google-apis-cloudkms_v1 0.10.0 → 0.14.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +16 -0
- data/OVERVIEW.md +2 -2
- data/lib/google/apis/cloudkms_v1/classes.rb +432 -63
- data/lib/google/apis/cloudkms_v1/gem_version.rb +2 -2
- data/lib/google/apis/cloudkms_v1/representations.rb +100 -0
- data/lib/google/apis/cloudkms_v1/service.rb +146 -30
- data/lib/google/apis/cloudkms_v1.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f69e3a0fc65e6928568379ac341d0392a2db920eb9d3878df4e49b19d56473a2
|
4
|
+
data.tar.gz: b427fae2fbeaecc703fa7ab19533a49ed97e314c3e80c5811a48020804ef11c0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 0c15dfd2b13f2506ab903e271565da0dd765f6b53e945a8c79d4418e42621b417f44b030fdb6e228cd61c8034b9fa951880ea7bb8920cc61eff940cc7f373c0e
|
7
|
+
data.tar.gz: 34b73b9f2de6316714dcc73fa903384a9c868f9f81ddbfc19831ed2ac7001401025beb4e6380ccd18d8c7e01573f067a21be4b2dae8ddee91c38198dd71bf705
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,21 @@
|
|
1
1
|
# Release history for google-apis-cloudkms_v1
|
2
2
|
|
3
|
+
### v0.14.0 (2021-11-13)
|
4
|
+
|
5
|
+
* Regenerated from discovery document revision 20211105
|
6
|
+
|
7
|
+
### v0.13.0 (2021-10-26)
|
8
|
+
|
9
|
+
* Regenerated from discovery document revision 20211018
|
10
|
+
|
11
|
+
### v0.12.0 (2021-09-01)
|
12
|
+
|
13
|
+
* Regenerated from discovery document revision 20210820
|
14
|
+
|
15
|
+
### v0.11.0 (2021-07-31)
|
16
|
+
|
17
|
+
* Regenerated from discovery document revision 20210723
|
18
|
+
|
3
19
|
### v0.10.0 (2021-07-14)
|
4
20
|
|
5
21
|
* Regenerated from discovery document revision 20210702
|
data/OVERVIEW.md
CHANGED
@@ -60,8 +60,8 @@ See the class reference docs for information on the methods you can call from a
|
|
60
60
|
|
61
61
|
More detailed descriptions of the Google simple REST clients are available in two documents.
|
62
62
|
|
63
|
-
* The [Usage Guide](https://github.com/googleapis/google-api-ruby-client/blob/
|
64
|
-
* The [Auth Guide](https://github.com/googleapis/google-api-ruby-client/blob/
|
63
|
+
* The [Usage Guide](https://github.com/googleapis/google-api-ruby-client/blob/main/docs/usage-guide.md) discusses how to make API calls, how to use the provided data structures, and how to work the various features of the client library, including media upload and download, error handling, retries, pagination, and logging.
|
64
|
+
* The [Auth Guide](https://github.com/googleapis/google-api-ruby-client/blob/main/docs/auth-guide.md) discusses authentication in the client libraries, including API keys, OAuth 2.0, service accounts, and environment variables.
|
65
65
|
|
66
66
|
(Note: the above documents are written for the simple REST clients in general, and their examples may not reflect the Cloudkms service in particular.)
|
67
67
|
|
@@ -119,6 +119,29 @@ module Google
|
|
119
119
|
class AsymmetricSignRequest
|
120
120
|
include Google::Apis::Core::Hashable
|
121
121
|
|
122
|
+
# Optional. This field will only be honored for RAW_PKCS1 keys. The data to sign.
|
123
|
+
# A digest is computed over the data that will be signed, PKCS #1 padding is
|
124
|
+
# applied to the digest directly and then encrypted.
|
125
|
+
# Corresponds to the JSON property `data`
|
126
|
+
# NOTE: Values are automatically base64 encoded/decoded in the client library.
|
127
|
+
# @return [String]
|
128
|
+
attr_accessor :data
|
129
|
+
|
130
|
+
# Optional. An optional CRC32C checksum of the AsymmetricSignRequest.data. If
|
131
|
+
# specified, KeyManagementService will verify the integrity of the received
|
132
|
+
# AsymmetricSignRequest.data using this checksum. KeyManagementService will
|
133
|
+
# report an error if the checksum verification fails. If you receive a checksum
|
134
|
+
# error, your client should verify that CRC32C(AsymmetricSignRequest.data) is
|
135
|
+
# equal to AsymmetricSignRequest.data_crc32c, and if so, perform a limited
|
136
|
+
# number of retries. A persistent mismatch may indicate an issue in your
|
137
|
+
# computation of the CRC32C checksum. Note: This field is defined as int64 for
|
138
|
+
# reasons of compatibility across different languages. However, it is a non-
|
139
|
+
# negative integer, which will never exceed 2^32-1, and can be safely
|
140
|
+
# downconverted to uint32 in languages that support this type.
|
141
|
+
# Corresponds to the JSON property `dataCrc32c`
|
142
|
+
# @return [Fixnum]
|
143
|
+
attr_accessor :data_crc32c
|
144
|
+
|
122
145
|
# A Digest holds a cryptographic message digest.
|
123
146
|
# Corresponds to the JSON property `digest`
|
124
147
|
# @return [Google::Apis::CloudkmsV1::Digest]
|
@@ -145,6 +168,8 @@ module Google
|
|
145
168
|
|
146
169
|
# Update properties of this object
|
147
170
|
def update!(**args)
|
171
|
+
@data = args[:data] if args.key?(:data)
|
172
|
+
@data_crc32c = args[:data_crc32c] if args.key?(:data_crc32c)
|
148
173
|
@digest = args[:digest] if args.key?(:digest)
|
149
174
|
@digest_crc32c = args[:digest_crc32c] if args.key?(:digest_crc32c)
|
150
175
|
end
|
@@ -185,6 +210,18 @@ module Google
|
|
185
210
|
# @return [Fixnum]
|
186
211
|
attr_accessor :signature_crc32c
|
187
212
|
|
213
|
+
# Integrity verification field. A flag indicating whether AsymmetricSignRequest.
|
214
|
+
# data_crc32c was received by KeyManagementService and used for the integrity
|
215
|
+
# verification of the data. A false value of this field indicates either that
|
216
|
+
# AsymmetricSignRequest.data_crc32c was left unset or that it was not delivered
|
217
|
+
# to KeyManagementService. If you've set AsymmetricSignRequest.data_crc32c but
|
218
|
+
# this field is still false, discard the response and perform a limited number
|
219
|
+
# of retries.
|
220
|
+
# Corresponds to the JSON property `verifiedDataCrc32c`
|
221
|
+
# @return [Boolean]
|
222
|
+
attr_accessor :verified_data_crc32c
|
223
|
+
alias_method :verified_data_crc32c?, :verified_data_crc32c
|
224
|
+
|
188
225
|
# Integrity verification field. A flag indicating whether AsymmetricSignRequest.
|
189
226
|
# digest_crc32c was received by KeyManagementService and used for the integrity
|
190
227
|
# verification of the digest. A false value of this field indicates either that
|
@@ -207,6 +244,7 @@ module Google
|
|
207
244
|
@protection_level = args[:protection_level] if args.key?(:protection_level)
|
208
245
|
@signature = args[:signature] if args.key?(:signature)
|
209
246
|
@signature_crc32c = args[:signature_crc32c] if args.key?(:signature_crc32c)
|
247
|
+
@verified_data_crc32c = args[:verified_data_crc32c] if args.key?(:verified_data_crc32c)
|
210
248
|
@verified_digest_crc32c = args[:verified_digest_crc32c] if args.key?(:verified_digest_crc32c)
