# Copyright 2024 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. from imports.kms import Kms def create_kms(self, kms): """creates sc access level""" name = kms["keyring"] kms["project_id"] = self.tf_ref("project", kms["project_id"]) owners = [] for owner in kms.get("owners", []): subowners = [] for principal in owner.split(","): principal = principal.strip().split(":") p_type, principal_id = principal[0], principal[1] principal_id = self.tf_ref(p_type.lower(), principal_id) new_principal = f"{p_type}:{principal_id}" subowners.append(new_principal) subowners = ",".join(subowners) owners.append(subowners) if owners: kms["owners"] = owners self.created["kms"][name] = Kms(self, f"kms_{name}", **kms) def generate_kms(self, my_resource, resource): """creates sc perimeter""" for data in self.eztf_config.get(my_resource, []): create_kms(self, data)