google-apis-cloudkms_v1 0.11.0 → 0.15.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +16 -0
- data/OVERVIEW.md +2 -2
- data/lib/google/apis/cloudkms_v1/classes.rb +205 -63
- data/lib/google/apis/cloudkms_v1/gem_version.rb +2 -2
- data/lib/google/apis/cloudkms_v1/representations.rb +35 -0
- data/lib/google/apis/cloudkms_v1/service.rb +195 -30
- data/lib/google/apis/cloudkms_v1.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ce1244f1efea2c5807f4df0bc7847d6d1696cee2e556081b8bc3847145f82597
|
4
|
+
data.tar.gz: f5be8bc097879267d3a81420a2be844248abce2a6f40dee2b3c3669b9438f2e0
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f7e6a15ab9a1694e5f7c9cd604573727f524a5a50be49a81ceb82880411560f0035402781696ad57806a64285e85fe7c215926f94ba5f6b758efb7cfa667a830
|
7
|
+
data.tar.gz: 3c4abdd1d32b6eb076e3ba521217675d135912daeebbd348c4f78c9550a567513da3d0aa3da2690eb87aa548825d8781a95df83b1fbb512231ed563b9ab5f044
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,21 @@
|
|
1
1
|
# Release history for google-apis-cloudkms_v1
|
2
2
|
|
3
|
+
### v0.15.0 (2021-12-08)
|
4
|
+
|
5
|
+
* Regenerated from discovery document revision 20211130
|
6
|
+
|
7
|
+
### v0.14.0 (2021-11-13)
|
8
|
+
|
9
|
+
* Regenerated from discovery document revision 20211105
|
10
|
+
|
11
|
+
### v0.13.0 (2021-10-26)
|
12
|
+
|
13
|
+
* Regenerated from discovery document revision 20211018
|
14
|
+
|
15
|
+
### v0.12.0 (2021-09-01)
|
16
|
+
|
17
|
+
* Regenerated from discovery document revision 20210820
|
18
|
+
|
3
19
|
### v0.11.0 (2021-07-31)
|
4
20
|
|
5
21
|
* Regenerated from discovery document revision 20210723
|
data/OVERVIEW.md
CHANGED
@@ -60,8 +60,8 @@ See the class reference docs for information on the methods you can call from a
|
|
60
60
|
|
61
61
|
More detailed descriptions of the Google simple REST clients are available in two documents.
|
62
62
|
|
63
|
-
* The [Usage Guide](https://github.com/googleapis/google-api-ruby-client/blob/
|
64
|
-
* The [Auth Guide](https://github.com/googleapis/google-api-ruby-client/blob/
|
63
|
+
* The [Usage Guide](https://github.com/googleapis/google-api-ruby-client/blob/main/docs/usage-guide.md) discusses how to make API calls, how to use the provided data structures, and how to work the various features of the client library, including media upload and download, error handling, retries, pagination, and logging.
|
64
|
+
* The [Auth Guide](https://github.com/googleapis/google-api-ruby-client/blob/main/docs/auth-guide.md) discusses authentication in the client libraries, including API keys, OAuth 2.0, service accounts, and environment variables.
|
65
65
|
|
66
66
|
(Note: the above documents are written for the simple REST clients in general, and their examples may not reflect the Cloudkms service in particular.)
|
67
67
|
|
@@ -119,6 +119,28 @@ module Google
|
|
119
119
|
class AsymmetricSignRequest
|
120
120
|
include Google::Apis::Core::Hashable
|
121
121
|
|
122
|
+
# Optional. The data to sign. It can't be supplied if AsymmetricSignRequest.
|
123
|
+
# digest is supplied.
|
124
|
+
# Corresponds to the JSON property `data`
|
125
|
+
# NOTE: Values are automatically base64 encoded/decoded in the client library.
|
126
|
+
# @return [String]
|
127
|
+
attr_accessor :data
|
128
|
+
|
129
|
+
# Optional. An optional CRC32C checksum of the AsymmetricSignRequest.data. If
|
130
|
+
# specified, KeyManagementService will verify the integrity of the received
|
131
|
+
# AsymmetricSignRequest.data using this checksum. KeyManagementService will
|
132
|
+
# report an error if the checksum verification fails. If you receive a checksum
|
133
|
+
# error, your client should verify that CRC32C(AsymmetricSignRequest.data) is
|
134
|
+
# equal to AsymmetricSignRequest.data_crc32c, and if so, perform a limited
|
135
|
+
# number of retries. A persistent mismatch may indicate an issue in your
|
136
|
+
# computation of the CRC32C checksum. Note: This field is defined as int64 for
|
137
|
+
# reasons of compatibility across different languages. However, it is a non-
|
138
|
+
# negative integer, which will never exceed 2^32-1, and can be safely
|
139
|
+
# downconverted to uint32 in languages that support this type.
|
140
|
+
# Corresponds to the JSON property `dataCrc32c`
|
141
|
+
# @return [Fixnum]
|
142
|
+
attr_accessor :data_crc32c
|
143
|
+
|
122
144
|
# A Digest holds a cryptographic message digest.
|
123
145
|
# Corresponds to the JSON property `digest`
|
124
146
|
# @return [Google::Apis::CloudkmsV1::Digest]
|
@@ -145,6 +167,8 @@ module Google
|
|
145
167
|
|
146
168
|
# Update properties of this object
|
147
169
|
def update!(**args)
|
170
|
+
@data = args[:data] if args.key?(:data)
|
171
|
+
@data_crc32c = args[:data_crc32c] if args.key?(:data_crc32c)
|
148
172
|
@digest = args[:digest] if args.key?(:digest)
|
149
173
|
@digest_crc32c = args[:digest_crc32c] if args.key?(:digest_crc32c)