|
211
249
|
end
|
212
250
|
end
|
@@ -282,7 +320,7 @@ module Google
|
|
282
320
|
end
|
283
321
|
end
|
284
322
|
|
285
|
-
# Associates `members
|
323
|
+
# Associates `members`, or principals, with a `role`.
|
286
324
|
class Binding
|
287
325
|
include Google::Apis::Core::Hashable
|
288
326
|
|
@@ -305,7 +343,7 @@ module Google
|
|
305
343
|
# @return [Google::Apis::CloudkmsV1::Expr]
|
306
344
|
attr_accessor :condition
|
307
345
|
|
308
|
-
# Specifies the
|
346
|
+
# Specifies the principals requesting access for a Cloud Platform resource. `
|
309
347
|
# members` can have the following values: * `allUsers`: A special identifier
|
310
348
|
# that represents anyone who is on the internet; with or without a Google
|
311
349
|
# account. * `allAuthenticatedUsers`: A special identifier that represents
|
@@ -335,8 +373,8 @@ module Google
|
|
335
373
|
# @return [Array<String>]
|
336
374
|
attr_accessor :members
|
337
375
|
|
338
|
-
# Role that is assigned to `members
|
339
|
-
#
|
376
|
+
# Role that is assigned to the list of `members`, or principals. For example, `
|
377
|
+
# roles/viewer`, `roles/editor`, or `roles/owner`.
|
340
378
|
# Corresponds to the JSON property `role`
|
341
379
|
# @return [String]
|
342
380
|
attr_accessor :role
|
@@ -397,6 +435,19 @@ module Google
|
|
397
435
|
# @return [String]
|
398
436
|
attr_accessor :create_time
|
399
437
|
|
438
|
+
# Immutable. The period of time that versions of this key spend in the
|
439
|
+
# DESTROY_SCHEDULED state before transitioning to DESTROYED. If not specified at
|
440
|
+
# creation time, the default duration is 24 hours.
|
441
|
+
# Corresponds to the JSON property `destroyScheduledDuration`
|
442
|
+
# @return [String]
|
443
|
+
attr_accessor :destroy_scheduled_duration
|
444
|
+
|
445
|
+
# Immutable. Whether this key may contain imported versions only.
|
446
|
+
# Corresponds to the JSON property `importOnly`
|
447
|
+
# @return [Boolean]
|
448
|
+
attr_accessor :import_only
|
449
|
+
alias_method :import_only?, :import_only
|
450
|
+
|
400
451
|
# Labels with user-defined metadata. For more information, see [Labeling Keys](
|
401
452
|
# https://cloud.google.com/kms/docs/labeling-keys).
|
402
453
|
# Corresponds to the JSON property `labels`
|
@@ -457,6 +508,8 @@ module Google
|
|
457
508
|
# Update properties of this object
|
458
509
|
def update!(**args)
|
459
510
|
@create_time = args[:create_time] if args.key?(:create_time)
|
511
|
+
@destroy_scheduled_duration = args[:destroy_scheduled_duration] if args.key?(:destroy_scheduled_duration)
|
512
|
+
@import_only = args[:import_only] if args.key?(:import_only)
|
460
513
|
@labels = args[:labels] if args.key?(:labels)
|
461
514
|
@name = args[:name] if args.key?(:name)
|
462
515
|
@next_rotation_time = args[:next_rotation_time] if args.key?(:next_rotation_time)
|
@@ -517,20 +570,20 @@ module Google
|
|
517
570
|
# @return [String]
|
518
571
|
attr_accessor :generate_time
|
519
572
|
|
520
|
-
# Output only. The root cause of
|
521
|
-
# IMPORT_FAILED.
|
573
|
+
# Output only. The root cause of the most recent import failure. Only present if
|
574
|
+
# state is IMPORT_FAILED.
|
522
575
|
# Corresponds to the JSON property `importFailureReason`
|
523
576
|
# @return [String]
|
524
577
|
attr_accessor :import_failure_reason
|
525
578
|
|
526
|
-
# Output only. The name of the ImportJob used
|
527
|
-
# Only present if the underlying key material was imported.
|
579
|
+
# Output only. The name of the ImportJob used in the most recent import of this
|
580
|
+
# CryptoKeyVersion. Only present if the underlying key material was imported.
|
528
581
|
# Corresponds to the JSON property `importJob`
|
529
582
|
# @return [String]
|
530
583
|
attr_accessor :import_job
|
531
584
|
|
532
|
-
# Output only. The time at which this CryptoKeyVersion's key material was
|
533
|
-
# imported.
|
585
|
+
# Output only. The time at which this CryptoKeyVersion's key material was most
|
586
|
+
# recently imported.
|
534
587
|
# Corresponds to the JSON property `importTime`
|
535
588
|
# @return [String]
|
536
589
|
attr_accessor :import_time
|
@@ -547,6 +600,14 @@ module Google
|
|
547
600
|
# @return [String]
|
548
601
|
attr_accessor :protection_level
|
549
602
|
|
603
|
+
# Output only. Whether or not this key version is eligible for reimport, by
|
604
|
+
# being specified as a target in ImportCryptoKeyVersionRequest.
|
605
|
+
# crypto_key_version.
|
606
|
+
# Corresponds to the JSON property `reimportEligible`
|
607
|
+
# @return [Boolean]
|
608
|
+
attr_accessor :reimport_eligible
|
609
|
+
alias_method :reimport_eligible?, :reimport_eligible
|
610
|
+
|
550
611
|
# The current state of the CryptoKeyVersion.
|
551
612
|
# Corresponds to the JSON property `state`
|
552
613
|
# @return [String]
|
@@ -570,6 +631,7 @@ module Google
|
|
570
631
|
@import_time = args[:import_time] if args.key?(:import_time)
|
571
632
|
@name = args[:name] if args.key?(:name)
|
572
633
|
@protection_level = args[:protection_level] if args.key?(:protection_level)
|
634
|
+
@reimport_eligible = args[:reimport_eligible] if args.key?(:reimport_eligible)
|
573
635
|
@state = args[:state] if args.key?(:state)
|
574
636
|
end
|
575
637
|
end
|
@@ -979,6 +1041,68 @@ module Google
|
|
979
1041
|
end
|
980
1042
|
end
|
981
1043
|
|
1044
|
+
# Request message for KeyManagementService.GenerateRandomBytes.
|
1045
|
+
class GenerateRandomBytesRequest
|
1046
|
+
include Google::Apis::Core::Hashable
|
1047
|
+
|
1048
|
+
# The length in bytes of the amount of randomness to retrieve. Minimum 8 bytes,
|
1049
|
+
# maximum 1024 bytes.
|
1050
|
+
# Corresponds to the JSON property `lengthBytes`
|
1051
|
+
# @return [Fixnum]
|
1052
|
+
attr_accessor :length_bytes
|
1053
|
+
|
1054
|
+
# The ProtectionLevel to use when generating the random data. Defaults to
|
1055
|
+
# SOFTWARE.
|
1056
|
+
# Corresponds to the JSON property `protectionLevel`
|
1057
|
+
# @return [String]
|
1058
|
+
attr_accessor :protection_level
|
1059
|
+
|
1060
|
+
def initialize(**args)
|
1061
|
+
update!(**args)
|
1062
|
+
end
|
1063
|
+
|
1064
|
+
# Update properties of this object
|
1065
|
+
def update!(**args)
|
1066
|
+
@length_bytes = args[:length_bytes] if args.key?(:length_bytes)
|
1067
|
+
@protection_level = args[:protection_level] if args.key?(:protection_level)
