+
|
|
460
|
+
def doUpdateAlias(args, parsed_globals):
|
|
461
|
+
g_param = parse_global_arg(parsed_globals)
|
|
462
|
+
|
|
463
|
+
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
464
|
+
cred = credential.CVMRoleCredential()
|
|
465
|
+
elif g_param[OptionsDefine.RoleArn.replace('-', '_')] and g_param[OptionsDefine.RoleSessionName.replace('-', '_')]:
|
|
466
|
+
cred = credential.STSAssumeRoleCredential(
|
|
467
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
468
|
+
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
469
|
+
)
|
|
470
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
471
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
472
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
473
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
474
|
+
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
475
|
+
else:
|
|
476
|
+
cred = credential.Credential(
|
|
477
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.Token]
|
|
478
|
+
)
|
|
479
|
+
http_profile = HttpProfile(
|
|
480
|
+
reqTimeout=60 if g_param[OptionsDefine.Timeout] is None else int(g_param[OptionsDefine.Timeout]),
|
|
481
|
+
reqMethod="POST",
|
|
482
|
+
endpoint=g_param[OptionsDefine.Endpoint],
|
|
483
|
+
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
484
|
+
)
|
|
485
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
486
|
+
if g_param[OptionsDefine.Language]:
|
|
487
|
+
profile.language = g_param[OptionsDefine.Language]
|
|
488
|
+
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
489
|
+
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
490
|
+
client._sdkVersion += ("_CLI_" + __version__)
|
|
491
|
+
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
492
|
+
model = models.UpdateAliasRequest()
|
|
493
|
+
model.from_json_string(json.dumps(args))
|
|
494
|
+
start_time = time.time()
|
|
495
|
+
while True:
|
|
496
|
+
rsp = client.UpdateAlias(model)
|
|
497
|
+
result = rsp.to_json_string()
|
|
498
|
+
try:
|
|
499
|
+
json_obj = json.loads(result)
|
|
500
|
+
except TypeError as e:
|
|
501
|
+
json_obj = json.loads(result.decode('utf-8')) # python3.3
|
|
502
|
+
if not g_param[OptionsDefine.Waiter] or search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj) == g_param['OptionsDefine.WaiterInfo']['to']:
|
|
503
|
+
break
|
|
504
|
+
cur_time = time.time()
|
|
505
|
+
if cur_time - start_time >= g_param['OptionsDefine.WaiterInfo']['timeout']:
|
|
506
|
+
raise ClientError('Request timeout, wait `%s` to `%s` timeout, last request is %s' %
|
|
507
|
+
(g_param['OptionsDefine.WaiterInfo']['expr'], g_param['OptionsDefine.WaiterInfo']['to'],
|
|
508
|
+
search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj)))
|
|
509
|
+
else:
|
|
510
|
+
print('Inquiry result is %s.' % search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj))
|
|
511
|
+
time.sleep(g_param['OptionsDefine.WaiterInfo']['interval'])
|
|
512
|
+
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
513
|
+
|
|
514
|
+
|
|
515
|
+
def doDeleteWhiteBoxKey(args, parsed_globals):
|
|
516
|
+
g_param = parse_global_arg(parsed_globals)
|
|
517
|
+
|
|
518
|
+
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
519
|
+
cred = credential.CVMRoleCredential()
|
|
520
|
+
elif g_param[OptionsDefine.RoleArn.replace('-', '_')] and g_param[OptionsDefine.RoleSessionName.replace('-', '_')]:
|
|
521
|
+
cred = credential.STSAssumeRoleCredential(
|
|
522
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
523
|
+
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
524
|
+
)
|
|
525
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
526
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
527
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
528
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
529
|
+
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
530
|
+
else:
|
|
531
|
+
cred = credential.Credential(
|
|
532
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.Token]
|
|
533
|
+
)
|
|
534
|
+
http_profile = HttpProfile(
|
|
535
|
+
reqTimeout=60 if g_param[OptionsDefine.Timeout] is None else int(g_param[OptionsDefine.Timeout]),
|
|
536
|
+
reqMethod="POST",
|
|
537
|
+
endpoint=g_param[OptionsDefine.Endpoint],
|
|
538
|
+
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
539
|
+
)
|
|
540
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
541
|
+
if g_param[OptionsDefine.Language]:
|
|
542
|
+
profile.language = g_param[OptionsDefine.Language]
|
|
543
|
+
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
544
|
+
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
545
|
+
client._sdkVersion += ("_CLI_" + __version__)
|
|
546
|
+
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
547
|
+
model = models.DeleteWhiteBoxKeyRequest()
|
|
548
|
+
model.from_json_string(json.dumps(args))
|
|
549
|
+
start_time = time.time()
|
|
550
|
+
while True:
|
|
551
|
+
rsp = client.DeleteWhiteBoxKey(model)
|
|
552
|
+
result = rsp.to_json_string()
|
|
553
|
+
try:
|
|
554
|
+
json_obj = json.loads(result)
|
|
555
|
+
except TypeError as e:
|
|
556
|
+
json_obj = json.loads(result.decode('utf-8')) # python3.3
|
|
557
|
+
if not g_param[OptionsDefine.Waiter] or search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj) == g_param['OptionsDefine.WaiterInfo']['to']:
|
|
558
|
+
break
|
|
559
|
+
cur_time = time.time()
|
|
560
|
+
if cur_time - start_time >= g_param['OptionsDefine.WaiterInfo']['timeout']:
|
|
561
|
+
raise ClientError('Request timeout, wait `%s` to `%s` timeout, last request is %s' %
|
|
562
|
+
(g_param['OptionsDefine.WaiterInfo']['expr'], g_param['OptionsDefine.WaiterInfo']['to'],
|
|
563
|
+
search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj)))
|
|
564
|
+
else:
|
|
565
|
+
print('Inquiry result is %s.' % search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj))
|
|
566
|
+
time.sleep(g_param['OptionsDefine.WaiterInfo']['interval'])
|
|
567
|
+
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
568
|
+
|
|
569
|
+
|
|
570
|
+
def doImportKeyMaterial(args, parsed_globals):
|
|
571
|
+
g_param = parse_global_arg(parsed_globals)
|
|
572
|
+
|
|
573
|
+
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
574
|
+
cred = credential.CVMRoleCredential()
|
|
575
|
+
elif g_param[OptionsDefine.RoleArn.replace('-', '_')] and g_param[OptionsDefine.RoleSessionName.replace('-', '_')]:
|
|
576
|
+
cred = credential.STSAssumeRoleCredential(
|
|
577
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
578
|
+
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
579
|
+
)
|
|
580
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
581
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
582
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
583
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
584
|
+
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
585
|
+
else:
|
|
586
|
+
cred = credential.Credential(
|
|
587
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.Token]
|
|
588
|
+
)
|
|
589
|
+
http_profile = HttpProfile(
|
|
590
|
+
reqTimeout=60 if g_param[OptionsDefine.Timeout] is None else int(g_param[OptionsDefine.Timeout]),
|
|
591
|
+
reqMethod="POST",
|
|
592
|
+
endpoint=g_param[OptionsDefine.Endpoint],
|
|
593
|
+
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
594
|
+
)
|
|
595
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
596
|
+
if g_param[OptionsDefine.Language]:
|
|
597
|
+
profile.language = g_param[OptionsDefine.Language]
|
|
598
|
+
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
599
|
+
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
600
|
+
client._sdkVersion += ("_CLI_" + __version__)
|
|
601
|
+
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
602
|
+
model = models.ImportKeyMaterialRequest()
|
|
603
|
+
model.from_json_string(json.dumps(args))
|
|
604
|
+
start_time = time.time()
|
|
605
|
+
while True:
|
|
606
|
+
rsp = client.ImportKeyMaterial(model)
|
|
607
|
+
result = rsp.to_json_string()
|
|
608
|
+
try:
|
|
609
|
+
json_obj = json.loads(result)
|
|
610
|
+
except TypeError as e:
|
|
611
|
+
json_obj = json.loads(result.decode('utf-8')) # python3.3
|
|
612
|
+
if not g_param[OptionsDefine.Waiter] or search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj) == g_param['OptionsDefine.WaiterInfo']['to']:
|
|
613
|
+
break
|
|
614
|
+
cur_time = time.time()
|
|
615
|
+
if cur_time - start_time >= g_param['OptionsDefine.WaiterInfo']['timeout']:
|
|
616
|
+
raise ClientError('Request timeout, wait `%s` to `%s` timeout, last request is %s' %
|
|
617
|
+
(g_param['OptionsDefine.WaiterInfo']['expr'], g_param['OptionsDefine.WaiterInfo']['to'],
|
|
618
|
+
search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj)))
|
|
619
|
+
else:
|
|
620
|
+
print('Inquiry result is %s.' % search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj))
|
|
621
|
+
time.sleep(g_param['OptionsDefine.WaiterInfo']['interval'])
|
|
622
|
+
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
623
|
+
|
|
624
|
+
|
|
625
|
+
def doDescribeDataKey(args, parsed_globals):
|
|
626
|
+
g_param = parse_global_arg(parsed_globals)
|
|
627
|
+
|
|
628
|
+
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
629
|
+
cred = credential.CVMRoleCredential()
|
|
630
|
+
elif g_param[OptionsDefine.RoleArn.replace('-', '_')] and g_param[OptionsDefine.RoleSessionName.replace('-', '_')]:
|
|
631
|
+
cred = credential.STSAssumeRoleCredential(
|
|
632
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
633
|
+
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
634
|
+
)
|
|
635
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
636
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
637
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
638
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
639
|
+
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
640
|
+
else:
|
|
641
|
+
cred = credential.Credential(
|
|
642
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.Token]
|
|
643
|
+
)
|
|
644
|
+
http_profile = HttpProfile(
|
|
645
|
+
reqTimeout=60 if g_param[OptionsDefine.Timeout] is None else int(g_param[OptionsDefine.Timeout]),
|
|
646
|
+
reqMethod="POST",
|
|
647
|
+
endpoint=g_param[OptionsDefine.Endpoint],
|
|
648
|
+
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
649
|
+
)
|
|
650
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
651
|
+
if g_param[OptionsDefine.Language]:
|
|
652
|
+
profile.language = g_param[OptionsDefine.Language]
|
|
653
|
+
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
654
|
+
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
655
|
+
client._sdkVersion += ("_CLI_" + __version__)
|
|
656
|
+
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
657
|
+
model = models.DescribeDataKeyRequest()
|
|
658
|
+
model.from_json_string(json.dumps(args))
|
|
659
|
+
start_time = time.time()
|
|
660
|
+
while True:
|
|
661
|
+
rsp = client.DescribeDataKey(model)
|
|
662
|
+
result = rsp.to_json_string()
|
|
663
|
+
try:
|
|
664
|
+
json_obj = json.loads(result)
|
|
665
|
+
except TypeError as e:
|
|
666
|
+
json_obj = json.loads(result.decode('utf-8')) # python3.3
|
|
667
|
+
if not g_param[OptionsDefine.Waiter] or search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj) == g_param['OptionsDefine.WaiterInfo']['to']:
|
|
668
|
+
break
|
|
669
|
+
cur_time = time.time()
|
|
670
|
+
if cur_time - start_time >= g_param['OptionsDefine.WaiterInfo']['timeout']:
|
|
671
|
+
raise ClientError('Request timeout, wait `%s` to `%s` timeout, last request is %s' %
|
|
672
|
+
(g_param['OptionsDefine.WaiterInfo']['expr'], g_param['OptionsDefine.WaiterInfo']['to'],
|
|
673
|
+
search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj)))
|
|
674
|
+
else:
|
|
675
|
+
print('Inquiry result is %s.' % search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj))
|
|
676
|
+
time.sleep(g_param['OptionsDefine.WaiterInfo']['interval'])
|
|
677
|
+
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
678
|
+
|
|
679
|
+
|
|
680
|
+
def doGetPublicKey(args, parsed_globals):
|
|
681
|
+
g_param = parse_global_arg(parsed_globals)
|
|
682
|
+
|
|
683
|
+
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
684
|
+
cred = credential.CVMRoleCredential()
|
|
685
|
+
elif g_param[OptionsDefine.RoleArn.replace('-', '_')] and g_param[OptionsDefine.RoleSessionName.replace('-', '_')]:
|
|
686
|
+
cred = credential.STSAssumeRoleCredential(
|
|
687
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
688
|
+
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
689
|
+
)
|
|
690
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
691
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
692
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
693
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
694
|
+
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
695
|
+
else:
|
|
696
|
+
cred = credential.Credential(
|
|
697
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.Token]
|
|
698
|
+
)
|
|
699
|
+
http_profile = HttpProfile(
|
|
700
|
+
reqTimeout=60 if g_param[OptionsDefine.Timeout] is None else int(g_param[OptionsDefine.Timeout]),
|
|
701
|
+
reqMethod="POST",
|
|
702
|
+
endpoint=g_param[OptionsDefine.Endpoint],
|
|
703
|
+
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
704
|
+
)
|
|
705
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
706
|
+
if g_param[OptionsDefine.Language]:
|
|
707
|
+
profile.language = g_param[OptionsDefine.Language]
|
|
708
|
+
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
709
|
+
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
710
|
+
client._sdkVersion += ("_CLI_" + __version__)
|
|
711
|
+
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
712
|
+
model = models.GetPublicKeyRequest()
|
|
713
|
+
model.from_json_string(json.dumps(args))
|
|
714
|
+
start_time = time.time()
|
|
715
|
+
while True:
|
|
716
|
+
rsp = client.GetPublicKey(model)
|
|
717
|
+
result = rsp.to_json_string()
|
|
718
|
+
try:
|
|
719
|
+
json_obj = json.loads(result)
|
|
720
|
+
except TypeError as e:
|
|
721
|
+
json_obj = json.loads(result.decode('utf-8')) # python3.3
|
|
722
|
+
if not g_param[OptionsDefine.Waiter] or search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj) == g_param['OptionsDefine.WaiterInfo']['to']:
|
|
723
|
+
break
|
|
724
|
+
cur_time = time.time()
|
|
725
|
+
if cur_time - start_time >= g_param['OptionsDefine.WaiterInfo']['timeout']:
|
|
726
|
+
raise ClientError('Request timeout, wait `%s` to `%s` timeout, last request is %s' %
|
|
727
|
+
(g_param['OptionsDefine.WaiterInfo']['expr'], g_param['OptionsDefine.WaiterInfo']['to'],
|
|
728
|
+
search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj)))
|
|
729
|
+
else:
|
|
730
|
+
print('Inquiry result is %s.' % search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj))
|
|
731
|
+
time.sleep(g_param['OptionsDefine.WaiterInfo']['interval'])
|
|
732
|
+
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
733
|
+
|
|
734
|
+
|
|
735
|
+
def doDisableKey(args, parsed_globals):
|
|
736
|
