I'm using a java client to retreive available keyrings from google KMS based on https://cloud.google.com/kms/docs/samples/kms-quickstart#kms_quickstart-java
below gcould command will list the available beys and versions for a specific keyRing
gcloud kms keys list --keyring keyring --location location
but I'm able to find any documentation about the java client to retrieve key names and versions from the keyring. is there any option available in gogle KMS java client ?
See Cloud KMS Client Library
The example in the page you referenced includes listKeyRings.
To enumerate a specific keyring's (crypto) keys, I think (!?) you can use listCryptoKeys to (also) get pages (!) of ListCryptoKeysPagedResponse that you should be able to iterateAll().
NOTE These examples don't (!?) fetch subsequent pages of results; you will need to do this.
Unless you're familiar with the auto-generated javadocs, navigating these APIs can be gnarly.
A few things to know:
Google (almost without exception) does an excellent job with its SDKs. If an API method exists, you can be very confident that the functionality is present in a Google SDK of your choosing; you just need to find it!
APIs Explorer is an excellent tool for understanding Google's APIs (it used to do a better job referencing SDKs too). In this case, Cloud KMS keyRings.list and keyRings.cryptoKeys.list not only document the method functionality but summarize the request|response objects.
Any (!) gcloud command can be tweaked with --log-http to show which underlying REST API calls are being made, i.e. gcloud kms keys list --keyring=${KEYRING} --location=${LOCATION} --log-http should (!) reference back to keyRings.cryptoKeys.list
Related
We're new to Amazon Seller Partner-API. Need to invoke certain Amazon SP-APIs for an integration workflow. For some internal reasons, using Amazon SDKs is a secondary option. With our conventional approach, we're able to interact with most APIs, in this case the AWS Request signing & Signature generation is where we're stuck.
As per Amazon using SDK handles it all internally. Is it possible to use a command line utility like - AWS CLI to interact with SP-APIs? Not sure if this is feasible. Found this - amazon-sp-api but not sure if it is stable / reliable.
I believe there should be ways to interact with SP-API from command line. If not, atleast there should be a tool that is able to produce AWS Request signature (given the request info, key etc...).
Kindly share your experience and expertise. We're new to AWS, so if I'm confusing AWS with SP-API (esp for Request signing - I believe both use the same mechanism) pls point it out.
The link you shared to amz.tools does not look like a command line interface. It is just an SDK generated in NodeJS. There is not way to connect to the API via command line. You can use Postman if you want to avoid SDKs.
And yes, AWS is not the same thing as SP API.
You can search github for SDKs generated on other languages; some seem to have a lot of use.
We generated our own SDK in C# because others didn't fit out criteria.
I am using #google-cloud/logging package to get logs from gcloud, and it works nicely, you can get logs, event (and query them if needed). But how I can get the same info as Logs Explorer? I mean different type of fields which can be queried and etc:
On this picture you see Log fields like, FUNCTION NAME which may be a list of values. And it seems that #google-cloud/logging can't get this meta (or fields info)? So is it possible to obtain it using some other APIs?
If I understand your question correctly, you're asking how Logs Viewer is determining the values that allows it to present you with the various log fields to filter|refine your log queries.
I suspect (don't know) that the viewer is building these lists from the properties as it parses the logs. This would suggest that, the lists are imperfect and that e.g. FUNCTION_NAME's would only appear once a log including the Function's name were parsed.
There is a way to enumerate definitive lists of GCP resources. This is done using list or equivalent methods available using service-specific libraries (SDKs) e.g. #google-cloud/functions.
The easiest way to understand what functionality is provided by a given Google service is to browse the service using Google's APIs Explorer. Here's Cloud Logging API v2 and here's Cloud Functions API.
You can prove to yourself that there's no method under Cloud Logging that allows enumeration of all a project's Cloud Functions. But there is a method in Cloud Functions projects.locations.functions.list. The latter returns a response body that includes a list of functions that are a type CloudFunction that have a name.
Another way to understand how these APIs ("libraries") are used is to add --log-http to any gcloud command to see what API calls are being made by the command.
What is the most efficient way to update all assets labels per project?
I can list all project resources and their labels with gcloud asset search-all-resources --project=SomeProject. The command also returns the labels for those assets.
Is there something like gcloud asset update-labels?
I'm unfamiliar with the service but, APIs Explorer (Google's definitive service documentation), shows a single list method.
I suspect (!?) that you will need to iterate over all your resource types and update instances of them using any (there may not be) update (PATCH) method that permits label changes for that resource type.
This seems like a reasonable request and you may wish to submit a feature request using Google's issue tracker
gcloud does not seem to have a update-labels command.
You could try the Cloud Resource Manager API. For example, call the REST or Python API: https://cloud.google.com/resource-manager/docs/creating-managing-labels#update-labels
I'm trying to retrieve below details using java SDK or CLI.
I found below CLI commands for that but in sample responses I don't see an appropriate CLI command for that.
describe-ops-items
get-ops-item
get-ops-metadata
get-ops-summary
list-ops-item-events
list-ops-item-related-items
list-ops-metadata
Trying out each CLI is not an option since this is very sensitive data and cannot request permission for all CLI methods..
Have you seen that there is a method list-compliance-summaries ?
From the official docs:
Returns a summary count of compliant and non-compliant resources for a compliance type. For example, this call can return State Manager associations, patches, or custom compliance types according to the filter criteria that you specify.
I am trying to develop a python script that gets different parameters of any AWS service (for EC2 e.g., those parameters would be operating system, billing type etc.). Where can I find a listing of all the available Filters that can be used with the get_products function in boto3 for each different supported Service?
Thanks in advance,
Andreas
Actually, there is no direct API or doc available for getting all the attributes. At least I didnt find any.
What you can do is combine various API calls:
You can use DescribeServices
, you get all the attributes of the all the services or if you want to have for one particular you can provide the name. Boto3 call describe_services
Returns the metadata for one service or a list of the metadata for all services
Then you need to use GetAttributeValues to determine the possible values of the attributes. Boto3 call get_attribute_values
And finally depending on the attributes collected in the earlier step you can build a filter for get_producs