For some reason I can't seem to be able to update keys in the us-central1 region. My IAM have both the update and list roles and I use this code:
import google.cloud.kms as kms
self.client = kms.KeyManagementServiceClient()
name = 'client-1'
key_path = self.client.crypto_key_path(config.PROJECT, config.KMS_LOCATION, config.KMS_RING, name)
update_mask = {'paths': ['rotation_period', 'next_rotation_time']}
self.client.update_crypto_key({
'name': key_path,
'rotation_period': {'seconds': 0},
'next_rotation_time': {'seconds': 0}
}, update_mask)
It gives me the following error:
google.api_core.exceptions.NotFound: 404 The request concerns location 'us-central1' but was sent to location 'global'. Either Cloud KMS is not available in 'us-central1' or the request was misrouted.
Weirdly enough the list and get works correctly. Also I have seen a solution where they change the transport argument of the client but I can't seem to find the right address.
Thanks in advance !