Create keys in other keystore than 'default'

IBM / redstone

A Pythonic IBM Cloud SDK

Apache License 2.0

4 stars 9 forks source link

Create keys in other keystore than 'default' #12

Open rtclauss opened 3 years ago

rtclauss commented 3 years ago

It appears that all keys created using redstone will be placed in the 'default' key ring. Can a parameter be added to the create_key method which specifies which key ring to place the key in? It looks like this is specified via the X-Kms-Key-Ring HTTP header for both KeyProtect and Hyper Protect Service APIs. https://cloud.ibm.com/apidocs/key-protect#createkey https://cloud.ibm.com/apidocs/hs-crypto#createkey

Thanks!

mrodden commented 3 years ago

Hi @rtclauss, yes, there is only CRUD for the KeyRing resources themselves. None of the Key resource action methods have been updated with the key ring support yet.

The key ring header actually affects a lot more than just Key create. In the go SDK we actually have a header set for pretty much every call, and we could do something similar here.