google-apis-cloudkms_v1 0.8.0 → 0.12.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fbf7fbf2088b7400efdfcaed732ca593f6f0b1ba7be0d33032d2bf4a42fcbebd
-  data.tar.gz: 3965630ac00dc2166a366a29477921951dab71c73396ff45d33d0acb88b4faca
+  metadata.gz: 22e33d975c7d2ff654a7cf4f8086ed742ebd11ac2bfc2e407a3d13d0642c06a6
+  data.tar.gz: 2c66ff71bc9f2131c1ae7cf1e713c898e1647b491c7dc62212cf5bac6e876442
 SHA512:
-  metadata.gz: 96284c8553ae3459875dac66302c5f62231b71ecea042b7b85dc8e9907b841842588ee7b90ed68ceba53ef2c70c79e677d1e8e288b701a1a87848e6f0715938c
-  data.tar.gz: 9d8e21d3f91ee98f48b0a568ff39d4c84ec261825a3742502fc779955040d5a7aa0391a4ab55f0962725dfde9e7c4ea3af4192d93dca56b979406de80ea89f83
+  metadata.gz: da773c7442c88181ecfc374331909f685979a8166161fc51e5c420de02f8df201f56aabe69475ef8df1d3352e6eee33cd9800b46898ad49eb6eeefcdb38b4e03
+  data.tar.gz: d7d1e1f4dd0699ead1005a7651348f0f0e59ea2b631df7e8f5e8dde092448e53105b89dede38fe05451b30f4d5f9b4c8538d646b67367f20f7a8a02746a1ae8c

data/CHANGELOG.md

@@ -1,5 +1,22 @@
 # Release history for google-apis-cloudkms_v1
 
+### v0.12.0 (2021-09-01)
+
+* Regenerated from discovery document revision 20210820
+
+### v0.11.0 (2021-07-31)
+
+* Regenerated from discovery document revision 20210723
+
+### v0.10.0 (2021-07-14)
+
+* Regenerated from discovery document revision 20210702
+
+### v0.9.0 (2021-06-29)
+
+* Regenerated from discovery document revision 20210622
+* Regenerated using generator version 0.4.0
+
 ### v0.8.0 (2021-06-24)
 
 * Regenerated using generator version 0.3.0

data/lib/google/apis/cloudkms_v1/classes.rb

@@ -44,7 +44,7 @@ module Google
         # checksum. Note: This field is defined as int64 for reasons of compatibility
         # across different languages. However, it is a non-negative integer, which will
         # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
-        # that support this type. NOTE: This field is in Beta.
+        # that support this type.
         # Corresponds to the JSON property `ciphertextCrc32c`
         # @return [Fixnum]
         attr_accessor :ciphertext_crc32c
@@ -79,8 +79,7 @@ module Google
         # issue in your computation of the CRC32C checksum. Note: This field is defined
         # as int64 for reasons of compatibility across different languages. However, it
         # is a non-negative integer, which will never exceed 2^32-1, and can be safely
-        # downconverted to uint32 in languages that support this type. NOTE: This field
-        # is in Beta.
+        # downconverted to uint32 in languages that support this type.
         # Corresponds to the JSON property `plaintextCrc32c`
         # @return [Fixnum]
         attr_accessor :plaintext_crc32c
@@ -97,7 +96,7 @@ module Google
         # ciphertext_crc32c was left unset or that it was not delivered to
         # KeyManagementService. If you've set AsymmetricDecryptRequest.ciphertext_crc32c
         # but this field is still false, discard the response and perform a limited
-        # number of retries. NOTE: This field is in Beta.
+        # number of retries.
         # Corresponds to the JSON property `verifiedCiphertextCrc32c`
         # @return [Boolean]
         attr_accessor :verified_ciphertext_crc32c
@@ -135,8 +134,7 @@ module Google
         # computation of the CRC32C checksum. Note: This field is defined as int64 for
         # reasons of compatibility across different languages. However, it is a non-
         # negative integer, which will never exceed 2^32-1, and can be safely
-        # downconverted to uint32 in languages that support this type. NOTE: This field
-        # is in Beta.
+        # downconverted to uint32 in languages that support this type.
         # Corresponds to the JSON property `digestCrc32c`
         # @return [Fixnum]
         attr_accessor :digest_crc32c
@@ -157,8 +155,7 @@ module Google
         include Google::Apis::Core::Hashable
       