|
150
174
|
end
|
@@ -185,6 +209,18 @@ module Google
|
|
185
209
|
# @return [Fixnum]
|
186
210
|
attr_accessor :signature_crc32c
|
187
211
|
|
212
|
+
# Integrity verification field. A flag indicating whether AsymmetricSignRequest.
|
213
|
+
# data_crc32c was received by KeyManagementService and used for the integrity
|
214
|
+
# verification of the data. A false value of this field indicates either that
|
215
|
+
# AsymmetricSignRequest.data_crc32c was left unset or that it was not delivered
|
216
|
+
# to KeyManagementService. If you've set AsymmetricSignRequest.data_crc32c but
|
217
|
+
# this field is still false, discard the response and perform a limited number
|
218
|
+
# of retries.
|
219
|
+
# Corresponds to the JSON property `verifiedDataCrc32c`
|
220
|
+
# @return [Boolean]
|
221
|
+
attr_accessor :verified_data_crc32c
|
222
|
+
alias_method :verified_data_crc32c?, :verified_data_crc32c
|
223
|
+
|
188
224
|
# Integrity verification field. A flag indicating whether AsymmetricSignRequest.
|
189
225
|
# digest_crc32c was received by KeyManagementService and used for the integrity
|
190
226
|
# verification of the digest. A false value of this field indicates either that
|
@@ -207,6 +243,7 @@ module Google
|
|
207
243
|
@protection_level = args[:protection_level] if args.key?(:protection_level)
|
208
244
|
@signature = args[:signature] if args.key?(:signature)
|
209
245
|
@signature_crc32c = args[:signature_crc32c] if args.key?(:signature_crc32c)
|
246
|
+
@verified_data_crc32c = args[:verified_data_crc32c] if args.key?(:verified_data_crc32c)
|
210
247
|
@verified_digest_crc32c = args[:verified_digest_crc32c] if args.key?(:verified_digest_crc32c)
|
211
248
|
end
|
212
249
|
end
|
@@ -282,7 +319,7 @@ module Google
|
|
282
319
|
end
|
283
320
|
end
|
284
321
|
|
285
|
-
# Associates `members
|
322
|
+
# Associates `members`, or principals, with a `role`.
|
286
323
|
class Binding
|
287
324
|
include Google::Apis::Core::Hashable
|
288
325
|
|
@@ -305,7 +342,7 @@ module Google
|
|
305
342
|
# @return [Google::Apis::CloudkmsV1::Expr]
|
306
343
|
attr_accessor :condition
|
307
344
|
|
308
|
-
# Specifies the
|
345
|
+
# Specifies the principals requesting access for a Cloud Platform resource. `
|
309
346
|
# members` can have the following values: * `allUsers`: A special identifier
|
310
347
|
# that represents anyone who is on the internet; with or without a Google
|
311
348
|
# account. * `allAuthenticatedUsers`: A special identifier that represents
|
@@ -335,8 +372,8 @@ module Google
|
|
335
372
|
# @return [Array<String>]
|
336
373
|
attr_accessor :members
|
337
374
|
|
338
|
-
# Role that is assigned to `members
|
339
|
-
#
|
375
|
+
# Role that is assigned to the list of `members`, or principals. For example, `
|
376
|
+
# roles/viewer`, `roles/editor`, or `roles/owner`.
|
340
377
|
# Corresponds to the JSON property `role`
|
341
378
|
# @return [String]
|
342
379
|
attr_accessor :role
|
@@ -397,6 +434,19 @@ module Google
|
|
397
434
|
# @return [String]
|
398
435
|
attr_accessor :create_time
|
399
436
|
|
437
|
+
# Immutable. The period of time that versions of this key spend in the
|
438
|
+
# DESTROY_SCHEDULED state before transitioning to DESTROYED. If not specified at
|
439
|
+
# creation time, the default duration is 24 hours.
|
440
|
+
# Corresponds to the JSON property `destroyScheduledDuration`
|
441
|
+
# @return [String]
|
442
|
+
attr_accessor :destroy_scheduled_duration
|
443
|
+
|
444
|
+
# Immutable. Whether this key may contain imported versions only.
|
445
|
+
# Corresponds to the JSON property `importOnly`
|
446
|
+
# @return [Boolean]
|
447
|
+
attr_accessor :import_only
|
448
|
+
alias_method :import_only?, :import_only
|
449
|
+
|
400
450
|
# Labels with user-defined metadata. For more information, see [Labeling Keys](
|
401
451
|
# https://cloud.google.com/kms/docs/labeling-keys).
|
402
452
|
# Corresponds to the JSON property `labels`
|
@@ -457,6 +507,8 @@ module Google
|
|
457
507
|
# Update properties of this object
|
458
508
|
def update!(**args)
|
459
509
|
@create_time = args[:create_time] if args.key?(:create_time)
|
510
|
+
@destroy_scheduled_duration = args[:destroy_scheduled_duration] if args.key?(:destroy_scheduled_duration)
|
511
|
+
@import_only = args[:import_only] if args.key?(:import_only)
|
460
512
|
@labels = args[:labels] if args.key?(:labels)
|
461
513
|
@name = args[:name] if args.key?(:name)
|
462
514
|
@next_rotation_time = args[:next_rotation_time] if args.key?(:next_rotation_time)