|
1068
|
+
end
|
1069
|
+
end
|
1070
|
+
|
1071
|
+
# Response message for KeyManagementService.GenerateRandomBytes.
|
1072
|
+
class GenerateRandomBytesResponse
|
1073
|
+
include Google::Apis::Core::Hashable
|
1074
|
+
|
1075
|
+
# The generated data.
|
1076
|
+
# Corresponds to the JSON property `data`
|
1077
|
+
# NOTE: Values are automatically base64 encoded/decoded in the client library.
|
1078
|
+
# @return [String]
|
1079
|
+
attr_accessor :data
|
1080
|
+
|
1081
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
1082
|
+
# GenerateRandomBytesResponse.data. An integrity check of
|
1083
|
+
# GenerateRandomBytesResponse.data can be performed by computing the CRC32C
|
1084
|
+
# checksum of GenerateRandomBytesResponse.data and comparing your results to
|
1085
|
+
# this field. Discard the response in case of non-matching checksum values, and
|
1086
|
+
# perform a limited number of retries. A persistent mismatch may indicate an
|
1087
|
+
# issue in your computation of the CRC32C checksum. Note: This field is defined
|
1088
|
+
# as int64 for reasons of compatibility across different languages. However, it
|
1089
|
+
# is a non-negative integer, which will never exceed 2^32-1, and can be safely
|
1090
|
+
# downconverted to uint32 in languages that support this type.
|
1091
|
+
# Corresponds to the JSON property `dataCrc32c`
|
1092
|
+
# @return [Fixnum]
|
1093
|
+
attr_accessor :data_crc32c
|
1094
|
+
|
1095
|
+
def initialize(**args)
|
1096
|
+
update!(**args)
|
1097
|
+
end
|
1098
|
+
|
1099
|
+
# Update properties of this object
|
1100
|
+
def update!(**args)
|
1101
|
+
@data = args[:data] if args.key?(:data)
|
1102
|
+
@data_crc32c = args[:data_crc32c] if args.key?(:data_crc32c)
|
1103
|
+
end
|
1104
|
+
end
|
1105
|
+
|
982
1106
|
# Request message for KeyManagementService.ImportCryptoKeyVersion.
|
983
1107
|
class ImportCryptoKeyVersionRequest
|
984
1108
|
include Google::Apis::Core::Hashable
|
@@ -989,6 +1113,19 @@ module Google
|
|
989
1113
|
# @return [String]
|
990
1114
|
attr_accessor :algorithm
|
991
1115
|
|
1116
|
+
# Optional. The optional name of an existing CryptoKeyVersion to target for an
|
1117
|
+
# import operation. If this field is not present, a new CryptoKeyVersion
|
1118
|
+
# containing the supplied key material is created. If this field is present, the
|
1119
|
+
# supplied key material is imported into the existing CryptoKeyVersion. To
|
1120
|
+
# import into an existing CryptoKeyVersion, the CryptoKeyVersion must be a child
|
1121
|
+
# of ImportCryptoKeyVersionRequest.parent, have been previously created via
|
1122
|
+
# ImportCryptoKeyVersion, and be in DESTROYED or IMPORT_FAILED state. The key
|
1123
|
+
# material and algorithm must match the previous CryptoKeyVersion exactly if the
|
1124
|
+
# CryptoKeyVersion has ever contained key material.
|
1125
|
+
# Corresponds to the JSON property `cryptoKeyVersion`
|
1126
|
+
# @return [String]
|
1127
|
+
attr_accessor :crypto_key_version
|
1128
|
+
|
992
1129
|
# Required. The name of the ImportJob that was used to wrap this key material.
|
993
1130
|
# Corresponds to the JSON property `importJob`
|
994
1131
|
# @return [String]
|
@@ -1016,6 +1153,7 @@ module Google
|
|
1016
1153
|
# Update properties of this object
|
1017
1154
|
def update!(**args)
|
1018
1155
|
@algorithm = args[:algorithm] if args.key?(:algorithm)
|
1156
|
+
@crypto_key_version = args[:crypto_key_version] if args.key?(:crypto_key_version)
|
1019
1157
|
@import_job = args[:import_job] if args.key?(:import_job)
|
1020
1158
|
@rsa_aes_wrapped_key = args[:rsa_aes_wrapped_key] if args.key?(:rsa_aes_wrapped_key)
|
1021
1159
|
end
|
@@ -1409,33 +1547,259 @@ module Google
|
|
1409
1547
|
end
|
1410
1548
|
end
|
1411
1549
|
|
1550
|
+
# Request message for KeyManagementService.MacSign.
|
1551
|
+
class MacSignRequest
|
1552
|
+
include Google::Apis::Core::Hashable
|
1553
|
+
|
1554
|
+
# Required. The data to sign. The MAC tag is computed over this data field based
|
1555
|
+
# on the specific algorithm.
|
1556
|
+
# Corresponds to the JSON property `data`
|
1557
|
+
# NOTE: Values are automatically base64 encoded/decoded in the client library.
|
1558
|
+
# @return [String]
|
1559
|
+
attr_accessor :data
|
1560
|
+
|
1561
|
+
# Optional. An optional CRC32C checksum of the MacSignRequest.data. If specified,
|
1562
|
+
# KeyManagementService will verify the integrity of the received MacSignRequest.
|
1563
|
+
# data using this checksum. KeyManagementService will report an error if the
|
1564
|
+
# checksum verification fails. If you receive a checksum error, your client
|
1565
|
+
# should verify that CRC32C(MacSignRequest.data) is equal to MacSignRequest.
|
1566
|
+
# data_crc32c, and if so, perform a limited number of retries. A persistent
|
1567
|
+
# mismatch may indicate an issue in your computation of the CRC32C checksum.
|
1568
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
1569
|
+
# different languages. However, it is a non-negative integer, which will never
|
1570
|
+
# exceed 2^32-1, and can be safely downconverted to uint32 in languages that
|
1571
|
+
# support this type.
|
1572
|
+
# Corresponds to the JSON property `dataCrc32c`
|
1573
|
+
# @return [Fixnum]
|
1574
|
+
attr_accessor :data_crc32c
|
1575
|
+
|
1576
|
+
def initialize(**args)
|
1577
|
+
update!(**args)
|
1578
|
+
end
|
1579
|
+
|
1580
|
+
# Update properties of this object
|
1581
|
+
def update!(**args)
|
1582
|
+
@data = args[:data] if args.key?(:data)
|
1583
|
+
@data_crc32c = args[:data_crc32c] if args.key?(:data_crc32c)
