Class: OCI::KeyManagement::KmsVaultClient
- Inherits:
-
Object
- Object
- OCI::KeyManagement::KmsVaultClient
- Defined in:
- lib/oci/key_management/kms_vault_client.rb
Overview
API for managing and performing operations with keys and vaults.
Instance Attribute Summary collapse
-
#api_client ⇒ OCI::ApiClient
readonly
Client used to make HTTP requests.
-
#endpoint ⇒ String
readonly
Fully qualified endpoint URL.
-
#region ⇒ String
The region, which will usually correspond to a value in Regions::REGION_ENUM.
-
#retry_config ⇒ OCI::Retry::RetryConfig
readonly
The default retry configuration to apply to all operations in this service client.
Instance Method Summary collapse
-
#cancel_vault_deletion(vault_id, opts = {}) ⇒ Response
Cancels the scheduled deletion of the specified vault.
-
#change_vault_compartment(vault_id, change_vault_compartment_details, opts = {}) ⇒ Response
Moves a vault into a different compartment.
-
#create_vault(create_vault_details, opts = {}) ⇒ Response
Creates a new vault.
-
#get_vault(vault_id, opts = {}) ⇒ Response
Gets the specified vault’s configuration information.
-
#initialize(config: nil, region: nil, endpoint: nil, signer: nil, proxy_settings: nil, retry_config: nil) ⇒ KmsVaultClient
constructor
Creates a new KmsVaultClient.
-
#list_vaults(compartment_id, opts = {}) ⇒ Response
Lists the vaults in the specified compartment.
-
#logger ⇒ Logger
The logger for this client.
-
#schedule_vault_deletion(vault_id, schedule_vault_deletion_details, opts = {}) ⇒ Response
Schedules the deletion of the specified vault.
-
#update_vault(vault_id, update_vault_details, opts = {}) ⇒ Response
Updates the properties of a vault.
Constructor Details
#initialize(config: nil, region: nil, endpoint: nil, signer: nil, proxy_settings: nil, retry_config: nil) ⇒ KmsVaultClient
Creates a new KmsVaultClient. Notes:
If a config is not specified, then the global OCI.config will be used.
This client is not thread-safe
Either a region or an endpoint must be specified. If an endpoint is specified, it will be used instead of the
region. A region may be specified in the config or via or the region parameter. If specified in both, then the
region parameter will be used.
52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 |
# File 'lib/oci/key_management/kms_vault_client.rb', line 52 def initialize(config: nil, region: nil, endpoint: nil, signer: nil, proxy_settings: nil, retry_config: nil) # If the signer is an InstancePrincipalsSecurityTokenSigner and no config was supplied (which is valid for instance principals) # then create a dummy config to pass to the ApiClient constructor. If customers wish to create a client which uses instance principals # and has config (either populated programmatically or loaded from a file), they must construct that config themselves and then # pass it to this constructor. # # If there is no signer (or the signer is not an instance principals signer) and no config was supplied, this is not valid # so try and load the config from the default file. config ||= OCI.config unless signer.is_a?(OCI::Auth::Signers::InstancePrincipalsSecurityTokenSigner) config ||= OCI::Config.new if signer.is_a?(OCI::Auth::Signers::InstancePrincipalsSecurityTokenSigner) config.validate unless signer.is_a?(OCI::Auth::Signers::InstancePrincipalsSecurityTokenSigner) if signer.nil? signer = OCI::Signer.new( config.user, config.fingerprint, config.tenancy, config.key_file, pass_phrase: config.pass_phrase, private_key_content: config.key_content ) end @api_client = OCI::ApiClient.new(config, signer, proxy_settings: proxy_settings) @retry_config = retry_config if endpoint @endpoint = endpoint + '/' else region ||= config.region region ||= signer.region if signer.respond_to?(:region) self.region = region end logger.info "KmsVaultClient endpoint set to '#{@endpoint}'." if logger end |
Instance Attribute Details
#api_client ⇒ OCI::ApiClient (readonly)
Client used to make HTTP requests.
12 13 14 |
# File 'lib/oci/key_management/kms_vault_client.rb', line 12 def api_client @api_client end |
#endpoint ⇒ String (readonly)
Fully qualified endpoint URL
16 17 18 |
# File 'lib/oci/key_management/kms_vault_client.rb', line 16 def endpoint @endpoint end |
#region ⇒ String
The region, which will usually correspond to a value in Regions::REGION_ENUM.
