KjSrSSKJr SSKJr SSKJr Sr/SQrSr Sr S r S r SS jr SS jrg )zUtility functions for Cloud KMS integration with GCE. Collection of methods to handle Cloud KMS (Key Management Service) resources with Google Compute Engine (GCE). ) exceptions) properties) resourceszGhttps://cloud.google.com/compute/docs/disks/customer-managed-encryption) kms-key kms-keyring kms-location kms-projectzboot-disk-kms-keyzboot-disk-kms-keyringzboot-disk-kms-locationzboot-disk-kms-projectzinstance-kms-keyzinstance-kms-keyringzinstance-kms-locationzinstance-kms-projectcU(dg[5n[H:n[XRSS5S5(dM&UR SU-5 M< U$)3Returns the first KMS related argument as a string.N-_z--)set _KMS_ARGSgetattrreplaceaddargs specifiedkeywords /lib/googlecloudsdk/api_lib/compute/kms_utils.py_GetSpecifiedKmsArgsr$sI e)gt__S#.55mmD7N# ctU(dg[5n[HnX ;dM URU5 M U$)r N)rrrrs r_GetSpecifiedKmsDictr/s2 e)gmmG rc U(dgSn[RRU"US5"5SU;aUSO-[RR R RU"US5U"US5U"US5S.SS 9$) zTT;aTTOSnU(aU$[R"SSRT55e)Nz --create-diskzKKMS cryptokey resource was not fully specified. Key [{}] must be specified.)calliope_exceptionsInvalidArgumentExceptionformat)valrkeys r GetValueFunc5_DictToKmsKey..GetValue..GetValueFuncAs@DI$c   8 8   &+ ''r)rr#r$s`` rGetValue_DictToKmsKey..GetValue?s' rrr rr) projectsId locationsId keyRingsId cryptoKeysIdz/cloudkms.projects.locations.keyRings.cryptoKeys)params collection)rREGISTRYParserVALUEScoreproject GetOrFail)rr's r _DictToKmsKeyr5:s      ! !tY!&3d%:d=!$$,,66t^,t]+tY' C " D Drcb[U5nU(dgURUR5S9$)zFReturns the Cloud KMS crypto key name based on the values in the dict.N kmsKeyName)r5CustomerEncryptionKey RelativeName)rmessagesr#s r_DictToMessager<\s/d#   ' '33C3C3E ' FFrcU(aURRnSnO8U(aURRnSnOURRnSnUR 5nU[ U5;aU(d[ R"US5eU(aDU(a [ R"S/[ U5Q76eURUR5S9$U$)aGets the Cloud KMS CryptoKey reference from command arguments. Args: args: Namespaced command line arguments. messages: Compute API messages module. current_value: Current CustomerEncryptionKey value. boot_disk_prefix: If the key flags have the 'boot-disk' prefix. instance_prefix: If the key flags have the 'instance' prefix. Returns: CustomerEncryptionKey message with the KMS key populated if args has a key. Raises: ConflictingArgumentsException if an encryption key is already populated. z--boot-disk-kms-keyz--instance-kms-keyz --kms-keyz/KMS cryptokey resource was not fully specified.--csek-key-filer7) CONCEPTSboot_disk_kms_keyinstance_kms_keykms_keyr0rrr ConflictingArgumentsExceptionr9r:)rr; current_valueboot_disk_prefixinstance_prefixkey_argflagr#s rMaybeGetKmsKeyrIds&mm--G Dmm,,G Dmm##G D # !$ ''  6 6 ? AA  = =  :248 ::  ) )S5E5E5G ) HH rc[[U55(a2U(a [R"U/[ U5Q76e[ X5$U$)aGets the Cloud KMS CryptoKey reference for a boot disk's initialize params. Args: args: A dictionary of a boot disk's initialize params. messages: Compute API messages module. current_value: Current CustomerEncryptionKey value. conflicting_arg: name of conflicting argument Returns: CustomerEncryptionKey message with the KMS key populated if args has a key. Raises: ConflictingArgumentsException if an encryption key is already populated. )boolrrrCrr<)rr;rDconflicting_args rMaybeGetKmsKeyFromDictrMsL" t $%%  = =  806 88 $ )) rN)FF)r>)__doc__googlecloudsdk.callioperrgooglecloudsdk.corerr KMS_HELP_URLrrrr5r<rIrMr&rrrRsSF*).   DDG%*#( &X,=r