         # The resource name of the CryptoKeyVersion used for signing. Check this field
-        # to verify that the intended resource was used for signing. NOTE: This field is
-        # in Beta.
+        # to verify that the intended resource was used for signing.
         # Corresponds to the JSON property `name`
         # @return [String]
         attr_accessor :name
@@ -183,8 +180,7 @@ module Google
         # computation of the CRC32C checksum. Note: This field is defined as int64 for
         # reasons of compatibility across different languages. However, it is a non-
         # negative integer, which will never exceed 2^32-1, and can be safely
-        # downconverted to uint32 in languages that support this type. NOTE: This field
-        # is in Beta.
+        # downconverted to uint32 in languages that support this type.
         # Corresponds to the JSON property `signatureCrc32c`
         # @return [Fixnum]
         attr_accessor :signature_crc32c
@@ -195,7 +191,7 @@ module Google
         # AsymmetricSignRequest.digest_crc32c was left unset or that it was not
         # delivered to KeyManagementService. If you've set AsymmetricSignRequest.
         # digest_crc32c but this field is still false, discard the response and perform
-        # a limited number of retries. NOTE: This field is in Beta.
+        # a limited number of retries.
         # Corresponds to the JSON property `verifiedDigestCrc32c`
         # @return [Boolean]
         attr_accessor :verified_digest_crc32c
@@ -401,6 +397,19 @@ module Google
         # @return [String]
         attr_accessor :create_time
       
+        # Immutable. The period of time that versions of this key spend in the
+        # DESTROY_SCHEDULED state before transitioning to DESTROYED. If not specified at
+        # creation time, the default duration is 24 hours.
+        # Corresponds to the JSON property `destroyScheduledDuration`
+        # @return [String]
+        attr_accessor :destroy_scheduled_duration
+      
+        # Immutable. Whether this key may contain imported versions only.
+        # Corresponds to the JSON property `importOnly`
+        # @return [Boolean]
+        attr_accessor :import_only
+        alias_method :import_only?, :import_only
+      
         # Labels with user-defined metadata. For more information, see [Labeling Keys](
         # https://cloud.google.com/kms/docs/labeling-keys).
         # Corresponds to the JSON property `labels`
@@ -461,6 +470,8 @@ module Google
         # Update properties of this object
         def update!(**args)
           @create_time = args[:create_time] if args.key?(:create_time)
+          @destroy_scheduled_duration = args[:destroy_scheduled_duration] if args.key?(:destroy_scheduled_duration)
+          @import_only = args[:import_only] if args.key?(:import_only)
           @labels = args[:labels] if args.key?(:labels)
           @name = args[:name] if args.key?(:name)
           @next_rotation_time = args[:next_rotation_time] if args.key?(:next_rotation_time)
@@ -521,20 +532,20 @@ module Google
         # @return [String]
         attr_accessor :generate_time
       
-        # Output only. The root cause of an import failure. Only present if state is
-        # IMPORT_FAILED.
+        # Output only. The root cause of the most recent import failure. Only present if
+        # state is IMPORT_FAILED.
         # Corresponds to the JSON property `importFailureReason`
         # @return [String]
         attr_accessor :import_failure_reason
       
-        # Output only. The name of the ImportJob used to import this CryptoKeyVersion.
-        # Only present if the underlying key material was imported.
+        # Output only. The name of the ImportJob used in the most recent import of this
+        # CryptoKeyVersion. Only present if the underlying key material was imported.
         # Corresponds to the JSON property `importJob`
         # @return [String]
         attr_accessor :import_job
       
