Class: Fog::AWS::KMS::Real

Inherits:
Object
  • Object
show all
Includes:
CredentialFetcher::ConnectionMethods
Defined in:
lib/fog/aws/kms.rb,
lib/fog/aws/requests/kms/list_keys.rb,
lib/fog/aws/requests/kms/create_key.rb,
lib/fog/aws/requests/kms/describe_key.rb

Constant Summary collapse

DEFAULT_KEY_POLICY =
<<-JSON
{
  "Version": "2012-10-17",
  "Id": "key-default-1",
  "Statement": [
    {
      "Sid": "Enable IAM User Permissions",
      "Effect": "Allow",
      "Principal": {
"AWS": "arn:aws:iam::915445820265:root"
      },
      "Action": "kms:*",
      "Resource": "*"
    }
  ]
}
JSON

Instance Method Summary collapse

Methods included from CredentialFetcher::ConnectionMethods

#refresh_credentials_if_expired

Constructor Details

#initialize(options = {}) ⇒ Real

Initialize connection to KMS

Notes

options parameter must include values for :aws_access_key_id and :aws_secret_access_key in order to create a connection

Examples

kms = KMS.new(
 :aws_access_key_id     => your_aws_access_key_id,
 :aws_secret_access_key => your_aws_secret_access_key
)

Parameters

  • options<~Hash> - config arguments for connection. Defaults to {}.

    • region<~String> - optional region to use. For instance, ‘eu-west-1’, ‘us-east-1’, etc.

Returns

  • KMS object with connection to AWS.



91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
# File 'lib/fog/aws/kms.rb', line 91

def initialize(options={})

  @use_iam_profile    = options[:use_iam_profile]
  @connection_options = options[:connection_options] || {}
  @instrumentor       = options[:instrumentor]
  @instrumentor_name  = options[:instrumentor_name] || 'fog.aws.kms'

  options[:region] ||= 'us-east-1'

  @region     = options[:region]
  @host       = options[:host]       || "kms.#{@region}.amazonaws.com"
  @path       = options[:path]       || '/'
  @persistent = options[:persistent] || false
  @port       = options[:port]       || 443
  @scheme     = options[:scheme]     || 'https'

  @connection = Fog::XML::Connection.new("#{@scheme}://#{@host}:#{@port}#{@path}", @persistent, @connection_options)

  setup_credentials(options)
end

Instance Method Details

#create_key(policy = nil, description = nil, usage = "ENCRYPT_DECRYPT") ⇒ Object



25
26
27
28
29
30
31
32
33
# File 'lib/fog/aws/requests/kms/create_key.rb', line 25

def create_key(policy = nil, description = nil, usage = "ENCRYPT_DECRYPT")
  request(
    'Action'      => 'CreateKey',
    'Description' => description,
    'KeyUsage'    => usage,
    'Policy'      => policy,
    :parser       => Fog::Parsers::AWS::KMS::DescribeKey.new
  )
end

#describe_key(identifier) ⇒ Object



7
8
9
10
11
12
13
# File 'lib/fog/aws/requests/kms/describe_key.rb', line 7

def describe_key(identifier)
  request(
    'Action' => 'DescribeKey',
    'KeyId'  => identifier,
    :parser  => Fog::Parsers::AWS::KMS::DescribeKey.new
  )
end

#list_keys(options = {}) ⇒ Object



8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
# File 'lib/fog/aws/requests/kms/list_keys.rb', line 8

def list_keys(options={})
  params = {}

  if options[:marker]
    params['Marker'] = options[:marker]
  end

  if options[:limit]
    params['Limit'] = options[:limit]
  end

  request({
    'Action' => 'ListKeys',
    :parser  => Fog::Parsers::AWS::KMS::ListKeys.new
  }.merge(params))
end

#reloadObject



112
113
114
# File 'lib/fog/aws/kms.rb', line 112

def reload
  @connection.reset
end