|
@@ -517,20 +569,20 @@ module Google
|
|
517
569
|
# @return [String]
|
518
570
|
attr_accessor :generate_time
|
519
571
|
|
520
|
-
# Output only. The root cause of
|
521
|
-
# IMPORT_FAILED.
|
572
|
+
# Output only. The root cause of the most recent import failure. Only present if
|
573
|
+
# state is IMPORT_FAILED.
|
522
574
|
# Corresponds to the JSON property `importFailureReason`
|
523
575
|
# @return [String]
|
524
576
|
attr_accessor :import_failure_reason
|
525
577
|
|
526
|
-
# Output only. The name of the ImportJob used
|
527
|
-
# Only present if the underlying key material was imported.
|
578
|
+
# Output only. The name of the ImportJob used in the most recent import of this
|
579
|
+
# CryptoKeyVersion. Only present if the underlying key material was imported.
|
528
580
|
# Corresponds to the JSON property `importJob`
|
529
581
|
# @return [String]
|
530
582
|
attr_accessor :import_job
|
531
583
|
|
532
|
-
# Output only. The time at which this CryptoKeyVersion's key material was
|
533
|
-
# imported.
|
584
|
+
# Output only. The time at which this CryptoKeyVersion's key material was most
|
585
|
+
# recently imported.
|
534
586
|
# Corresponds to the JSON property `importTime`
|
535
587
|
# @return [String]
|
536
588
|
attr_accessor :import_time
|
@@ -547,6 +599,14 @@ module Google
|
|
547
599
|
# @return [String]
|
548
600
|
attr_accessor :protection_level
|
549
601
|
|
602
|
+
# Output only. Whether or not this key version is eligible for reimport, by
|
603
|
+
# being specified as a target in ImportCryptoKeyVersionRequest.
|
604
|
+
# crypto_key_version.
|
605
|
+
# Corresponds to the JSON property `reimportEligible`
|
606
|
+
# @return [Boolean]
|
607
|
+
attr_accessor :reimport_eligible
|
608
|
+
alias_method :reimport_eligible?, :reimport_eligible
|
609
|
+
|
550
610
|
# The current state of the CryptoKeyVersion.
|
551
611
|
# Corresponds to the JSON property `state`
|
552
612
|
# @return [String]
|
@@ -570,6 +630,7 @@ module Google
|
|
570
630
|
@import_time = args[:import_time] if args.key?(:import_time)
|
571
631
|
@name = args[:name] if args.key?(:name)
|
572
632
|
@protection_level = args[:protection_level] if args.key?(:protection_level)
|
633
|
+
@reimport_eligible = args[:reimport_eligible] if args.key?(:reimport_eligible)
|
573
634
|
@state = args[:state] if args.key?(:state)
|
574
635
|
end
|
575
636
|
end
|
@@ -979,6 +1040,68 @@ module Google
|
|
979
1040
|
end
|
980
1041
|
end
|
981
1042
|
|
1043
|
+
# Request message for KeyManagementService.GenerateRandomBytes.
|
1044
|
+
class GenerateRandomBytesRequest
|
1045
|
+
include Google::Apis::Core::Hashable
|
1046
|
+
|
1047
|
+
# The length in bytes of the amount of randomness to retrieve. Minimum 8 bytes,
|
1048
|
+
# maximum 1024 bytes.
|
1049
|
+
# Corresponds to the JSON property `lengthBytes`
|
1050
|
+
# @return [Fixnum]
|
1051
|
+
attr_accessor :length_bytes
|
1052
|
+
|
1053
|
+
# The ProtectionLevel to use when generating the random data. Defaults to
|
1054
|
+
# SOFTWARE.
|
1055
|
+
# Corresponds to the JSON property `protectionLevel`
|
1056
|
+
# @return [String]
|
1057
|
+
attr_accessor :protection_level
|
1058
|
+
|
1059
|
+
def initialize(**args)
|
1060
|
+
update!(**args)
|
1061
|
+
end
|
1062
|
+
|
1063
|
+
# Update properties of this object
|
1064
|
+
def update!(**args)
|
1065
|
+
@length_bytes = args[:length_bytes] if args.key?(:length_bytes)
|
1066
|
+
@protection_level = args[:protection_level] if args.key?(:protection_level)
|
1067
|
+
end
|
1068
|
+
end
|
1069
|
+
|
1070
|
+
# Response message for KeyManagementService.GenerateRandomBytes.
|
1071
|
+
class GenerateRandomBytesResponse
|
1072
|
+
include Google::Apis::Core::Hashable
|
1073
|
+
|
1074
|
+
# The generated data.
|
1075
|
+
# Corresponds to the JSON property `data`
|
1076
|
+
# NOTE: Values are automatically base64 encoded/decoded in the client library.
|
1077
|
+
# @return [String]
|
1078
|
+
attr_accessor :data
|
1079
|
+
|
1080
|
+
# Integrity verification field. A CRC32C checksum of the returned
|
1081
|
+
# GenerateRandomBytesResponse.data. An integrity check of
|
1082
|
+
# GenerateRandomBytesResponse.data can be performed by computing the CRC32C
|
1083
|
+
# checksum of GenerateRandomBytesResponse.data and comparing your results to
|
1084
|
+
# this field. Discard the response in case of non-matching checksum values, and
|
1085
|
+
# perform a limited number of retries. A persistent mismatch may indicate an
|
1086
|
+
# issue in your computation of the CRC32C checksum. Note: This field is defined
|
1087
|
+
# as int64 for reasons of compatibility across different languages. However, it
|
1088
|
+
# is a non-negative integer, which will never exceed 2^32-1, and can be safely
|
1089
|
+
# downconverted to uint32 in languages that support this type.
|
1090
|
+
# Corresponds to the JSON property `dataCrc32c`
|
1091
|
+
# @return [Fixnum]
|
1092
|
+
attr_accessor :data_crc32c
|
1093
|
+
|
1094
|
+
def initialize(**args)
|
1095
|
+
update!(**args)
|
1096
|
+
end
|
1097
|
+
|
1098
|
+
# Update properties of this object
|
1099
|
+
def update!(**args)
|
1100
|
+
@data = args[:data] if args.key?(:data)
|
1101
|
+
@data_crc32c = args[:data_crc32c] if args.key?(:data_crc32c)