+
g_param = parse_global_arg(parsed_globals)
|
|
737
|
+
|
|
738
|
+
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
739
|
+
cred = credential.CVMRoleCredential()
|
|
740
|
+
elif g_param[OptionsDefine.RoleArn.replace('-', '_')] and g_param[OptionsDefine.RoleSessionName.replace('-', '_')]:
|
|
741
|
+
cred = credential.STSAssumeRoleCredential(
|
|
742
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
743
|
+
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
744
|
+
)
|
|
745
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
746
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
747
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
748
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
749
|
+
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
750
|
+
else:
|
|
751
|
+
cred = credential.Credential(
|
|
752
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.Token]
|
|
753
|
+
)
|
|
754
|
+
http_profile = HttpProfile(
|
|
755
|
+
reqTimeout=60 if g_param[OptionsDefine.Timeout] is None else int(g_param[OptionsDefine.Timeout]),
|
|
756
|
+
reqMethod="POST",
|
|
757
|
+
endpoint=g_param[OptionsDefine.Endpoint],
|
|
758
|
+
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
759
|
+
)
|
|
760
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
761
|
+
if g_param[OptionsDefine.Language]:
|
|
762
|
+
profile.language = g_param[OptionsDefine.Language]
|
|
763
|
+
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
764
|
+
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
765
|
+
client._sdkVersion += ("_CLI_" + __version__)
|
|
766
|
+
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
767
|
+
model = models.DisableKeyRequest()
|
|
768
|
+
model.from_json_string(json.dumps(args))
|
|
769
|
+
start_time = time.time()
|
|
770
|
+
while True:
|
|
771
|
+
rsp = client.DisableKey(model)
|
|
772
|
+
result = rsp.to_json_string()
|
|
773
|
+
try:
|
|
774
|
+
json_obj = json.loads(result)
|
|
775
|
+
except TypeError as e:
|
|
776
|
+
json_obj = json.loads(result.decode('utf-8')) # python3.3
|
|
777
|
+
if not g_param[OptionsDefine.Waiter] or search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj) == g_param['OptionsDefine.WaiterInfo']['to']:
|
|
778
|
+
break
|
|
779
|
+
cur_time = time.time()
|
|
780
|
+
if cur_time - start_time >= g_param['OptionsDefine.WaiterInfo']['timeout']:
|
|
781
|
+
raise ClientError('Request timeout, wait `%s` to `%s` timeout, last request is %s' %
|
|
782
|
+
(g_param['OptionsDefine.WaiterInfo']['expr'], g_param['OptionsDefine.WaiterInfo']['to'],
|
|
783
|
+
search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj)))
|
|
784
|
+
else:
|
|
785
|
+
print('Inquiry result is %s.' % search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj))
|
|
786
|
+
time.sleep(g_param['OptionsDefine.WaiterInfo']['interval'])
|
|
787
|
+
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
788
|
+
|
|
789
|
+
|
|
790
|
+
def doGenerateDataKey(args, parsed_globals):
|
|
791
|
+
g_param = parse_global_arg(parsed_globals)
|
|
792
|
+
|
|
793
|
+
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
794
|
+
cred = credential.CVMRoleCredential()
|
|
795
|
+
elif g_param[OptionsDefine.RoleArn.replace('-', '_')] and g_param[OptionsDefine.RoleSessionName.replace('-', '_')]:
|
|
796
|
+
cred = credential.STSAssumeRoleCredential(
|
|
797
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
798
|
+
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
799
|
+
)
|
|
800
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
801
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
802
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
803
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
804
|
+
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
805
|
+
else:
|
|
806
|
+
cred = credential.Credential(
|
|
807
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.Token]
|
|
808
|
+
)
|
|
809
|
+
http_profile = HttpProfile(
|
|
810
|
+
reqTimeout=60 if g_param[OptionsDefine.Timeout] is None else int(g_param[OptionsDefine.Timeout]),
|
|
811
|
+
reqMethod="POST",
|
|
812
|
+
endpoint=g_param[OptionsDefine.Endpoint],
|
|
813
|
+
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
814
|
+
)
|
|
815
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
816
|
+
if g_param[OptionsDefine.Language]:
|
|
817
|
+
profile.language = g_param[OptionsDefine.Language]
|
|
818
|
+
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
819
|
+
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
820
|
+
client._sdkVersion += ("_CLI_" + __version__)
|
|
821
|
+
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
822
|
+
model = models.GenerateDataKeyRequest()
|
|
823
|
+
model.from_json_string(json.dumps(args))
|
|
824
|
+
start_time = time.time()
|
|
825
|
+
while True:
|
|
826
|
+
rsp = client.GenerateDataKey(model)
|
|
54
827
|
result = rsp.to_json_string()
|
|
55
828
|
try:
|
|
56
829
|
json_obj = json.loads(result)
|
|
@@ -69,7 +842,7 @@ def doDeleteImportedKeyMaterial(args, parsed_globals):
|
|
|
69
842
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
70
843
|
|
|
71
844
|
|
|
72
|
-
def
|
|
845
|
+
def doListDataKeyDetail(args, parsed_globals):
|
|
73
846
|
g_param = parse_global_arg(parsed_globals)
|
|
74
847
|
|
|
75
848
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -79,7 +852,10 @@ def doPostQuantumCryptoVerify(args, parsed_globals):
|
|
|
79
852
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
80
853
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
81
854
|
)
|
|
82
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
855
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
856
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
857
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
858
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
83
859
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
84
860
|
else:
|
|
85
861
|
cred = credential.Credential(
|
|
@@ -91,18 +867,18 @@ def doPostQuantumCryptoVerify(args, parsed_globals):
|
|
|
91
867
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
92
868
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
93
869
|
)
|
|
94
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
870
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
95
871
|
if g_param[OptionsDefine.Language]:
|
|
96
872
|
profile.language = g_param[OptionsDefine.Language]
|
|
97
873
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
98
874
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
99
875
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
100
876
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
101
|
-
model = models.
|
|
877
|
+
model = models.ListDataKeyDetailRequest()
|
|
102
878
|
model.from_json_string(json.dumps(args))
|
|
103
879
|
start_time = time.time()
|
|
104
880
|
while True:
|
|
105
|
-
rsp = client.
|
|
881
|
+
rsp = client.ListDataKeyDetail(model)
|
|
106
882
|
result = rsp.to_json_string()
|
|
107
883
|
try:
|
|
108
884
|
json_obj = json.loads(result)
|
|
@@ -121,7 +897,7 @@ def doPostQuantumCryptoVerify(args, parsed_globals):
|
|
|
121
897
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
122
898
|
|
|
123
899
|
|
|
124
|
-
def
|
|
900
|
+
def doGetDataKeyPlaintext(args, parsed_globals):
|
|
125
901
|
g_param = parse_global_arg(parsed_globals)
|
|
126
902
|
|
|
127
903
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -131,7 +907,10 @@ def doEncrypt(args, parsed_globals):
|
|
|
131
907
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
132
908
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
133
909
|
)
|
|
134
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
910
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
911
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
912
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
913
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
135
914
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
136
915
|
else:
|
|
137
916
|
cred = credential.Credential(
|
|
@@ -143,18 +922,18 @@ def doEncrypt(args, parsed_globals):
|
|
|
143
922
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
144
923
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
145
924
|
)
|
|
146
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
925
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
147
926
|
if g_param[OptionsDefine.Language]:
|
|
148
927
|
profile.language = g_param[OptionsDefine.Language]
|
|
149
928
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
150
929
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
151
930
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
152
931
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
153
|
-
model = models.
|
|
932
|
+
model = models.GetDataKeyPlaintextRequest()
|
|
154
933
|
model.from_json_string(json.dumps(args))
|
|
155
934
|
start_time = time.time()
|
|
156
935
|
while True:
|
|
157
|
-
rsp = client.
|
|
936
|
+
rsp = client.GetDataKeyPlaintext(model)
|
|
158
937
|
result = rsp.to_json_string()
|
|
159
938
|
try:
|
|
160
939
|
json_obj = json.loads(result)
|
|
@@ -173,7 +952,7 @@ def doEncrypt(args, parsed_globals):
|
|
|
173
952
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
174
953
|
|
|
175
954
|
|
|
176
|
-
def
|
|
955
|
+
def doAsymmetricSm2Decrypt(args, parsed_globals):
|
|
177
956
|
g_param = parse_global_arg(parsed_globals)
|
|
178
957
|
|
|
179
958
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -183,7 +962,10 @@ def doEnableWhiteBoxKeys(args, parsed_globals):
|
|
|
183
962
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
184
963
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
185
964
|
)
|
|
186
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
965
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
966
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
967
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
968
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
187
969
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
188
970
|
else:
|
|
189
971
|
cred = credential.Credential(
|
|
@@ -195,18 +977,18 @@ def doEnableWhiteBoxKeys(args, parsed_globals):
|
|
|
195
977
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
196
978
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
197
979
|
)
|
|
198
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
980
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
199
981
|
if g_param[OptionsDefine.Language]:
|
|
200
982
|
profile.language = g_param[OptionsDefine.Language]
|
|
201
983
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
202
984
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
203
985
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
204
986
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
205
|
-
model = models.
|
|
987
|
+
model = models.AsymmetricSm2DecryptRequest()
|
|
206
988
|
model.from_json_string(json.dumps(args))
|
|
207
989
|
start_time = time.time()
|
|
208
990
|
while True:
|
|
209
|
-
rsp = client.
|
|
991
|
+
rsp = client.AsymmetricSm2Decrypt(model)
|
|
210
992
|
result = rsp.to_json_string()
|
|
211
993
|
try:
|
|
212
994
|
json_obj = json.loads(result)
|
|
@@ -225,7 +1007,7 @@ def doEnableWhiteBoxKeys(args, parsed_globals):
|
|
|
225
1007
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
226
1008
|
|
|
227
1009
|
|
|
228
|
-
def
|
|
1010
|
+
def doSignByAsymmetricKey(args, parsed_globals):
|
|
229
1011
|
g_param = parse_global_arg(parsed_globals)
|
|
230
1012
|
|
|
231
1013
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -235,7 +1017,10 @@ def doUpdateAlias(args, parsed_globals):
|
|
|
235
1017
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
236
1018
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
237
1019
|
)
|
|
238
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
1020
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
1021
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
1022
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
1023
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
239
1024
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
240
1025
|
else:
|
|
241
1026
|
cred = credential.Credential(
|
|
@@ -247,18 +1032,18 @@ def doUpdateAlias(args, parsed_globals):
|
|
|
247
1032
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
248
1033
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
249
1034
|
)
|
|
250
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
1035
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
251
1036
|
if g_param[OptionsDefine.Language]:
|
|
252
1037
|
profile.language = g_param[OptionsDefine.Language]
|
|
253
1038
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
254
1039
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
255
1040
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
256
1041
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
257
|
-
model = models.
|
|
1042
|
+
model = models.SignByAsymmetricKeyRequest()
|
|
258
1043
|
model.from_json_string(json.dumps(args))
|
|
259
1044
|
start_time = time.time()
|
|
260
1045
|
while True:
|
|
261
|
-
rsp = client.
|
|
1046
|
+
rsp = client.SignByAsymmetricKey(model)
|
|
262
1047
|
result = rsp.to_json_string()
|
|
263
1048
|
try:
|
|
264
1049
|
json_obj = json.loads(result)
|
|
@@ -277,7 +1062,7 @@ def doUpdateAlias(args, parsed_globals):
|
|
|
277
1062
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
278
1063
|
|
|
279
1064
|
|
|
280
|
-
def
|
|
1065
|
+
def doCancelKeyDeletion(args, parsed_globals):
|
|
281
1066
|
g_param = parse_global_arg(parsed_globals)
|
|
282
1067
|
|
|
283
1068
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -287,7 +1072,10 @@ def doDeleteWhiteBoxKey(args, parsed_globals):
|
|
|
287
1072
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
288
1073
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
289
1074
|
)
|
|
290
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
1075
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
1076
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
1077
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
1078
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
291
1079
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
292
1080
|
else:
|
|
293
1081
|
cred = credential.Credential(
|
|
@@ -299,18 +1087,18 @@ def doDeleteWhiteBoxKey(args, parsed_globals):
|
|
|
299
1087
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
300
1088
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
301
1089
|
)
|
|
302
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
1090
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
303
1091
|
if g_param[OptionsDefine.Language]:
|
|
304
1092
|
profile.language = g_param[OptionsDefine.Language]
|
|
305
1093
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
306
1094
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
307
1095
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
308
1096
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
309
|
-
model = models.
