Class SecretManagerKeyringUpdater

    • Constructor Detail

      • SecretManagerKeyringUpdater

        @Inject
        public SecretManagerKeyringUpdater​(KeyringSecretStore secretStore)
    • Method Detail

      • setRdeSigningKey

        public SecretManagerKeyringUpdater setRdeSigningKey​(org.bouncycastle.openpgp.PGPKeyPair keyPair)
                                                     throws java.io.IOException,
                                                            org.bouncycastle.openpgp.PGPException
        Throws:
        java.io.IOException
        org.bouncycastle.openpgp.PGPException
      • setRdeStagingKey

        public SecretManagerKeyringUpdater setRdeStagingKey​(org.bouncycastle.openpgp.PGPKeyPair keyPair)
                                                     throws java.io.IOException,
                                                            org.bouncycastle.openpgp.PGPException
        Throws:
        java.io.IOException
        org.bouncycastle.openpgp.PGPException
      • setRdeReceiverPublicKey

        public SecretManagerKeyringUpdater setRdeReceiverPublicKey​(org.bouncycastle.openpgp.PGPPublicKey publicKey)
                                                            throws java.io.IOException
        Throws:
        java.io.IOException
      • setBrdaSigningKey

        public SecretManagerKeyringUpdater setBrdaSigningKey​(org.bouncycastle.openpgp.PGPKeyPair keyPair)
                                                      throws java.io.IOException,
                                                             org.bouncycastle.openpgp.PGPException
        Throws:
        java.io.IOException
        org.bouncycastle.openpgp.PGPException
      • setBrdaReceiverPublicKey

        public SecretManagerKeyringUpdater setBrdaReceiverPublicKey​(org.bouncycastle.openpgp.PGPPublicKey publicKey)
                                                             throws java.io.IOException
        Throws:
        java.io.IOException
      • update

        public void update()
        Persists the secrets in the Secret Manager.

        Updates to the Secret Manager are not transactional. If an error happens, the successful updates are not reverted; unwritten updates are aborted. This is not a problem right now, since this class is only used by the UpdateKmsKeyringCommand, which is invoked manually and only updates one secret at a time.