26 27 28 |
# File 'lib/oci/key_management/kms_vault_client.rb', line 26 def region @region end |
#retry_config ⇒ OCI::Retry::RetryConfig (readonly)
The default retry configuration to apply to all operations in this service client. This can be overridden on a per-operation basis. The default retry configuration value is ‘nil`, which means that an operation will not perform any retries
22 23 24 |
# File 'lib/oci/key_management/kms_vault_client.rb', line 22 def retry_config @retry_config end |
Instance Method Details
#cancel_vault_deletion(vault_id, opts = {}) ⇒ Response
Cancels the scheduled deletion of the specified vault. Canceling a scheduled deletion restores the vault and all keys in it to the respective states they were in before the deletion was scheduled. All the keys that have already been scheduled deletion before the scheduled deletion of the vault will also remain in their state and timeOfDeletion.
138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 |
# File 'lib/oci/key_management/kms_vault_client.rb', line 138 def cancel_vault_deletion(vault_id, opts = {}) logger.debug 'Calling operation KmsVaultClient#cancel_vault_deletion.' if logger raise "Missing the required parameter 'vault_id' when calling cancel_vault_deletion." if vault_id.nil? raise "Parameter value for 'vault_id' must not be blank" if OCI::Internal::Util.blank_string?(vault_id) path = '/20180608/vaults/{vaultId}/actions/cancelDeletion'.sub('{vaultId}', vault_id.to_s) operation_signing_strategy = :standard # rubocop:disable Style/NegatedIf # Query Params query_params = {} # Header Params header_params = {} header_params[:accept] = 'application/json' header_params[:'content-type'] = 'application/json' header_params[:'if-match'] = opts[:if_match] if opts[:if_match] header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id] header_params[:'opc-retry-token'] = opts[:opc_retry_token] if opts[:opc_retry_token] # rubocop:enable Style/NegatedIf header_params[:'opc-retry-token'] ||= OCI::Retry.generate_opc_retry_token post_body = nil # rubocop:disable Metrics/BlockLength OCI::Retry.(applicable_retry_config(opts), call_name: 'KmsVaultClient#cancel_vault_deletion') do @api_client.call_api( :POST, path, endpoint, header_params: header_params, query_params: query_params, operation_signing_strategy: operation_signing_strategy, body: post_body, return_type: 'OCI::KeyManagement::Models::Vault' ) end # rubocop:enable Metrics/BlockLength end |
#change_vault_compartment(vault_id, change_vault_compartment_details, opts = {}) ⇒ Response
Moves a vault into a different compartment. When provided, If-Match is checked against ETag values of the resource.
211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 |
# File 'lib/oci/key_management/kms_vault_client.rb', line 211 def change_vault_compartment(vault_id, change_vault_compartment_details, opts = {}) logger.debug 'Calling operation KmsVaultClient#change_vault_compartment.' if logger raise "Missing the required parameter 'vault_id' when calling change_vault_compartment." if vault_id.nil? raise "Missing the required parameter 'change_vault_compartment_details' when calling change_vault_compartment." if change_vault_compartment_details.nil? raise "Parameter value for 'vault_id' must not be blank" if OCI::Internal::Util.blank_string?(vault_id) path = '/20180608/vaults/{vaultId}/actions/changeCompartment'.sub('{vaultId}', vault_id.to_s) operation_signing_strategy = :standard # rubocop:disable Style/NegatedIf # Query Params query_params = {} # Header Params header_params = {} header_params[:accept] = 'application/json' header_params[:'content-type'] = 'application/json' header_params[:'if-match'] = opts[:if_match] if opts[:if_match] header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id] header_params[:'opc-retry-token'] = opts[:opc_retry_token] if opts[:opc_retry_token] # rubocop:enable Style/NegatedIf header_params[:'opc-retry-token'] ||= OCI::Retry.generate_opc_retry_token post_body = @api_client.object_to_http_body(change_vault_compartment_details) # rubocop:disable Metrics/BlockLength OCI::Retry.(applicable_retry_config(opts), call_name: 'KmsVaultClient#change_vault_compartment') do @api_client.call_api( :POST, path, endpoint, header_params: header_params, query_params: query_params, operation_signing_strategy: operation_signing_strategy, body: post_body ) end # rubocop:enable Metrics/BlockLength end |
#create_vault(create_vault_details, opts = {}) ⇒ Response
Creates a new vault. The type of vault you create determines key placement, pricing, and available options. Options include storage isolation, a dedicated service endpoint instead of a shared service endpoint for API calls, and a dedicated hardware security module (HSM) or a multitenant HSM.