|
|
1097
|
+
model = models.CancelKeyDeletionRequest()
|
|
310
1098
|
model.from_json_string(json.dumps(args))
|
|
311
1099
|
start_time = time.time()
|
|
312
1100
|
while True:
|
|
313
|
-
rsp = client.
|
|
1101
|
+
rsp = client.CancelKeyDeletion(model)
|
|
314
1102
|
result = rsp.to_json_string()
|
|
315
1103
|
try:
|
|
316
1104
|
json_obj = json.loads(result)
|
|
@@ -329,7 +1117,7 @@ def doDeleteWhiteBoxKey(args, parsed_globals):
|
|
|
329
1117
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
330
1118
|
|
|
331
1119
|
|
|
332
|
-
def
|
|
1120
|
+
def doGetKeyRotationStatus(args, parsed_globals):
|
|
333
1121
|
g_param = parse_global_arg(parsed_globals)
|
|
334
1122
|
|
|
335
1123
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -339,7 +1127,10 @@ def doImportKeyMaterial(args, parsed_globals):
|
|
|
339
1127
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
340
1128
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
341
1129
|
)
|
|
342
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
1130
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
1131
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
1132
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
1133
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
343
1134
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
344
1135
|
else:
|
|
345
1136
|
cred = credential.Credential(
|
|
@@ -351,18 +1142,18 @@ def doImportKeyMaterial(args, parsed_globals):
|
|
|
351
1142
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
352
1143
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
353
1144
|
)
|
|
354
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
1145
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
355
1146
|
if g_param[OptionsDefine.Language]:
|
|
356
1147
|
profile.language = g_param[OptionsDefine.Language]
|
|
357
1148
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
358
1149
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
359
1150
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
360
1151
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
361
|
-
model = models.
|
|
1152
|
+
model = models.GetKeyRotationStatusRequest()
|
|
362
1153
|
model.from_json_string(json.dumps(args))
|
|
363
1154
|
start_time = time.time()
|
|
364
1155
|
while True:
|
|
365
|
-
rsp = client.
|
|
1156
|
+
rsp = client.GetKeyRotationStatus(model)
|
|
366
1157
|
result = rsp.to_json_string()
|
|
367
1158
|
try:
|
|
368
1159
|
json_obj = json.loads(result)
|
|
@@ -381,7 +1172,7 @@ def doImportKeyMaterial(args, parsed_globals):
|
|
|
381
1172
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
382
1173
|
|
|
383
1174
|
|
|
384
|
-
def
|
|
1175
|
+
def doScheduleDataKeyDeletion(args, parsed_globals):
|
|
385
1176
|
g_param = parse_global_arg(parsed_globals)
|
|
386
1177
|
|
|
387
1178
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -391,7 +1182,10 @@ def doGetPublicKey(args, parsed_globals):
|
|
|
391
1182
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
392
1183
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
393
1184
|
)
|
|
394
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
1185
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
1186
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
1187
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
1188
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
395
1189
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
396
1190
|
else:
|
|
397
1191
|
cred = credential.Credential(
|
|
@@ -403,18 +1197,18 @@ def doGetPublicKey(args, parsed_globals):
|
|
|
403
1197
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
404
1198
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
405
1199
|
)
|
|
406
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
1200
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
407
1201
|
if g_param[OptionsDefine.Language]:
|
|
408
1202
|
profile.language = g_param[OptionsDefine.Language]
|
|
409
1203
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
410
1204
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
411
1205
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
412
1206
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
413
|
-
model = models.
|
|
1207
|
+
model = models.ScheduleDataKeyDeletionRequest()
|
|
414
1208
|
model.from_json_string(json.dumps(args))
|
|
415
1209
|
start_time = time.time()
|
|
416
1210
|
while True:
|
|
417
|
-
rsp = client.
|
|
1211
|
+
rsp = client.ScheduleDataKeyDeletion(model)
|
|
418
1212
|
result = rsp.to_json_string()
|
|
419
1213
|
try:
|
|
420
1214
|
json_obj = json.loads(result)
|
|
@@ -433,7 +1227,7 @@ def doGetPublicKey(args, parsed_globals):
|
|
|
433
1227
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
434
1228
|
|
|
435
1229
|
|
|
436
|
-
def
|
|
1230
|
+
def doDescribeWhiteBoxKeyDetails(args, parsed_globals):
|
|
437
1231
|
g_param = parse_global_arg(parsed_globals)
|
|
438
1232
|
|
|
439
1233
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -443,7 +1237,10 @@ def doDisableKey(args, parsed_globals):
|
|
|
443
1237
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
444
1238
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
445
1239
|
)
|
|
446
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
1240
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
1241
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
1242
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
1243
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
447
1244
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
448
1245
|
else:
|
|
449
1246
|
cred = credential.Credential(
|
|
@@ -455,18 +1252,18 @@ def doDisableKey(args, parsed_globals):
|
|
|
455
1252
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
456
1253
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
457
1254
|
)
|
|
458
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
1255
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
459
1256
|
if g_param[OptionsDefine.Language]:
|
|
460
1257
|
profile.language = g_param[OptionsDefine.Language]
|
|
461
1258
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
462
1259
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
463
1260
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
464
1261
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
465
|
-
model = models.
|
|
1262
|
+
model = models.DescribeWhiteBoxKeyDetailsRequest()
|
|
466
1263
|
model.from_json_string(json.dumps(args))
|
|
467
1264
|
start_time = time.time()
|
|
468
1265
|
while True:
|
|
469
|
-
rsp = client.
|
|
1266
|
+
rsp = client.DescribeWhiteBoxKeyDetails(model)
|
|
470
1267
|
result = rsp.to_json_string()
|
|
471
1268
|
try:
|
|
472
1269
|
json_obj = json.loads(result)
|
|
@@ -485,7 +1282,7 @@ def doDisableKey(args, parsed_globals):
|
|
|
485
1282
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
486
1283
|
|
|
487
1284
|
|
|
488
|
-
def
|
|
1285
|
+
def doBindCloudResource(args, parsed_globals):
|
|
489
1286
|
g_param = parse_global_arg(parsed_globals)
|
|
490
1287
|
|
|
491
1288
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -495,7 +1292,10 @@ def doGenerateDataKey(args, parsed_globals):
|
|
|
495
1292
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
496
1293
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
497
1294
|
)
|
|
498
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
1295
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
1296
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
1297
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
1298
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
499
1299
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
500
1300
|
else:
|
|
501
1301
|
cred = credential.Credential(
|
|
@@ -507,18 +1307,18 @@ def doGenerateDataKey(args, parsed_globals):
|
|
|
507
1307
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
508
1308
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
509
1309
|
)
|
|
510
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
1310
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
511
1311
|
if g_param[OptionsDefine.Language]:
|
|
512
1312
|
profile.language = g_param[OptionsDefine.Language]
|
|
513
1313
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
514
1314
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
515
1315
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
516
1316
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
517
|
-
model = models.
|
|
1317
|
+
model = models.BindCloudResourceRequest()
|
|
518
1318
|
model.from_json_string(json.dumps(args))
|
|
519
1319
|
start_time = time.time()
|
|
520
1320
|
while True:
|
|
521
|
-
rsp = client.
|
|
1321
|
+
rsp = client.BindCloudResource(model)
|
|
522
1322
|
result = rsp.to_json_string()
|
|
523
1323
|
try:
|
|
524
1324
|
json_obj = json.loads(result)
|
|
@@ -537,7 +1337,7 @@ def doGenerateDataKey(args, parsed_globals):
|
|
|
537
1337
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
538
1338
|
|
|
539
1339
|
|
|
540
|
-
def
|
|
1340
|
+
def doCancelKeyArchive(args, parsed_globals):
|
|
541
1341
|
g_param = parse_global_arg(parsed_globals)
|
|
542
1342
|
|
|
543
1343
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -547,7 +1347,10 @@ def doAsymmetricSm2Decrypt(args, parsed_globals):
|
|
|
547
1347
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
548
1348
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
549
1349
|
)
|
|
550
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
1350
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
1351
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
1352
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
1353
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
551
1354
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
552
1355
|
else:
|
|
553
1356
|
cred = credential.Credential(
|
|
@@ -559,18 +1362,18 @@ def doAsymmetricSm2Decrypt(args, parsed_globals):
|
|
|
559
1362
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
560
1363
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
561
1364
|
)
|
|
562
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
1365
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
563
1366
|
if g_param[OptionsDefine.Language]:
|
|
564
1367
|
profile.language = g_param[OptionsDefine.Language]
|
|
565
1368
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
566
1369
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
567
1370
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
568
1371
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
569
|
-
model = models.
|
|
1372
|
+
model = models.CancelKeyArchiveRequest()
|
|
570
1373
|
model.from_json_string(json.dumps(args))
|
|
571
1374
|
start_time = time.time()
|
|
572
1375
|
while True:
|
|
573
|
-
rsp = client.
|
|
1376
|
+
rsp = client.CancelKeyArchive(model)
|
|
574
1377
|
result = rsp.to_json_string()
|
|
575
1378
|
try:
|
|
576
1379
|
json_obj = json.loads(result)
|
|
@@ -589,7 +1392,7 @@ def doAsymmetricSm2Decrypt(args, parsed_globals):
|
|
|
589
1392
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
590
1393
|
|
|
591
1394
|
|
|
592
|
-
def
|
|
1395
|
+
def doArchiveKey(args, parsed_globals):
|
|
593
1396
|
g_param = parse_global_arg(parsed_globals)
|
|
594
1397
|
|
|
595
1398
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -599,7 +1402,10 @@ def doSignByAsymmetricKey(args, parsed_globals):
|
|
|
599
1402
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
600
1403
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
601
1404
|
)
|
|
602
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
1405
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
1406
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
1407
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
1408
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
603
1409
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
604
1410
|
else:
|
|
605
1411
|
cred = credential.Credential(
|
|
@@ -611,18 +1417,18 @@ def doSignByAsymmetricKey(args, parsed_globals):
|
|
|
611
1417
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
612
1418
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
613
1419
|
)
|
|
614
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
1420
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
615
1421
|
if g_param[OptionsDefine.Language]:
|
|
616
1422
|
profile.language = g_param[OptionsDefine.Language]
|
|
617
1423
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
618
1424
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
619
1425
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
620
1426
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
621
|
-
model = models.
|
|
1427
|
+
model = models.ArchiveKeyRequest()
|
|
622
1428
|
model.from_json_string(json.dumps(args))
|
|
623
1429
|
start_time = time.time()
|
|
624
1430
|
while True:
|
|
625
|
-
rsp = client.
|
|
1431
|
+
rsp = client.ArchiveKey(model)
|
|
626
1432
|
result = rsp.to_json_string()
|
|
627
1433
|
try:
|
|
628
1434
|
json_obj = json.loads(result)
|
|
@@ -641,7 +1447,7 @@ def doSignByAsymmetricKey(args, parsed_globals):
|
|
|
641
1447
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
642
1448
|
|
|
643
1449
|
|
|
644
|
-
def
|
|
1450
|
+
def doUpdateDataKeyDescription(args, parsed_globals):
|
|
645
1451
|
g_param = parse_global_arg(parsed_globals)
|
|
646
1452
|
|
|
647
1453
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -651,7 +1457,10 @@ def doCancelKeyDeletion(args, parsed_globals):
|
|
|
651
1457
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
652
1458
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
653
1459
|
)
|
|
654
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
1460
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
1461
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
1462
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
1463
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
655
1464
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
656
1465
|
else:
|
|
657
1466
|
cred = credential.Credential(
|
|
@@ -663,18 +1472,18 @@ def doCancelKeyDeletion(args, parsed_globals):
|
|
|
663
1472
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
664
1473
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
665
1474
|
)
|
|
666
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
1475
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
667
1476
|
if g_param[OptionsDefine.Language]:
|
|
668
1477
|
profile.language = g_param[OptionsDefine.Language]
|
|
669
1478
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
670
1479
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
671
1480
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
672
1481
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
673
|
-
model = models.
|
|
1482
|
+
model = models.UpdateDataKeyDescriptionRequest()
|
|
674
1483
|
model.from_json_string(json.dumps(args))
|
|
675
1484
|
start_time = time.time()
|
|
676
1485
|
while True:
|
|
677
|
-
rsp = client.