|
1584
|
+
end
|
1585
|
+
end
|
1586
|
+
|
1587
|
+
# Response message for KeyManagementService.MacSign.
|
1588
|
+
class MacSignResponse
|
1589
|
+
include Google::Apis::Core::Hashable
|
1590
|
+
|
1591
|
+
# The created signature.
|
1592
|
+
# Corresponds to the JSON property `mac`
|
1593
|
+
# NOTE: Values are automatically base64 encoded/decoded in the client library.
|
1594
|
+
# @return [String]
|
1595
|
+
attr_accessor :mac
|
1596
|
+
|
1597
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
1598
|
+
# MacSignResponse.mac. An integrity check of MacSignResponse.mac can be
|
1599
|
+
# performed by computing the CRC32C checksum of MacSignResponse.mac and
|
1600
|
+
# comparing your results to this field. Discard the response in case of non-
|
1601
|
+
# matching checksum values, and perform a limited number of retries. A
|
1602
|
+
# persistent mismatch may indicate an issue in your computation of the CRC32C
|
1603
|
+
# checksum. Note: This field is defined as int64 for reasons of compatibility
|
1604
|
+
# across different languages. However, it is a non-negative integer, which will
|
1605
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1606
|
+
# that support this type.
|
1607
|
+
# Corresponds to the JSON property `macCrc32c`
|
1608
|
+
# @return [Fixnum]
|
1609
|
+
attr_accessor :mac_crc32c
|
1610
|
+
|
1611
|
+
# The resource name of the CryptoKeyVersion used for signing. Check this field
|
1612
|
+
# to verify that the intended resource was used for signing.
|
1613
|
+
# Corresponds to the JSON property `name`
|
1614
|
+
# @return [String]
|
1615
|
+
attr_accessor :name
|
1616
|
+
|
1617
|
+
# The ProtectionLevel of the CryptoKeyVersion used for signing.
|
1618
|
+
# Corresponds to the JSON property `protectionLevel`
|
1619
|
+
# @return [String]
|
1620
|
+
attr_accessor :protection_level
|
1621
|
+
|
1622
|
+
# Integrity verification field. A flag indicating whether MacSignRequest.
|
1623
|
+
# data_crc32c was received by KeyManagementService and used for the integrity
|
1624
|
+
# verification of the data. A false value of this field indicates either that
|
1625
|
+
# MacSignRequest.data_crc32c was left unset or that it was not delivered to
|
1626
|
+
# KeyManagementService. If you've set MacSignRequest.data_crc32c but this field
|
1627
|
+
# is still false, discard the response and perform a limited number of retries.
|
1628
|
+
# Corresponds to the JSON property `verifiedDataCrc32c`
|
1629
|
+
# @return [Boolean]
|
1630
|
+
attr_accessor :verified_data_crc32c
|
1631
|
+
alias_method :verified_data_crc32c?, :verified_data_crc32c
|
1632
|
+
|
1633
|
+
def initialize(**args)
|
1634
|
+
update!(**args)
|
1635
|
+
end
|
1636
|
+
|
1637
|
+
# Update properties of this object
|
1638
|
+
def update!(**args)
|
1639
|
+
@mac = args[:mac] if args.key?(:mac)
|
1640
|
+
@mac_crc32c = args[:mac_crc32c] if args.key?(:mac_crc32c)
|
1641
|
+
@name = args[:name] if args.key?(:name)
|
1642
|
+
@protection_level = args[:protection_level] if args.key?(:protection_level)
|
1643
|
+
@verified_data_crc32c = args[:verified_data_crc32c] if args.key?(:verified_data_crc32c)
|
1644
|
+
end
|
1645
|
+
end
|
1646
|
+
|
1647
|
+
# Request message for KeyManagementService.MacVerify.
|
1648
|
+
class MacVerifyRequest
|
1649
|
+
include Google::Apis::Core::Hashable
|
1650
|
+
|
1651
|
+
# Required. The data used previously as a MacSignRequest.data to generate the
|
1652
|
+
# MAC tag.
|
1653
|
+
# Corresponds to the JSON property `data`
|
1654
|
+
# NOTE: Values are automatically base64 encoded/decoded in the client library.
|
1655
|
+
# @return [String]
|
1656
|
+
attr_accessor :data
|
1657
|
+
|
1658
|
+
# Optional. An optional CRC32C checksum of the MacVerifyRequest.data. If
|
1659
|
+
# specified, KeyManagementService will verify the integrity of the received
|
1660
|
+
# MacVerifyRequest.data using this checksum. KeyManagementService will report an
|
1661
|
+
# error if the checksum verification fails. If you receive a checksum error,
|
1662
|
+
# your client should verify that CRC32C(MacVerifyRequest.data) is equal to
|
1663
|
+
# MacVerifyRequest.data_crc32c, and if so, perform a limited number of retries.
|
1664
|
+
# A persistent mismatch may indicate an issue in your computation of the CRC32C
|
1665
|
+
# checksum. Note: This field is defined as int64 for reasons of compatibility
|
1666
|
+
# across different languages. However, it is a non-negative integer, which will
|
1667
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1668
|
+
# that support this type.
|
1669
|
+
# Corresponds to the JSON property `dataCrc32c`
|
1670
|
+
# @return [Fixnum]
|
1671
|
+
attr_accessor :data_crc32c
|
1672
|
+
|
1673
|
+
# Required. The signature to verify.
|
1674
|
+
# Corresponds to the JSON property `mac`
|
1675
|
+
# NOTE: Values are automatically base64 encoded/decoded in the client library.
|
1676
|
+
# @return [String]
|
1677
|
+
attr_accessor :mac
|
1678
|
+
|
1679
|
+
# Optional. An optional CRC32C checksum of the MacVerifyRequest.mac. If
|
1680
|
+
# specified, KeyManagementService will verify the integrity of the received
|
1681
|
+
# MacVerifyRequest.mac using this checksum. KeyManagementService will report an
|
1682
|
+
# error if the checksum verification fails. If you receive a checksum error,
|
1683
|
+
# your client should verify that CRC32C(MacVerifyRequest.tag) is equal to
|
1684
|
+
# MacVerifyRequest.mac_crc32c, and if so, perform a limited number of retries. A
|
1685
|
+
# persistent mismatch may indicate an issue in your computation of the CRC32C
|
1686
|
+
# checksum. Note: This field is defined as int64 for reasons of compatibility
|
1687
|
+
# across different languages. However, it is a non-negative integer, which will
|
1688
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1689
|
+
# that support this type.
|
1690
|
+
# Corresponds to the JSON property `macCrc32c`
|
1691
|
+
# @return [Fixnum]
|
1692
|
+
attr_accessor :mac_crc32c
|
1693
|
+
|
1694
|
+
def initialize(**args)
|
1695
|
+
update!(**args)
|
1696
|
+
end
|
1697
|
+
|
1698
|
+
# Update properties of this object
|
1699
|
+
def update!(**args)
|
1700
|
+
@data = args[:data] if args.key?(:data)
|
1701
|
+
@data_crc32c = args[:data_crc32c] if args.key?(:data_crc32c)
|
1702
|
+
@mac = args[:mac] if args.key?(:mac)
|
1703
|
+
@mac_crc32c = args[:mac_crc32c] if args.key?(:mac_crc32c)
