add gcp and azure kms (#710)

* add gcp and azure kms

* fix external link formatting

* specify azure for azure kms data key creation

* gcp to azure

* Update source/includes/steps-fle-convert-to-a-remote-master-key-gcp.yaml

Co-authored-by: Chris Cho <[email protected]>

* pr feedback fixes

Co-authored-by: Nathan Leniz <[email protected]>
Co-authored-by: Chris Cho <[email protected]>

Author: terakilobyte

source/includes/steps-fle-convert-to-a-remote-master-key-aws.yaml

@@ -97,10 +97,11 @@ content: |
 
            kmsProviders = {
              aws: {
-               accessKeyId: '<IAM User Access Key ID>',
-               secretAccessKey: '<IAM User Secret Access Key>',
-             }
+               accessKeyId: "<IAM User Access Key ID>",
+               secretAccessKey: "<IAM User Secret Access Key>",
+             },
            }
+
      .. tab::
         :tabid: python
 
@@ -231,17 +232,17 @@ content: |
 
            const encryption = new ClientEncryption(client, {
                keyVaultNamespace,
-               kmsProviders
+               kmsProviders,
            });
-           const key = await encryption.createDataKey('aws', {
+           const key = await encryption.createDataKey("aws", {
               masterKey: {
-                key: '<Master Key ARN>', // e.g. 'arn:aws:kms:us-east-2:111122223333:alias/test-key'
-                region: '<Master Key AWS Region>' // e.g. 'us-east-2'
-              }
+                key: "<Master Key ARN>", // e.g. "arn:aws:kms:us-east-2:111122223333:alias/test-key"
+                region: "<Master Key AWS Region>", // e.g. "us-east-2"
+              },
            });
 
-           const base64DataKeyId = key.toString('base64');
-           console.log('DataKeyId [base64]: ', base64DataKeyId);
+           const base64DataKeyId = key.toString("base64");
+           console.log("DataKeyId [base64]: ", base64DataKeyId);
 
      .. tab::
         :tabid: python

source/includes/steps-fle-convert-to-a-remote-master-key-azure.yaml

@@ -115,9 +115,20 @@ content: |
         .. tab::
            :tabid: nodejs
 
+           .. code-block:: javascript
+
+              kmsProviders = {
+                azure: {
+                  tenantId: "<Azure account organization>",
+                  clientId: "<Azure client ID>",
+                  clientSecret: "<Azure client secret>",
+                },
+              }
+
            .. note::
 
-              The Node.js driver does not currently support Azure KMS.
+              To use the Azure Key Vault, you must use ``mongodb-client-encryption`` version
+              `1.1.1 <https://www.npmjs.com/package/mongodb-client-encryption/v/1.1.1-beta.0>`__  or later.
 
         .. tab::
            :tabid: python
@@ -256,9 +267,22 @@ content: |
         .. tab::
            :tabid: nodejs
 
-           .. note::
+           .. code-block:: javascript
+
+              const encryption = new ClientEncryption(client, {
+                  keyVaultNamespace,
+                  kmsProviders,
+              });
+              const key = await encryption.createDataKey("azure", {
+                 masterKey: {
+                   keyName: "<Azure key name>",
+                   keyVaultEndpoint: "<Azure key vault endpoint>",
+                 },
+              });
+
+              const base64DataKeyId = key.toString("base64");
+              console.log("DataKeyId [base64]: ", base64DataKeyId);
 
-              The Node.js driver does not currently support Azure KMS.
 
         .. tab::
            :tabid: python

source/includes/steps-fle-convert-to-a-remote-master-key-gcp.yaml

@@ -116,9 +116,20 @@ content: |
         .. tab::
           :tabid: nodejs
 
+          .. code-block:: javascript
+
+             kmsProviders = {
+               gcp: {
+                 email: "<GCP service account email>",
+                 privateKey: "<GCP service account private key>",
+                 endpoint: "<GCP authentication endpoint>",
+               },
+             }
+
           .. note::
 
-             The Node.js driver does not currently support GCP KMS.
+             To use the GCP KMS, you must use ``mongodb-client-encryption`` version
+             `1.1.1 <https://www.npmjs.com/package/mongodb-client-encryption/v/1.1.1-beta.0>`__  or later.
 
        .. tab::
           :tabid: python
@@ -264,9 +275,26 @@ content: |
         .. tab::
            :tabid: nodejs
 
-           .. note::
 
-              The Node.js driver does not currently support GCP KMS.
+           .. code-block:: javascript
+
+              const encryption = new ClientEncryption(client, {
+                  keyVaultNamespace,
+                  kmsProviders,
+              });
+              const key = await encryption.createDataKey("gcp", {
+                 masterKey: {
+                   projectId: "<GCP project identifier>",
+                   location: "<GCP region>",
+                   keyRing: "<GCP key ring name>",
+                   keyName: "<GCP key name>",
+                   keyVersion: "<GCP key version>",
+                   endpoint: "<GCP KMS API endpoint>",
+                 },
+              });
+
+              const base64DataKeyId = key.toString("base64");
+              console.log("DataKeyId [base64]: ", base64DataKeyId);
 
         .. tab::
            :tabid: python