add docs

prashantmital · prashantmital · commit 7f9b9106c5b7 · 2020-10-22T10:35:19.000-07:00
diff --git a/pymongo/encryption.py b/pymongo/encryption.py
@@ -358,6 +358,17 @@ def __init__(self, kms_providers, key_vault_namespace, key_vault_client,
               - `aws`: Map with "accessKeyId" and "secretAccessKey" as strings.
                 These are the AWS access key ID and AWS secret access key used
                 to generate KMS messages.
+              - `azure`: Map with "tenantId", "clientId", and "clientSecret" as
+                strings. Additionally, "identityPlatformEndpoint" may also be
+                specified as a string (defaults to 'login.microsoftonline.com').
+                These are the Azure Active Directory credentials used to
+                generate Azure Key Vault messages.
+              - `gcp`: Map with "email" as a string and "privateKey" as a
+                base64 encoded string or `bytes`. Python 2 users must specify
+                "privateKey" as a base64 encoded string. Additionally,
+                "endpoint" may also be specified as a string (defaults to
+                'oauth2.googleapis.com'). These are the credentials used to
+                generate Google Cloud KMS messages.
               - `local`: Map with "key" as a 96-byte array or string. "key"
                 is the master key used to encrypt/decrypt data keys. This key
                 should be generated and stored as securely as possible.
diff --git a/pymongo/encryption_options.py b/pymongo/encryption_options.py
@@ -59,6 +59,17 @@ def __init__(self, kms_providers, key_vault_namespace,
               - `aws`: Map with "accessKeyId" and "secretAccessKey" as strings.
                 These are the AWS access key ID and AWS secret access key used
                 to generate KMS messages.
+              - `azure`: Map with "tenantId", "clientId", and "clientSecret" as
+                strings. Additionally, "identityPlatformEndpoint" may also be
+                specified as a string (defaults to 'login.microsoftonline.com').
+                These are the Azure Active Directory credentials used to
+                generate Azure Key Vault messages.
+              - `gcp`: Map with "email" as a string and "privateKey" as a
+                base64 encoded string or `bytes`. Python 2 users must specify
+                "privateKey" as a base64 encoded string. Additionally,
+                "endpoint" may also be specified as a string (defaults to
+                'oauth2.googleapis.com'). These are the credentials used to
+                generate Google Cloud KMS messages.
               - `local`: Map with "key" as a 96-byte array or string. "key"
                 is the master key used to encrypt/decrypt data keys. This key
                 should be generated and stored as securely as possible.
