mirror of
https://github.com/fog/fog-aws.git
synced 2022-11-09 13:50:52 -05:00
63 lines
1.5 KiB
Ruby
63 lines
1.5 KiB
Ruby
|
module Fog
|
||
|
module AWS
|
||
|
class KMS
|
||
|
class Real
|
||
|
DEFAULT_KEY_POLICY = <<-JSON
|
||
|
{
|
||
|
"Version": "2012-10-17",
|
||
|
"Id": "key-default-1",
|
||
|
"Statement": [
|
||
|
{
|
||
|
"Sid": "Enable IAM User Permissions",
|
||
|
"Effect": "Allow",
|
||
|
"Principal": {
|
||
|
"AWS": "arn:aws:iam::915445820265:root"
|
||
|
},
|
||
|
"Action": "kms:*",
|
||
|
"Resource": "*"
|
||
|
}
|
||
|
]
|
||
|
}
|
||
|
JSON
|
||
|
|
||
|
require 'fog/aws/parsers/kms/describe_key'
|
||
|
|
||
|
def create_key(policy = nil, description = nil, usage = "ENCRYPT_DECRYPT")
|
||
|
request(
|
||
|
'Action' => 'CreateKey',
|
||
|
'Description' => description,
|
||
|
'KeyUsage' => usage,
|
||
|
'Policy' => policy,
|
||
|
:parser => Fog::Parsers::AWS::KMS::DescribeKey.new
|
||
|
)
|
||
|
end
|
||
|
end
|
||
|
|
||
|
class Mock
|
||
|
def create_key(policy = nil, description = nil, usage = "ENCRYPT_DECRYPT")
|
||
|
response = Excon::Response.new
|
||
|
key_id = UUID.uuid
|
||
|
key_arn = Fog::AWS::Mock.arn("kms", self.account_id, "key/#{key_id}", @region)
|
||
|
|
||
|
key = {
|
||
|
"KeyUsage" => usage,
|
||
|
"AWSAccountId" => self.account_id,
|
||
|
"KeyId" => key_id,
|
||
|
"Description" => description,
|
||
|
"CreationDate" => Time.now,
|
||
|
"Arn" => key_arn,
|
||
|
"Enabled" => true,
|
||
|
}
|
||
|
|
||
|
# @todo use default policy
|
||
|
|
||
|
self.data[:keys][key_id] = key
|
||
|
|
||
|
response.body = { "KeyMetadata" => key }
|
||
|
response
|
||
|
end
|
||
|
end
|
||
|
end
|
||
|
end
|
||
|
end
|