|
1102
|
+
end
|
1103
|
+
end
|
1104
|
+
|
982
1105
|
# Request message for KeyManagementService.ImportCryptoKeyVersion.
|
983
1106
|
class ImportCryptoKeyVersionRequest
|
984
1107
|
include Google::Apis::Core::Hashable
|
@@ -989,6 +1112,19 @@ module Google
|
|
989
1112
|
# @return [String]
|
990
1113
|
attr_accessor :algorithm
|
991
1114
|
|
1115
|
+
# Optional. The optional name of an existing CryptoKeyVersion to target for an
|
1116
|
+
# import operation. If this field is not present, a new CryptoKeyVersion
|
1117
|
+
# containing the supplied key material is created. If this field is present, the
|
1118
|
+
# supplied key material is imported into the existing CryptoKeyVersion. To
|
1119
|
+
# import into an existing CryptoKeyVersion, the CryptoKeyVersion must be a child
|
1120
|
+
# of ImportCryptoKeyVersionRequest.parent, have been previously created via
|
1121
|
+
# ImportCryptoKeyVersion, and be in DESTROYED or IMPORT_FAILED state. The key
|
1122
|
+
# material and algorithm must match the previous CryptoKeyVersion exactly if the
|
1123
|
+
# CryptoKeyVersion has ever contained key material.
|
1124
|
+
# Corresponds to the JSON property `cryptoKeyVersion`
|
1125
|
+
# @return [String]
|
1126
|
+
attr_accessor :crypto_key_version
|
1127
|
+
|
992
1128
|
# Required. The name of the ImportJob that was used to wrap this key material.
|
993
1129
|
# Corresponds to the JSON property `importJob`
|
994
1130
|
# @return [String]
|
@@ -1016,6 +1152,7 @@ module Google
|
|
1016
1152
|
# Update properties of this object
|
1017
1153
|
def update!(**args)
|
1018
1154
|
@algorithm = args[:algorithm] if args.key?(:algorithm)
|
1155
|
+
@crypto_key_version = args[:crypto_key_version] if args.key?(:crypto_key_version)
|
1019
1156
|
@import_job = args[:import_job] if args.key?(:import_job)
|
1020
1157
|
@rsa_aes_wrapped_key = args[:rsa_aes_wrapped_key] if args.key?(:rsa_aes_wrapped_key)