-        # Output only. The time at which this CryptoKeyVersion's key material was
-        # imported.
+        # Output only. The time at which this CryptoKeyVersion's key material was most
+        # recently imported.
         # Corresponds to the JSON property `importTime`
         # @return [String]
         attr_accessor :import_time
@@ -551,6 +562,14 @@ module Google
         # @return [String]
         attr_accessor :protection_level
       
+        # Output only. Whether or not this key version is eligible for reimport, by
+        # being specified as a target in ImportCryptoKeyVersionRequest.
+        # crypto_key_version.
+        # Corresponds to the JSON property `reimportEligible`
+        # @return [Boolean]
+        attr_accessor :reimport_eligible
+        alias_method :reimport_eligible?, :reimport_eligible
+      
         # The current state of the CryptoKeyVersion.
         # Corresponds to the JSON property `state`
         # @return [String]
@@ -574,6 +593,7 @@ module Google
           @import_time = args[:import_time] if args.key?(:import_time)
           @name = args[:name] if args.key?(:name)
           @protection_level = args[:protection_level] if args.key?(:protection_level)
+          @reimport_eligible = args[:reimport_eligible] if args.key?(:reimport_eligible)
           @state = args[:state] if args.key?(:state)
         end
       end
@@ -630,8 +650,7 @@ module Google
         # computation of the CRC32C checksum. Note: This field is defined as int64 for
         # reasons of compatibility across different languages. However, it is a non-
         # negative integer, which will never exceed 2^32-1, and can be safely
-        # downconverted to uint32 in languages that support this type. NOTE: This field
-        # is in Beta.
+        # downconverted to uint32 in languages that support this type.
         # Corresponds to the JSON property `additionalAuthenticatedDataCrc32c`
         # @return [Fixnum]
         attr_accessor :additional_authenticated_data_crc32c
@@ -652,7 +671,7 @@ module Google
         # the CRC32C checksum. Note: This field is defined as int64 for reasons of
         # compatibility across different languages. However, it is a non-negative
         # integer, which will never exceed 2^32-1, and can be safely downconverted to
-        # uint32 in languages that support this type. NOTE: This field is in Beta.
+        # uint32 in languages that support this type.
         # Corresponds to the JSON property `ciphertextCrc32c`
         # @return [Fixnum]
         attr_accessor :ciphertext_crc32c
@@ -691,7 +710,7 @@ module Google
         # This field is defined as int64 for reasons of compatibility across different
         # languages. However, it is a non-negative integer, which will never exceed 2^32-
         # 1, and can be safely downconverted to uint32 in languages that support this
-        # type. NOTE: This field is in Beta.
+        # type.
         # Corresponds to the JSON property `plaintextCrc32c`
         # @return [Fixnum]
         attr_accessor :plaintext_crc32c
@@ -792,8 +811,7 @@ module Google
         # computation of the CRC32C checksum. Note: This field is defined as int64 for
         # reasons of compatibility across different languages. However, it is a non-
         # negative integer, which will never exceed 2^32-1, and can be safely
-        # downconverted to uint32 in languages that support this type. NOTE: This field
-        # is in Beta.
+        # downconverted to uint32 in languages that support this type.
         # Corresponds to the JSON property `additionalAuthenticatedDataCrc32c`
         # @return [Fixnum]
         attr_accessor :additional_authenticated_data_crc32c
@@ -818,7 +836,7 @@ module Google
         # the CRC32C checksum. Note: This field is defined as int64 for reasons of
         # compatibility across different languages. However, it is a non-negative
         # integer, which will never exceed 2^32-1, and can be safely downconverted to
-        # uint32 in languages that support this type. NOTE: This field is in Beta.
+        # uint32 in languages that support this type.
         # Corresponds to the JSON property `plaintextCrc32c`
         # @return [Fixnum]
         attr_accessor :plaintext_crc32c
@@ -855,7 +873,7 @@ module Google
         # checksum. Note: This field is defined as int64 for reasons of compatibility
         # across different languages. However, it is a non-negative integer, which will
         # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
-        # that support this type. NOTE: This field is in Beta.
+        # that support this type.
         # Corresponds to the JSON property `ciphertextCrc32c`
         # @return [Fixnum]
         attr_accessor :ciphertext_crc32c
@@ -877,8 +895,7 @@ module Google
         # indicates either that EncryptRequest.additional_authenticated_data_crc32c was
         # left unset or that it was not delivered to KeyManagementService. If you've set
         # EncryptRequest.additional_authenticated_data_crc32c but this field is still
-        # false, discard the response and perform a limited number of retries. NOTE:
-        # This field is in Beta.
+        # false, discard the response and perform a limited number of retries.
         # Corresponds to the JSON property `verifiedAdditionalAuthenticatedDataCrc32c`
         # @return [Boolean]
         attr_accessor :verified_additional_authenticated_data_crc32c
@@ -890,7 +907,7 @@ module Google
         # either that EncryptRequest.plaintext_crc32c was left unset or that it was not
         # delivered to KeyManagementService. If you've set EncryptRequest.
         # plaintext_crc32c but this field is still false, discard the response and
-        # perform a limited number of retries. NOTE: This field is in Beta.
+        # perform a limited number of retries.
         # Corresponds to the JSON property `verifiedPlaintextCrc32c`
         # @return [Boolean]
         attr_accessor :verified_plaintext_crc32c
@@ -986,6 +1003,68 @@ module Google
         end
       end
       