|
|
1486
|
+
rsp = client.UpdateDataKeyDescription(model)
|
|
678
1487
|
result = rsp.to_json_string()
|
|
679
1488
|
try:
|
|
680
1489
|
json_obj = json.loads(result)
|
|
@@ -693,7 +1502,7 @@ def doCancelKeyDeletion(args, parsed_globals):
|
|
|
693
1502
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
694
1503
|
|
|
695
1504
|
|
|
696
|
-
def
|
|
1505
|
+
def doCreateKey(args, parsed_globals):
|
|
697
1506
|
g_param = parse_global_arg(parsed_globals)
|
|
698
1507
|
|
|
699
1508
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -703,7 +1512,10 @@ def doGetKeyRotationStatus(args, parsed_globals):
|
|
|
703
1512
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
704
1513
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
705
1514
|
)
|
|
706
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
1515
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
1516
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
1517
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
1518
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
707
1519
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
708
1520
|
else:
|
|
709
1521
|
cred = credential.Credential(
|
|
@@ -715,18 +1527,18 @@ def doGetKeyRotationStatus(args, parsed_globals):
|
|
|
715
1527
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
716
1528
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
717
1529
|
)
|
|
718
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
1530
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
719
1531
|
if g_param[OptionsDefine.Language]:
|
|
720
1532
|
profile.language = g_param[OptionsDefine.Language]
|
|
721
1533
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
722
1534
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
723
1535
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
724
1536
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
725
|
-
model = models.
|
|
1537
|
+
model = models.CreateKeyRequest()
|
|
726
1538
|
model.from_json_string(json.dumps(args))
|
|
727
1539
|
start_time = time.time()
|
|
728
1540
|
while True:
|
|
729
|
-
rsp = client.
|
|
1541
|
+
rsp = client.CreateKey(model)
|
|
730
1542
|
result = rsp.to_json_string()
|
|
731
1543
|
try:
|
|
732
1544
|
json_obj = json.loads(result)
|
|
@@ -745,7 +1557,7 @@ def doGetKeyRotationStatus(args, parsed_globals):
|
|
|
745
1557
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
746
1558
|
|
|
747
1559
|
|
|
748
|
-
def
|
|
1560
|
+
def doDisableKeys(args, parsed_globals):
|
|
749
1561
|
g_param = parse_global_arg(parsed_globals)
|
|
750
1562
|
|
|
751
1563
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -755,7 +1567,10 @@ def doDescribeWhiteBoxKeyDetails(args, parsed_globals):
|
|
|
755
1567
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
756
1568
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
757
1569
|
)
|
|
758
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
1570
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
1571
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
1572
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
1573
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
759
1574
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
760
1575
|
else:
|
|
761
1576
|
cred = credential.Credential(
|
|
@@ -767,18 +1582,18 @@ def doDescribeWhiteBoxKeyDetails(args, parsed_globals):
|
|
|
767
1582
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
768
1583
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
769
1584
|
)
|
|
770
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
1585
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
771
1586
|
if g_param[OptionsDefine.Language]:
|
|
772
1587
|
profile.language = g_param[OptionsDefine.Language]
|
|
773
1588
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
774
1589
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
775
1590
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
776
1591
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
777
|
-
model = models.
|
|
1592
|
+
model = models.DisableKeysRequest()
|
|
778
1593
|
model.from_json_string(json.dumps(args))
|
|
779
1594
|
start_time = time.time()
|
|
780
1595
|
while True:
|
|
781
|
-
rsp = client.
|
|
1596
|
+
rsp = client.DisableKeys(model)
|
|
782
1597
|
result = rsp.to_json_string()
|
|
783
1598
|
try:
|
|
784
1599
|
json_obj = json.loads(result)
|
|
@@ -797,7 +1612,7 @@ def doDescribeWhiteBoxKeyDetails(args, parsed_globals):
|
|
|
797
1612
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
798
1613
|
|
|
799
1614
|
|
|
800
|
-
def
|
|
1615
|
+
def doCancelDataKeyDeletion(args, parsed_globals):
|
|
801
1616
|
g_param = parse_global_arg(parsed_globals)
|
|
802
1617
|
|
|
803
1618
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -807,7 +1622,10 @@ def doBindCloudResource(args, parsed_globals):
|
|
|
807
1622
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
808
1623
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
809
1624
|
)
|
|
810
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
1625
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
1626
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
1627
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
1628
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
811
1629
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
812
1630
|
else:
|
|
813
1631
|
cred = credential.Credential(
|
|
@@ -819,18 +1637,18 @@ def doBindCloudResource(args, parsed_globals):
|
|
|
819
1637
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
820
1638
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
821
1639
|
)
|
|
822
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
1640
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
823
1641
|
if g_param[OptionsDefine.Language]:
|
|
824
1642
|
profile.language = g_param[OptionsDefine.Language]
|
|
825
1643
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
826
1644
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
827
1645
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
828
1646
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
829
|
-
model = models.
|
|
1647
|
+
model = models.CancelDataKeyDeletionRequest()
|
|
830
1648
|
model.from_json_string(json.dumps(args))
|
|
831
1649
|
start_time = time.time()
|
|
832
1650
|
while True:
|
|
833
|
-
rsp = client.
|
|
1651
|
+
rsp = client.CancelDataKeyDeletion(model)
|
|
834
1652
|
result = rsp.to_json_string()
|
|
835
1653
|
try:
|
|
836
1654
|
json_obj = json.loads(result)
|
|
@@ -849,7 +1667,7 @@ def doBindCloudResource(args, parsed_globals):
|
|
|
849
1667
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
850
1668
|
|
|
851
1669
|
|
|
852
|
-
def
|
|
1670
|
+
def doEncryptByWhiteBox(args, parsed_globals):
|
|
853
1671
|
g_param = parse_global_arg(parsed_globals)
|
|
854
1672
|
|
|
855
1673
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -859,7 +1677,10 @@ def doDisableKeys(args, parsed_globals):
|
|
|
859
1677
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
860
1678
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
861
1679
|
)
|
|
862
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
1680
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
1681
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
1682
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
1683
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
863
1684
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
864
1685
|
else:
|
|
865
1686
|
cred = credential.Credential(
|
|
@@ -871,18 +1692,18 @@ def doDisableKeys(args, parsed_globals):
|
|
|
871
1692
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
872
1693
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
873
1694
|
)
|
|
874
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
1695
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
875
1696
|
if g_param[OptionsDefine.Language]:
|
|
876
1697
|
profile.language = g_param[OptionsDefine.Language]
|
|
877
1698
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
878
1699
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
879
1700
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
880
1701
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
881
|
-
model = models.
|
|
1702
|
+
model = models.EncryptByWhiteBoxRequest()
|
|
882
1703
|
model.from_json_string(json.dumps(args))
|
|
883
1704
|
start_time = time.time()
|
|
884
1705
|
while True:
|
|
885
|
-
rsp = client.
|
|
1706
|
+
rsp = client.EncryptByWhiteBox(model)
|
|
886
1707
|
result = rsp.to_json_string()
|
|
887
1708
|
try:
|
|
888
1709
|
json_obj = json.loads(result)
|
|
@@ -901,7 +1722,7 @@ def doDisableKeys(args, parsed_globals):
|
|
|
901
1722
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
902
1723
|
|
|
903
1724
|
|
|
904
|
-
def
|
|
1725
|
+
def doListAlgorithms(args, parsed_globals):
|
|
905
1726
|
g_param = parse_global_arg(parsed_globals)
|
|
906
1727
|
|
|
907
1728
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -911,7 +1732,10 @@ def doArchiveKey(args, parsed_globals):
|
|
|
911
1732
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
912
1733
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
913
1734
|
)
|
|
914
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
1735
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
1736
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
1737
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
1738
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
915
1739
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
916
1740
|
else:
|
|
917
1741
|
cred = credential.Credential(
|
|
@@ -923,18 +1747,18 @@ def doArchiveKey(args, parsed_globals):
|
|
|
923
1747
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
924
1748
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
925
1749
|
)
|
|
926
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
1750
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
927
1751
|
if g_param[OptionsDefine.Language]:
|
|
928
1752
|
profile.language = g_param[OptionsDefine.Language]
|
|
929
1753
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
930
1754
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
931
1755
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
932
1756
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
933
|
-
model = models.
|
|
1757
|
+
model = models.ListAlgorithmsRequest()
|
|
934
1758
|
model.from_json_string(json.dumps(args))
|
|
935
1759
|
start_time = time.time()
|
|
936
1760
|
while True:
|
|
937
|
-
rsp = client.
|
|
1761
|
+
rsp = client.ListAlgorithms(model)
|
|
938
1762
|
result = rsp.to_json_string()
|
|
939
1763
|
try:
|
|
940
1764
|
json_obj = json.loads(result)
|
|
@@ -953,7 +1777,7 @@ def doArchiveKey(args, parsed_globals):
|
|
|
953
1777
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
954
1778
|
|
|
955
1779
|
|
|
956
|
-
def
|
|
1780
|
+
def doReEncrypt(args, parsed_globals):
|
|
957
1781
|
g_param = parse_global_arg(parsed_globals)
|
|
958
1782
|
|
|
959
1783
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -963,7 +1787,10 @@ def doGetServiceStatus(args, parsed_globals):
|
|
|
963
1787
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
964
1788
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
965
1789
|
)
|
|
966
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
1790
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
1791
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
1792
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
1793
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
967
1794
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
968
1795
|
else:
|
|
969
1796
|
cred = credential.Credential(
|
|
@@ -975,18 +1802,18 @@ def doGetServiceStatus(args, parsed_globals):
|
|
|
975
1802
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
976
1803
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
977
1804
|
)
|
|
978
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
1805
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
979
1806
|
if g_param[OptionsDefine.Language]:
|
|
980
1807
|
profile.language = g_param[OptionsDefine.Language]
|
|
981
1808
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
982
1809
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
983
1810
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
984
1811
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
985
|
-
model = models.
|
|
1812
|
+
model = models.ReEncryptRequest()
|
|
986
1813
|
model.from_json_string(json.dumps(args))
|
|
987
1814
|
start_time = time.time()
|
|
988
1815
|
while True:
|
|
989
|
-
rsp = client.
|
|
1816
|
+
rsp = client.ReEncrypt(model)
|
|
990
1817
|
result = rsp.to_json_string()
|
|
991
1818
|
try:
|
|
992
1819
|
json_obj = json.loads(result)
|
|
@@ -1005,7 +1832,7 @@ def doGetServiceStatus(args, parsed_globals):
|
|
|
1005
1832
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
1006
1833
|
|
|
1007
1834
|
|
|
1008
|
-
def
|
|
1835
|
+
def doListKeys(args, parsed_globals):
|
|
1009
1836
|
g_param = parse_global_arg(parsed_globals)
|
|
1010
1837
|
|
|
1011
1838
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -1015,7 +1842,10 @@ def doEncryptByWhiteBox(args, parsed_globals):
|
|
|
1015
1842
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1016
1843
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1017
1844
|
)
|
|
1018
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
1845
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
1846
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
1847
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
1848
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1019
1849
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1020
1850
|
else:
|
|
1021
1851
|
cred = credential.Credential(
|
|
@@ -1027,18 +1857,18 @@ def doEncryptByWhiteBox(args, parsed_globals):
|
|
|
1027
1857
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1028
1858
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1029
1859
|
)
|
|
1030
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
1860
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1031
1861
|
if g_param[OptionsDefine.Language]:
|
|
1032
1862
|
profile.language = g_param[OptionsDefine.Language]
|
|
1033
1863
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
1034
1864
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
1035
1865
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
1036
1866
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
1037
|
-
model = models.
|
|
1867
|
+
model = models.ListKeysRequest()
|
|
1038
1868
|
model.from_json_string(json.dumps(args))
|
|
1039
1869
|
start_time = time.time()
|
|
1040
1870
|
while True:
|
|
1041
|
-
rsp = client.
|
|
1871
|
+
rsp = client.ListKeys(model)
|
|
1042
1872
|
result = rsp.to_json_string()
|
|
1043
1873
|
try:
|
|
1044
1874
|
json_obj = json.loads(result)
|
|
@@ -1057,7 +1887,7 @@ def doEncryptByWhiteBox(args, parsed_globals):
|
|
|
1057
1887
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
1058
1888
|
|
|
1059
1889
|
|
|
1060
|
-
def
|
|
1890
|
+
def doGenerateRandom(args, parsed_globals):
|
|
1061
1891
|
g_param = parse_global_arg(parsed_globals)
|
|
1062
1892
|
|
|
1063
1893
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -1067,7 +1897,10 @@ def doListAlgorithms(args, parsed_globals):
|
|
|
1067
1897
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1068
1898
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1069
1899
|
)
|
|
1070
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
1900
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
1901
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
1902
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
1903
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1071
1904
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1072
1905
|
else:
|
|
1073
1906
|
cred = credential.Credential(
|
|
@@ -1079,18 +1912,18 @@ def doListAlgorithms(args, parsed_globals):
|
|
|
1079
1912
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1080
1913
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1081
1914
|
)
|
|
1082
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
1915
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1083
1916
|
if g_param[OptionsDefine.Language]:
|
|
1084
1917
|
profile.language = g_param[OptionsDefine.Language]
|
|
1085
1918
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
1086
1919
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
1087
1920
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
1088
1921
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
1089
|
-
model = models.
|
|
1922
|
+
model = models.GenerateRandomRequest()
|
|
1090
1923
|
model.from_json_string(json.dumps(args))
|
|
1091
1924
|
start_time = time.time()
|
|
1092
1925
|
while True:
|
|
1093
|
-
rsp = client.
