Skip to content

DR-1120: Google Cloud Platform support #1628

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Parent: Release 17.1.13
merged 19 commits into from
Oct 20, 2025
Merged

DR-1120: Google Cloud Platform support #1628

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
fec6f34
Fixed rotation CRON style schedules (#1623)
idimov-keeper Oct 3, 2025
a30529b
KC-762: Respect "MASTER_PASSWORD_REENTRY" enforcement.
sdubey-ks Oct 3, 2025
e7e141f
KC-963: Added format json support to search, totp and ls commands
sdubey-ks Oct 1, 2025
7b1549d
improve search results display and code organization
sdubey-ks Oct 3, 2025
8688227
Add missing commands 'find-password, file-report, rm, load-record-typ…
amangalampalli-ks Oct 6, 2025
cab162a
Move audit-alert in reporting commands
amangalampalli-ks Oct 6, 2025
75b3b63
ice restart support (#1625)
miroberts Oct 7, 2025
8b8a0a0
updated rotation settings print
idimov-keeper Oct 9, 2025
43abed8
PEDM: Python3.9 compatibility
Oct 10, 2025
4453485
Unit tests: Python3.7
Oct 10, 2025
f519815
KC-973: Ensure list and other commands produces proper response in se…
sdubey-ks Oct 10, 2025
0d0b36d
Added KSM Config Base64 support for docker (#1629)
sdubey-ks Oct 10, 2025
9a556e0
`audit-report`: Add support for regex + multi keyword row filter
aaunario-keeper Oct 10, 2025
3556c4a
Fixed DAG logger custom log levels (#1631)
idimov-keeper Oct 14, 2025
ff4c93c
Updated no-security-question-update to no-recovery and included accou…
sdubey-ks Oct 15, 2025
a9e1199
Add Google Cloud configuration support with new json field type.
mfordkeeper Jun 24, 2025
7da0c67
Merge branch 'release' into gcp-experimental
mfordkeeper Oct 16, 2025
8c5f605
Resolve more release merge conflicts.
mfordkeeper Oct 16, 2025
bd1ffa3
Merge branch 'release' into gcp-experimental
mfordkeeper Oct 20, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
31 changes: 28 additions & 3 deletions keepercommander/commands/discoveryrotation.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1600,7 +1600,7 @@ def print_root_rotation_setting(params, is_verbose=False, format_type='table'):
headers.append('Fields')

for c in configurations: # type: vault.TypedRecord
if c.record_type in ('pamAwsConfiguration', 'pamAzureConfiguration', 'pamDomainConfiguration', 'pamNetworkConfiguration', 'pamOciConfiguration'):
if c.record_type in ('pamAwsConfiguration', 'pamAzureConfiguration', 'pamGcpConfiguration', 'pamDomainConfiguration', 'pamNetworkConfiguration', 'pamOciConfiguration'):
facade.record = c
shared_folder_parents = find_parent_top_folder(params, c.record_uid)
if shared_folder_parents:
Expand Down Expand Up @@ -1662,7 +1662,7 @@ def print_root_rotation_setting(params, is_verbose=False, format_type='table'):

common_parser = argparse.ArgumentParser(add_help=False)
common_parser.add_argument('--environment', '-env', dest='config_type', action='store',
choices=['local', 'aws', 'azure', 'domain', 'oci'], help='PAM Configuration Type', )
choices=['local', 'aws', 'azure', 'gcp', 'domain', 'oci'], help='PAM Configuration Type')
common_parser.add_argument('--title', '-t', dest='title', action='store', help='Title of the PAM Configuration')
common_parser.add_argument('--gateway', '-g', dest='gateway_uid', action='store', help='Gateway UID or Name')
common_parser.add_argument('--shared-folder', '-sf', dest='shared_folder_uid', action='store',
Expand Down Expand Up @@ -1702,6 +1702,13 @@ def print_root_rotation_setting(params, is_verbose=False, format_type='table'):
oci_group.add_argument('--oci-tenancy', dest='oci_tenancy', action='store', help='OCI tenancy')
oci_group.add_argument('--oci-region', dest='oci_region', action='store', help='OCI region')