+      # Request message for KeyManagementService.GenerateRandomBytes.
+      class GenerateRandomBytesRequest
+        include Google::Apis::Core::Hashable
+      
+        # The length in bytes of the amount of randomness to retrieve. Minimum 8 bytes,
+        # maximum 1024 bytes.
+        # Corresponds to the JSON property `lengthBytes`
+        # @return [Fixnum]
+        attr_accessor :length_bytes
+      
+        # The ProtectionLevel to use when generating the random data. Defaults to
+        # SOFTWARE.
+        # Corresponds to the JSON property `protectionLevel`
+        # @return [String]
+        attr_accessor :protection_level
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @length_bytes = args[:length_bytes] if args.key?(:length_bytes)
+          @protection_level = args[:protection_level] if args.key?(:protection_level)
+        end
+      end
+      
+      # Response message for KeyManagementService.GenerateRandomBytes.
+      class GenerateRandomBytesResponse
+        include Google::Apis::Core::Hashable
+      
+        # The generated data.
+        # Corresponds to the JSON property `data`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :data
+      
+        # Integrity verification field. A CRC32C checksum of the returned
+        # GenerateRandomBytesResponse.data. An integrity check of
+        # GenerateRandomBytesResponse.data can be performed by computing the CRC32C
+        # checksum of GenerateRandomBytesResponse.data and comparing your results to
+        # this field. Discard the response in case of non-matching checksum values, and
+        # perform a limited number of retries. A persistent mismatch may indicate an
+        # issue in your computation of the CRC32C checksum. Note: This field is defined
+        # as int64 for reasons of compatibility across different languages. However, it
+        # is a non-negative integer, which will never exceed 2^32-1, and can be safely
+        # downconverted to uint32 in languages that support this type.
+        # Corresponds to the JSON property `dataCrc32c`
+        # @return [Fixnum]
+        attr_accessor :data_crc32c
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @data = args[:data] if args.key?(:data)
+          @data_crc32c = args[:data_crc32c] if args.key?(:data_crc32c)
+        end
+      end
+      
       # Request message for KeyManagementService.ImportCryptoKeyVersion.
       class ImportCryptoKeyVersionRequest
         include Google::Apis::Core::Hashable
@@ -996,6 +1075,19 @@ module Google
         # @return [String]
         attr_accessor :algorithm
       