|
1704
|
+
end
|
1705
|
+
end
|
1706
|
+
|
1707
|
+
# Response message for KeyManagementService.MacVerify.
|
1708
|
+
class MacVerifyResponse
|
1709
|
+
include Google::Apis::Core::Hashable
|
1710
|
+
|
1711
|
+
# The resource name of the CryptoKeyVersion used for verification. Check this
|
1712
|
+
# field to verify that the intended resource was used for verification.
|
1713
|
+
# Corresponds to the JSON property `name`
|
1714
|
+
# @return [String]
|
1715
|
+
attr_accessor :name
|
1716
|
+
|
1717
|
+
# The ProtectionLevel of the CryptoKeyVersion used for verification.
|
1718
|
+
# Corresponds to the JSON property `protectionLevel`
|
1719
|
+
# @return [String]
|
1720
|
+
attr_accessor :protection_level
|
1721
|
+
|
1722
|
+
# This field indicates whether or not the verification operation for
|
1723
|
+
# MacVerifyRequest.mac over MacVerifyRequest.data was successful.
|
1724
|
+
# Corresponds to the JSON property `success`
|
1725
|
+
# @return [Boolean]
|
1726
|
+
attr_accessor :success
|
1727
|
+
alias_method :success?, :success
|
1728
|
+
|
1729
|
+
# Integrity verification field. A flag indicating whether MacVerifyRequest.
|
1730
|
+
# data_crc32c was received by KeyManagementService and used for the integrity
|
1731
|
+
# verification of the data. A false value of this field indicates either that
|
1732
|
+
# MacVerifyRequest.data_crc32c was left unset or that it was not delivered to
|
1733
|
+
# KeyManagementService. If you've set MacVerifyRequest.data_crc32c but this
|
1734
|
+
# field is still false, discard the response and perform a limited number of
|
1735
|
+
# retries.
|
1736
|
+
# Corresponds to the JSON property `verifiedDataCrc32c`
|
1737
|
+
# @return [Boolean]
|
1738
|
+
attr_accessor :verified_data_crc32c
|
1739
|
+
alias_method :verified_data_crc32c?, :verified_data_crc32c
|
1740
|
+
|
1741
|
+
# Integrity verification field. A flag indicating whether MacVerifyRequest.
|
1742
|
+
# mac_crc32c was received by KeyManagementService and used for the integrity
|
1743
|
+
# verification of the data. A false value of this field indicates either that
|
1744
|
+
# MacVerifyRequest.mac_crc32c was left unset or that it was not delivered to
|
1745
|
+
# KeyManagementService. If you've set MacVerifyRequest.mac_crc32c but this field
|
1746
|
+
# is still false, discard the response and perform a limited number of retries.
|
1747
|
+
# Corresponds to the JSON property `verifiedMacCrc32c`
|
1748
|
+
# @return [Boolean]
|
1749
|
+
attr_accessor :verified_mac_crc32c
|
1750
|
+
alias_method :verified_mac_crc32c?, :verified_mac_crc32c
|
1751
|
+
|
1752
|
+
# Integrity verification field. This value is used for the integrity
|
1753
|
+
# verification of [MacVerifyResponse.success]. If the value of this field
|
1754
|
+
# contradicts the value of [MacVerifyResponse.success], discard the response and
|
1755
|
+
# perform a limited number of retries.
|
1756
|
+
# Corresponds to the JSON property `verifiedSuccessIntegrity`
|
1757
|
+
# @return [Boolean]
|
1758
|
+
attr_accessor :verified_success_integrity
|
1759
|
+
alias_method :verified_success_integrity?, :verified_success_integrity
|
1760
|
+
|
1761
|
+
def initialize(**args)
|
1762
|
+
update!(**args)
|
1763
|
+
end
|
1764
|
+
|
1765
|
+
# Update properties of this object
|
1766
|
+
def update!(**args)
|
1767
|
+
@name = args[:name] if args.key?(:name)
|
1768
|
+
@protection_level = args[:protection_level] if args.key?(:protection_level)
|
1769
|
+
@success = args[:success] if args.key?(:success)
|
1770
|
+
@verified_data_crc32c = args[:verified_data_crc32c] if args.key?(:verified_data_crc32c)
|
1771
|
+
@verified_mac_crc32c = args[:verified_mac_crc32c] if args.key?(:verified_mac_crc32c)
|
1772
|
+
@verified_success_integrity = args[:verified_success_integrity] if args.key?(:verified_success_integrity)