gcp_group = common_parser.add_argument_group('gcp', 'GCP configuration')
gcp_group.add_argument('--gcp-id', dest='gcp_id', action='store', help='GCP Id')
gcp_group.add_argument('--service-account-key', dest='service_account_key', action='store',
help='Service Account Key (JSON format)')
gcp_group.add_argument('--google-admin-email', dest='google_admin_email', action='store',
help='Google Workspace Administrator Email Address')
gcp_group.add_argument('--gcp-region', dest='region_names', action='append', help='GCP Region Names')

class PamConfigurationEditMixin(RecordEditMixin):
pam_record_types = None
Expand Down Expand Up @@ -1850,6 +1857,20 @@ def parse_properties(self, params, record, **kwargs): # type: (KeeperParams, va
if region_names:
regions = '\n'.join(region_names)
extra_properties.append(f'multiline.regionNames={regions}')
elif record.record_type == 'pamGcpConfiguration':
gcp_id = kwargs.get('gcp_id')
if gcp_id:
extra_properties.append(f'text.pamGcpId={gcp_id}')
service_account_key = kwargs.get('service_account_key')
if service_account_key:
extra_properties.append(f'json.pamServiceAccountKey={service_account_key}')
google_admin_email = kwargs.get('google_admin_email')
if google_admin_email:
extra_properties.append(f'email.pamGoogleAdminEmail={google_admin_email}')
gcp_region = kwargs.get('region_names')
if gcp_region:
regions = '\n'.join(gcp_region)
extra_properties.append(f'multiline.pamGcpRegionName={regions}')
elif record.record_type == 'pamAzureConfiguration':
azure_id = kwargs.get('azure_id')
if azure_id:
Expand Down Expand Up @@ -1980,13 +2001,15 @@ def execute(self, params, **kwargs):
record_type = 'pamAzureConfiguration'
elif config_type == 'local':
record_type = 'pamNetworkConfiguration'
elif config_type == 'gcp':
record_type = 'pamGcpConfiguration'
elif config_type == 'domain':
record_type = 'pamDomainConfiguration'
elif config_type == 'oci':
record_type = 'pamOciConfiguration'
else:
raise CommandError('pam-config-new', f'--environment {config_type} is not supported'
' - supported options: local, aws, azure, domain, oci')
' - supported options: local, aws, azure, gcp, domain, oci')

title = kwargs.get('title')
if not title:
Expand Down Expand Up @@ -2126,6 +2149,8 @@ def execute(self, params, **kwargs):
record_type = 'pamAzureConfiguration'
elif config_type == 'local':
record_type = 'pamNetworkConfiguration'
elif config_type == 'gcp':
record_type = 'pamGcpConfiguration'
elif config_type == 'domain':
record_type = 'pamDomainConfiguration'
elif config_type == 'oci':
Expand Down
1 change: 1 addition & 0 deletions keepercommander/record_types.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
FieldType('text', '', 'plain text'),
FieldType('url', '', 'url string, can be clicked'),
FieldType('multiline', '', 'multiline text'),
FieldType('json', '', 'json text; only validated data persisted'),
FieldType('fileRef', '', 'reference to the file field on another record'),
FieldType('email', '', 'valid email address plus tag'),
FieldType('secret', '', 'the field value is masked'),
Expand Down
9 changes: 9 additions & 0 deletions keepercommander/recordv3.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -486,6 +486,10 @@ def is_valid_record_type_definition(record_type_definition_json: str) -> dict:
'$id': 'multiline',
'type': 'multiline'
},
'json': {
'$id': 'json',
'type': 'json'
},
'passkey': {
'$id': 'passkey',
'type': 'passkey'
Expand Down Expand Up @@ -514,6 +518,11 @@ def is_valid_record_type_definition(record_type_definition_json: str) -> dict:
'value_description': 'multiline text',
'value': '' # string
},
'json': {
'type': 'json',
'value_description': 'json text, only validated data persisted',
'value': '' # string
},
# 2021-05-06 Unused file type - removed for compatibility with web vault
# 'file': {
# 'type': 'file',
Expand Down