diff --git a/google-cloud-examples/src/main/java/com/google/cloud/examples/storage/snippets/StorageSnippets.java b/google-cloud-examples/src/main/java/com/google/cloud/examples/storage/snippets/StorageSnippets.java index c42e2c627abd..438f3c1a455f 100644 --- a/google-cloud-examples/src/main/java/com/google/cloud/examples/storage/snippets/StorageSnippets.java +++ b/google-cloud-examples/src/main/java/com/google/cloud/examples/storage/snippets/StorageSnippets.java @@ -168,17 +168,41 @@ public Blob createBlobFromInputStream(String bucketName, String blobName) { // [VARIABLE "my_encryption_key"] public Blob createEncryptedBlob(String bucketName, String blobName, String encryptionKey) { // [START storageUploadEncryptedFile] - InputStream content = new ByteArrayInputStream("Hello, World!".getBytes(UTF_8)); + byte[] data = "Hello, World!".getBytes(UTF_8); BlobId blobId = BlobId.of(bucketName, blobName); BlobInfo blobInfo = BlobInfo.newBuilder(blobId) .setContentType("text/plain") .build(); - Blob blob = storage.create(blobInfo, content, BlobWriteOption.encryptionKey(encryptionKey)); + Blob blob = storage.create(blobInfo, data, BlobTargetOption.encryptionKey(encryptionKey)); // [END storageUploadEncryptedFile] return blob; } + /** + * Example of uploading a blob encrypted service side with a Cloud KMS key. + */ + public Blob createKmsEncrpytedBlob(String bucketName, String blobName, String kmsKeyName) { + // [START storage_upload_with_kms_key] + byte[] data = "Hello, World!".getBytes(UTF_8); + + // The name of the existing bucket to set a default KMS key for, e.g. "my-bucket" + // String bucketName = "my-bucket" + + // The name of the KMS-key to use as a default + // Key names are provided in the following format: + // 'projects//locations//keyRings//cryptoKeys/' + // String kmsKeyName = "" + + BlobId blobId = BlobId.of(bucketName, blobName); + BlobInfo blobInfo = BlobInfo.newBuilder(blobId) + .setContentType("text/plain") + .build(); + Blob blob = storage.create(blobInfo, data, BlobTargetOption.kmsKeyName(kmsKeyName)); + // [END storage_upload_with_kms_key] + return blob; + } + /** * Example of getting information on a bucket, only if its metageneration matches a value, * otherwise a {@link StorageException} is thrown. @@ -1137,4 +1161,31 @@ public void downloadFileUsingRequesterPays(String projectId, String bucketName, blob.downloadTo(destFilePath, Blob.BlobSourceOption.userProject(projectId)); // [END storage_download_file_requester_pays] } + + /** + * Example of setting a default KMS key on a bucket. + */ + public Bucket setDefaultKmsKey(String bucketName, String kmsKeyName) throws StorageException { + // [START storage_set_bucket_default_kms_key] + // Instantiate a Google Cloud Storage client + Storage storage = StorageOptions.getDefaultInstance().getService(); + + // The name of the existing bucket to set a default KMS key for, e.g. "my-bucket" + // String bucketName = "my-bucket" + + // The name of the KMS-key to use as a default + // Key names are provided in the following format: + // 'projects//locations//keyRings//cryptoKeys/' + // String kmsKeyName = "" + + BucketInfo bucketInfo = BucketInfo.newBuilder(bucketName) + .setDefaultKmsKeyName(kmsKeyName) + .build(); + + Bucket bucket = storage.update(bucketInfo); + + System.out.println("Default KMS Key Name: " + bucket.getDefaultKmsKeyName()); + // [END storage_set_bucket_default_kms_key] + return bucket; + } } diff --git a/google-cloud-examples/src/test/java/com/google/cloud/examples/storage/snippets/ITStorageSnippets.java b/google-cloud-examples/src/test/java/com/google/cloud/examples/storage/snippets/ITStorageSnippets.java index 730708824c2e..470a761ff645 100644 --- a/google-cloud-examples/src/test/java/com/google/cloud/examples/storage/snippets/ITStorageSnippets.java +++ b/google-cloud-examples/src/test/java/com/google/cloud/examples/storage/snippets/ITStorageSnippets.java @@ -72,6 +72,9 @@ public class ITStorageSnippets { private static final String USER_EMAIL = "google-cloud-java-tests@" + "java-docs-samples-tests.iam.gserviceaccount.com"; + private static final String KMS_KEY_NAME = "projects/gcloud-devel/locations/us/" + + "keyRings/gcs_kms_key_ring_us/cryptoKeys/key"; + private static Storage storage; private static StorageSnippets storageSnippets; private static List bucketsToCleanUp; @@ -178,6 +181,13 @@ public void testCreateUpdateEncryptedBlob() throws InterruptedException { assertEquals("text/plain", blob.getContentType()); } + @Test + public void testCreateKMSEncryptedBlob() { + String blobName = "kms-encrypted-blob"; + Blob blob = storageSnippets.createKmsEncrpytedBlob(BUCKET, blobName, KMS_KEY_NAME); + assertNotNull(blob); + } + @Test public void testCreateCopyAndGetBlob() { String blobName = "test-create-copy-get-blob"; @@ -383,22 +393,22 @@ public void testBlobAcl() { assertNull(storageSnippets.getBlobAcl(BUCKET, blobName, createdBlob.getGeneration())); // test non-existing blob String nonExistingBlob = "test-blob-acl"; - assertNull(storageSnippets.getBlobAcl(BUCKET, nonExistingBlob, -1L)); - assertFalse(storageSnippets.deleteBlobAcl(BUCKET, nonExistingBlob, -1L)); + assertNull(storageSnippets.getBlobAcl(BUCKET, nonExistingBlob, 1L)); + assertFalse(storageSnippets.deleteBlobAcl(BUCKET, nonExistingBlob, 1L)); try { - storageSnippets.createBlobAcl(BUCKET, nonExistingBlob, -1L); + storageSnippets.createBlobAcl(BUCKET, nonExistingBlob, 1L); fail("Expected StorageException"); } catch (StorageException ex) { // expected } try { - storageSnippets.updateBlobAcl(BUCKET, nonExistingBlob, -1L); + storageSnippets.updateBlobAcl(BUCKET, nonExistingBlob, 1L); fail("Expected StorageException"); } catch (StorageException ex) { // expected } try { - storageSnippets.listBlobAcls(BUCKET, nonExistingBlob, -1L); + storageSnippets.listBlobAcls(BUCKET, nonExistingBlob, 1L); fail("Expected StorageException"); } catch (StorageException ex) { // expected @@ -429,4 +439,12 @@ public void testRequesterPays() throws Exception { bucket = storageSnippets.disableRequesterPays(BUCKET); assertFalse(bucket.requesterPays()); } + + @Test + public void testDefaultKMSKey(){ + Bucket bucket = storageSnippets.setDefaultKmsKey(BUCKET, KMS_KEY_NAME); + assertEquals(KMS_KEY_NAME, bucket.getDefaultKmsKeyName()); + // Remove default key + storageSnippets.setDefaultKmsKey(BUCKET,null); + } }