|
1773
|
+
end
|
1774
|
+
end
|
1775
|
+
|
1412
1776
|
# An Identity and Access Management (IAM) policy, which specifies access
|
1413
1777
|
# controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
|
1414
|
-
# A `binding` binds one or more `members
|
1415
|
-
# user accounts, service accounts, Google groups, and domains (
|
1416
|
-
# A `role` is a named list of permissions; each `role` can be
|
1417
|
-
# role or a user-created custom role. For some types of Google
|
1418
|
-
# a `binding` can also specify a `condition`, which is a
|
1419
|
-
# allows access to a resource only if the expression
|
1420
|
-
# condition can add constraints based on attributes of
|
1421
|
-
# or both. To learn which resources support
|
1422
|
-
# see the [IAM documentation](https://cloud.
|
1423
|
-
# resource-policies). **JSON example:** ` "
|
1424
|
-
# resourcemanager.organizationAdmin", "members": [
|
1425
|
-
# group:admins@example.com", "domain:google.com", "
|
1426
|
-
# appspot.gserviceaccount.com" ] `, ` "role": "
|
1427
|
-
# organizationViewer", "members": [ "user:eve@example.com"
|
1428
|
-
# title": "expirable access", "description": "Does not grant
|
1429
|
-
# 2020", "expression": "request.time < timestamp('2020-10-01T00:
|
1430
|
-
# ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
|
1431
|
-
# members: - user:mike@example.com - group:admins@example.com -
|
1432
|
-
# com - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
1433
|
-
# resourcemanager.organizationAdmin - members: - user:eve@example.
|
1434
|
-
# roles/resourcemanager.organizationViewer condition: title: expirable
|
1435
|
-
# description: Does not grant access after Sep 2020 expression: request.
|
1436
|
-
# timestamp('2020-10-01T00:00:00.000Z')
|
1437
|
-
# description of IAM and its features, see the [IAM documentation](https://
|
1438
|
-
# google.com/iam/docs/).
|
1778
|
+
# A `binding` binds one or more `members`, or principals, to a single `role`.
|
1779
|
+
# Principals can be user accounts, service accounts, Google groups, and domains (
|
1780
|
+
# such as G Suite). A `role` is a named list of permissions; each `role` can be
|
1781
|
+
# an IAM predefined role or a user-created custom role. For some types of Google
|
1782
|
+
# Cloud resources, a `binding` can also specify a `condition`, which is a
|
1783
|
+
# logical expression that allows access to a resource only if the expression
|
1784
|
+
# evaluates to `true`. A condition can add constraints based on attributes of
|
1785
|
+
# the request, the resource, or both. To learn which resources support
|
1786
|
+
# conditions in their IAM policies, see the [IAM documentation](https://cloud.
|
1787
|
+
# google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
|
1788
|
+
# bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
|
1789
|
+
# "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
|
1790
|
+
# serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
|
1791
|
+
# roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
|
1792
|
+
# ], "condition": ` "title": "expirable access", "description": "Does not grant
|
1793
|
+
# access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
|
1794
|
+
# 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
|
1795
|
+
# bindings: - members: - user:mike@example.com - group:admins@example.com -
|
1796
|
+
# domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
1797
|
+
# role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
|
1798
|
+
# com role: roles/resourcemanager.organizationViewer condition: title: expirable
|
1799
|
+
# access description: Does not grant access after Sep 2020 expression: request.
|
1800
|
+
# time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
|
1801
|
+
# a description of IAM and its features, see the [IAM documentation](https://
|
1802
|
+
# cloud.google.com/iam/docs/).
|
1439
1803
|
class Policy
|
1440
1804
|
include Google::Apis::Core::Hashable
|
1441
1805
|
|
@@ -1444,9 +1808,14 @@ module Google
|
|
1444
1808
|
# @return [Array<Google::Apis::CloudkmsV1::AuditConfig>]
|
1445
1809
|
attr_accessor :audit_configs
|
1446
1810
|
|
1447
|
-
# Associates a list of `members
|
1448
|
-
# condition` that determines how and when the `bindings` are applied.
|
1449
|
-
# the `bindings` must contain at least one
|
1811
|
+
# Associates a list of `members`, or principals, with a `role`. Optionally, may
|
1812
|
+
# specify a `condition` that determines how and when the `bindings` are applied.
|
1813
|
+
# Each of the `bindings` must contain at least one principal. The `bindings` in
|
1814
|
+
# a `Policy` can refer to up to 1,500 principals; up to 250 of these principals
|
1815
|
+
# can be Google groups. Each occurrence of a principal counts towards these
|
1816
|
+
# limits. For example, if the `bindings` grant 50 different roles to `user:alice@
|
1817
|
+
# example.com`, and not to any other principal, then you can add another 1,450
|
1818
|
+
# principals to the `bindings` in the `Policy`.
|
1450
1819
|
# Corresponds to the JSON property `bindings`
|
1451
1820
|
# @return [Array<Google::Apis::CloudkmsV1::Binding>]
|
1452
1821
|
attr_accessor :bindings
|
@@ -1574,31 +1943,31 @@ module Google
|
|
1574
1943
|
|
1575
1944
|
# An Identity and Access Management (IAM) policy, which specifies access
|
1576
1945
|
# controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
|
1577
|
-
# A `binding` binds one or more `members
|
1578
|
-
# user accounts, service accounts, Google groups, and domains (
|
1579
|
-
# A `role` is a named list of permissions; each `role` can be
|
1580
|
-
# role or a user-created custom role. For some types of Google
|
1581
|
-
# a `binding` can also specify a `condition`, which is a
|
1582
|
-
# allows access to a resource only if the expression
|
1583
|
-
# condition can add constraints based on attributes of
|
1584
|
-
# or both. To learn which resources support
|
1585
|
-
# see the [IAM documentation](https://cloud.
|
1586
|
-
# resource-policies). **JSON example:** ` "
|
1587
|
-
# resourcemanager.organizationAdmin", "members": [
|
1588
|
-
# group:admins@example.com", "domain:google.com", "
|
1589
|
-
# appspot.gserviceaccount.com" ] `, ` "role": "
|
1590
|
-
# organizationViewer", "members": [ "user:eve@example.com"
|
1591
|
-
# title": "expirable access", "description": "Does not grant
|
1592
|
-
# 2020", "expression": "request.time < timestamp('2020-10-01T00:
|
1593
|
-
# ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
|
1594
|
-
# members: - user:mike@example.com - group:admins@example.com -
|
1595
|
-
# com - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
1596
|
-
# resourcemanager.organizationAdmin - members: - user:eve@example.
|
1597
|
-
# roles/resourcemanager.organizationViewer condition: title: expirable
|
1598
|
-
# description: Does not grant access after Sep 2020 expression: request.
|
1599
|
-
# timestamp('2020-10-01T00:00:00.000Z')
|
1600
|
-
# description of IAM and its features, see the [IAM documentation](https://
|
1601
|
-
# google.com/iam/docs/).
|
1946
|
+
# A `binding` binds one or more `members`, or principals, to a single `role`.
|
1947
|
+
# Principals can be user accounts, service accounts, Google groups, and domains (
|
1948
|
+
# such as G Suite). A `role` is a named list of permissions; each `role` can be
|
1949
|
+
# an IAM predefined role or a user-created custom role. For some types of Google
|
1950
|
+
# Cloud resources, a `binding` can also specify a `condition`, which is a
|
1951
|
+
# logical expression that allows access to a resource only if the expression
|
1952
|
+
# evaluates to `true`. A condition can add constraints based on attributes of
|
1953
|
+
# the request, the resource, or both. To learn which resources support
|
1954
|
+
# conditions in their IAM policies, see the [IAM documentation](https://cloud.
|
1955
|
+
# google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
|
1956
|
+
# bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
|
1957
|
+
# "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
|
1958
|
+
# serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
|
1959
|
+
# roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
|
1960
|
+
# ], "condition": ` "title": "expirable access", "description": "Does not grant
|
1961
|
+
# access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
|
1962
|
+
# 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
|
1963
|
+
# bindings: - members: - user:mike@example.com - group:admins@example.com -
|
1964
|
+
# domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
1965
|
+
# role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
|
1966
|
+
# com role: roles/resourcemanager.organizationViewer condition: title: expirable
|
1967
|
+
# access description: Does not grant access after Sep 2020 expression: request.
|
1968
|
+
# time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
|
1969
|
+
# a description of IAM and its features, see the [IAM documentation](https://
|
1970
|
+
# cloud.google.com/iam/docs/).
|
1602
1971
|
# Corresponds to the JSON property `policy`
|
1603
1972
|
# @return [Google::Apis::CloudkmsV1::Policy]
|
1604
1973
|
attr_accessor :policy
|
@@ -16,13 +16,13 @@ module Google
|
|
16
16
|
module Apis
|
17
17
|
module CloudkmsV1
|
18
18
|
# Version of the google-apis-cloudkms_v1 gem
|
19
|
-
GEM_VERSION = "0.
|
19
|
+
GEM_VERSION = "0.14.0"
|
20
20
|
|
21
21
|
# Version of the code generator used to generate this client
|
22
22
|
GENERATOR_VERSION = "0.4.0"
|
23
23
|
|
24
24
|
# Revision of the discovery document this client was generated from
|
25
|
-
REVISION = "
|
25
|
+
REVISION = "20211105"
|
26
26
|
end
|
27
27
|
end
|
28
28
|
end
|
@@ -136,6 +136,18 @@ module Google
|
|
136
136
|
include Google::Apis::Core::JsonObjectSupport
|
137
137
|
end
|
138
138
|
|
139
|
+
class GenerateRandomBytesRequest
|
140
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
141
|
+
|
142
|
+
include Google::Apis::Core::JsonObjectSupport
|
143
|
+
end
|
144
|
+
|
145
|
+
class GenerateRandomBytesResponse
|
146
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
147
|
+
|
148
|
+
include Google::Apis::Core::JsonObjectSupport
|
149
|
+
end
|
150
|
+
|
139
151
|
class ImportCryptoKeyVersionRequest
|
140
152
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
141
153
|
|
@@ -202,6 +214,30 @@ module Google
|
|
202
214
|
include Google::Apis::Core::JsonObjectSupport
|
203
215
|
end
|
204
216
|
|
217
|
+
class MacSignRequest
|
218
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
219
|
+
|
220
|
+
include Google::Apis::Core::JsonObjectSupport
|
221
|
+
end
|
222
|
+
|
223
|
+
class MacSignResponse
|
224
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
225
|
+
|
226
|
+
include Google::Apis::Core::JsonObjectSupport
|
227
|
+
end
|
228
|
+
|
229
|
+
class MacVerifyRequest
|
230
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
231
|
+
|
232
|
+
include Google::Apis::Core::JsonObjectSupport
|
233
|
+
end
|
234
|
+
|
235
|
+
class MacVerifyResponse
|
236
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
237
|
+
|
238
|
+
include Google::Apis::Core::JsonObjectSupport
|
239
|
+
end
|
240
|
+
|
205
241
|
class Policy
|
206
242
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
207
243
|
|
@@ -271,6 +307,8 @@ module Google
|
|
271
307
|
class AsymmetricSignRequest
|
272
308
|
# @private
|
273
309
|
class Representation < Google::Apis::Core::JsonRepresentation
|
310
|
+
property :data, :base64 => true, as: 'data'
|
311
|
+
property :data_crc32c, :numeric_string => true, as: 'dataCrc32c'
|
274
312
|
property :digest, as: 'digest', class: Google::Apis::CloudkmsV1::Digest, decorator: Google::Apis::CloudkmsV1::Digest::Representation
|
275
313
|
|
276
314
|
property :digest_crc32c, :numeric_string => true, as: 'digestCrc32c'
|
@@ -284,6 +322,7 @@ module Google
|
|
284
322
|
property :protection_level, as: 'protectionLevel'
|
285
323
|
property :signature, :base64 => true, as: 'signature'
|
286
324
|
property :signature_crc32c, :numeric_string => true, as: 'signatureCrc32c'
|
325
|
+
property :verified_data_crc32c, as: 'verifiedDataCrc32c'
|
287
326
|
property :verified_digest_crc32c, as: 'verifiedDigestCrc32c'
|
288
327
|
end
|
289
328
|
end
|
@@ -328,6 +367,8 @@ module Google
|
|
328
367
|
# @private
|
329
368
|
class Representation < Google::Apis::Core::JsonRepresentation
|
330
369
|
property :create_time, as: 'createTime'
|
370
|
+
property :destroy_scheduled_duration, as: 'destroyScheduledDuration'
|
371
|
+
property :import_only, as: 'importOnly'
|
331
372
|
hash :labels, as: 'labels'
|
332
373
|
property :name, as: 'name'
|
333
374
|
property :next_rotation_time, as: 'nextRotationTime'
|
@@ -357,6 +398,7 @@ module Google
|
|
357
398
|
property :import_time, as: 'importTime'
|
358
399
|
property :name, as: 'name'
|
359
400
|
property :protection_level, as: 'protectionLevel'
|
401
|
+
property :reimport_eligible, as: 'reimportEligible'
|
360
402
|
property :state, as: 'state'
|
361
403
|
end
|
362
404
|
end
|
@@ -443,10 +485,27 @@ module Google
|
|
443
485
|
end
|
444
486
|
end
|
445
487
|
|
488
|
+
class GenerateRandomBytesRequest
|
489
|
+
# @private
|
490
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
491
|
+
property :length_bytes, as: 'lengthBytes'
|
492
|
+
property :protection_level, as: 'protectionLevel'
|
493
|
+
end
|
494
|
+
end
|
495
|
+
|
496
|
+
class GenerateRandomBytesResponse
|
497
|
+
# @private
|
498
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
499
|
+
property :data, :base64 => true, as: 'data'
|
500
|
+
property :data_crc32c, :numeric_string => true, as: 'dataCrc32c'
|
501
|
+
end
|
502
|
+
end
|
503
|
+
|
446
504
|
class ImportCryptoKeyVersionRequest
|
447
505
|
# @private
|
448
506
|
class Representation < Google::Apis::Core::JsonRepresentation
|
449
507
|
property :algorithm, as: 'algorithm'
|
508
|
+
property :crypto_key_version, as: 'cryptoKeyVersion'
|
450
509
|
property :import_job, as: 'importJob'
|
451
510
|
property :rsa_aes_wrapped_key, :base64 => true, as: 'rsaAesWrappedKey'
|
452
511
|
end
|
@@ -556,6 +615,47 @@ module Google
|
|
556
615
|
end
|
557
616
|
end
|
558
617
|
|
618
|
+
class MacSignRequest
|
619
|
+
# @private
|
620
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
621
|
+
property :data, :base64 => true, as: 'data'
|
622
|
+
property :data_crc32c, :numeric_string => true, as: 'dataCrc32c'
|
623
|
+
end
|
624
|
+
end
|
625
|
+
|
626
|
+
class MacSignResponse
|
627
|
+
# @private
|
628
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
629
|
+
property :mac, :base64 => true, as: 'mac'
|
630
|
+
property :mac_crc32c, :numeric_string => true, as: 'macCrc32c'
|
631
|
+
property :name, as: 'name'
|
632
|
+
property :protection_level, as: 'protectionLevel'
|
633
|
+
property :verified_data_crc32c, as: 'verifiedDataCrc32c'
|
634
|
+
end
|
635
|
+
end
|
636
|
+
|
637
|
+
class MacVerifyRequest
|
638
|
+
# @private
|
639
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
640
|
+
property :data, :base64 => true, as: 'data'
|
641
|
+
property :data_crc32c, :numeric_string => true, as: 'dataCrc32c'
|
642
|
+
property :mac, :base64 => true, as: 'mac'
|
643
|
+
property :mac_crc32c, :numeric_string => true, as: 'macCrc32c'
|
644
|
+
end
|
645
|
+
end
|
646
|
+
|
647
|
+
class MacVerifyResponse
|
648
|
+
# @private
|
649
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
650
|
+
property :name, as: 'name'
|
651
|
+
property :protection_level, as: 'protectionLevel'
|
652
|
+
property :success, as: 'success'
|
653
|
+
property :verified_data_crc32c, as: 'verifiedDataCrc32c'
|
654
|
+
property :verified_mac_crc32c, as: 'verifiedMacCrc32c'
|
655
|
+
property :verified_success_integrity, as: 'verifiedSuccessIntegrity'
|
656
|
+
end
|
657
|
+
end
|
658
|
+
|
559
659
|
class Policy
|
560
660
|
# @private
|
561
661
|
class Representation < Google::Apis::Core::JsonRepresentation
|
@@ -50,6 +50,41 @@ module Google
|
|
50
50
|
@batch_path = 'batch'