|
1021
1158
|
end
|
@@ -1637,31 +1774,31 @@ module Google
|
|
1637
1774
|
|
1638
1775
|
# An Identity and Access Management (IAM) policy, which specifies access
|
1639
1776
|
# controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
|
1640
|
-
# A `binding` binds one or more `members
|
1641
|
-
# user accounts, service accounts, Google groups, and domains (
|
1642
|
-
# A `role` is a named list of permissions; each `role` can be
|
1643
|
-
# role or a user-created custom role. For some types of Google
|
1644
|
-
# a `binding` can also specify a `condition`, which is a
|
1645
|
-
# allows access to a resource only if the expression
|
1646
|
-
# condition can add constraints based on attributes of
|
1647
|
-
# or both. To learn which resources support
|
1648
|
-
# see the [IAM documentation](https://cloud.
|
1649
|
-
# resource-policies). **JSON example:** ` "
|
1650
|
-
# resourcemanager.organizationAdmin", "members": [
|
1651
|
-
# group:admins@example.com", "domain:google.com", "
|
1652
|
-
# appspot.gserviceaccount.com" ] `, ` "role": "
|
1653
|
-
# organizationViewer", "members": [ "user:eve@example.com"
|
1654
|
-
# title": "expirable access", "description": "Does not grant
|
1655
|
-
# 2020", "expression": "request.time < timestamp('2020-10-01T00:
|
1656
|
-
# ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
|
1657
|
-
# members: - user:mike@example.com - group:admins@example.com -
|
1658
|
-
# com - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
1659
|
-
# resourcemanager.organizationAdmin - members: - user:eve@example.
|
1660
|
-
# roles/resourcemanager.organizationViewer condition: title: expirable
|
1661
|
-
# description: Does not grant access after Sep 2020 expression: request.
|
1662
|
-
# timestamp('2020-10-01T00:00:00.000Z')
|
1663
|
-
# description of IAM and its features, see the [IAM documentation](https://
|
1664
|
-
# google.com/iam/docs/).
|
1777
|
+
# A `binding` binds one or more `members`, or principals, to a single `role`.
|
1778
|
+
# Principals can be user accounts, service accounts, Google groups, and domains (
|
1779
|
+
# such as G Suite). A `role` is a named list of permissions; each `role` can be
|
1780
|
+
# an IAM predefined role or a user-created custom role. For some types of Google
|
1781
|
+
# Cloud resources, a `binding` can also specify a `condition`, which is a
|
1782
|
+
# logical expression that allows access to a resource only if the expression
|
1783
|
+
# evaluates to `true`. A condition can add constraints based on attributes of
|
1784
|
+
# the request, the resource, or both. To learn which resources support
|
1785
|
+
# conditions in their IAM policies, see the [IAM documentation](https://cloud.
|
1786
|
+
# google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
|
1787
|
+
# bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
|
1788
|
+
# "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
|
1789
|
+
# serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
|
1790
|
+
# roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
|
1791
|
+
# ], "condition": ` "title": "expirable access", "description": "Does not grant
|
1792
|
+
# access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
|
1793
|
+
# 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
|
1794
|
+
# bindings: - members: - user:mike@example.com - group:admins@example.com -
|
1795
|
+
# domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
1796
|
+
# role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
|
1797
|
+
# com role: roles/resourcemanager.organizationViewer condition: title: expirable
|
1798
|
+
# access description: Does not grant access after Sep 2020 expression: request.
|
1799
|
+
# time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
|
1800
|
+
# a description of IAM and its features, see the [IAM documentation](https://
|
1801
|
+
# cloud.google.com/iam/docs/).
|
1665
1802
|
class Policy
|
1666
1803
|
include Google::Apis::Core::Hashable
|
1667
1804
|
|
@@ -1670,9 +1807,14 @@ module Google
|
|
1670
1807
|
# @return [Array<Google::Apis::CloudkmsV1::AuditConfig>]
|
1671
1808
|
attr_accessor :audit_configs
|
1672
1809
|
|
1673
|
-
# Associates a list of `members
|
1674
|
-
# condition` that determines how and when the `bindings` are applied.
|
1675
|
-
# the `bindings` must contain at least one
|
1810
|
+
# Associates a list of `members`, or principals, with a `role`. Optionally, may
|
1811
|
+
# specify a `condition` that determines how and when the `bindings` are applied.
|
1812
|
+
# Each of the `bindings` must contain at least one principal. The `bindings` in
|
1813
|
+
# a `Policy` can refer to up to 1,500 principals; up to 250 of these principals
|
1814
|
+
# can be Google groups. Each occurrence of a principal counts towards these
|
1815
|
+
# limits. For example, if the `bindings` grant 50 different roles to `user:alice@
|
1816
|
+
# example.com`, and not to any other principal, then you can add another 1,450
|
1817
|
+
# principals to the `bindings` in the `Policy`.
|
1676
1818
|
# Corresponds to the JSON property `bindings`
|
1677
1819
|
# @return [Array<Google::Apis::CloudkmsV1::Binding>]
|
1678
1820
|
attr_accessor :bindings
|
@@ -1800,31 +1942,31 @@ module Google
|
|
1800
1942
|
|
1801
1943
|
# An Identity and Access Management (IAM) policy, which specifies access
|
1802
1944
|
# controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
|
1803
|
-
# A `binding` binds one or more `members
|
1804
|
-
# user accounts, service accounts, Google groups, and domains (
|
1805
|
-
# A `role` is a named list of permissions; each `role` can be
|
1806
|
-
# role or a user-created custom role. For some types of Google
|
1807
|
-
# a `binding` can also specify a `condition`, which is a
|
1808
|
-
# allows access to a resource only if the expression
|
1809
|
-
# condition can add constraints based on attributes of
|
1810
|
-
# or both. To learn which resources support
|
1811
|
-
# see the [IAM documentation](https://cloud.
|
1812
|
-
# resource-policies). **JSON example:** ` "
|
1813
|
-
# resourcemanager.organizationAdmin", "members": [
|
1814
|
-
# group:admins@example.com", "domain:google.com", "
|
1815
|
-
# appspot.gserviceaccount.com" ] `, ` "role": "
|
1816
|
-
# organizationViewer", "members": [ "user:eve@example.com"
|
1817
|
-
# title": "expirable access", "description": "Does not grant
|
1818
|
-
# 2020", "expression": "request.time < timestamp('2020-10-01T00:
|
1819
|
-
# ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
|
1820
|
-
# members: - user:mike@example.com - group:admins@example.com -
|
1821
|
-
# com - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
1822
|
-
# resourcemanager.organizationAdmin - members: - user:eve@example.
|
1823
|
-
# roles/resourcemanager.organizationViewer condition: title: expirable
|
1824
|
-
# description: Does not grant access after Sep 2020 expression: request.
|
1825
|
-
# timestamp('2020-10-01T00:00:00.000Z')
|
1826
|
-
# description of IAM and its features, see the [IAM documentation](https://
|
1827
|
-
# google.com/iam/docs/).
|
1945
|
+
# A `binding` binds one or more `members`, or principals, to a single `role`.
|
1946
|
+
# Principals can be user accounts, service accounts, Google groups, and domains (
|
1947
|
+
# such as G Suite). A `role` is a named list of permissions; each `role` can be
|
1948
|
+
# an IAM predefined role or a user-created custom role. For some types of Google
|
1949
|
+
# Cloud resources, a `binding` can also specify a `condition`, which is a
|
1950
|
+
# logical expression that allows access to a resource only if the expression
|
1951
|
+
# evaluates to `true`. A condition can add constraints based on attributes of
|
1952
|
+
# the request, the resource, or both. To learn which resources support
|
1953
|
+
# conditions in their IAM policies, see the [IAM documentation](https://cloud.
|
1954
|
+
# google.com/iam/help/conditions/resource-policies). **JSON example:** ` "
|
1955
|
+
# bindings": [ ` "role": "roles/resourcemanager.organizationAdmin", "members": [
|
1956
|
+
# "user:mike@example.com", "group:admins@example.com", "domain:google.com", "
|
1957
|
+
# serviceAccount:my-project-id@appspot.gserviceaccount.com" ] `, ` "role": "
|
1958
|
+
# roles/resourcemanager.organizationViewer", "members": [ "user:eve@example.com"
|
1959
|
+
# ], "condition": ` "title": "expirable access", "description": "Does not grant
|
1960
|
+
# access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:
|
1961
|
+
# 00:00.000Z')", ` ` ], "etag": "BwWWja0YfJA=", "version": 3 ` **YAML example:**
|
1962
|
+
# bindings: - members: - user:mike@example.com - group:admins@example.com -
|
1963
|
+
# domain:google.com - serviceAccount:my-project-id@appspot.gserviceaccount.com
|
1964
|
+
# role: roles/resourcemanager.organizationAdmin - members: - user:eve@example.
|
1965
|
+
# com role: roles/resourcemanager.organizationViewer condition: title: expirable
|
1966
|
+
# access description: Does not grant access after Sep 2020 expression: request.
|
1967
|
+
# time < timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For
|
1968
|
+
# a description of IAM and its features, see the [IAM documentation](https://
|
