mirror of
				https://github.com/ansible-collections/google.cloud.git
				synced 2025-10-24 13:04:06 -07:00 
			
		
		
		
	Pub/Sub Topic CMEK/KMS support (#291)
Signed-off-by: Modular Magician <magic-modules@google.com>
This commit is contained in:
		
					parent
					
						
							
								8bfa580005
							
						
					
				
			
			
				commit
				
					
						d0ff439be6
					
				
			
		
					 2 changed files with 31 additions and 3 deletions
				
			
		|  | @ -51,6 +51,14 @@ options: | |||
|     description: | ||||
|     - Name of the topic. | ||||
|     required: true | ||||
|   kms_key_name: | ||||
|     description: | ||||
|     - The resource name of the Cloud KMS CryptoKey to be used to protect access to | ||||
|       messsages published on this topic. Your project's PubSub service account (`service-{{PROJECT_NUMBER}}@gcp-sa-pubsub.iam.gserviceaccount.com`) | ||||
|       must have `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature. | ||||
|     - The expected format is `projects/*/locations/*/keyRings/*/cryptoKeys/*` . | ||||
|     required: false | ||||
|     version_added: 2.9 | ||||
|   labels: | ||||
|     description: | ||||
|     - A set of key/value label pairs to assign to this Topic. | ||||
|  | @ -78,6 +86,14 @@ name: | |||
|   - Name of the topic. | ||||
|   returned: success | ||||
|   type: str | ||||
| kmsKeyName: | ||||
|   description: | ||||
|   - The resource name of the Cloud KMS CryptoKey to be used to protect access to messsages | ||||
|     published on this topic. Your project's PubSub service account (`service-{{PROJECT_NUMBER}}@gcp-sa-pubsub.iam.gserviceaccount.com`) | ||||
|     must have `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature. | ||||
|   - The expected format is `projects/*/locations/*/keyRings/*/cryptoKeys/*` . | ||||
|   returned: success | ||||
|   type: str | ||||
| labels: | ||||
|   description: | ||||
|   - A set of key/value label pairs to assign to this Topic. | ||||
|  | @ -102,7 +118,10 @@ def main(): | |||
| 
 | ||||
|     module = GcpModule( | ||||
|         argument_spec=dict( | ||||
|             state=dict(default='present', choices=['present', 'absent'], type='str'), name=dict(required=True, type='str'), labels=dict(type='dict') | ||||
|             state=dict(default='present', choices=['present', 'absent'], type='str'), | ||||
|             name=dict(required=True, type='str'), | ||||
|             kms_key_name=dict(type='str'), | ||||
|             labels=dict(type='dict'), | ||||
|         ) | ||||
|     ) | ||||
| 
 | ||||
|  | @ -162,7 +181,7 @@ def delete(module, link): | |||
| 
 | ||||
| 
 | ||||
| def resource_to_request(module): | ||||
|     request = {u'name': module.params.get('name'), u'labels': module.params.get('labels')} | ||||
|     request = {u'name': module.params.get('name'), u'kmsKeyName': module.params.get('kms_key_name'), u'labels': module.params.get('labels')} | ||||
|     request = encode_request(request, module) | ||||
|     return_vals = {} | ||||
|     for k, v in request.items(): | ||||
|  | @ -230,7 +249,7 @@ def is_different(module, response): | |||
| # Remove unnecessary properties from the response. | ||||
| # This is for doing comparisons with Ansible's current parameters. | ||||
| def response_to_hash(module, response): | ||||
|     return {u'name': module.params.get('name'), u'labels': response.get(u'labels')} | ||||
|     return {u'name': module.params.get('name'), u'kmsKeyName': module.params.get('kms_key_name'), u'labels': response.get(u'labels')} | ||||
| 
 | ||||
| 
 | ||||
| def decode_request(response, module): | ||||
|  |  | |||
|  | @ -63,6 +63,15 @@ resources: | |||
|       - Name of the topic. | ||||
|       returned: success | ||||
|       type: str | ||||
|     kmsKeyName: | ||||
|       description: | ||||
|       - The resource name of the Cloud KMS CryptoKey to be used to protect access | ||||
|         to messsages published on this topic. Your project's PubSub service account | ||||
|         (`service-{{PROJECT_NUMBER}}@gcp-sa-pubsub.iam.gserviceaccount.com`) must | ||||
|         have `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature. | ||||
|       - The expected format is `projects/*/locations/*/keyRings/*/cryptoKeys/*` . | ||||
|       returned: success | ||||
|       type: str | ||||
|     labels: | ||||
|       description: | ||||
|       - A set of key/value label pairs to assign to this Topic. | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue