AzureKmsClient (kafka-schema-registry-client-encryption-azure 7.7.6 API)

java.lang.Object
- io.confluent.kafka.schemaregistry.encryption.azure.AzureKmsClient

All Implemented Interfaces:

com.google.crypto.tink.KmsClient
```
public final class AzureKmsClient
extends Object
implements com.google.crypto.tink.KmsClient
```
An implementation of KmsClient for Azure KMS.

Field Summary

Fields
Modifier and Type Field and Description

static String PREFIX

Fields
Modifier and Type	Field and Description
`static String`	`PREFIX`

Constructor Summary

Constructors
Constructor and Description
`AzureKmsClient()`
`AzureKmsClient(String uri)` Constructs a specific AzureKmsClient that is bound to a single key identified by `uri`.
`AzureKmsClient(String uri, com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm algorithm)` Constructs a specific AzureKmsClient that is bound to a single key identified by `uri` and specified `EncryptionAlgorithm`.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`boolean`	`doesSupport(String uri)`
`com.google.crypto.tink.Aead`	`getAead(String uri)` Returns `AzureKmsAead` for the url provided.
`com.google.crypto.tink.KmsClient`	`withCredentials(String credentialPath)` Loads Azure credentials from a properties file.
`com.google.crypto.tink.KmsClient`	`withCredentialsProvider(com.azure.core.credential.TokenCredential provider)` loads credentials using provided `TokenCredential`
`com.google.crypto.tink.KmsClient`	`withCryptographyClient(com.azure.security.keyvault.keys.cryptography.CryptographyClient cryptographyClient)` Specifies the `CryptographyClient` object to be used.
`com.google.crypto.tink.KmsClient`	`withDefaultCredentials()` Loads credentials using `DefaultAzureCredentialBuilder` Creates default DefaultAzureCredential instance.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - PREFIX
```
public static final String PREFIX
```
    See Also:
    
    Constant Field Values
- Constructor Detail
  - AzureKmsClient
```
public AzureKmsClient()
```
  - AzureKmsClient
```
public AzureKmsClient(String uri)
```
    Constructs a specific AzureKmsClient that is bound to a single key identified by uri.
  - AzureKmsClient
```
public AzureKmsClient(String uri,
                      com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm algorithm)
```
    Constructs a specific AzureKmsClient that is bound to a single key identified by uri and specified EncryptionAlgorithm.
    
    Parameters:
    
    uri - uri
    
    algorithm - algorithm
- Method Detail
  - doesSupport
```
public boolean doesSupport(String uri)
```
    Specified by:
    
    doesSupport in interface com.google.crypto.tink.KmsClient
    
    Returns:
    
    @return true either if this client is a generic one and uri starts with PREFIX, or the client is a specific one that is bound to the key identified by uri.
  - withCredentials
```
public com.google.crypto.tink.KmsClient withCredentials(String credentialPath)
                                                 throws GeneralSecurityException
```
    Loads Azure credentials from a properties file. Not supported yet.
    
    Specified by:
    
    withCredentials in interface com.google.crypto.tink.KmsClient
    
    Throws:
    
    GeneralSecurityException
  - withDefaultCredentials
```
public com.google.crypto.tink.KmsClient withDefaultCredentials()
                                                        throws GeneralSecurityException
```
    Loads credentials using DefaultAzureCredentialBuilder Creates default DefaultAzureCredential instance. Uses AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, and AZURE_TENANT_ID environment variables to create a ClientSecretCredential. If these environment variables are not available, then this will use the Shared MSAL token cache.
    
    Specified by:
    
    withDefaultCredentials in interface com.google.crypto.tink.KmsClient
    
    Returns:
    
    KmsClient object
    
    Throws:
    
    GeneralSecurityException - security exception
  - withCredentialsProvider
```
public com.google.crypto.tink.KmsClient withCredentialsProvider(com.azure.core.credential.TokenCredential provider)
                                                         throws GeneralSecurityException
```
    loads credentials using provided TokenCredential
    
    Returns:
    
    KmsClient object
    
    Throws:
    
    GeneralSecurityException - security exception
  - withCryptographyClient
```
public com.google.crypto.tink.KmsClient withCryptographyClient(com.azure.security.keyvault.keys.cryptography.CryptographyClient cryptographyClient)
```
    Specifies the CryptographyClient object to be used. Only used for testing.
  - getAead
```
public com.google.crypto.tink.Aead getAead(String uri)
                                    throws GeneralSecurityException
```
    Returns AzureKmsAead for the url provided.
    
    Specified by:
    
    getAead in interface com.google.crypto.tink.KmsClient
    
    Parameters:
    
    uri - - azure keyvault key uri
    
    Returns:
    
    Aead
    
    Throws:
    
    GeneralSecurityException - security exception

Class AzureKmsClient

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

PREFIX

Constructor Detail

AzureKmsClient

AzureKmsClient

AzureKmsClient

Method Detail

doesSupport

withCredentials

withDefaultCredentials

withCredentialsProvider

withCryptographyClient

getAead