1969
|
+
# cloud.google.com/iam/docs/).
|
1828
1970
|
# Corresponds to the JSON property `policy`
|
1829
1971
|
# @return [Google::Apis::CloudkmsV1::Policy]
|
1830
1972
|
attr_accessor :policy
|
@@ -16,13 +16,13 @@ module Google
|
|
16
16
|
module Apis
|
17
17
|
module CloudkmsV1
|
18
18
|
# Version of the google-apis-cloudkms_v1 gem
|
19
|
-
GEM_VERSION = "0.
|
19
|
+
GEM_VERSION = "0.15.0"
|
20
20
|
|
21
21
|
# Version of the code generator used to generate this client
|
22
22
|
GENERATOR_VERSION = "0.4.0"
|
23
23
|
|
24
24
|
# Revision of the discovery document this client was generated from
|
25
|
-
REVISION = "
|
25
|
+
REVISION = "20211130"
|
26
26
|
end
|
27
27
|
end
|
28
28
|
end
|
@@ -136,6 +136,18 @@ module Google
|
|
136
136
|
include Google::Apis::Core::JsonObjectSupport
|
137
137
|
end
|
138
138
|
|
139
|
+
class GenerateRandomBytesRequest
|
140
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
141
|
+
|
142
|
+
include Google::Apis::Core::JsonObjectSupport
|
143
|
+
end
|
144
|
+
|
145
|
+
class GenerateRandomBytesResponse
|
146
|
+
class Representation < Google::Apis::Core::JsonRepresentation; end
|
147
|
+
|
148
|
+
include Google::Apis::Core::JsonObjectSupport
|
149
|
+
end
|
150
|
+
|
139
151
|
class ImportCryptoKeyVersionRequest
|
140
152
|
class Representation < Google::Apis::Core::JsonRepresentation; end
|
141
153
|
|
@@ -295,6 +307,8 @@ module Google
|
|
295
307
|
class AsymmetricSignRequest
|
296
308
|
# @private
|
297
309
|
class Representation < Google::Apis::Core::JsonRepresentation
|
310
|
+
property :data, :base64 => true, as: 'data'
|
311
|
+
property :data_crc32c, :numeric_string => true, as: 'dataCrc32c'
|
298
312
|
property :digest, as: 'digest', class: Google::Apis::CloudkmsV1::Digest, decorator: Google::Apis::CloudkmsV1::Digest::Representation
|
299
313
|
|
300
314
|
property :digest_crc32c, :numeric_string => true, as: 'digestCrc32c'
|
@@ -308,6 +322,7 @@ module Google
|
|
308
322
|
property :protection_level, as: 'protectionLevel'
|
309
323
|
property :signature, :base64 => true, as: 'signature'
|
310
324
|
property :signature_crc32c, :numeric_string => true, as: 'signatureCrc32c'
|
325
|
+
property :verified_data_crc32c, as: 'verifiedDataCrc32c'
|
311
326
|
property :verified_digest_crc32c, as: 'verifiedDigestCrc32c'
|
312
327
|
end
|
313
328
|
end
|
@@ -352,6 +367,8 @@ module Google
|
|
352
367
|
# @private
|
353
368
|
class Representation < Google::Apis::Core::JsonRepresentation
|
354
369
|
property :create_time, as: 'createTime'
|
370
|
+
property :destroy_scheduled_duration, as: 'destroyScheduledDuration'
|
371
|
+
property :import_only, as: 'importOnly'
|
355
372
|
hash :labels, as: 'labels'
|
356
373
|
property :name, as: 'name'
|
357
374
|
property :next_rotation_time, as: 'nextRotationTime'
|
@@ -381,6 +398,7 @@ module Google
|
|
381
398
|
property :import_time, as: 'importTime'
|
382
399
|
property :name, as: 'name'
|
383
400
|
property :protection_level, as: 'protectionLevel'
|
401
|
+
property :reimport_eligible, as: 'reimportEligible'
|
384
402
|
property :state, as: 'state'
|
385
403
|
end
|
386
404
|
end
|
@@ -467,10 +485,27 @@ module Google
|
|
467
485
|
end
|
468
486
|
end
|
469
487
|
|
488
|
+
class GenerateRandomBytesRequest
|
489
|
+
# @private
|
490
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
491
|
+
property :length_bytes, as: 'lengthBytes'
|
492
|
+
property :protection_level, as: 'protectionLevel'
|
493
|
+
end
|
494
|
+
end
|
495
|
+
|
496
|
+
class GenerateRandomBytesResponse
|
497
|
+
# @private
|
498
|
+
class Representation < Google::Apis::Core::JsonRepresentation
|
499
|
+
property :data, :base64 => true, as: 'data'
|
500
|
+
property :data_crc32c, :numeric_string => true, as: 'dataCrc32c'
|
501
|
+
end
|
502
|
+
end
|
503
|
+
|
470
504
|
class ImportCryptoKeyVersionRequest
|
471
505
|
# @private
|
472
506
|
class Representation < Google::Apis::Core::JsonRepresentation
|
473
507
|
property :algorithm, as: 'algorithm'
|
508
|
+
property :crypto_key_version, as: 'cryptoKeyVersion'
|
474
509
|
property :import_job, as: 'importJob'
|
475
510
|
property :rsa_aes_wrapped_key, :base64 => true, as: 'rsaAesWrappedKey'
|
476
511
|
end
|
@@ -50,6 +50,41 @@ module Google
|
|
50
50
|
@batch_path = 'batch'
|
51
51
|
end
|
52
52
|
|
53
|
+
# Generate random bytes using the Cloud KMS randomness source in the provided
|
54
|
+
# location.
|
55
|
+
# @param [String] location
|
56
|
+
# The project-specific location in which to generate random bytes. For example, "
|
57
|
+
# projects/my-project/locations/us-central1".
|
58
|
+
# @param [Google::Apis::CloudkmsV1::GenerateRandomBytesRequest] generate_random_bytes_request_object
|
59
|
+
# @param [String] fields
|
60
|
+
# Selector specifying which fields to include in a partial response.
|
61
|
+
# @param [String] quota_user
|
62
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
63
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
64
|
+
# @param [Google::Apis::RequestOptions] options
|
65
|
+
# Request-specific options
|
66
|
+
#
|
67
|
+
# @yield [result, err] Result & error if block supplied
|
68
|
+
# @yieldparam result [Google::Apis::CloudkmsV1::GenerateRandomBytesResponse] parsed result object
|
69
|
+
# @yieldparam err [StandardError] error object if request failed
|
70
|
+
#
|
71
|
+
# @return [Google::Apis::CloudkmsV1::GenerateRandomBytesResponse]
|
72
|
+
#
|
73
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
74
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
75
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
76
|
+
def generate_location_random_bytes(location, generate_random_bytes_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
|
77
|
+
command = make_simple_command(:post, 'v1/{+location}:generateRandomBytes', options)
|
78
|
+
command.request_representation = Google::Apis::CloudkmsV1::GenerateRandomBytesRequest::Representation
|
79
|
+
command.request_object = generate_random_bytes_request_object
|
80
|
+
command.response_representation = Google::Apis::CloudkmsV1::GenerateRandomBytesResponse::Representation
|
81
|
+
command.response_class = Google::Apis::CloudkmsV1::GenerateRandomBytesResponse
|
82
|
+
command.params['location'] = location unless location.nil?
|
83
|
+
command.query['fields'] = fields unless fields.nil?
|
84
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
85
|
+
execute_or_queue_command(command, &block)
|
86
|
+
end
|
87
|
+
|
53
88
|
# Gets information about a location.
|
54
89
|
# @param [String] name
|
55
90
|
# Resource name for the location.
|
@@ -123,6 +158,124 @@ module Google
|
|
123
158
|
execute_or_queue_command(command, &block)
|
124
159
|
end
|
125
160
|
|
161
|
+
# Gets the access control policy for a resource. Returns an empty policy if the
|
162
|
+
# resource exists and does not have a policy set.
|
163
|
+
# @param [String] resource
|
164
|
+
# REQUIRED: The resource for which the policy is being requested. See the
|
165
|
+
# operation documentation for the appropriate value for this field.
|
166
|
+
# @param [Fixnum] options_requested_policy_version
|
167
|
+
# Optional. The maximum policy version that will be used to format the policy.
|
168
|
+
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
|
169
|
+
# rejected. Requests for policies with any conditional role bindings must
|
170
|
+
# specify version 3. Policies with no conditional role bindings may specify any
|
171
|
+
# valid value or leave the field unset. The policy in the response might use the
|
172
|
+
# policy version that you specified, or it might use a lower policy version. For
|
173
|
+
# example, if you specify version 3, but the policy has no conditional role
|
174
|
+
# bindings, the response uses version 1. To learn which resources support
|
175
|
+
# conditions in their IAM policies, see the [IAM documentation](https://cloud.
|
176
|
+
# google.com/iam/help/conditions/resource-policies).
|
177
|
+
# @param [String] fields
|
178
|
+
# Selector specifying which fields to include in a partial response.
|
179
|
+
# @param [String] quota_user
|
180
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
181
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
182
|
+
# @param [Google::Apis::RequestOptions] options
|
183
|
+
# Request-specific options
|
184
|
+
#
|
185
|
+
# @yield [result, err] Result & error if block supplied
|
186
|
+
# @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object
|
187
|
+
# @yieldparam err [StandardError] error object if request failed
|
188
|
+
#
|
189
|
+
# @return [Google::Apis::CloudkmsV1::Policy]
|
190
|
+
#
|
191
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
192
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
193
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
194
|
+
def get_project_location_ekm_connection_iam_policy(resource, options_requested_policy_version: nil, fields: nil, quota_user: nil, options: nil, &block)
|
195
|
+
command = make_simple_command(:get, 'v1/{+resource}:getIamPolicy', options)
|
196
|
+
command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation
|
197
|
+
command.response_class = Google::Apis::CloudkmsV1::Policy
|
198
|
+
command.params['resource'] = resource unless resource.nil?
