Skip to content
Snippets Groups Projects
Commit 8154d890 authored by Riabokon Stanislav(EPAM)[GCP]'s avatar Riabokon Stanislav(EPAM)[GCP]
Browse files

Update README.md

parent 31199116
No related branches found
No related tags found
2 merge requests!82Revert "Merge branch 'Add-pages-publishing' into 'master'",!72Update README.md
Pipeline #48245 failed
Stage: .pre
Stage: review
Pipeline: Partition

#48247

    Hide whitespace changes
    Inline Side-by-side
    provider/partition-gcp/README.md
    + 8
    5
    View file @ 8154d890
    ......@@ -24,6 +24,9 @@ In order to run the service locally or remotely, you will need to have the follo
    | `GOOGLE_AUDIENCES` | ex `*****.apps.googleusercontent.com` | Client ID for getting access to cloud resources | yes | https://console.cloud.google.com/apis/credentials |
    | `PARTITION_ADMIN_ACCOUNT` | ex `admin@domen.iam.gserviceaccount.com` | Partition Admin account email | no | - |
    | `GOOGLE_APPLICATION_CREDENTIALS` | ex `/path/to/directory/service-key.json` | Service account credentials, you only need this if running locally | yes | https://console.cloud.google.com/iam-admin/serviceaccounts |
    | `KEY_RING` | ex `csqp` | A key ring holds keys in a specific Google Cloud location and permit us to manage access control on groups of keys | yes | https://cloud.google.com/kms/docs/resource-hierarchy#key_rings |
    | `KMS_KEY` | ex `partitionService` | A key exists on one key ring linked to a specific location. | yes | https://cloud.google.com/kms/docs/resource-hierarchy#key_rings |
    ### Run Locally
    Check that maven is installed:
    ......@@ -140,23 +143,23 @@ Partition Service is compatible with App Engine Flexible Environment and Cloud R
    #### Cloud KMS Setup
    Enable cloud KMS on master project
    Enable cloud KMS on master project.
    Create king ring and key in the ***master project***
    ```bash
    gcloud services enable cloudkms.googleapis.com
    export KEYRING_NAME="csqp"
    export CRYPTOKEY_NAME="searchService"
    export CRYPTOKEY_NAME="partionService"
    gcloud kms keyrings create $KEYRING_NAME --location global
    gcloud kms keys create $CRYPTOKEY_NAME --location global \
    --keyring $KEYRING_NAME \
    --purpose encryption
    ```
    Add **Cloud KMS CryptoKey Encrypter/Decrypter** role to the **App Engine default service account** of the master project through IAM - Role tab
    Add **Cloud KMS CryptoKey Encrypter/Decrypter** role to the used **service account** by Partition Service of the ***master project*** through IAM - Role tab.
    Add "Cloud KMS Encrypt/Decrypt" role to the "App Engine default service account" of ***master project***
    Add "Cloud KMS Encrypt/Decrypt" role to the used **service account** by Partition Service of the ***master project*** through IAM - Role tab.
    ## Licence
    Copyright © Google LLC
    ......@@ -172,4 +175,4 @@ Unless required by applicable law or agreed to in writing, software
    distributed under the License is distributed on an "AS IS" BASIS,
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
    limitations under the License.
    \ No newline at end of file
    limitations under the License.
    0% or .
    You are about to add 0 people to the discussion. Proceed with caution.
    Finish editing this message first!
    Please register or to comment