Class: Moonshot::Plugins::EncryptedParameters::KmsKey

Inherits:
Object
  • Object
show all
Defined in:
lib/plugins/encrypted_parameters/kms_key.rb

Overview

Class that manages KMS keys in AWS.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(arn) ⇒ KmsKey

Returns a new instance of KmsKey.



28
29
30
31
 
# File 'lib/plugins/encrypted_parameters/kms_key.rb', line 28

def initialize(arn)
  @arn = arn
  @kms_client = Aws::KMS::Client.new
end

Instance Attribute Details

#arnObject (readonly)

Returns the value of attribute arn.



10
11
12
 
# File 'lib/plugins/encrypted_parameters/kms_key.rb', line 10

def arn
  @arn
end

Class Method Details

.createObject 



13
14
15
16
17
18
19
20
 
# File 'lib/plugins/encrypted_parameters/kms_key.rb', line 13

def create
  standard_tags = stack_tags
  resp = Aws::KMS::Client.new.create_key({
                                           tags: standard_tags # An array of tags.
                                         })
  arn = resp.key_metadata.arn
  new(arn)
end

.stack_tagsObject 



22
23
24
25
 
# File 'lib/plugins/encrypted_parameters/kms_key.rb', line 22

def stack_tags
  tags = Moonshot::Stack.make_tags(Moonshot.config)
  tags.map { |tag| { tag_key: tag[:key], tag_value: tag[:value] } }
end

Instance Method Details

#deleteObject 



41
42
43
 
# File 'lib/plugins/encrypted_parameters/kms_key.rb', line 41

def delete
  @kms_client.schedule_key_deletion(key_id: @arn, pending_window_in_days: 7)
end

#updateObject 



33
34
35
36
37
38
39
 
# File 'lib/plugins/encrypted_parameters/kms_key.rb', line 33

def update
  standard_tags = self.class.stack_tags
  @kms_client.tag_resource({
                             key_id: @arn, # arn of the CMK being tagged
                             tags: standard_tags # An array of tags.
                           })
end