|
199
|
+
command.query['options.requestedPolicyVersion'] = options_requested_policy_version unless options_requested_policy_version.nil?
|
200
|
+
command.query['fields'] = fields unless fields.nil?
|
201
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
202
|
+
execute_or_queue_command(command, &block)
|
203
|
+
end
|
204
|
+
|
205
|
+
# Sets the access control policy on the specified resource. Replaces any
|
206
|
+
# existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `
|
207
|
+
# PERMISSION_DENIED` errors.
|
208
|
+
# @param [String] resource
|
209
|
+
# REQUIRED: The resource for which the policy is being specified. See the
|
210
|
+
# operation documentation for the appropriate value for this field.
|
211
|
+
# @param [Google::Apis::CloudkmsV1::SetIamPolicyRequest] set_iam_policy_request_object
|
212
|
+
# @param [String] fields
|
213
|
+
# Selector specifying which fields to include in a partial response.
|
214
|
+
# @param [String] quota_user
|
215
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
216
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
217
|
+
# @param [Google::Apis::RequestOptions] options
|
218
|
+
# Request-specific options
|
219
|
+
#
|
220
|
+
# @yield [result, err] Result & error if block supplied
|
221
|
+
# @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object
|
222
|
+
# @yieldparam err [StandardError] error object if request failed
|
223
|
+
#
|
224
|
+
# @return [Google::Apis::CloudkmsV1::Policy]
|
225
|
+
#
|
226
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
227
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
228
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
229
|
+
def set_ekm_connection_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
|
230
|
+
command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options)
|
231
|
+
command.request_representation = Google::Apis::CloudkmsV1::SetIamPolicyRequest::Representation
|
232
|
+
command.request_object = set_iam_policy_request_object
|
233
|
+
command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation
|
234
|
+
command.response_class = Google::Apis::CloudkmsV1::Policy
|
235
|
+
command.params['resource'] = resource unless resource.nil?
|
236
|
+
command.query['fields'] = fields unless fields.nil?
|
237
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
238
|
+
execute_or_queue_command(command, &block)
|
239
|
+
end
|
240
|
+
|
241
|
+
# Returns permissions that a caller has on the specified resource. If the
|
242
|
+
# resource does not exist, this will return an empty set of permissions, not a `
|
243
|
+
# NOT_FOUND` error. Note: This operation is designed to be used for building
|
244
|
+
# permission-aware UIs and command-line tools, not for authorization checking.
|
245
|
+
# This operation may "fail open" without warning.
|
246
|
+
# @param [String] resource
|
247
|
+
# REQUIRED: The resource for which the policy detail is being requested. See the
|
248
|
+
# operation documentation for the appropriate value for this field.
|
249
|
+
# @param [Google::Apis::CloudkmsV1::TestIamPermissionsRequest] test_iam_permissions_request_object
|
250
|
+
# @param [String] fields
|
251
|
+
# Selector specifying which fields to include in a partial response.
|
252
|
+
# @param [String] quota_user
|
253
|
+
# Available to use for quota purposes for server-side applications. Can be any
|
254
|
+
# arbitrary string assigned to a user, but should not exceed 40 characters.
|
255
|
+
# @param [Google::Apis::RequestOptions] options
|
256
|
+
# Request-specific options
|
257
|
+
#
|
258
|
+
# @yield [result, err] Result & error if block supplied
|
259
|
+
# @yieldparam result [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] parsed result object
|
260
|
+
# @yieldparam err [StandardError] error object if request failed
|
261
|
+
#
|
262
|
+
# @return [Google::Apis::CloudkmsV1::TestIamPermissionsResponse]
|
263
|
+
#
|
264
|
+
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
|
265
|
+
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
|
266
|
+
# @raise [Google::Apis::AuthorizationError] Authorization is required
|
267
|
+
def test_ekm_connection_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
|
268
|
+
command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options)
|
269
|
+
command.request_representation = Google::Apis::CloudkmsV1::TestIamPermissionsRequest::Representation
|
270
|
+
command.request_object = test_iam_permissions_request_object
|
271
|
+
command.response_representation = Google::Apis::CloudkmsV1::TestIamPermissionsResponse::Representation
|
272
|
+
command.response_class = Google::Apis::CloudkmsV1::TestIamPermissionsResponse
|
273
|
+
command.params['resource'] = resource unless resource.nil?
|
274
|
+
command.query['fields'] = fields unless fields.nil?
|
275
|
+
command.query['quotaUser'] = quota_user unless quota_user.nil?
|
276
|
+
execute_or_queue_command(command, &block)