+        # Optional. The optional name of an existing CryptoKeyVersion to target for an
+        # import operation. If this field is not present, a new CryptoKeyVersion
+        # containing the supplied key material is created. If this field is present, the
+        # supplied key material is imported into the existing CryptoKeyVersion. To
+        # import into an existing CryptoKeyVersion, the CryptoKeyVersion must be a child
+        # of ImportCryptoKeyVersionRequest.parent, have been previously created via
+        # ImportCryptoKeyVersion, and be in DESTROYED or IMPORT_FAILED state. The key
+        # material and algorithm must match the previous CryptoKeyVersion exactly if the
+        # CryptoKeyVersion has ever contained key material.
+        # Corresponds to the JSON property `cryptoKeyVersion`
+        # @return [String]
+        attr_accessor :crypto_key_version
+      
         # Required. The name of the ImportJob that was used to wrap this key material.
         # Corresponds to the JSON property `importJob`
         # @return [String]
@@ -1023,6 +1115,7 @@ module Google
         # Update properties of this object
         def update!(**args)
           @algorithm = args[:algorithm] if args.key?(:algorithm)
+          @crypto_key_version = args[:crypto_key_version] if args.key?(:crypto_key_version)
           @import_job = args[:import_job] if args.key?(:import_job)
           @rsa_aes_wrapped_key = args[:rsa_aes_wrapped_key] if args.key?(:rsa_aes_wrapped_key)
         end
@@ -1416,6 +1509,232 @@ module Google
         end
       end
       
