@@ -139,21 +139,39 @@ public String getKeyVaultNamespace() {
139139 * Gets the map of KMS provider properties.
140140 *
141141 * <p>
142- * Multiple KMS providers may be specified. Initially, two KMS providers are supported: "aws" and "local". The kmsProviders map
143- * values differ by provider:
142+ * Multiple KMS providers may be specified. The following KMS providers are supported: "aws", "azure", "gcp" and "local". The
143+ * kmsProviders map values differ by provider:
144144 * </p>
145145 * <p>
146146 * For "aws", the properties are:
147147 * </p>
148148 * <ul>
149- * <li>accessKeyId: a String containing the AWS access key identifier</li>
150- * <li>secretAccessKey: a String the AWS secret access key</li>
149+ * <li>accessKeyId: a String, the AWS access key identifier</li>
150+ * <li>secretAccessKey: a String, the AWS secret access key</li>
151+ * <li>sessionToken: an optional String, the AWS session token</li>
152+ * </ul>
153+ * <p>
154+ * For "azure", the properties are:
155+ * </p>
156+ * <ul>
157+ * <li>tenantId: a String, the tenant Id</li>
158+ * <li>clientId: a String, the client Id</li>
159+ * <li>clientSecret: a String, the clientSecret</li>
160+ * <li>identityPlatformEndpoint: an optional String, the identity platform endpoint. Defaults to login.microsoftonline.com</li>
161+ * </ul>
162+ * <p>
163+ * For "gcp", the properties are:
164+ * </p>
165+ * <ul>
166+ * <li>email: a String, the email address</li>
167+ * <li>privateKey: a byte[] or base 64 encoded String, the private key</li>
168+ * <li>endpoint: an optional String, the endpoint. Defaults to oauth2.googleapis.com</li>
151169 * </ul>
152170 * <p>
153171 * For "local", the properties are:
154172 * </p>
155173 * <ul>
156- * <li>key: < byte array of length 96> </li>
174+ * <li>key: byte[] of length 96, the local key </li>
157175 * </ul>
158176 *
159177 * @return map of KMS provider properties
0 commit comments