|
|
1926
|
+
rsp = client.GenerateRandom(model)
|
|
1094
1927
|
result = rsp.to_json_string()
|
|
1095
1928
|
try:
|
|
1096
1929
|
json_obj = json.loads(result)
|
|
@@ -1109,7 +1942,7 @@ def doListAlgorithms(args, parsed_globals):
|
|
|
1109
1942
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
1110
1943
|
|
|
1111
1944
|
|
|
1112
|
-
def
|
|
1945
|
+
def doGetDataKeyCiphertextBlob(args, parsed_globals):
|
|
1113
1946
|
g_param = parse_global_arg(parsed_globals)
|
|
1114
1947
|
|
|
1115
1948
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -1119,7 +1952,10 @@ def doReEncrypt(args, parsed_globals):
|
|
|
1119
1952
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1120
1953
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1121
1954
|
)
|
|
1122
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
1955
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
1956
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
1957
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
1958
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1123
1959
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1124
1960
|
else:
|
|
1125
1961
|
cred = credential.Credential(
|
|
@@ -1131,18 +1967,18 @@ def doReEncrypt(args, parsed_globals):
|
|
|
1131
1967
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1132
1968
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1133
1969
|
)
|
|
1134
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
1970
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1135
1971
|
if g_param[OptionsDefine.Language]:
|
|
1136
1972
|
profile.language = g_param[OptionsDefine.Language]
|
|
1137
1973
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
1138
1974
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
1139
1975
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
1140
1976
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
1141
|
-
model = models.
|
|
1977
|
+
model = models.GetDataKeyCiphertextBlobRequest()
|
|
1142
1978
|
model.from_json_string(json.dumps(args))
|
|
1143
1979
|
start_time = time.time()
|
|
1144
1980
|
while True:
|
|
1145
|
-
rsp = client.
|
|
1981
|
+
rsp = client.GetDataKeyCiphertextBlob(model)
|
|
1146
1982
|
result = rsp.to_json_string()
|
|
1147
1983
|
try:
|
|
1148
1984
|
json_obj = json.loads(result)
|
|
@@ -1161,7 +1997,7 @@ def doReEncrypt(args, parsed_globals):
|
|
|
1161
1997
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
1162
1998
|
|
|
1163
1999
|
|
|
1164
|
-
def
|
|
2000
|
+
def doPostQuantumCryptoDecrypt(args, parsed_globals):
|
|
1165
2001
|
g_param = parse_global_arg(parsed_globals)
|
|
1166
2002
|
|
|
1167
2003
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -1171,7 +2007,10 @@ def doListKeys(args, parsed_globals):
|
|
|
1171
2007
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1172
2008
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1173
2009
|
)
|
|
1174
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
2010
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
2011
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
2012
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
2013
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1175
2014
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1176
2015
|
else:
|
|
1177
2016
|
cred = credential.Credential(
|
|
@@ -1183,18 +2022,18 @@ def doListKeys(args, parsed_globals):
|
|
|
1183
2022
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1184
2023
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1185
2024
|
)
|
|
1186
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
2025
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1187
2026
|
if g_param[OptionsDefine.Language]:
|
|
1188
2027
|
profile.language = g_param[OptionsDefine.Language]
|
|
1189
2028
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
1190
2029
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
1191
2030
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
1192
2031
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
1193
|
-
model = models.
|
|
2032
|
+
model = models.PostQuantumCryptoDecryptRequest()
|
|
1194
2033
|
model.from_json_string(json.dumps(args))
|
|
1195
2034
|
start_time = time.time()
|
|
1196
2035
|
while True:
|
|
1197
|
-
rsp = client.
|
|
2036
|
+
rsp = client.PostQuantumCryptoDecrypt(model)
|
|
1198
2037
|
result = rsp.to_json_string()
|
|
1199
2038
|
try:
|
|
1200
2039
|
json_obj = json.loads(result)
|
|
@@ -1213,7 +2052,7 @@ def doListKeys(args, parsed_globals):
|
|
|
1213
2052
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
1214
2053
|
|
|
1215
2054
|
|
|
1216
|
-
def
|
|
2055
|
+
def doEnableDataKeys(args, parsed_globals):
|
|
1217
2056
|
g_param = parse_global_arg(parsed_globals)
|
|
1218
2057
|
|
|
1219
2058
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -1223,7 +2062,10 @@ def doGenerateRandom(args, parsed_globals):
|
|
|
1223
2062
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1224
2063
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1225
2064
|
)
|
|
1226
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
2065
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
2066
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
2067
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
2068
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1227
2069
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1228
2070
|
else:
|
|
1229
2071
|
cred = credential.Credential(
|
|
@@ -1235,18 +2077,18 @@ def doGenerateRandom(args, parsed_globals):
|
|
|
1235
2077
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1236
2078
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1237
2079
|
)
|
|
1238
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
2080
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1239
2081
|
if g_param[OptionsDefine.Language]:
|
|
1240
2082
|
profile.language = g_param[OptionsDefine.Language]
|
|
1241
2083
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
1242
2084
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
1243
2085
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
1244
2086
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
1245
|
-
model = models.
|
|
2087
|
+
model = models.EnableDataKeysRequest()
|
|
1246
2088
|
model.from_json_string(json.dumps(args))
|
|
1247
2089
|
start_time = time.time()
|
|
1248
2090
|
while True:
|
|
1249
|
-
rsp = client.
|
|
2091
|
+
rsp = client.EnableDataKeys(model)
|
|
1250
2092
|
result = rsp.to_json_string()
|
|
1251
2093
|
try:
|
|
1252
2094
|
json_obj = json.loads(result)
|
|
@@ -1265,7 +2107,7 @@ def doGenerateRandom(args, parsed_globals):
|
|
|
1265
2107
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
1266
2108
|
|
|
1267
2109
|
|
|
1268
|
-
def
|
|
2110
|
+
def doOverwriteWhiteBoxDeviceFingerprints(args, parsed_globals):
|
|
1269
2111
|
g_param = parse_global_arg(parsed_globals)
|
|
1270
2112
|
|
|
1271
2113
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -1275,7 +2117,10 @@ def doPostQuantumCryptoDecrypt(args, parsed_globals):
|
|
|
1275
2117
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1276
2118
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1277
2119
|
)
|
|
1278
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
2120
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
2121
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
2122
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
2123
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1279
2124
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1280
2125
|
else:
|
|
1281
2126
|
cred = credential.Credential(
|
|
@@ -1287,18 +2132,18 @@ def doPostQuantumCryptoDecrypt(args, parsed_globals):
|
|
|
1287
2132
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1288
2133
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1289
2134
|
)
|
|
1290
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
2135
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1291
2136
|
if g_param[OptionsDefine.Language]:
|
|
1292
2137
|
profile.language = g_param[OptionsDefine.Language]
|
|
1293
2138
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
1294
2139
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
1295
2140
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
1296
2141
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
1297
|
-
model = models.
|
|
2142
|
+
model = models.OverwriteWhiteBoxDeviceFingerprintsRequest()
|
|
1298
2143
|
model.from_json_string(json.dumps(args))
|
|
1299
2144
|
start_time = time.time()
|
|
1300
2145
|
while True:
|
|
1301
|
-
rsp = client.
|
|
2146
|
+
rsp = client.OverwriteWhiteBoxDeviceFingerprints(model)
|
|
1302
2147
|
result = rsp.to_json_string()
|
|
1303
2148
|
try:
|
|
1304
2149
|
json_obj = json.loads(result)
|
|
@@ -1317,7 +2162,7 @@ def doPostQuantumCryptoDecrypt(args, parsed_globals):
|
|
|
1317
2162
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
1318
2163
|
|
|
1319
2164
|
|
|
1320
|
-
def
|
|
2165
|
+
def doUpdateDataKeyName(args, parsed_globals):
|
|
1321
2166
|
g_param = parse_global_arg(parsed_globals)
|
|
1322
2167
|
|
|
1323
2168
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -1327,7 +2172,10 @@ def doOverwriteWhiteBoxDeviceFingerprints(args, parsed_globals):
|
|
|
1327
2172
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1328
2173
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1329
2174
|
)
|
|
1330
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
2175
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
2176
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
2177
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
2178
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1331
2179
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1332
2180
|
else:
|
|
1333
2181
|
cred = credential.Credential(
|
|
@@ -1339,18 +2187,18 @@ def doOverwriteWhiteBoxDeviceFingerprints(args, parsed_globals):
|
|
|
1339
2187
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1340
2188
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1341
2189
|
)
|
|
1342
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
2190
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1343
2191
|
if g_param[OptionsDefine.Language]:
|
|
1344
2192
|
profile.language = g_param[OptionsDefine.Language]
|
|
1345
2193
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
1346
2194
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
1347
2195
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
1348
2196
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
1349
|
-
model = models.
|
|
2197
|
+
model = models.UpdateDataKeyNameRequest()
|
|
1350
2198
|
model.from_json_string(json.dumps(args))
|
|
1351
2199
|
start_time = time.time()
|
|
1352
2200
|
while True:
|
|
1353
|
-
rsp = client.
|
|
2201
|
+
rsp = client.UpdateDataKeyName(model)
|
|
1354
2202
|
result = rsp.to_json_string()
|
|
1355
2203
|
try:
|
|
1356
2204
|
json_obj = json.loads(result)
|
|
@@ -1369,7 +2217,7 @@ def doOverwriteWhiteBoxDeviceFingerprints(args, parsed_globals):
|
|
|
1369
2217
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
1370
2218
|
|
|
1371
2219
|
|
|
1372
|
-
def
|
|
2220
|
+
def doDescribeWhiteBoxKey(args, parsed_globals):
|
|
1373
2221
|
g_param = parse_global_arg(parsed_globals)
|
|
1374
2222
|
|
|
1375
2223
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -1379,7 +2227,10 @@ def doCreateKey(args, parsed_globals):
|
|
|
1379
2227
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1380
2228
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1381
2229
|
)
|
|
1382
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
2230
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
2231
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
2232
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
2233
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1383
2234
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1384
2235
|
else:
|
|
1385
2236
|
cred = credential.Credential(
|
|
@@ -1391,18 +2242,18 @@ def doCreateKey(args, parsed_globals):
|
|
|
1391
2242
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1392
2243
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1393
2244
|
)
|
|
1394
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
2245
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1395
2246
|
if g_param[OptionsDefine.Language]:
|
|
1396
2247
|
profile.language = g_param[OptionsDefine.Language]
|
|
1397
2248
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
1398
2249
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
1399
2250
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
1400
2251
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
1401
|
-
model = models.
|
|
2252
|
+
model = models.DescribeWhiteBoxKeyRequest()
|
|
1402
2253
|
model.from_json_string(json.dumps(args))
|
|
1403
2254
|
start_time = time.time()
|
|
1404
2255
|
while True:
|
|
1405
|
-
rsp = client.
|
|
2256
|
+
rsp = client.DescribeWhiteBoxKey(model)
|
|
1406
2257
|
result = rsp.to_json_string()
|
|
1407
2258
|
try:
|
|
1408
2259
|
json_obj = json.loads(result)
|
|
@@ -1421,7 +2272,7 @@ def doCreateKey(args, parsed_globals):
|
|
|
1421
2272
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
1422
2273
|
|
|
1423
2274
|
|
|
1424
|
-
def
|
|
2275
|
+
def doGetParametersForImport(args, parsed_globals):
|
|
1425
2276
|
g_param = parse_global_arg(parsed_globals)
|
|
1426
2277
|
|
|
1427
2278
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -1431,7 +2282,10 @@ def doDescribeWhiteBoxKey(args, parsed_globals):
|
|
|
1431
2282
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1432
2283
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1433
2284
|
)
|
|
1434
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
2285
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
2286
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
2287
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
2288
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1435
2289
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1436
2290
|
else:
|
|
1437
2291
|
cred = credential.Credential(
|
|
@@ -1443,18 +2297,18 @@ def doDescribeWhiteBoxKey(args, parsed_globals):
|
|
|
1443
2297
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1444
2298
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1445
2299
|
)
|
|
1446
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
2300
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1447
2301
|
if g_param[OptionsDefine.Language]:
|
|
1448
2302
|
profile.language = g_param[OptionsDefine.Language]
|
|
1449
2303
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
1450
2304
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
1451
2305
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
1452
2306
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
1453
|
-
model = models.
|
|
2307
|
+
model = models.GetParametersForImportRequest()
|
|
1454
2308
|
model.from_json_string(json.dumps(args))
|
|
1455
2309
|
start_time = time.time()
|
|
1456
2310
|
while True:
|
|
1457
|
-
rsp = client.
|
|
2311
|
+
rsp = client.GetParametersForImport(model)
|
|
1458
2312
|
result = rsp.to_json_string()
|
|
1459
2313
|
try:
|
|
1460
2314
|
json_obj = json.loads(result)
|
|
@@ -1473,7 +2327,7 @@ def doDescribeWhiteBoxKey(args, parsed_globals):
|
|
|
1473
2327
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
1474
2328
|
|
|
1475
2329
|
|
|
1476
|
-
def
|
|
2330
|
+
def doDisableWhiteBoxKeys(args, parsed_globals):
|
|
1477
2331
|
g_param = parse_global_arg(parsed_globals)
|
|
1478
2332
|
|
|
1479
2333
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -1483,7 +2337,10 @@ def doGetParametersForImport(args, parsed_globals):
|
|
|
1483
2337
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1484
2338
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1485
2339
|
)
|
|
1486
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
2340
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
2341
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
2342
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
2343
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1487
2344
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1488
2345
|
else:
|
|
1489
2346
|
cred = credential.Credential(
|
|
@@ -1495,18 +2352,18 @@ def doGetParametersForImport(args, parsed_globals):
|
|
|
1495
2352
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1496
2353
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1497
2354
|
)
|
|
1498
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
2355
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1499
2356
|
if g_param[OptionsDefine.Language]:
|
|
1500
2357
|
profile.language = g_param[OptionsDefine.Language]
|
|
1501
2358
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
1502
2359
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
1503
2360
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
1504
2361
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
1505
|
-
model = models.