+      # Request message for KeyManagementService.MacSign.
+      class MacSignRequest
+        include Google::Apis::Core::Hashable
+      
+        # Required. The data to sign. The MAC tag is computed over this data field based
+        # on the specific algorithm.
+        # Corresponds to the JSON property `data`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :data
+      
+        # Optional. An optional CRC32C checksum of the MacSignRequest.data. If specified,
+        # KeyManagementService will verify the integrity of the received MacSignRequest.
+        # data using this checksum. KeyManagementService will report an error if the
+        # checksum verification fails. If you receive a checksum error, your client
+        # should verify that CRC32C(MacSignRequest.data) is equal to MacSignRequest.
+        # data_crc32c, and if so, perform a limited number of retries. A persistent
+        # mismatch may indicate an issue in your computation of the CRC32C checksum.
+        # Note: This field is defined as int64 for reasons of compatibility across
+        # different languages. However, it is a non-negative integer, which will never
+        # exceed 2^32-1, and can be safely downconverted to uint32 in languages that
+        # support this type.
+        # Corresponds to the JSON property `dataCrc32c`
+        # @return [Fixnum]
+        attr_accessor :data_crc32c
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @data = args[:data] if args.key?(:data)
+          @data_crc32c = args[:data_crc32c] if args.key?(:data_crc32c)
+        end
+      end
+      
+      # Response message for KeyManagementService.MacSign.
+      class MacSignResponse
+        include Google::Apis::Core::Hashable
+      
+        # The created signature.
+        # Corresponds to the JSON property `mac`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :mac
+      
+        # Integrity verification field. A CRC32C checksum of the returned
+        # MacSignResponse.mac. An integrity check of MacSignResponse.mac can be
+        # performed by computing the CRC32C checksum of MacSignResponse.mac and
+        # comparing your results to this field. Discard the response in case of non-
+        # matching checksum values, and perform a limited number of retries. A
+        # persistent mismatch may indicate an issue in your computation of the CRC32C
+        # checksum. Note: This field is defined as int64 for reasons of compatibility
+        # across different languages. However, it is a non-negative integer, which will
+        # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
+        # that support this type.
+        # Corresponds to the JSON property `macCrc32c`
+        # @return [Fixnum]
+        attr_accessor :mac_crc32c
+      
+        # The resource name of the CryptoKeyVersion used for signing. Check this field
+        # to verify that the intended resource was used for signing.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # The ProtectionLevel of the CryptoKeyVersion used for signing.
+        # Corresponds to the JSON property `protectionLevel`
+        # @return [String]
+        attr_accessor :protection_level
+      
+        # Integrity verification field. A flag indicating whether MacSignRequest.
+        # data_crc32c was received by KeyManagementService and used for the integrity
+        # verification of the data. A false value of this field indicates either that
+        # MacSignRequest.data_crc32c was left unset or that it was not delivered to
+        # KeyManagementService. If you've set MacSignRequest.data_crc32c but this field
+        # is still false, discard the response and perform a limited number of retries.
+        # Corresponds to the JSON property `verifiedDataCrc32c`
+        # @return [Boolean]
+        attr_accessor :verified_data_crc32c
+        alias_method :verified_data_crc32c?, :verified_data_crc32c
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @mac = args[:mac] if args.key?(:mac)
+          @mac_crc32c = args[:mac_crc32c] if args.key?(:mac_crc32c)
+          @name = args[:name] if args.key?(:name)
+          @protection_level = args[:protection_level] if args.key?(:protection_level)
+          @verified_data_crc32c = args[:verified_data_crc32c] if args.key?(:verified_data_crc32c)
+        end
+      end
+      
+      # Request message for KeyManagementService.MacVerify.
+      class MacVerifyRequest
+        include Google::Apis::Core::Hashable
+      
+        # Required. The data used previously as a MacSignRequest.data to generate the
+        # MAC tag.
+        # Corresponds to the JSON property `data`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :data
+      
+        # Optional. An optional CRC32C checksum of the MacVerifyRequest.data. If
+        # specified, KeyManagementService will verify the integrity of the received
+        # MacVerifyRequest.data using this checksum. KeyManagementService will report an
+        # error if the checksum verification fails. If you receive a checksum error,
+        # your client should verify that CRC32C(MacVerifyRequest.data) is equal to
+        # MacVerifyRequest.data_crc32c, and if so, perform a limited number of retries.
+        # A persistent mismatch may indicate an issue in your computation of the CRC32C
+        # checksum. Note: This field is defined as int64 for reasons of compatibility
+        # across different languages. However, it is a non-negative integer, which will
+        # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
+        # that support this type.
+        # Corresponds to the JSON property `dataCrc32c`
+        # @return [Fixnum]
+        attr_accessor :data_crc32c
+      
+        # Required. The signature to verify.
+        # Corresponds to the JSON property `mac`
+        # NOTE: Values are automatically base64 encoded/decoded in the client library.
+        # @return [String]
+        attr_accessor :mac
+      
+        # Optional. An optional CRC32C checksum of the MacVerifyRequest.mac. If
