无法在 us-central1 中更新加密密钥
Can't update cryptokey in us-central1
出于某种原因,我似乎无法更新 us-central1 区域中的密钥。我的 IAM 具有更新和列表角色,我使用此代码:
import google.cloud.kms as kms
self.client = kms.KeyManagementServiceClient()
name = 'client-1'
key_path = self.client.crypto_key_path(config.PROJECT, config.KMS_LOCATION, config.KMS_RING, name)
update_mask = {'paths': ['rotation_period', 'next_rotation_time']}
self.client.update_crypto_key({
'name': key_path,
'rotation_period': {'seconds': 0},
'next_rotation_time': {'seconds': 0}
}, update_mask)
它给我以下错误:
google.api_core.exceptions.NotFound: 404 The request concerns location
'us-central1' but was sent to location 'global'. Either Cloud KMS is
not available in 'us-central1' or the request was misrouted.
奇怪的是列表和获取工作正常。我还看到了一个解决方案,他们更改了客户端的传输参数,但我似乎找不到正确的地址。
提前致谢!
这是一个错误,我们正在 https://github.com/googleapis/gapic-generator/issues/3066
进行跟踪
同时,错误的原因是当第一个参数是 dict 时,UpdateCryptoKey 无法正确计算区域。如果它是 resources_pb2.CryptoKey,它工作正常。例如:
import google.cloud.kms as kms
from google.cloud.kms_v1.proto import resources_pb2
client = kms.KeyManagementServiceClient()
ck = resources_pb2.CryptoKey()
ck.name = 'projects/{proj}/locations/us-central1/keyRings/{kr}/cryptoKeys/{key}'
ck.next_rotation_time.GetCurrentTime()
update_mask = {'paths': ['next_rotation_time']}
client.update_crypto_key(ck, update_mask)
希望这能让您在我们修复此问题时解决此问题。对于给您带来的不便,我们深表歉意,感谢您的耐心等待!
出于某种原因,我似乎无法更新 us-central1 区域中的密钥。我的 IAM 具有更新和列表角色,我使用此代码:
import google.cloud.kms as kms
self.client = kms.KeyManagementServiceClient()
name = 'client-1'
key_path = self.client.crypto_key_path(config.PROJECT, config.KMS_LOCATION, config.KMS_RING, name)
update_mask = {'paths': ['rotation_period', 'next_rotation_time']}
self.client.update_crypto_key({
'name': key_path,
'rotation_period': {'seconds': 0},
'next_rotation_time': {'seconds': 0}
}, update_mask)
它给我以下错误:
google.api_core.exceptions.NotFound: 404 The request concerns location 'us-central1' but was sent to location 'global'. Either Cloud KMS is not available in 'us-central1' or the request was misrouted.
奇怪的是列表和获取工作正常。我还看到了一个解决方案,他们更改了客户端的传输参数,但我似乎找不到正确的地址。
提前致谢!
这是一个错误,我们正在 https://github.com/googleapis/gapic-generator/issues/3066
进行跟踪同时,错误的原因是当第一个参数是 dict 时,UpdateCryptoKey 无法正确计算区域。如果它是 resources_pb2.CryptoKey,它工作正常。例如:
import google.cloud.kms as kms
from google.cloud.kms_v1.proto import resources_pb2
client = kms.KeyManagementServiceClient()
ck = resources_pb2.CryptoKey()
ck.name = 'projects/{proj}/locations/us-central1/keyRings/{kr}/cryptoKeys/{key}'
ck.next_rotation_time.GetCurrentTime()
update_mask = {'paths': ['next_rotation_time']}
client.update_crypto_key(ck, update_mask)
希望这能让您在我们修复此问题时解决此问题。对于给您带来的不便,我们深表歉意,感谢您的耐心等待!