Class HcVaultKmsDriver
java.lang.Object
io.confluent.kafka.schemaregistry.encryption.hcvault.HcVaultKmsDriver
- All Implemented Interfaces:
KmsDriver
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final Stringstatic final StringFields inherited from interface io.confluent.kafka.schemaregistry.encryption.tink.KmsDriver
KMS_TYPE_SUFFIX, TEST_CLIENT -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected static io.github.jopenlibs.vault.SslConfiggetSslConfig(String keystore, String keystorePassword, String truststore) com.google.crypto.tink.KmsClientnewKmsClient(Map<String, ?> configs, Optional<String> kekUrl) protected static com.google.crypto.tink.KmsClientnewKmsClientWithHcVaultKms(Optional<String> keyUri, io.github.jopenlibs.vault.SslConfig sslConfig, Optional<String> credentials, Optional<String> namespace, io.github.jopenlibs.vault.api.Logical vault) Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface io.confluent.kafka.schemaregistry.encryption.tink.KmsDriver
doesSupport, getKmsClient, getTestClient, registerKmsClient
-
Field Details
-
TOKEN_ID
- See Also:
-
NAMESPACE
- See Also:
-
APPROLE_ROLE_ID
- See Also:
-
APPROLE_SECRET_ID
- See Also:
-
SSL_KEYSTORE_LOCATION
- See Also:
-
SSL_KEYSTORE_PASSWORD
- See Also:
-
SSL_TRUSTSTORE_LOCATION
- See Also:
-
VAULT_NAMESPACE
- See Also:
-
VAULT_SSL_KEYSTORE_LOCATION
- See Also:
-
VAULT_SSL_KEYSTORE_PASSWORD
- See Also:
-
VAULT_SSL_TRUSTSTORE_LOCATION
- See Also:
-
VAULT_APPROLE_ROLE_ID
- See Also:
-
VAULT_APPROLE_SECRET_ID
- See Also:
-
-
Constructor Details
-
HcVaultKmsDriver
public HcVaultKmsDriver()
-
-
Method Details
-
getKeyUrlPrefix
- Specified by:
getKeyUrlPrefixin interfaceKmsDriver
-
getSslConfig
protected static io.github.jopenlibs.vault.SslConfig getSslConfig(String keystore, String keystorePassword, String truststore) throws GeneralSecurityException - Throws:
GeneralSecurityException
-
newKmsClient
public com.google.crypto.tink.KmsClient newKmsClient(Map<String, ?> configs, Optional<String> kekUrl) throws GeneralSecurityException- Specified by:
newKmsClientin interfaceKmsDriver- Throws:
GeneralSecurityException
-
newKmsClientWithHcVaultKms
protected static com.google.crypto.tink.KmsClient newKmsClientWithHcVaultKms(Optional<String> keyUri, io.github.jopenlibs.vault.SslConfig sslConfig, Optional<String> credentials, Optional<String> namespace, io.github.jopenlibs.vault.api.Logical vault) throws GeneralSecurityException - Throws:
GeneralSecurityException
-