|
51
51
|
end
|
52
52
|
|
53
|
+
# Generate random bytes using the Cloud KMS randomness source in the provided
|
54
|
+
# location.
|
55
|
+
# @param [String] location
|
56
|
+
# The project-specific location in which to generate random bytes. For example, "
|
57
|
+
# projects/my-project/locations/us-central1".
|
58
|
+
# @param [Google::Apis::CloudkmsV1::GenerateRandomBytesRequest] generate_random_bytes_request_object
|
59
|
+
# @param [String] fields
|
60
|
+
# Selector specifying which fields to include in a partial response.
|
61
|
+
# @param [String] quota_user
|
62
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
63
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
64
|
+
# @param [Google::Apis::RequestOptions] options
|
65
|
+
# Request-specific options
|
66
|
+
#
|
67
|
+
# @yield [result, err] Result & error if block supplied
|
68
|
+
# @yieldparam result [Google::Apis::CloudkmsV1::GenerateRandomBytesResponse] parsed result object
|
69
|
+
# @yieldparam err [StandardError] error object if request failed
|
70
|
+
#
|
71
|
+
# @return [Google::Apis::CloudkmsV1::GenerateRandomBytesResponse]
|
72
|
+
#
|
73
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
74
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
75
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
76
|
+
def generate_location_random_bytes(location, generate_random_bytes_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
|
77
|
+
command = make_simple_command(:post, 'v1/{+location}:generateRandomBytes', options)
|
78
|
+
command.request_representation = Google::Apis::CloudkmsV1::GenerateRandomBytesRequest::Representation
|
79
|
+
command.request_object = generate_random_bytes_request_object
|
80
|
+
command.response_representation = Google::Apis::CloudkmsV1::GenerateRandomBytesResponse::Representation
|
81
|
+
command.response_class = Google::Apis::CloudkmsV1::GenerateRandomBytesResponse
|
82
|
+
command.params['location'] = location unless location.nil?
|
83
|
+
command.query['fields'] = fields unless fields.nil?
|
84
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
85
|
+
execute_or_queue_command(command, &block)