+        # specified, KeyManagementService will verify the integrity of the received
+        # MacVerifyRequest.mac using this checksum. KeyManagementService will report an
+        # error if the checksum verification fails. If you receive a checksum error,
+        # your client should verify that CRC32C(MacVerifyRequest.tag) is equal to
+        # MacVerifyRequest.mac_crc32c, and if so, perform a limited number of retries. A
+        # persistent mismatch may indicate an issue in your computation of the CRC32C
+        # checksum. Note: This field is defined as int64 for reasons of compatibility
+        # across different languages. However, it is a non-negative integer, which will
+        # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
+        # that support this type.
+        # Corresponds to the JSON property `macCrc32c`
+        # @return [Fixnum]
+        attr_accessor :mac_crc32c
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @data = args[:data] if args.key?(:data)
+          @data_crc32c = args[:data_crc32c] if args.key?(:data_crc32c)
+          @mac = args[:mac] if args.key?(:mac)
+          @mac_crc32c = args[:mac_crc32c] if args.key?(:mac_crc32c)
+        end
+      end
+      
+      # Response message for KeyManagementService.MacVerify.
+      class MacVerifyResponse
+        include Google::Apis::Core::Hashable
+      
+        # The resource name of the CryptoKeyVersion used for verification. Check this
+        # field to verify that the intended resource was used for verification.
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # The ProtectionLevel of the CryptoKeyVersion used for verification.
+        # Corresponds to the JSON property `protectionLevel`
+        # @return [String]
+        attr_accessor :protection_level
+      
+        # This field indicates whether or not the verification operation for
+        # MacVerifyRequest.mac over MacVerifyRequest.data was successful.
+        # Corresponds to the JSON property `success`
+        # @return [Boolean]
+        attr_accessor :success
+        alias_method :success?, :success
+      
+        # Integrity verification field. A flag indicating whether MacVerifyRequest.
+        # data_crc32c was received by KeyManagementService and used for the integrity
+        # verification of the data. A false value of this field indicates either that
+        # MacVerifyRequest.data_crc32c was left unset or that it was not delivered to
+        # KeyManagementService. If you've set MacVerifyRequest.data_crc32c but this
+        # field is still false, discard the response and perform a limited number of
+        # retries.
+        # Corresponds to the JSON property `verifiedDataCrc32c`
+        # @return [Boolean]
+        attr_accessor :verified_data_crc32c
+        alias_method :verified_data_crc32c?, :verified_data_crc32c
+      
+        # Integrity verification field. A flag indicating whether MacVerifyRequest.
+        # mac_crc32c was received by KeyManagementService and used for the integrity
+        # verification of the data. A false value of this field indicates either that
+        # MacVerifyRequest.mac_crc32c was left unset or that it was not delivered to
+        # KeyManagementService. If you've set MacVerifyRequest.mac_crc32c but this field
+        # is still false, discard the response and perform a limited number of retries.
+        # Corresponds to the JSON property `verifiedMacCrc32c`
+        # @return [Boolean]
+        attr_accessor :verified_mac_crc32c
+        alias_method :verified_mac_crc32c?, :verified_mac_crc32c
+      
+        # Integrity verification field. This value is used for the integrity
+        # verification of [MacVerifyResponse.success]. If the value of this field
+        # contradicts the value of [MacVerifyResponse.success], discard the response and
+        # perform a limited number of retries.
+        # Corresponds to the JSON property `verifiedSuccessIntegrity`
+        # @return [Boolean]
+        attr_accessor :verified_success_integrity
+        alias_method :verified_success_integrity?, :verified_success_integrity
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+          @protection_level = args[:protection_level] if args.key?(:protection_level)
+          @success = args[:success] if args.key?(:success)
+          @verified_data_crc32c = args[:verified_data_crc32c] if args.key?(:verified_data_crc32c)
+          @verified_mac_crc32c = args[:verified_mac_crc32c] if args.key?(:verified_mac_crc32c)
+          @verified_success_integrity = args[:verified_success_integrity] if args.key?(:verified_success_integrity)
+        end
+      end
+      
       # An Identity and Access Management (IAM) policy, which specifies access
       # controls for Google Cloud resources. A `Policy` is a collection of `bindings`.
       # A `binding` binds one or more `members` to a single `role`. Members can be
@@ -1440,7 +1759,7 @@ module Google
       # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
       # roles/resourcemanager.organizationViewer condition: title: expirable access
       # description: Does not grant access after Sep 2020 expression: request.time <
-      # timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a
+      # timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a
       # description of IAM and its features, see the [IAM documentation](https://cloud.
       # google.com/iam/docs/).
       class Policy
@@ -1603,7 +1922,7 @@ module Google
         # resourcemanager.organizationAdmin - members: - user:eve@example.com role:
         # roles/resourcemanager.organizationViewer condition: title: expirable access
         # description: Does not grant access after Sep 2020 expression: request.time <
-        # timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a
+        # timestamp('2020-10-01T00:00:00.000Z') etag: BwWWja0YfJA= version: 3 For a
         # description of IAM and its features, see the [IAM documentation](https://cloud.
         # google.com/iam/docs/).
         # Corresponds to the JSON property `policy`