281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 |
# File 'lib/oci/key_management/kms_vault_client.rb', line 281 def create_vault(create_vault_details, opts = {}) logger.debug 'Calling operation KmsVaultClient#create_vault.' if logger raise "Missing the required parameter 'create_vault_details' when calling create_vault." if create_vault_details.nil? path = '/20180608/vaults' operation_signing_strategy = :standard # rubocop:disable Style/NegatedIf # Query Params query_params = {} # Header Params header_params = {} header_params[:accept] = 'application/json' header_params[:'content-type'] = 'application/json' header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id] header_params[:'opc-retry-token'] = opts[:opc_retry_token] if opts[:opc_retry_token] # rubocop:enable Style/NegatedIf header_params[:'opc-retry-token'] ||= OCI::Retry.generate_opc_retry_token post_body = @api_client.object_to_http_body(create_vault_details) # rubocop:disable Metrics/BlockLength OCI::Retry.(applicable_retry_config(opts), call_name: 'KmsVaultClient#create_vault') do @api_client.call_api( :POST, path, endpoint, header_params: header_params, query_params: query_params, operation_signing_strategy: operation_signing_strategy, body: post_body, return_type: 'OCI::KeyManagement::Models::Vault' ) end # rubocop:enable Metrics/BlockLength end |
#get_vault(vault_id, opts = {}) ⇒ Response
Gets the specified vault’s configuration information.
339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 |
# File 'lib/oci/key_management/kms_vault_client.rb', line 339 def get_vault(vault_id, opts = {}) logger.debug 'Calling operation KmsVaultClient#get_vault.' if logger raise "Missing the required parameter 'vault_id' when calling get_vault." if vault_id.nil? raise "Parameter value for 'vault_id' must not be blank" if OCI::Internal::Util.blank_string?(vault_id) path = '/20180608/vaults/{vaultId}'.sub('{vaultId}', vault_id.to_s) operation_signing_strategy = :standard # rubocop:disable Style/NegatedIf # Query Params query_params = {} # Header Params header_params = {} header_params[:accept] = 'application/json' header_params[:'content-type'] = 'application/json' header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id] # rubocop:enable Style/NegatedIf post_body = nil # rubocop:disable Metrics/BlockLength OCI::Retry.(applicable_retry_config(opts), call_name: 'KmsVaultClient#get_vault') do @api_client.call_api( :GET, path, endpoint, header_params: header_params, query_params: query_params, operation_signing_strategy: operation_signing_strategy, body: post_body, return_type: 'OCI::KeyManagement::Models::Vault' ) end # rubocop:enable Metrics/BlockLength end |
#list_vaults(compartment_id, opts = {}) ⇒ Response
Lists the vaults in the specified compartment.
409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 |
# File 'lib/oci/key_management/kms_vault_client.rb', line 409 def list_vaults(compartment_id, opts = {}) logger.debug 'Calling operation KmsVaultClient#list_vaults.' if logger raise "Missing the required parameter 'compartment_id' when calling list_vaults." if compartment_id.nil? if opts[:sort_by] && !%w[TIMECREATED DISPLAYNAME].include?(opts[:sort_by]) raise 'Invalid value for "sort_by", must be one of TIMECREATED, DISPLAYNAME.' end if opts[:sort_order] && !%w[ASC DESC].include?(opts[:sort_order]) raise 'Invalid value for "sort_order", must be one of ASC, DESC.' end path = '/20180608/vaults' operation_signing_strategy = :standard # rubocop:disable Style/NegatedIf # Query Params query_params = {} query_params[:compartmentId] = compartment_id query_params[:limit] = opts[:limit] if opts[:limit] query_params[:page] = opts[:page] if opts[:page] query_params[:sortBy] = opts[:sort_by] if opts[:sort_by] query_params[:sortOrder] = opts[:sort_order] if opts[:sort_order] # Header Params header_params = {} header_params[:accept] = 'application/json' header_params[:'content-type'] = 'application/json' header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id] # rubocop:enable Style/NegatedIf post_body = nil # rubocop:disable Metrics/BlockLength OCI::Retry.(applicable_retry_config(opts), call_name: 'KmsVaultClient#list_vaults') do @api_client.call_api( :GET, path, endpoint, header_params: header_params, query_params: query_params, operation_signing_strategy: operation_signing_strategy, body: post_body, return_type: 'Array<OCI::KeyManagement::Models::VaultSummary>' ) end # rubocop:enable Metrics/BlockLength end |
#logger ⇒ Logger
Returns The logger for this client. May be nil.