|
|
2362
|
+
model = models.DisableWhiteBoxKeysRequest()
|
|
1506
2363
|
model.from_json_string(json.dumps(args))
|
|
1507
2364
|
start_time = time.time()
|
|
1508
2365
|
while True:
|
|
1509
|
-
rsp = client.
|
|
2366
|
+
rsp = client.DisableWhiteBoxKeys(model)
|
|
1510
2367
|
result = rsp.to_json_string()
|
|
1511
2368
|
try:
|
|
1512
2369
|
json_obj = json.loads(result)
|
|
@@ -1525,7 +2382,7 @@ def doGetParametersForImport(args, parsed_globals):
|
|
|
1525
2382
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
1526
2383
|
|
|
1527
2384
|
|
|
1528
|
-
def
|
|
2385
|
+
def doDisableDataKey(args, parsed_globals):
|
|
1529
2386
|
g_param = parse_global_arg(parsed_globals)
|
|
1530
2387
|
|
|
1531
2388
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -1535,7 +2392,10 @@ def doDisableWhiteBoxKeys(args, parsed_globals):
|
|
|
1535
2392
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1536
2393
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1537
2394
|
)
|
|
1538
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
2395
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
2396
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
2397
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
2398
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1539
2399
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1540
2400
|
else:
|
|
1541
2401
|
cred = credential.Credential(
|
|
@@ -1547,18 +2407,18 @@ def doDisableWhiteBoxKeys(args, parsed_globals):
|
|
|
1547
2407
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1548
2408
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1549
2409
|
)
|
|
1550
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
2410
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1551
2411
|
if g_param[OptionsDefine.Language]:
|
|
1552
2412
|
profile.language = g_param[OptionsDefine.Language]
|
|
1553
2413
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
1554
2414
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
1555
2415
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
1556
2416
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
1557
|
-
model = models.
|
|
2417
|
+
model = models.DisableDataKeyRequest()
|
|
1558
2418
|
model.from_json_string(json.dumps(args))
|
|
1559
2419
|
start_time = time.time()
|
|
1560
2420
|
while True:
|
|
1561
|
-
rsp = client.
|
|
2421
|
+
rsp = client.DisableDataKey(model)
|
|
1562
2422
|
result = rsp.to_json_string()
|
|
1563
2423
|
try:
|
|
1564
2424
|
json_obj = json.loads(result)
|
|
@@ -1577,7 +2437,7 @@ def doDisableWhiteBoxKeys(args, parsed_globals):
|
|
|
1577
2437
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
1578
2438
|
|
|
1579
2439
|
|
|
1580
|
-
def
|
|
2440
|
+
def doDescribeDataKeys(args, parsed_globals):
|
|
1581
2441
|
g_param = parse_global_arg(parsed_globals)
|
|
1582
2442
|
|
|
1583
2443
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -1587,7 +2447,10 @@ def doListKeyDetail(args, parsed_globals):
|
|
|
1587
2447
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1588
2448
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1589
2449
|
)
|
|
1590
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
2450
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
2451
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
2452
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
2453
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1591
2454
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1592
2455
|
else:
|
|
1593
2456
|
cred = credential.Credential(
|
|
@@ -1599,18 +2462,18 @@ def doListKeyDetail(args, parsed_globals):
|
|
|
1599
2462
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1600
2463
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1601
2464
|
)
|
|
1602
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
2465
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1603
2466
|
if g_param[OptionsDefine.Language]:
|
|
1604
2467
|
profile.language = g_param[OptionsDefine.Language]
|
|
1605
2468
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
1606
2469
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
1607
2470
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
1608
2471
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
1609
|
-
model = models.
|
|
2472
|
+
model = models.DescribeDataKeysRequest()
|
|
1610
2473
|
model.from_json_string(json.dumps(args))
|
|
1611
2474
|
start_time = time.time()
|
|
1612
2475
|
while True:
|
|
1613
|
-
rsp = client.
|
|
2476
|
+
rsp = client.DescribeDataKeys(model)
|
|
1614
2477
|
result = rsp.to_json_string()
|
|
1615
2478
|
try:
|
|
1616
2479
|
json_obj = json.loads(result)
|
|
@@ -1629,7 +2492,7 @@ def doListKeyDetail(args, parsed_globals):
|
|
|
1629
2492
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
1630
2493
|
|
|
1631
2494
|
|
|
1632
|
-
def
|
|
2495
|
+
def doDisableKeyRotation(args, parsed_globals):
|
|
1633
2496
|
g_param = parse_global_arg(parsed_globals)
|
|
1634
2497
|
|
|
1635
2498
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -1639,7 +2502,10 @@ def doAsymmetricRsaDecrypt(args, parsed_globals):
|
|
|
1639
2502
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1640
2503
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1641
2504
|
)
|
|
1642
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
2505
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
2506
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
2507
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
2508
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1643
2509
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1644
2510
|
else:
|
|
1645
2511
|
cred = credential.Credential(
|
|
@@ -1651,18 +2517,18 @@ def doAsymmetricRsaDecrypt(args, parsed_globals):
|
|
|
1651
2517
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1652
2518
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1653
2519
|
)
|
|
1654
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
2520
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1655
2521
|
if g_param[OptionsDefine.Language]:
|
|
1656
2522
|
profile.language = g_param[OptionsDefine.Language]
|
|
1657
2523
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
1658
2524
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
1659
2525
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
1660
2526
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
1661
|
-
model = models.
|
|
2527
|
+
model = models.DisableKeyRotationRequest()
|
|
1662
2528
|
model.from_json_string(json.dumps(args))
|
|
1663
2529
|
start_time = time.time()
|
|
1664
2530
|
while True:
|
|
1665
|
-
rsp = client.
|
|
2531
|
+
rsp = client.DisableKeyRotation(model)
|
|
1666
2532
|
result = rsp.to_json_string()
|
|
1667
2533
|
try:
|
|
1668
2534
|
json_obj = json.loads(result)
|
|
@@ -1681,7 +2547,7 @@ def doAsymmetricRsaDecrypt(args, parsed_globals):
|
|
|
1681
2547
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
1682
2548
|
|
|
1683
2549
|
|
|
1684
|
-
def
|
|
2550
|
+
def doListKeyDetail(args, parsed_globals):
|
|
1685
2551
|
g_param = parse_global_arg(parsed_globals)
|
|
1686
2552
|
|
|
1687
2553
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -1691,7 +2557,10 @@ def doDisableKeyRotation(args, parsed_globals):
|
|
|
1691
2557
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1692
2558
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1693
2559
|
)
|
|
1694
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
2560
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
2561
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
2562
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
2563
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1695
2564
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1696
2565
|
else:
|
|
1697
2566
|
cred = credential.Credential(
|
|
@@ -1703,18 +2572,18 @@ def doDisableKeyRotation(args, parsed_globals):
|
|
|
1703
2572
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1704
2573
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1705
2574
|
)
|
|
1706
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
2575
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1707
2576
|
if g_param[OptionsDefine.Language]:
|
|
1708
2577
|
profile.language = g_param[OptionsDefine.Language]
|
|
1709
2578
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
1710
2579
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
1711
2580
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
1712
2581
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
1713
|
-
model = models.
|
|
2582
|
+
model = models.ListKeyDetailRequest()
|
|
1714
2583
|
model.from_json_string(json.dumps(args))
|
|
1715
2584
|
start_time = time.time()
|
|
1716
2585
|
while True:
|
|
1717
|
-
rsp = client.
|
|
2586
|
+
rsp = client.ListKeyDetail(model)
|
|
1718
2587
|
result = rsp.to_json_string()
|
|
1719
2588
|
try:
|
|
1720
2589
|
json_obj = json.loads(result)
|
|
@@ -1743,7 +2612,10 @@ def doDisableWhiteBoxKey(args, parsed_globals):
|
|
|
1743
2612
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1744
2613
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1745
2614
|
)
|
|
1746
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
2615
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
2616
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
2617
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
2618
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1747
2619
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1748
2620
|
else:
|
|
1749
2621
|
cred = credential.Credential(
|
|
@@ -1755,7 +2627,7 @@ def doDisableWhiteBoxKey(args, parsed_globals):
|
|
|
1755
2627
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1756
2628
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1757
2629
|
)
|
|
1758
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
2630
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1759
2631
|
if g_param[OptionsDefine.Language]:
|
|
1760
2632
|
profile.language = g_param[OptionsDefine.Language]
|
|
1761
2633
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
@@ -1795,7 +2667,10 @@ def doEnableKeys(args, parsed_globals):
|
|
|
1795
2667
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1796
2668
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1797
2669
|
)
|
|
1798
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
2670
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
2671
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
2672
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
2673
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1799
2674
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1800
2675
|
else:
|
|
1801
2676
|
cred = credential.Credential(
|
|
@@ -1807,7 +2682,7 @@ def doEnableKeys(args, parsed_globals):
|
|
|
1807
2682
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1808
2683
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1809
2684
|
)
|
|
1810
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
2685
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1811
2686
|
if g_param[OptionsDefine.Language]:
|
|
1812
2687
|
profile.language = g_param[OptionsDefine.Language]
|
|
1813
2688
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
@@ -1847,7 +2722,10 @@ def doScheduleKeyDeletion(args, parsed_globals):
|
|
|
1847
2722
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1848
2723
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1849
2724
|
)
|
|
1850
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
2725
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
2726
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
2727
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
2728
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1851
2729
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1852
2730
|
else:
|
|
1853
2731
|
cred = credential.Credential(
|
|
@@ -1859,7 +2737,7 @@ def doScheduleKeyDeletion(args, parsed_globals):
|
|
|
1859
2737
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1860
2738
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1861
2739
|
)
|
|
1862
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
2740
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1863
2741
|
if g_param[OptionsDefine.Language]:
|
|
1864
2742
|
profile.language = g_param[OptionsDefine.Language]
|
|
1865
2743
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
@@ -1899,7 +2777,10 @@ def doDescribeWhiteBoxDeviceFingerprints(args, parsed_globals):
|
|
|
1899
2777
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1900
2778
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1901
2779
|
)
|
|
1902
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
2780
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
2781
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
2782
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
2783
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1903
2784
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1904
2785
|
else:
|
|
1905
2786
|
cred = credential.Credential(
|
|
@@ -1911,7 +2792,7 @@ def doDescribeWhiteBoxDeviceFingerprints(args, parsed_globals):
|
|
|
1911
2792
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1912
2793
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1913
2794
|
)
|
|
1914
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
2795
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1915
2796
|
if g_param[OptionsDefine.Language]:
|
|
1916
2797
|
profile.language = g_param[OptionsDefine.Language]
|
|
1917
2798
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
@@ -1951,7 +2832,10 @@ def doDescribeKey(args, parsed_globals):
|
|
|
1951
2832
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
1952
2833
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
1953
2834
|
)
|
|
1954
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
2835
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
2836
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
2837
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
2838
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
1955
2839
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
1956
2840
|
else:
|
|
1957
2841
|
cred = credential.Credential(
|
|
@@ -1963,7 +2847,7 @@ def doDescribeKey(args, parsed_globals):
|
|
|
1963
2847
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
1964
2848
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
1965
2849
|
)
|
|
1966
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
2850
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
1967
2851
|
if g_param[OptionsDefine.Language]:
|
|
1968
2852
|
profile.language = g_param[OptionsDefine.Language]
|
|
1969
2853
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
@@ -2003,7 +2887,10 @@ def doUnbindCloudResource(args, parsed_globals):
|
|
|
2003
2887
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
2004
2888
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
2005
2889
|
)
|
|
2006
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
2890
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
2891
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
2892
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
2893
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
2007
2894
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
2008
2895
|
else:
|
|
2009
2896
|
cred = credential.Credential(
|
|
@@ -2015,7 +2902,7 @@ def doUnbindCloudResource(args, parsed_globals):
|
|
|
2015
2902
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
2016
2903
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
2017
2904
|
)
|
|
2018
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
2905
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
2019
2906
|
if g_param[OptionsDefine.Language]:
|
|
2020
2907
|
profile.language = g_param[OptionsDefine.Language]
|
|
2021
2908
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
@@ -2045,7 +2932,7 @@ def doUnbindCloudResource(args, parsed_globals):
|
|
|
2045
2932
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
2046
2933
|
|
|
2047
2934
|
|
|
2048
|
-
def
|
|
2935
|
+
def doPostQuantumCryptoEncrypt(args, parsed_globals):
|
|
2049
2936
|
g_param = parse_global_arg(parsed_globals)
|
|
2050
2937
|
|
|
2051
2938
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -2055,7 +2942,10 @@ def doEnableKeyRotation(args, parsed_globals):
|
|
|
2055
2942
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
2056
2943
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
2057
2944
|
)
|
|
2058
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
2945
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
2946
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
2947
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
2948
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
2059
2949
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
2060
2950
|
else:
|
|
2061
2951
|
cred = credential.Credential(
|
|
@@ -2067,18 +2957,18 @@ def doEnableKeyRotation(args, parsed_globals):
|
|
|
2067
2957
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
2068
2958
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
2069
2959
|
)
|
|
2070
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
2960
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
2071
2961
|
if g_param[OptionsDefine.Language]:
|
|
2072
2962
|
profile.language = g_param[OptionsDefine.Language]
|
|
2073
2963
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
2074
2964
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
2075
2965
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
2076
2966
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
2077
|
-
model = models.