|
277
|
+
end
|
278
|
+
|
126
279
|
# Create a new KeyRing in a given Project and Location.
|
127
280
|
# @param [String] parent
|
128
281
|
# Required. The resource name of the location associated with the KeyRings, in
|
@@ -197,13 +350,16 @@ module Google
|
|
197
350
|
# REQUIRED: The resource for which the policy is being requested. See the
|
198
351
|
# operation documentation for the appropriate value for this field.
|
199
352
|
# @param [Fixnum] options_requested_policy_version
|
200
|
-
# Optional. The policy
|
201
|
-
# 3. Requests specifying an invalid value will be
|
202
|
-
# policies with any conditional bindings must
|
203
|
-
#
|
204
|
-
# field unset.
|
205
|
-
#
|
206
|
-
#
|
353
|
+
# Optional. The maximum policy version that will be used to format the policy.
|
354
|
+
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
|
355
|
+
# rejected. Requests for policies with any conditional role bindings must
|
356
|
+
# specify version 3. Policies with no conditional role bindings may specify any
|
357
|
+
# valid value or leave the field unset. The policy in the response might use the
|
358
|
+
# policy version that you specified, or it might use a lower policy version. For
|
359
|
+
# example, if you specify version 3, but the policy has no conditional role
|
360
|
+
# bindings, the response uses version 1. To learn which resources support
|
361
|
+
# conditions in their IAM policies, see the [IAM documentation](https://cloud.
|
362
|
+
# google.com/iam/help/conditions/resource-policies).
|
207
363
|
# @param [String] fields
|
208
364
|
# Selector specifying which fields to include in a partial response.
|
209
365
|
# @param [String] quota_user
|
@@ -509,13 +665,16 @@ module Google
|
|
509
665
|
# REQUIRED: The resource for which the policy is being requested. See the
|
510
666
|
# operation documentation for the appropriate value for this field.
|
511
667
|
# @param [Fixnum] options_requested_policy_version
|
512
|
-
# Optional. The policy
|
513
|
-
# 3. Requests specifying an invalid value will be
|
514
|
-
# policies with any conditional bindings must
|
515
|
-
#
|
516
|
-
# field unset.
|
517
|
-
#
|
518
|
-
#
|
668
|
+
# Optional. The maximum policy version that will be used to format the policy.
|
669
|
+
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
|
670
|
+
# rejected. Requests for policies with any conditional role bindings must
|
671
|
+
# specify version 3. Policies with no conditional role bindings may specify any
|
672
|
+
# valid value or leave the field unset. The policy in the response might use the
|
673
|
+
# policy version that you specified, or it might use a lower policy version. For
|
674
|
+
# example, if you specify version 3, but the policy has no conditional role
|
675
|
+
# bindings, the response uses version 1. To learn which resources support
|
676
|
+
# conditions in their IAM policies, see the [IAM documentation](https://cloud.
|
677
|
+
# google.com/iam/help/conditions/resource-policies).
|
519
678
|
# @param [String] fields
|
520
679
|
# Selector specifying which fields to include in a partial response.
|
521
680
|
# @param [String] quota_user
|
@@ -848,11 +1007,11 @@ module Google
|
|
848
1007
|
end
|
849
1008
|
|
850
1009
|
# Schedule a CryptoKeyVersion for destruction. Upon calling this method,
|
851
|
-
# CryptoKeyVersion.state will be set to DESTROY_SCHEDULED and destroy_time will
|
852
|
-
# be set to
|
853
|
-
#
|
854
|
-
# Before the destroy_time is reached,
|
855
|
-
# reverse the process.
|
1010
|
+
# CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and destroy_time will
|
1011
|
+
# be set to the time destroy_scheduled_duration in the future. At that time, the
|
1012
|
+
# state will automatically change to DESTROYED, and the key material will be
|
1013
|
+
# irrevocably destroyed. Before the destroy_time is reached,
|
1014
|
+
# RestoreCryptoKeyVersion may be called to reverse the process.
|
856
1015
|
# @param [String] name
|
857
1016
|
# Required. The resource name of the CryptoKeyVersion to destroy.
|
858
1017
|
# @param [Google::Apis::CloudkmsV1::DestroyCryptoKeyVersionRequest] destroy_crypto_key_version_request_object
|
@@ -946,11 +1105,14 @@ module Google
|
|
946
1105
|
execute_or_queue_command(command, &block)
|
947
1106
|
end
|
948
1107
|
|
949
|
-
#
|
950
|
-
#
|
951
|
-
#
|
1108
|
+
# Import wrapped key material into a CryptoKeyVersion. All requests must specify
|
1109
|
+
# a CryptoKey. If a CryptoKeyVersion is additionally specified in the request,
|
1110
|
+
# key material will be reimported into that version. Otherwise, a new version
|
1111
|
+
# will be created, and will be assigned the next sequential id within the
|
1112
|
+
# CryptoKey.
|
952
1113
|
# @param [String] parent
|
953
|
-
# Required. The name of the CryptoKey to be imported into.
|
1114
|
+
# Required. The name of the CryptoKey to be imported into. The create permission
|
1115
|
+
# is only required on this key when creating a new CryptoKeyVersion.
|
954
1116
|
# @param [Google::Apis::CloudkmsV1::ImportCryptoKeyVersionRequest] import_crypto_key_version_request_object
|
955
1117
|
# @param [String] fields
|
956
1118
|
# Selector specifying which fields to include in a partial response.
|
@@ -1252,13 +1414,16 @@ module Google
|
|
1252
1414
|
# REQUIRED: The resource for which the policy is being requested. See the
|
1253
1415
|
# operation documentation for the appropriate value for this field.
|
1254
1416
|
# @param [Fixnum] options_requested_policy_version
|
1255
|
-
# Optional. The policy
|
1256
|
-
# 3. Requests specifying an invalid value will be
|
1257
|
-
# policies with any conditional bindings must
|
1258
|
-
#
|
1259
|
-
# field unset.
|
1260
|
-
#
|
1261
|
-
#
|
1417
|
+
# Optional. The maximum policy version that will be used to format the policy.
|
1418
|
+
# Valid values are 0, 1, and 3. Requests specifying an invalid value will be
|
1419
|
+
# rejected. Requests for policies with any conditional role bindings must
|
1420
|
+
# specify version 3. Policies with no conditional role bindings may specify any
|
1421
|
+
# valid value or leave the field unset. The policy in the response might use the
|
1422
|
+
# policy version that you specified, or it might use a lower policy version. For
|
1423
|
+
# example, if you specify version 3, but the policy has no conditional role
|
1424
|
+
# bindings, the response uses version 1. To learn which resources support
|
1425
|
+
# conditions in their IAM policies, see the [IAM documentation](https://cloud.
|
1426
|
+
# google.com/iam/help/conditions/resource-policies).
|
1262
1427
|
# @param [String] fields
|
1263
1428
|
# Selector specifying which fields to include in a partial response.
|
1264
1429
|
# @param [String] quota_user
|
@@ -30,7 +30,7 @@ module Google
|
|
30
30
|
# This is NOT the gem version.
|
31
31
|
VERSION = 'V1'
|
32
32
|
|
33
|
-
# See, edit, configure, and delete your Google Cloud
|
33
|
+
# See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.
|
34
34
|
AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
|
35
35
|
|
36
36
|
# View and manage your keys and secrets stored in Cloud Key Management Service
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-apis-cloudkms_v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.15.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-12-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: google-apis-core
|
@@ -57,9 +57,9 @@ licenses:
|
|
57
57
|
- Apache-2.0
|
58
58
|
metadata:
|
59
59
|
bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
|
60
|
-
changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/
|
61
|
-
documentation_uri: https://googleapis.dev/ruby/google-apis-cloudkms_v1/v0.
|
62
|
-
source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/
|
60
|
+
changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-cloudkms_v1/CHANGELOG.md
|
61
|
+
documentation_uri: https://googleapis.dev/ruby/google-apis-cloudkms_v1/v0.15.0
|
62
|
+
source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-cloudkms_v1
|
63
63
|
post_install_message:
|
64
64
|
rdoc_options: []
|
65
65
|
require_paths:
|