class Fog::AWS::KMS::Real
Constants
- DEFAULT_KEY_POLICY
Public Class Methods
new(options={})
click to toggle source
Initialize connection to KMS
Notes¶ ↑
options parameter must include values for :aws_access_key_id and :aws_secret_access_key in order to create a connection
Examples¶ ↑
kms = KMS.new( :aws_access_key_id => your_aws_access_key_id, :aws_secret_access_key => your_aws_secret_access_key )
Parameters¶ ↑
-
options<~Hash> - config arguments for connection. Defaults to {}.
-
region<~String> - optional region to use. For instance, 'eu-west-1', 'us-east-1', etc.
-
Returns¶ ↑
# File lib/fog/aws/kms.rb, line 91 def initialize(options={}) @use_iam_profile = options[:use_iam_profile] @connection_options = options[:connection_options] || {} @instrumentor = options[:instrumentor] @instrumentor_name = options[:instrumentor_name] || 'fog.aws.kms' options[:region] ||= 'us-east-1' @region = options[:region] @host = options[:host] || "kms.#{@region}.amazonaws.com" @path = options[:path] || '/' @persistent = options[:persistent] || false @port = options[:port] || 443 @scheme = options[:scheme] || 'https' @connection = Fog::XML::Connection.new("#{@scheme}://#{@host}:#{@port}#{@path}", @persistent, @connection_options) setup_credentials(options) end
Public Instance Methods
create_key(policy = nil, description = nil, usage = "ENCRYPT_DECRYPT")
click to toggle source
# File lib/fog/aws/requests/kms/create_key.rb, line 25 def create_key(policy = nil, description = nil, usage = "ENCRYPT_DECRYPT") request( 'Action' => 'CreateKey', 'Description' => description, 'KeyUsage' => usage, 'Policy' => policy, :parser => Fog::Parsers::AWS::KMS::DescribeKey.new ) end
describe_key(identifier)
click to toggle source
# File lib/fog/aws/requests/kms/describe_key.rb, line 7 def describe_key(identifier) request( 'Action' => 'DescribeKey', 'KeyId' => identifier, :parser => Fog::Parsers::AWS::KMS::DescribeKey.new ) end
list_keys(options={})
click to toggle source
# File lib/fog/aws/requests/kms/list_keys.rb, line 8 def list_keys(options={}) params = {} if options[:marker] params['Marker'] = options[:marker] end if options[:limit] params['Limit'] = options[:limit] end request({ 'Action' => 'ListKeys', :parser => Fog::Parsers::AWS::KMS::ListKeys.new }.merge(params)) end
reload()
click to toggle source
# File lib/fog/aws/kms.rb, line 112 def reload @connection.reset end
Private Instance Methods
_request(body, headers, idempotent, parser)
click to toggle source
# File lib/fog/aws/kms.rb, line 155 def _request(body, headers, idempotent, parser) @connection.request({ :body => body, :expects => 200, :headers => headers, :idempotent => idempotent, :method => 'POST', :parser => parser }) rescue Excon::Errors::HTTPStatusError => error match = Fog::AWS::Errors.match_error(error) if match.empty? raise elsif Fog::AWS::KMS.const_defined?(match[:code]) raise Fog::AWS::KMS.const_get(match[:code]).slurp(error, match[:message]) else raise Fog::AWS::KMS::Error.slurp(error, "#{match[:code]} => #{match[:message]}") end end
request(params)
click to toggle source
# File lib/fog/aws/kms.rb, line 126 def request(params) refresh_credentials_if_expired idempotent = params.delete(:idempotent) parser = params.delete(:parser) body, headers = Fog::AWS.signed_params_v4( params, { 'Content-Type' => 'application/x-www-form-urlencoded' }, { :aws_session_token => @aws_session_token, :signer => @signer, :host => @host, :path => @path, :port => @port, :version => '2014-11-01', :method => 'POST' } ) if @instrumentor @instrumentor.instrument("#{@instrumentor_name}.request", params) do _request(body, headers, idempotent, parser) end else _request(body, headers, idempotent, parser) end end
setup_credentials(options={})
click to toggle source
# File lib/fog/aws/kms.rb, line 118 def setup_credentials(options={}) @aws_access_key_id = options[:aws_access_key_id] @aws_secret_access_key = options[:aws_secret_access_key] @aws_session_token = options[:aws_session_token] @signer = Fog::AWS::SignatureV4.new(@aws_access_key_id, @aws_secret_access_key, @region, 'kms') end