|
|
2967
|
+
model = models.PostQuantumCryptoEncryptRequest()
|
|
2078
2968
|
model.from_json_string(json.dumps(args))
|
|
2079
2969
|
start_time = time.time()
|
|
2080
2970
|
while True:
|
|
2081
|
-
rsp = client.
|
|
2971
|
+
rsp = client.PostQuantumCryptoEncrypt(model)
|
|
2082
2972
|
result = rsp.to_json_string()
|
|
2083
2973
|
try:
|
|
2084
2974
|
json_obj = json.loads(result)
|
|
@@ -2097,7 +2987,7 @@ def doEnableKeyRotation(args, parsed_globals):
|
|
|
2097
2987
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
2098
2988
|
|
|
2099
2989
|
|
|
2100
|
-
def
|
|
2990
|
+
def doVerifyByAsymmetricKey(args, parsed_globals):
|
|
2101
2991
|
g_param = parse_global_arg(parsed_globals)
|
|
2102
2992
|
|
|
2103
2993
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -2107,7 +2997,10 @@ def doCreateWhiteBoxKey(args, parsed_globals):
|
|
|
2107
2997
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
2108
2998
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
2109
2999
|
)
|
|
2110
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
3000
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
3001
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
3002
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
3003
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
2111
3004
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
2112
3005
|
else:
|
|
2113
3006
|
cred = credential.Credential(
|
|
@@ -2119,18 +3012,18 @@ def doCreateWhiteBoxKey(args, parsed_globals):
|
|
|
2119
3012
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
2120
3013
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
2121
3014
|
)
|
|
2122
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
3015
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
2123
3016
|
if g_param[OptionsDefine.Language]:
|
|
2124
3017
|
profile.language = g_param[OptionsDefine.Language]
|
|
2125
3018
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
2126
3019
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
2127
3020
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
2128
3021
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
2129
|
-
model = models.
|
|
3022
|
+
model = models.VerifyByAsymmetricKeyRequest()
|
|
2130
3023
|
model.from_json_string(json.dumps(args))
|
|
2131
3024
|
start_time = time.time()
|
|
2132
3025
|
while True:
|
|
2133
|
-
rsp = client.
|
|
3026
|
+
rsp = client.VerifyByAsymmetricKey(model)
|
|
2134
3027
|
result = rsp.to_json_string()
|
|
2135
3028
|
try:
|
|
2136
3029
|
json_obj = json.loads(result)
|
|
@@ -2149,7 +3042,7 @@ def doCreateWhiteBoxKey(args, parsed_globals):
|
|
|
2149
3042
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
2150
3043
|
|
|
2151
3044
|
|
|
2152
|
-
def
|
|
3045
|
+
def doEnableDataKey(args, parsed_globals):
|
|
2153
3046
|
g_param = parse_global_arg(parsed_globals)
|
|
2154
3047
|
|
|
2155
3048
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -2159,7 +3052,10 @@ def doPostQuantumCryptoEncrypt(args, parsed_globals):
|
|
|
2159
3052
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
2160
3053
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
2161
3054
|
)
|
|
2162
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
3055
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
3056
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
3057
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
3058
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
2163
3059
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
2164
3060
|
else:
|
|
2165
3061
|
cred = credential.Credential(
|
|
@@ -2171,18 +3067,18 @@ def doPostQuantumCryptoEncrypt(args, parsed_globals):
|
|
|
2171
3067
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
2172
3068
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
2173
3069
|
)
|
|
2174
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
3070
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
2175
3071
|
if g_param[OptionsDefine.Language]:
|
|
2176
3072
|
profile.language = g_param[OptionsDefine.Language]
|
|
2177
3073
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
2178
3074
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
2179
3075
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
2180
3076
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
2181
|
-
model = models.
|
|
3077
|
+
model = models.EnableDataKeyRequest()
|
|
2182
3078
|
model.from_json_string(json.dumps(args))
|
|
2183
3079
|
start_time = time.time()
|
|
2184
3080
|
while True:
|
|
2185
|
-
rsp = client.
|
|
3081
|
+
rsp = client.EnableDataKey(model)
|
|
2186
3082
|
result = rsp.to_json_string()
|
|
2187
3083
|
try:
|
|
2188
3084
|
json_obj = json.loads(result)
|
|
@@ -2211,7 +3107,10 @@ def doEnableWhiteBoxKey(args, parsed_globals):
|
|
|
2211
3107
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
2212
3108
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
2213
3109
|
)
|
|
2214
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
3110
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
3111
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
3112
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
3113
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
2215
3114
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
2216
3115
|
else:
|
|
2217
3116
|
cred = credential.Credential(
|
|
@@ -2223,7 +3122,7 @@ def doEnableWhiteBoxKey(args, parsed_globals):
|
|
|
2223
3122
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
2224
3123
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
2225
3124
|
)
|
|
2226
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
3125
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
2227
3126
|
if g_param[OptionsDefine.Language]:
|
|
2228
3127
|
profile.language = g_param[OptionsDefine.Language]
|
|
2229
3128
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
@@ -2263,7 +3162,10 @@ def doEnableKey(args, parsed_globals):
|
|
|
2263
3162
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
2264
3163
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
2265
3164
|
)
|
|
2266
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
3165
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
3166
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
3167
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
3168
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
2267
3169
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
2268
3170
|
else:
|
|
2269
3171
|
cred = credential.Credential(
|
|
@@ -2275,7 +3177,7 @@ def doEnableKey(args, parsed_globals):
|
|
|
2275
3177
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
2276
3178
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
2277
3179
|
)
|
|
2278
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
3180
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
2279
3181
|
if g_param[OptionsDefine.Language]:
|
|
2280
3182
|
profile.language = g_param[OptionsDefine.Language]
|
|
2281
3183
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
@@ -2315,7 +3217,10 @@ def doDecrypt(args, parsed_globals):
|
|
|
2315
3217
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
2316
3218
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
2317
3219
|
)
|
|
2318
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
3220
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
3221
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
3222
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
3223
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
2319
3224
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
2320
3225
|
else:
|
|
2321
3226
|
cred = credential.Credential(
|
|
@@ -2327,7 +3232,7 @@ def doDecrypt(args, parsed_globals):
|
|
|
2327
3232
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
2328
3233
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
2329
3234
|
)
|
|
2330
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
3235
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
2331
3236
|
if g_param[OptionsDefine.Language]:
|
|
2332
3237
|
profile.language = g_param[OptionsDefine.Language]
|
|
2333
3238
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
@@ -2367,7 +3272,10 @@ def doDescribeKeys(args, parsed_globals):
|
|
|
2367
3272
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
2368
3273
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
2369
3274
|
)
|
|
2370
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
3275
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
3276
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
3277
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
3278
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
2371
3279
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
2372
3280
|
else:
|
|
2373
3281
|
cred = credential.Credential(
|
|
@@ -2379,7 +3287,7 @@ def doDescribeKeys(args, parsed_globals):
|
|
|
2379
3287
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
2380
3288
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
2381
3289
|
)
|
|
2382
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
3290
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
2383
3291
|
if g_param[OptionsDefine.Language]:
|
|
2384
3292
|
profile.language = g_param[OptionsDefine.Language]
|
|
2385
3293
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
@@ -2419,7 +3327,10 @@ def doDescribeWhiteBoxServiceStatus(args, parsed_globals):
|
|
|
2419
3327
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
2420
3328
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
2421
3329
|
)
|
|
2422
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
3330
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
3331
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
3332
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
3333
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
2423
3334
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
2424
3335
|
else:
|
|
2425
3336
|
cred = credential.Credential(
|
|
@@ -2431,7 +3342,7 @@ def doDescribeWhiteBoxServiceStatus(args, parsed_globals):
|
|
|
2431
3342
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
2432
3343
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
2433
3344
|
)
|
|
2434
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
3345
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
2435
3346
|
if g_param[OptionsDefine.Language]:
|
|
2436
3347
|
profile.language = g_param[OptionsDefine.Language]
|
|
2437
3348
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
@@ -2471,7 +3382,10 @@ def doUpdateKeyDescription(args, parsed_globals):
|
|
|
2471
3382
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
2472
3383
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
2473
3384
|
)
|
|
2474
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
3385
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
3386
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
3387
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
3388
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
2475
3389
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
2476
3390
|
else:
|
|
2477
3391
|
cred = credential.Credential(
|
|
@@ -2483,7 +3397,7 @@ def doUpdateKeyDescription(args, parsed_globals):
|
|
|
2483
3397
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
2484
3398
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
2485
3399
|
)
|
|
2486
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
3400
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
2487
3401
|
if g_param[OptionsDefine.Language]:
|
|
2488
3402
|
profile.language = g_param[OptionsDefine.Language]
|
|
2489
3403
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
@@ -2513,7 +3427,7 @@ def doUpdateKeyDescription(args, parsed_globals):
|
|
|
2513
3427
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
2514
3428
|
|
|
2515
3429
|
|
|
2516
|
-
def
|
|
3430
|
+
def doGetServiceStatus(args, parsed_globals):
|
|
2517
3431
|
g_param = parse_global_arg(parsed_globals)
|
|
2518
3432
|
|
|
2519
3433
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -2523,7 +3437,10 @@ def doCancelKeyArchive(args, parsed_globals):
|
|
|
2523
3437
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
2524
3438
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
2525
3439
|
)
|
|
2526
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
3440
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
3441
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
3442
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
3443
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
2527
3444
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
2528
3445
|
else:
|
|
2529
3446
|
cred = credential.Credential(
|
|
@@ -2535,18 +3452,18 @@ def doCancelKeyArchive(args, parsed_globals):
|
|
|
2535
3452
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
2536
3453
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
2537
3454
|
)
|
|
2538
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
3455
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
2539
3456
|
if g_param[OptionsDefine.Language]:
|
|
2540
3457
|
profile.language = g_param[OptionsDefine.Language]
|
|
2541
3458
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
2542
3459
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
2543
3460
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
2544
3461
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
2545
|
-
model = models.
|
|
3462
|
+
model = models.GetServiceStatusRequest()
|
|
2546
3463
|
model.from_json_string(json.dumps(args))
|
|
2547
3464
|
start_time = time.time()
|
|
2548
3465
|
while True:
|
|
2549
|
-
rsp = client.
|
|
3466
|
+
rsp = client.GetServiceStatus(model)
|
|
2550
3467
|
result = rsp.to_json_string()
|
|
2551
3468
|
try:
|
|
2552
3469
|
json_obj = json.loads(result)
|
|
@@ -2575,7 +3492,10 @@ def doDescribeWhiteBoxDecryptKey(args, parsed_globals):
|
|
|
2575
3492
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
2576
3493
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
2577
3494
|
)
|
|
2578
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
3495
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
3496
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
3497
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
3498
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
2579
3499
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
2580
3500
|
else:
|
|
2581
3501
|
cred = credential.Credential(
|
|
@@ -2587,7 +3507,7 @@ def doDescribeWhiteBoxDecryptKey(args, parsed_globals):
|
|
|
2587
3507
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
2588
3508
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
2589
3509
|
)
|
|
2590
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
3510
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
2591
3511
|
if g_param[OptionsDefine.Language]:
|
|
2592
3512
|
profile.language = g_param[OptionsDefine.Language]
|
|
2593
3513
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
@@ -2627,7 +3547,10 @@ def doPostQuantumCryptoSign(args, parsed_globals):
|
|
|
2627
3547
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
2628
3548
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
2629
3549
|
)
|
|
2630
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
3550
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
3551
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
3552
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
3553
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
2631
3554
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
2632
3555
|
else:
|
|
2633
3556
|
cred = credential.Credential(
|
|
@@ -2639,7 +3562,7 @@ def doPostQuantumCryptoSign(args, parsed_globals):
|
|
|
2639
3562
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
2640
3563
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
2641
3564
|
)
|
|
2642
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
3565
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
2643
3566
|
if g_param[OptionsDefine.Language]:
|
|
2644
3567
|
profile.language = g_param[OptionsDefine.Language]
|
|
2645
3568
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
@@ -2679,7 +3602,10 @@ def doGetRegions(args, parsed_globals):
|
|
|
2679
3602
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
2680
3603
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
2681
3604
|
)
|
|
2682
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
3605
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
3606
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
3607
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
3608
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
2683
3609
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
2684
3610
|
else:
|
|
2685
3611
|
cred = credential.Credential(
|
|
@@ -2691,7 +3617,7 @@ def doGetRegions(args, parsed_globals):
|
|
|
2691
3617
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
2692
3618
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
2693
3619
|
)
|
|
2694
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
3620
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
2695
3621
|
if g_param[OptionsDefine.Language]:
|
|
2696
3622
|
profile.language = g_param[OptionsDefine.Language]
|
|
2697
3623
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
@@ -2721,7 +3647,7 @@ def doGetRegions(args, parsed_globals):
|
|
|
2721
3647
|
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
2722
3648
|
|
|
2723
3649
|
|
|
2724
|
-
def
|
|
3650
|
+
def doEnableKeyRotation(args, parsed_globals):
|
|
2725
3651
|
g_param = parse_global_arg(parsed_globals)
|
|
2726
3652
|
|
|
2727
3653
|
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
@@ -2731,7 +3657,10 @@ def doVerifyByAsymmetricKey(args, parsed_globals):
|
|
|
2731
3657
|
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
2732
3658
|
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
2733
3659
|
)
|
|
2734
|
-
elif os.getenv(OptionsDefine.ENV_TKE_REGION)
|
|
3660
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
3661
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
3662
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
3663
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
2735
3664
|
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
2736
3665
|
else:
|
|
2737
3666
|
cred = credential.Credential(
|
|
@@ -2743,18 +3672,73 @@ def doVerifyByAsymmetricKey(args, parsed_globals):
|
|
|
2743
3672
|
endpoint=g_param[OptionsDefine.Endpoint],
|
|
2744
3673
|
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
2745
3674
|
)
|
|
2746
|
-
profile = ClientProfile(httpProfile=http_profile, signMethod="
|
|
3675
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
2747
3676
|
if g_param[OptionsDefine.Language]:
|
|
2748
3677
|
profile.language = g_param[OptionsDefine.Language]
|
|
2749
3678
|
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
2750
3679
|
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
2751
3680
|
client._sdkVersion += ("_CLI_" + __version__)
|
|
2752
3681
|
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
2753
|
-
model = models.
