protected override void ProcessRecord() { base.ProcessRecord(); try { client?.Dispose(); int timeout = GetPreferredTimeout(); WriteDebug($"Cmdlet Timeout : {timeout} milliseconds."); client = new KmsVaultClient(AuthProvider, new Oci.Common.ClientConfiguration { RetryConfiguration = retryConfig, TimeoutMillis = timeout, ClientUserAgent = PSUserAgent }); string region = GetPreferredRegion(); if (region != null) { WriteDebug("Choosing Region:" + region); client.SetRegion(region); } if (Endpoint != null) { WriteDebug("Choosing Endpoint:" + Endpoint); client.SetEndpoint(Endpoint); } } catch (Exception ex) { TerminatingErrorDuringExecution(ex); } }
private static async Task CancelVaultDeletion(KmsVaultClient kmsVaultClient, string vaultId) { logger.Info("Cancel Vault Deletion"); CancelVaultDeletionRequest cancelVaultDeletionRequest = new CancelVaultDeletionRequest { VaultId = vaultId }; CancelVaultDeletionResponse cancelVaultDeletionResponse = await kmsVaultClient.CancelVaultDeletion(cancelVaultDeletionRequest); logger.Info("Deletion cancelled successfully"); }
private static async Task <Vault> GetVault(KmsVaultClient kmsVaultClient, string vaultId) { logger.Info("Get Vault"); GetVaultRequest getVaultRequest = new GetVaultRequest { VaultId = vaultId }; GetVaultResponse getVaultResponse = await kmsVaultClient.GetVault(getVaultRequest); logger.Info($"Retrieved vault: {getVaultResponse.Vault.DisplayName}"); return(getVaultResponse.Vault); }
private static async Task ListVaults(KmsVaultClient kmsVaultClient, string compartmentId) { logger.Info("List Vaults"); ListVaultsRequest listVaultsRequest = new ListVaultsRequest { CompartmentId = compartmentId }; ListVaultsResponse listVaultsResponse = await kmsVaultClient.ListVaults(listVaultsRequest); logger.Info("Retrieved vaults"); foreach (var response in listVaultsResponse.Items) { logger.Info($"Vault: {response.DisplayName}"); } }
private static async Task ScheduleVaultDeletion(KmsVaultClient kmsVaultClient, string vaultId) { logger.Info("Schedule Vault Deletion"); ScheduleVaultDeletionDetails scheduleVaultDeletionDetails = new ScheduleVaultDeletionDetails { TimeOfDeletion = null }; ScheduleVaultDeletionRequest scheduleVaultDeletionRequest = new ScheduleVaultDeletionRequest { ScheduleVaultDeletionDetails = scheduleVaultDeletionDetails, VaultId = vaultId }; ScheduleVaultDeletionResponse scheduleVaultDeletionResponse = await kmsVaultClient.ScheduleVaultDeletion(scheduleVaultDeletionRequest); logger.Info("Deletion Scheduled Successfully"); }
private static async Task UpdateVaultResetTags(KmsVaultClient kmsVaultClient, string vaultId) { logger.Info($"Updating vault"); Dictionary <string, string> freeformTags = new Dictionary <string, string>(); UpdateVaultDetails updateVaultDetails = new UpdateVaultDetails { FreeformTags = freeformTags }; UpdateVaultRequest updateVaultRequest = new UpdateVaultRequest { UpdateVaultDetails = updateVaultDetails, VaultId = vaultId }; UpdateVaultResponse updateVaultResponse = await kmsVaultClient.UpdateVault(updateVaultRequest); logger.Info($"cleared tags for the Vault: {updateVaultResponse.Vault.ToString()}"); }
private static async Task UpdateVault(KmsVaultClient kmsVaultClient, string vaultId) { logger.Info($"Updating vault"); Dictionary <string, string> freeformTags = new Dictionary <string, string>() { { "freeformkey1", "freeformvalue1" }, { "freeformkey2", "freeformvalue2" } }; UpdateVaultDetails updateVaultDetails = new UpdateVaultDetails { FreeformTags = freeformTags, DisplayName = "updated-vault-display-name" }; UpdateVaultRequest updateVaultRequest = new UpdateVaultRequest { UpdateVaultDetails = updateVaultDetails, VaultId = vaultId }; UpdateVaultResponse updateVaultResponse = await kmsVaultClient.UpdateVault(updateVaultRequest); logger.Info($"added tags for the vault: {updateVaultResponse.Vault.ToString()}"); }
public static async Task MainKeyManagement() { logger.Info("Starting example"); var provider = new ConfigFileAuthenticationDetailsProvider("DEFAULT"); var compartmentId = Environment.GetEnvironmentVariable("OCI_COMPARTMENT_ID"); var vaultId = Environment.GetEnvironmentVariable("VAULT_ID"); KmsVaultClient kmsVaultClient = null; KmsManagementClient kmsManagementClient = null; KmsCryptoClient kmsCryptoClient = null; try { // Initialize the KMS Clients. KMS has three clients as following: // * KmsVaultClient: The client for Vault management // * KmsManagementClient: The client for Key management (ControlPlane) // * KmsCryptoClient: The client for data encryption and decryption (DataPlane) kmsVaultClient = new KmsVaultClient(provider); kmsManagementClient = new KmsManagementClient(provider); kmsCryptoClient = new KmsCryptoClient(provider); Vault vault = await GetVault(kmsVaultClient, vaultId); // The ManagementClient and CryptoClient use Vault specific endpoints; Set them now. kmsManagementClient.SetEndpoint(vault.ManagementEndpoint); kmsCryptoClient.SetEndpoint(vault.CryptoEndpoint); // Vault Operations await UpdateVaultResetTags(kmsVaultClient, vault.Id); await UpdateVault(kmsVaultClient, vault.Id); await ListVaults(kmsVaultClient, compartmentId); await ScheduleVaultDeletion(kmsVaultClient, vault.Id); var waiterConfiguration = new WaiterConfiguration { MaxAttempts = 10, GetNextDelayInSeconds = DelayStrategy.GetExponentialDelayInSeconds }; // After scheduling deletion, the Vault will stay in SCHEDULING_DELETION state shortly and then // transit to PENDING_DELETION state. Wait a bit for the transition to happen. logger.Info("Wait a bit for the deletion scheduling to finish"); GetVaultRequest getVaultRequest = new GetVaultRequest { VaultId = vault.Id }; kmsVaultClient.Waiters.ForVault(getVaultRequest, waiterConfiguration, Vault.LifecycleStateEnum.PendingDeletion).Execute(); await CancelVaultDeletion(kmsVaultClient, vault.Id); // After cancelling deletion, the Vault will stay in CANCELLING_DELETION state shortly and then // transit to ACTIVE state. Wait a bit for the transition to happen. logger.Info("Wait a bit for the deletion cancelling to finish"); kmsVaultClient.Waiters.ForVault(getVaultRequest, waiterConfiguration, Vault.LifecycleStateEnum.Active).Execute(); // Management / Key Operations string keyId = await CreateKey(kmsManagementClient, compartmentId); // After creating a Key, the Key will stay in CREATING state shortly and then // transit to ENABLED state. Wait a bit for the transition to happen. logger.Info("Wait a bit for Key creation to finish"); GetKeyRequest getKeyRequest = new GetKeyRequest { KeyId = keyId }; kmsManagementClient.Waiters.ForKey(getKeyRequest, waiterConfiguration, Key.LifecycleStateEnum.Enabled).Execute(); await GetKey(kmsManagementClient, keyId); await UpdateKeyResetTags(kmsManagementClient, keyId); kmsManagementClient.Waiters.ForKey(getKeyRequest, waiterConfiguration, Key.LifecycleStateEnum.Enabled).Execute(); await UpdateKey(kmsManagementClient, keyId); kmsManagementClient.Waiters.ForKey(getKeyRequest, waiterConfiguration, Key.LifecycleStateEnum.Enabled).Execute(); await ListKeys(kmsManagementClient, compartmentId); await DisableKey(kmsManagementClient, keyId); // After disabling a Key, the Key will stay in DISABLING state shortly and then // transit to DISABLED state. Wait a bit for the transition to happen. logger.Info("Wait a bit for Key disabling to finish"); kmsManagementClient.Waiters.ForKey(getKeyRequest, waiterConfiguration, Key.LifecycleStateEnum.Disabled).Execute(); await EnableKey(kmsManagementClient, keyId); // After enabling a Key, the Key will stay in ENABLING state shortly and then // transit to ENABLED state. Wait a bit for the transition to happen. logger.Info("Wait a bit for Key enabling to finish"); kmsManagementClient.Waiters.ForKey(getKeyRequest, waiterConfiguration, Key.LifecycleStateEnum.Enabled).Execute(); await ScheduleKeyDeletion(kmsManagementClient, keyId); // After scheduling deletion, the Key will stay in SCHEDULING_DELETION state shortly and then // transit to PENDING_DELETION state. Wait a bit for the transition to happen. logger.Info("Wait a bit for deletion scheduling to finish"); kmsManagementClient.Waiters.ForKey(getKeyRequest, waiterConfiguration, Key.LifecycleStateEnum.PendingDeletion).Execute(); await CancelKeyDeletion(kmsManagementClient, keyId); // After cancelling deletion, the Key will stay in CANCELLING_DELETION state shortly and then // transit to Enabled state. Wait a bit for the transition to happen. logger.Info("Wait a bit for deletion cancelling to finish"); kmsManagementClient.Waiters.ForKey(getKeyRequest, waiterConfiguration, Key.LifecycleStateEnum.Enabled).Execute(); await CreateKeyVersion(kmsManagementClient, keyId); await ListKeyVersions(kmsManagementClient, keyId); // Crypto Operations string cipherText = await Encrypt(kmsCryptoClient, keyId); await Decrypt(kmsCryptoClient, keyId, cipherText); await GenerateDataEncryptionKey(kmsCryptoClient, keyId); kmsManagementClient.Waiters.ForKey(getKeyRequest, waiterConfiguration, Key.LifecycleStateEnum.Enabled).Execute(); } catch (Exception e) { logger.Error($"Failed to perform operations on Vault: {e}"); } finally { if (kmsVaultClient != null) { kmsVaultClient.Dispose(); } if (kmsManagementClient != null) { kmsManagementClient.Dispose(); } if (kmsCryptoClient != null) { kmsCryptoClient.Dispose(); } } logger.Info("End example"); }