`antimatter.session_mixins.root_encryption_key_mixin`#

Module Contents#

Classes#

RootEncryptionKeyMixin

Session mixin defining CRUD functionality for root encryption keys

class antimatter.session_mixins.root_encryption_key_mixin.RootEncryptionKeyMixin(authz: antimatter.authz.Authorization, **kwargs)#

Bases: antimatter.session_mixins.base.BaseMixin

Session mixin defining CRUD functionality for root encryption keys

get_active_root_encryption_key() → antimatter_api.RootEncryptionKeyItem#

Get the active root encryption key

Returns:: The active root encryption key

list_root_encryption_keys() → List[antimatter_api.RootEncryptionKeyItem]#

List all root encryption keys

Returns:: A list of root encryption keys

test_root_encryption_key(root_encryption_key_id: str) → antimatter_api.RootEncryptionKeyTestResponse#

Attempt to test a root encryption key to encrypt and decrypt

Parameters:: key – The key to test
Returns:: The result of the test

add_root_encryption_key(key_infos: antimatter_api.KeyInfos, description: str = '') → str#

Add a new root encryption key. Use the builder functions in antimatter.builders.root_encryption_key to create the key information.

For example:

key_info = antimatter.builders.antimatter_delegated_aws_key_info(key_arn="key_arn")
key_id = session.add_root_encryption_key(key_info)

key_info = antimatter.builders.aws_service_account_key_info(
    access_key_id="access_key_id", secret_access_key
)
key_id = session.add_root_encryption_key(key_info)

key_info = antimatter.builders.gcp_service_account_key_info(
    service_account_credentials="service_account_credentials", project_id="project_id", location="location"
)
key_id = session.add_root_encryption_key(key_info)

Parameters:

key_infos – The key information to add
description – The description of the key

delete_root_encryption_key(root_encryption_key_id: str)#

Delete a root encryption key. Only possible if key is not in use by any data key encryption keys

Parameters:: key – The key to delete

set_active_root_encryption_key(root_encryption_key_id: str) → None#

Set the active root encryption key for the domain

Parameters:: key – The key to set as active

rotate_encryption_keys() → None#: Rotates the root encryption keys. This is a batched operation and if ‘True’ is returned, this indicates whether there are more key encryption keys that can be rotated.

list_key_providers() → List[antimatter_api.AvailableDelegatedRootEncryptionKeyProvider | antimatter_api.AvailableServiceAccountRootEncryptionKeyProvider]#: Retrieve the domain’s key providers and a brief overview of their configuration.

antimatter.session_mixins.root_encryption_key_mixin#

Module Contents#

Classes#

`antimatter.session_mixins.root_encryption_key_mixin`#