|
|
3682
|
+
model = models.EnableKeyRotationRequest()
|
|
2754
3683
|
model.from_json_string(json.dumps(args))
|
|
2755
3684
|
start_time = time.time()
|
|
2756
3685
|
while True:
|
|
2757
|
-
rsp = client.
|
|
3686
|
+
rsp = client.EnableKeyRotation(model)
|
|
3687
|
+
result = rsp.to_json_string()
|
|
3688
|
+
try:
|
|
3689
|
+
json_obj = json.loads(result)
|
|
3690
|
+
except TypeError as e:
|
|
3691
|
+
json_obj = json.loads(result.decode('utf-8')) # python3.3
|
|
3692
|
+
if not g_param[OptionsDefine.Waiter] or search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj) == g_param['OptionsDefine.WaiterInfo']['to']:
|
|
3693
|
+
break
|
|
3694
|
+
cur_time = time.time()
|
|
3695
|
+
if cur_time - start_time >= g_param['OptionsDefine.WaiterInfo']['timeout']:
|
|
3696
|
+
raise ClientError('Request timeout, wait `%s` to `%s` timeout, last request is %s' %
|
|
3697
|
+
(g_param['OptionsDefine.WaiterInfo']['expr'], g_param['OptionsDefine.WaiterInfo']['to'],
|
|
3698
|
+
search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj)))
|
|
3699
|
+
else:
|
|
3700
|
+
print('Inquiry result is %s.' % search(g_param['OptionsDefine.WaiterInfo']['expr'], json_obj))
|
|
3701
|
+
time.sleep(g_param['OptionsDefine.WaiterInfo']['interval'])
|
|
3702
|
+
FormatOutput.output("action", json_obj, g_param[OptionsDefine.Output], g_param[OptionsDefine.Filter])
|
|
3703
|
+
|
|
3704
|
+
|
|
3705
|
+
def doDisableDataKeys(args, parsed_globals):
|
|
3706
|
+
g_param = parse_global_arg(parsed_globals)
|
|
3707
|
+
|
|
3708
|
+
if g_param[OptionsDefine.UseCVMRole.replace('-', '_')]:
|
|
3709
|
+
cred = credential.CVMRoleCredential()
|
|
3710
|
+
elif g_param[OptionsDefine.RoleArn.replace('-', '_')] and g_param[OptionsDefine.RoleSessionName.replace('-', '_')]:
|
|
3711
|
+
cred = credential.STSAssumeRoleCredential(
|
|
3712
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.RoleArn.replace('-', '_')],
|
|
3713
|
+
g_param[OptionsDefine.RoleSessionName.replace('-', '_')], endpoint=g_param["sts_cred_endpoint"]
|
|
3714
|
+
)
|
|
3715
|
+
elif os.getenv(OptionsDefine.ENV_TKE_REGION) \
|
|
3716
|
+
and os.getenv(OptionsDefine.ENV_TKE_PROVIDER_ID) \
|
|
3717
|
+
and os.getenv(OptionsDefine.ENV_TKE_WEB_IDENTITY_TOKEN_FILE) \
|
|
3718
|
+
and os.getenv(OptionsDefine.ENV_TKE_ROLE_ARN):
|
|
3719
|
+
cred = credential.DefaultTkeOIDCRoleArnProvider().get_credentials()
|
|
3720
|
+
else:
|
|
3721
|
+
cred = credential.Credential(
|
|
3722
|
+
g_param[OptionsDefine.SecretId], g_param[OptionsDefine.SecretKey], g_param[OptionsDefine.Token]
|
|
3723
|
+
)
|
|
3724
|
+
http_profile = HttpProfile(
|
|
3725
|
+
reqTimeout=60 if g_param[OptionsDefine.Timeout] is None else int(g_param[OptionsDefine.Timeout]),
|
|
3726
|
+
reqMethod="POST",
|
|
3727
|
+
endpoint=g_param[OptionsDefine.Endpoint],
|
|
3728
|
+
proxy=g_param[OptionsDefine.HttpsProxy.replace('-', '_')]
|
|
3729
|
+
)
|
|
3730
|
+
profile = ClientProfile(httpProfile=http_profile, signMethod="TC3-HMAC-SHA256")
|
|
3731
|
+
if g_param[OptionsDefine.Language]:
|
|
3732
|
+
profile.language = g_param[OptionsDefine.Language]
|
|
3733
|
+
mod = CLIENT_MAP[g_param[OptionsDefine.Version]]
|
|
3734
|
+
client = mod.KmsClient(cred, g_param[OptionsDefine.Region], profile)
|
|
3735
|
+
client._sdkVersion += ("_CLI_" + __version__)
|
|
3736
|
+
models = MODELS_MAP[g_param[OptionsDefine.Version]]
|
|
3737
|
+
model = models.DisableDataKeysRequest()
|
|
3738
|
+
model.from_json_string(json.dumps(args))
|
|
3739
|
+
start_time = time.time()
|
|
3740
|
+
while True:
|
|
3741
|
+
rsp = client.DisableDataKeys(model)
|
|
2758
3742
|
result = rsp.to_json_string()
|
|
2759
3743
|
try:
|
|
2760
3744
|
json_obj = json.loads(result)
|
|
@@ -2784,59 +3768,74 @@ MODELS_MAP = {
|
|
|
2784
3768
|
}
|
|
2785
3769
|
|
|
2786
3770
|
ACTION_MAP = {
|
|
3771
|
+
"ListDataKeys": doListDataKeys,
|
|
2787
3772
|
"DeleteImportedKeyMaterial": doDeleteImportedKeyMaterial,
|
|
2788
3773
|
"PostQuantumCryptoVerify": doPostQuantumCryptoVerify,
|
|
3774
|
+
"AsymmetricRsaDecrypt": doAsymmetricRsaDecrypt,
|
|
2789
3775
|
"Encrypt": doEncrypt,
|
|
3776
|
+
"CreateWhiteBoxKey": doCreateWhiteBoxKey,
|
|
3777
|
+
"ImportDataKey": doImportDataKey,
|
|
2790
3778
|
"EnableWhiteBoxKeys": doEnableWhiteBoxKeys,
|
|
2791
3779
|
"UpdateAlias": doUpdateAlias,
|
|
2792
3780
|
"DeleteWhiteBoxKey": doDeleteWhiteBoxKey,
|
|
2793
3781
|
"ImportKeyMaterial": doImportKeyMaterial,
|
|
3782
|
+
"DescribeDataKey": doDescribeDataKey,
|
|
2794
3783
|
"GetPublicKey": doGetPublicKey,
|
|
2795
3784
|
"DisableKey": doDisableKey,
|
|
2796
3785
|
"GenerateDataKey": doGenerateDataKey,
|
|
3786
|
+
"ListDataKeyDetail": doListDataKeyDetail,
|
|
3787
|
+
"GetDataKeyPlaintext": doGetDataKeyPlaintext,
|
|
2797
3788
|
"AsymmetricSm2Decrypt": doAsymmetricSm2Decrypt,
|
|
2798
3789
|
"SignByAsymmetricKey": doSignByAsymmetricKey,
|
|
2799
3790
|
"CancelKeyDeletion": doCancelKeyDeletion,
|
|
2800
3791
|
"GetKeyRotationStatus": doGetKeyRotationStatus,
|
|
3792
|
+
"ScheduleDataKeyDeletion": doScheduleDataKeyDeletion,
|
|
2801
3793
|
"DescribeWhiteBoxKeyDetails": doDescribeWhiteBoxKeyDetails,
|
|
2802
3794
|
"BindCloudResource": doBindCloudResource,
|
|
2803
|
-
"
|
|
3795
|
+
"CancelKeyArchive": doCancelKeyArchive,
|
|
2804
3796
|
"ArchiveKey": doArchiveKey,
|
|
2805
|
-
"
|
|
3797
|
+
"UpdateDataKeyDescription": doUpdateDataKeyDescription,
|
|
3798
|
+
"CreateKey": doCreateKey,
|
|
3799
|
+
"DisableKeys": doDisableKeys,
|
|
3800
|
+
"CancelDataKeyDeletion": doCancelDataKeyDeletion,
|
|
2806
3801
|
"EncryptByWhiteBox": doEncryptByWhiteBox,
|
|
2807
3802
|
"ListAlgorithms": doListAlgorithms,
|
|
2808
3803
|
"ReEncrypt": doReEncrypt,
|
|
2809
3804
|
"ListKeys": doListKeys,
|
|
2810
3805
|
"GenerateRandom": doGenerateRandom,
|
|
3806
|
+
"GetDataKeyCiphertextBlob": doGetDataKeyCiphertextBlob,
|
|
2811
3807
|
"PostQuantumCryptoDecrypt": doPostQuantumCryptoDecrypt,
|
|
3808
|
+
"EnableDataKeys": doEnableDataKeys,
|
|
2812
3809
|
"OverwriteWhiteBoxDeviceFingerprints": doOverwriteWhiteBoxDeviceFingerprints,
|
|
2813
|
-
"
|
|
3810
|
+
"UpdateDataKeyName": doUpdateDataKeyName,
|
|
2814
3811
|
"DescribeWhiteBoxKey": doDescribeWhiteBoxKey,
|
|
2815
3812
|
"GetParametersForImport": doGetParametersForImport,
|
|
2816
3813
|
"DisableWhiteBoxKeys": doDisableWhiteBoxKeys,
|
|
2817
|
-
"
|
|
2818
|
-
"
|
|
3814
|
+
"DisableDataKey": doDisableDataKey,
|
|
3815
|
+
"DescribeDataKeys": doDescribeDataKeys,
|
|
2819
3816
|
"DisableKeyRotation": doDisableKeyRotation,
|
|
3817
|
+
"ListKeyDetail": doListKeyDetail,
|
|
2820
3818
|
"DisableWhiteBoxKey": doDisableWhiteBoxKey,
|
|
2821
3819
|
"EnableKeys": doEnableKeys,
|
|
2822
3820
|
"ScheduleKeyDeletion": doScheduleKeyDeletion,
|
|
2823
3821
|
"DescribeWhiteBoxDeviceFingerprints": doDescribeWhiteBoxDeviceFingerprints,
|
|
2824
3822
|
"DescribeKey": doDescribeKey,
|
|
2825
3823
|
"UnbindCloudResource": doUnbindCloudResource,
|
|
2826
|
-
"EnableKeyRotation": doEnableKeyRotation,
|
|
2827
|
-
"CreateWhiteBoxKey": doCreateWhiteBoxKey,
|
|
2828
3824
|
"PostQuantumCryptoEncrypt": doPostQuantumCryptoEncrypt,
|
|
3825
|
+
"VerifyByAsymmetricKey": doVerifyByAsymmetricKey,
|
|
3826
|
+
"EnableDataKey": doEnableDataKey,
|
|
2829
3827
|
"EnableWhiteBoxKey": doEnableWhiteBoxKey,
|
|
2830
3828
|
"EnableKey": doEnableKey,
|
|
2831
3829
|
"Decrypt": doDecrypt,
|
|
2832
3830
|
"DescribeKeys": doDescribeKeys,
|
|
2833
3831
|
"DescribeWhiteBoxServiceStatus": doDescribeWhiteBoxServiceStatus,
|
|
2834
3832
|
"UpdateKeyDescription": doUpdateKeyDescription,
|
|
2835
|
-
"
|
|
3833
|
+
"GetServiceStatus": doGetServiceStatus,
|
|
2836
3834
|
"DescribeWhiteBoxDecryptKey": doDescribeWhiteBoxDecryptKey,
|
|
2837
3835
|
"PostQuantumCryptoSign": doPostQuantumCryptoSign,
|
|
2838
3836
|
"GetRegions": doGetRegions,
|
|
2839
|
-
"
|
|
3837
|
+
"EnableKeyRotation": doEnableKeyRotation,
|
|
3838
|
+
"DisableDataKeys": doDisableDataKeys,
|
|
2840
3839
|
|
|
2841
3840
|
}
|
|
2842
3841
|
|