airflow.gcp.hooks.kms
¶
This module contains a Google Cloud KMS hook.
Module Contents¶
-
class
airflow.gcp.hooks.kms.
GoogleCloudKMSHook
(gcp_conn_id:str='google_cloud_default', delegate_to:str=None)[source]¶ Bases:
airflow.contrib.hooks.gcp_api_base_hook.GoogleCloudBaseHook
Interact with Google Cloud KMS. This hook uses the Google Cloud Platform connection.
-
get_conn
(self)[source]¶ Returns a KMS service object.
- Return type
googleapiclient.discovery.Resource
-
encrypt
(self, key_name:str, plaintext:bytes, authenticated_data:bytes=None)[source]¶ Encrypts a plaintext message using Google Cloud KMS.
- Parameters
key_name (str) – The Resource Name for the key (or key version) to be used for encyption. Of the form
projects/*/locations/*/keyRings/*/cryptoKeys/**
plaintext (bytes) – The message to be encrypted.
authenticated_data (bytes) – Optional additional authenticated data that must also be provided to decrypt the message.
- Returns
The base 64 encoded ciphertext of the original message.
- Return type
-