102 103 104 |
# File 'lib/oci/key_management/kms_vault_client.rb', line 102 def logger @api_client.config.logger end |
#schedule_vault_deletion(vault_id, schedule_vault_deletion_details, opts = {}) ⇒ Response
Schedules the deletion of the specified vault. This sets the state of the vault and keys that are not scheduled deletion in it to ‘PENDING_DELETION` and then deletes them after the retention period ends. The state and the timeOfDeletion of the keys that have already been scheduled for deletion will not change. If any keys in it are scheduled for deletion after the specified timeOfDeletion for the vault, the call will be rejected with status code 409.
497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 |
# File 'lib/oci/key_management/kms_vault_client.rb', line 497 def schedule_vault_deletion(vault_id, schedule_vault_deletion_details, opts = {}) logger.debug 'Calling operation KmsVaultClient#schedule_vault_deletion.' if logger raise "Missing the required parameter 'vault_id' when calling schedule_vault_deletion." if vault_id.nil? raise "Missing the required parameter 'schedule_vault_deletion_details' when calling schedule_vault_deletion." if schedule_vault_deletion_details.nil? raise "Parameter value for 'vault_id' must not be blank" if OCI::Internal::Util.blank_string?(vault_id) path = '/20180608/vaults/{vaultId}/actions/scheduleDeletion'.sub('{vaultId}', vault_id.to_s) operation_signing_strategy = :standard # rubocop:disable Style/NegatedIf # Query Params query_params = {} # Header Params header_params = {} header_params[:accept] = 'application/json' header_params[:'content-type'] = 'application/json' header_params[:'if-match'] = opts[:if_match] if opts[:if_match] header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id] header_params[:'opc-retry-token'] = opts[:opc_retry_token] if opts[:opc_retry_token] # rubocop:enable Style/NegatedIf header_params[:'opc-retry-token'] ||= OCI::Retry.generate_opc_retry_token post_body = @api_client.object_to_http_body(schedule_vault_deletion_details) # rubocop:disable Metrics/BlockLength OCI::Retry.(applicable_retry_config(opts), call_name: 'KmsVaultClient#schedule_vault_deletion') do @api_client.call_api( :POST, path, endpoint, header_params: header_params, query_params: query_params, operation_signing_strategy: operation_signing_strategy, body: post_body, return_type: 'OCI::KeyManagement::Models::Vault' ) end # rubocop:enable Metrics/BlockLength end |
#update_vault(vault_id, update_vault_details, opts = {}) ⇒ Response
Updates the properties of a vault. Specifically, you can update the ‘displayName`, `freeformTags`, and `definedTags` properties. Furthermore, the vault must be in an `ACTIVE` or `CREATING` state to be updated.
567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 |
# File 'lib/oci/key_management/kms_vault_client.rb', line 567 def update_vault(vault_id, update_vault_details, opts = {}) logger.debug 'Calling operation KmsVaultClient#update_vault.' if logger raise "Missing the required parameter 'vault_id' when calling update_vault." if vault_id.nil? raise "Missing the required parameter 'update_vault_details' when calling update_vault." if update_vault_details.nil? raise "Parameter value for 'vault_id' must not be blank" if OCI::Internal::Util.blank_string?(vault_id) path = '/20180608/vaults/{vaultId}'.sub('{vaultId}', vault_id.to_s) operation_signing_strategy = :standard # rubocop:disable Style/NegatedIf # Query Params query_params = {} # Header Params header_params = {} header_params[:accept] = 'application/json' header_params[:'content-type'] = 'application/json' header_params[:'if-match'] = opts[:if_match] if opts[:if_match] header_params[:'opc-request-id'] = opts[:opc_request_id] if opts[:opc_request_id] # rubocop:enable Style/NegatedIf post_body = @api_client.object_to_http_body(update_vault_details) # rubocop:disable Metrics/BlockLength OCI::Retry.(applicable_retry_config(opts), call_name: 'KmsVaultClient#update_vault') do @api_client.call_api( :PUT, path, endpoint, header_params: header_params, query_params: query_params, operation_signing_strategy: operation_signing_strategy, body: post_body, return_type: 'OCI::KeyManagement::Models::Vault' ) end # rubocop:enable Metrics/BlockLength end |