Class: Mongo::Crypt::KMS::Credentials Private

Inherits:

Object

• Object
• Mongo::Crypt::KMS::Credentials

Defined in:

lib/mongo/crypt/kms/credentials.rb

Overview

This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.

KMS Credentials object contains credentials for using KMS providers.

Instance Attribute Summary

• #aws ⇒ Credentials::AWS | nil readonly private

  AWS KMS credentials.

• #azure ⇒ Credentials::Azure | nil readonly private

  Azure KMS credentials.

• #gcp ⇒ Credentials::GCP | nil readonly private

  GCP KMS credentials.

• #kmip ⇒ Credentials::KMIP | nil readonly private

  KMIP KMS credentials.

• #local ⇒ Credentials::Local | nil readonly private

  Local KMS credentials.

Instance Method Summary

• #initialize(kms_providers) ⇒ Credentials constructor private

  Creates a KMS credentials object form a parameters hash.

• #to_document ⇒ BSON::Document private

  Convert credentials object to a BSON document in libmongocrypt format.

Constructor Details

#initialize(kms_providers) ⇒ Credentials

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Note:

There may be more than one KMS provider specified.

Creates a KMS credentials object form a parameters hash.

Parameters:

• kms_providers (Hash) —

  A hash that contains credential for KMS providers. The hash should have KMS provider names as keys, and required parameters for every provider as values. Required parameters for KMS providers are described in corresponding classes inside Mongo::Crypt::KMS module.

Raises:

• (ArgumentError) —

  If required options are missing or incorrectly formatted.

# File 'lib/mongo/crypt/kms/credentials.rb', line 54

def initialize(kms_providers)
  if kms_providers.nil?
    raise ArgumentError.new("KMS providers options must not be nil")
  end
  if kms_providers.key?(:aws)
    @aws = AWS::Credentials.new(kms_providers[:aws])
  end
  if kms_providers.key?(:azure)
    @azure = Azure::Credentials.new(kms_providers[:azure])
  end
  if kms_providers.key?(:gcp)
    @gcp = GCP::Credentials.new(kms_providers[:gcp])
  end
  if kms_providers.key?(:kmip)
    @kmip = KMIP::Credentials.new(kms_providers[:kmip])
  end
  if kms_providers.key?(:local)
    @local = Local::Credentials.new(kms_providers[:local])
  end
  if @aws.nil? && @azure.nil? && @gcp.nil? && @kmip.nil? && @local.nil?
    raise ArgumentError.new(
      "KMS providers options must have one of the following keys: " +
      ":aws, :azure, :gcp, :kmip, :local"
    )
  end
end

Instance Attribute Details

#aws ⇒ Credentials::AWS | nil (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns AWS KMS credentials.

Returns:

• (Credentials::AWS | nil) —

  AWS KMS credentials.

# File 'lib/mongo/crypt/kms/credentials.rb', line 28

def aws
  @aws
end

#azure ⇒ Credentials::Azure | nil (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns Azure KMS credentials.

Returns:

• (Credentials::Azure | nil) —

  Azure KMS credentials.

# File 'lib/mongo/crypt/kms/credentials.rb', line 31

def azure
  @azure
end

#gcp ⇒ Credentials::GCP | nil (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns GCP KMS credentials.

Returns:

• (Credentials::GCP | nil) —

  GCP KMS credentials.

# File 'lib/mongo/crypt/kms/credentials.rb', line 34

def gcp
  @gcp
end

#kmip ⇒ Credentials::KMIP | nil (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns KMIP KMS credentials.

Returns:

• (Credentials::KMIP | nil) —

  KMIP KMS credentials.

# File 'lib/mongo/crypt/kms/credentials.rb', line 37

def kmip
  @kmip
end

#local ⇒ Credentials::Local | nil (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Returns Local KMS credentials.

Returns:

• (Credentials::Local | nil) —

  Local KMS credentials.

# File 'lib/mongo/crypt/kms/credentials.rb', line 40

def local
  @local
end

Instance Method Details

#to_document ⇒ BSON::Document

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Convert credentials object to a BSON document in libmongocrypt format.

Returns:

• (BSON::Document) —

  Credentials as BSON document.

# File 'lib/mongo/crypt/kms/credentials.rb', line 84

def to_document
  BSON::Document.new.tap do |bson|
    bson[:aws] = @aws.to_document if @aws
    bson[:azure] = @azure.to_document if @azure
    bson[:gcp] = @gcp.to_document if @gcp
    bson[:kmip] = @kmip.to_document if @kmip
    bson[:local] = @local.to_document if @local
  end
end