|
86
|
+
end
|
87
|
+
|
53
88
|
# Gets information about a location.
|
54
89
|
# @param [String] name
|
55
90
|
# Resource name for the location.
|
@@ -197,13 +232,16 @@ module Google
|
|
197
232
|
# REQUIRED: The resource for which the policy is being requested. See the
|
198
233
|
# operation documentation for the appropriate value for this field.
|
199
234
|
# @param [Fixnum] options_requested_policy_version
|
200
|
-
# Optional. The policy
|
201
|
-
# 3. Requests specifying an invalid value will be
|
202
|
-
# policies with any conditional bindings must
|
203
|
-
#
|
204
|
-
# field unset.
|
205
|
-
#
|
206
|
-
#
|
235
|
+
# Optional. The maximum policy version that will be used to format the policy.
|
236
|
+
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
|
237
|
+
# rejected. Requests for policies with any conditional role bindings must
|
238
|
+
# specify version 3. Policies with no conditional role bindings may specify any
|
239
|
+
# valid value or leave the field unset. The policy in the response might use the
|
240
|
+
# policy version that you specified, or it might use a lower policy version. For
|
241
|
+
# example, if you specify version 3, but the policy has no conditional role
|
242
|
+
# bindings, the response uses version 1. To learn which resources support
|
243
|
+
# conditions in their IAM policies, see the [IAM documentation](https://cloud.
|
244
|
+
# google.com/iam/help/conditions/resource-policies).
|
207
245
|
# @param [String] fields
|
208
246
|
# Selector specifying which fields to include in a partial response.
|
209
247
|
# @param [String] quota_user
|
@@ -509,13 +547,16 @@ module Google
|
|
509
547
|
# REQUIRED: The resource for which the policy is being requested. See the
|
510
548
|
# operation documentation for the appropriate value for this field.
|
511
549
|
# @param [Fixnum] options_requested_policy_version
|
512
|
-
# Optional. The policy
|
513
|
-
# 3. Requests specifying an invalid value will be
|
514
|
-
# policies with any conditional bindings must
|
515
|
-
#
|
516
|
-
# field unset.
|
517
|
-
#
|
518
|
-
#
|
550
|
+
# Optional. The maximum policy version that will be used to format the policy.
|
551
|
+
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
|
552
|
+
# rejected. Requests for policies with any conditional role bindings must
|
553
|
+
# specify version 3. Policies with no conditional role bindings may specify any
|
554
|
+
# valid value or leave the field unset. The policy in the response might use the
|
555
|
+
# policy version that you specified, or it might use a lower policy version. For
|
556
|
+
# example, if you specify version 3, but the policy has no conditional role
|
557
|
+
# bindings, the response uses version 1. To learn which resources support
|
558
|
+
# conditions in their IAM policies, see the [IAM documentation](https://cloud.
|
559
|
+
# google.com/iam/help/conditions/resource-policies).
|
519
560
|
# @param [String] fields
|
520
561
|
# Selector specifying which fields to include in a partial response.
|
521
562
|
# @param [String] quota_user
|
@@ -848,11 +889,11 @@ module Google
|
|
848
889
|
end
|
849
890
|
|
850
891
|
# Schedule a CryptoKeyVersion for destruction. Upon calling this method,
|
851
|
-
# CryptoKeyVersion.state will be set to DESTROY_SCHEDULED and destroy_time will
|
852
|
-
# be set to
|
853
|
-
#
|
854
|
-
# Before the destroy_time is reached,
|
855
|
-
# reverse the process.
|
892
|
+
# CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and destroy_time will
|
893
|
+
# be set to the time destroy_scheduled_duration in the future. At that time, the
|
894
|
+
# state will automatically change to DESTROYED, and the key material will be
|
895
|
+
# irrevocably destroyed. Before the destroy_time is reached,
|
896
|
+
# RestoreCryptoKeyVersion may be called to reverse the process.
|
856
897
|
# @param [String] name
|
857
898
|
# Required. The resource name of the CryptoKeyVersion to destroy.
|
858
899
|
# @param [Google::Apis::CloudkmsV1::DestroyCryptoKeyVersionRequest] destroy_crypto_key_version_request_object
|
@@ -946,11 +987,14 @@ module Google
|
|
946
987
|
execute_or_queue_command(command, &block)
|
947
988
|
end
|
948
989
|
|
949
|
-
#
|
950
|
-
#
|
951
|
-
#
|
990
|
+
# Import wrapped key material into a CryptoKeyVersion. All requests must specify
|
991
|
+
# a CryptoKey. If a CryptoKeyVersion is additionally specified in the request,
|
992
|
+
# key material will be reimported into that version. Otherwise, a new version
|
993
|
+
# will be created, and will be assigned the next sequential id within the
|
994
|
+
# CryptoKey.
|
952
995
|
# @param [String] parent
|
953
|
-
# Required. The name of the CryptoKey to be imported into.
|
996
|
+
# Required. The name of the CryptoKey to be imported into. The create permission
|
997
|
+
# is only required on this key when creating a new CryptoKeyVersion.
|
954
998
|
# @param [Google::Apis::CloudkmsV1::ImportCryptoKeyVersionRequest] import_crypto_key_version_request_object
|
955
999
|
# @param [String] fields
|
956
1000
|
# Selector specifying which fields to include in a partial response.
|
@@ -1036,6 +1080,75 @@ module Google
|
|
1036
1080
|
execute_or_queue_command(command, &block)
|
1037
1081
|
end
|
1038
1082
|
|
1083
|
+
# Signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, producing a
|
1084
|
+
# tag that can be verified by another source with the same key.
|
1085
|
+
# @param [String] name
|
1086
|
+
# Required. The resource name of the CryptoKeyVersion to use for signing.
|
1087
|
+
# @param [Google::Apis::CloudkmsV1::MacSignRequest] mac_sign_request_object
|
1088
|
+
# @param [String] fields
|
1089
|
+
# Selector specifying which fields to include in a partial response.
|
1090
|
+
# @param [String] quota_user
|
1091
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
1092
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
1093
|
+
# @param [Google::Apis::RequestOptions] options
|
1094
|
+
# Request-specific options
|
1095
|
+
#
|
1096
|
+
# @yield [result, err] Result & error if block supplied
|
1097
|
+
# @yieldparam result [Google::Apis::CloudkmsV1::MacSignResponse] parsed result object
|
1098
|
+
# @yieldparam err [StandardError] error object if request failed
|
1099
|
+
#
|
1100
|
+
# @return [Google::Apis::CloudkmsV1::MacSignResponse]
|
1101
|
+
#
|
1102
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
1103
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
1104
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
1105
|
+
def mac_crypto_key_version_sign(name, mac_sign_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
|
1106
|
+
command = make_simple_command(:post, 'v1/{+name}:macSign', options)
|
1107
|
+
command.request_representation = Google::Apis::CloudkmsV1::MacSignRequest::Representation
|
1108
|
+
command.request_object = mac_sign_request_object
|
1109
|
+
command.response_representation = Google::Apis::CloudkmsV1::MacSignResponse::Representation
|
1110
|
+
command.response_class = Google::Apis::CloudkmsV1::MacSignResponse
|
1111
|
+
command.params['name'] = name unless name.nil?
|
1112
|
+
command.query['fields'] = fields unless fields.nil?
|
1113
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
1114
|
+
execute_or_queue_command(command, &block)
|
1115
|
+
end
|
1116
|
+
|
1117
|
+
# Verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, and
|
1118
|
+
# returns a response that indicates whether or not the verification was
|
1119
|
+
# successful.
|
1120
|
+
# @param [String] name
|
1121
|
+
# Required. The resource name of the CryptoKeyVersion to use for verification.
|
1122
|
+
# @param [Google::Apis::CloudkmsV1::MacVerifyRequest] mac_verify_request_object
|
1123
|
+
# @param [String] fields
|
1124
|
+
# Selector specifying which fields to include in a partial response.
|
1125
|
+
# @param [String] quota_user
|
1126
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
1127
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
1128
|
+
# @param [Google::Apis::RequestOptions] options
|
1129
|
+
# Request-specific options
|
1130
|
+
#
|
1131
|
+
# @yield [result, err] Result & error if block supplied
|
1132
|
+
# @yieldparam result [Google::Apis::CloudkmsV1::MacVerifyResponse] parsed result object
|
1133
|
+
# @yieldparam err [StandardError] error object if request failed
|
1134
|
+
#
|
1135
|
+
# @return [Google::Apis::CloudkmsV1::MacVerifyResponse]
|
1136
|
+
#
|
1137
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
1138
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
1139
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
1140
|
+
def mac_crypto_key_version_verify(name, mac_verify_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
|
1141
|
+
command = make_simple_command(:post, 'v1/{+name}:macVerify', options)
|
1142
|
+
command.request_representation = Google::Apis::CloudkmsV1::MacVerifyRequest::Representation
|
1143
|
+
command.request_object = mac_verify_request_object
|
1144
|
+
command.response_representation = Google::Apis::CloudkmsV1::MacVerifyResponse::Representation
|
1145
|
+
command.response_class = Google::Apis::CloudkmsV1::MacVerifyResponse
|
1146
|
+
command.params['name'] = name unless name.nil?
|
1147
|
+
command.query['fields'] = fields unless fields.nil?
|
1148
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
1149
|
+
execute_or_queue_command(command, &block)
|
1150
|
+
end
|
1151
|
+
|
1039
1152
|
# Update a CryptoKeyVersion's metadata. state may be changed between ENABLED and
|
1040
1153
|
# DISABLED using this method. See DestroyCryptoKeyVersion and
|
1041
1154
|
# RestoreCryptoKeyVersion to move between other states.
|
@@ -1183,13 +1296,16 @@ module Google
|
|
1183
1296
|
# REQUIRED: The resource for which the policy is being requested. See the
|
1184
1297
|
# operation documentation for the appropriate value for this field.
|
1185
1298
|
# @param [Fixnum] options_requested_policy_version
|
1186
|
-
# Optional. The policy
|
1187
|
-
# 3. Requests specifying an invalid value will be
|
1188
|
-
# policies with any conditional bindings must
|
1189
|
-
#
|
1190
|
-
# field unset.
|
1191
|
-
#
|
1192
|
-
#
|
1299
|
+
# Optional. The maximum policy version that will be used to format the policy.
|
1300
|
+
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
|
1301
|
+
# rejected. Requests for policies with any conditional role bindings must
|
1302
|
+
# specify version 3. Policies with no conditional role bindings may specify any
|
1303
|
+
# valid value or leave the field unset. The policy in the response might use the
|
1304
|
+
# policy version that you specified, or it might use a lower policy version. For
|
1305
|
+
# example, if you specify version 3, but the policy has no conditional role
|
1306
|
+
# bindings, the response uses version 1. To learn which resources support
|
1307
|
+
# conditions in their IAM policies, see the [IAM documentation](https://cloud.
|
1308
|
+
# google.com/iam/help/conditions/resource-policies).
|
1193
1309
|
# @param [String] fields
|
1194
1310
|
# Selector specifying which fields to include in a partial response.
|
1195
1311
|
# @param [String] quota_user
|
@@ -30,7 +30,7 @@ module Google
|
|
30
30
|
# This is NOT the gem version.
|
31
31
|
VERSION = 'V1'
|
32
32
|
|
33
|
-
# See, edit, configure, and delete your Google Cloud
|
33
|
+
# See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.
|
34
34
|
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
|
35
35
|
|
36
36
|
# View and manage your keys and secrets stored in Cloud Key Management Service
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-apis-cloudkms_v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.14.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-11-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: google-apis-core
|
@@ -57,9 +57,9 @@ licenses:
|
|
57
57
|
- Apache-2.0
|
58
58
|
metadata:
|
59
59
|
bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
|
60
|
-
changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/
|
61
|
-
documentation_uri: https://googleapis.dev/ruby/google-apis-cloudkms_v1/v0.
|
62
|
-
source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/
|
60
|
+
changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-cloudkms_v1/CHANGELOG.md
|
61
|
+
documentation_uri: https://googleapis.dev/ruby/google-apis-cloudkms_v1/v0.14.0
|
62
|
+
source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-cloudkms_v1
|
63
63
|
post_install_message:
|
64
64
|
rdoc_options: []
|
65
65
|
require_paths:
|