data/lib/google/apis/cloudkms_v1/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module CloudkmsV1
       # Version of the google-apis-cloudkms_v1 gem
-      GEM_VERSION = "0.8.0"
+      GEM_VERSION = "0.12.0"
 
       # Version of the code generator used to generate this client
-      GENERATOR_VERSION = "0.3.0"
+      GENERATOR_VERSION = "0.4.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20210522"
+      REVISION = "20210820"
     end
   end
 end

data/lib/google/apis/cloudkms_v1/representations.rb

@@ -136,6 +136,18 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class GenerateRandomBytesRequest
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class GenerateRandomBytesResponse
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class ImportCryptoKeyVersionRequest
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -202,6 +214,30 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class MacSignRequest
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class MacSignResponse
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class MacVerifyRequest
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class MacVerifyResponse
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class Policy
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -328,6 +364,8 @@ module Google
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
           property :create_time, as: 'createTime'
+          property :destroy_scheduled_duration, as: 'destroyScheduledDuration'
+          property :import_only, as: 'importOnly'
           hash :labels, as: 'labels'
           property :name, as: 'name'
           property :next_rotation_time, as: 'nextRotationTime'
@@ -357,6 +395,7 @@ module Google
           property :import_time, as: 'importTime'
           property :name, as: 'name'
           property :protection_level, as: 'protectionLevel'
+          property :reimport_eligible, as: 'reimportEligible'
           property :state, as: 'state'
         end
       end
@@ -443,10 +482,27 @@ module Google
         end
       end
       
+      class GenerateRandomBytesRequest
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :length_bytes, as: 'lengthBytes'
+          property :protection_level, as: 'protectionLevel'
+        end
+      end
+      
+      class GenerateRandomBytesResponse
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :data, :base64 => true, as: 'data'
+          property :data_crc32c, :numeric_string => true, as: 'dataCrc32c'
+        end
+      end
+      
       class ImportCryptoKeyVersionRequest
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
           property :algorithm, as: 'algorithm'
+          property :crypto_key_version, as: 'cryptoKeyVersion'
           property :import_job, as: 'importJob'
           property :rsa_aes_wrapped_key, :base64 => true, as: 'rsaAesWrappedKey'
         end
@@ -556,6 +612,47 @@ module Google
         end
       end
       
+      class MacSignRequest
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :data, :base64 => true, as: 'data'
+          property :data_crc32c, :numeric_string => true, as: 'dataCrc32c'
+        end
+      end
+      
+      class MacSignResponse
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :mac, :base64 => true, as: 'mac'
+          property :mac_crc32c, :numeric_string => true, as: 'macCrc32c'
+          property :name, as: 'name'
+          property :protection_level, as: 'protectionLevel'
+          property :verified_data_crc32c, as: 'verifiedDataCrc32c'
+        end
+      end
+      
+      class MacVerifyRequest
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :data, :base64 => true, as: 'data'
+          property :data_crc32c, :numeric_string => true, as: 'dataCrc32c'
+          property :mac, :base64 => true, as: 'mac'
+          property :mac_crc32c, :numeric_string => true, as: 'macCrc32c'
+        end
+      end
+      
+      class MacVerifyResponse
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :name, as: 'name'
+          property :protection_level, as: 'protectionLevel'
+          property :success, as: 'success'
+          property :verified_data_crc32c, as: 'verifiedDataCrc32c'
+          property :verified_mac_crc32c, as: 'verifiedMacCrc32c'
+          property :verified_success_integrity, as: 'verifiedSuccessIntegrity'
+        end
+      end
+      
       class Policy
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation

data/lib/google/apis/cloudkms_v1/service.rb

@@ -50,6 +50,41 @@ module Google
           @batch_path = 'batch'
         end
         
+        # Generate random bytes using the Cloud KMS randomness source in the provided
+        # location.
+        # @param [String] location
+        #   The project-specific location in which to generate random bytes. For example, "
+        #   projects/my-project/locations/us-central1".
+        # @param [Google::Apis::CloudkmsV1::GenerateRandomBytesRequest] generate_random_bytes_request_object
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::CloudkmsV1::GenerateRandomBytesResponse] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::CloudkmsV1::GenerateRandomBytesResponse]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def generate_location_random_bytes(location, generate_random_bytes_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:post, 'v1/{+location}:generateRandomBytes', options)
+          command.request_representation = Google::Apis::CloudkmsV1::GenerateRandomBytesRequest::Representation
+          command.request_object = generate_random_bytes_request_object
+          command.response_representation = Google::Apis::CloudkmsV1::GenerateRandomBytesResponse::Representation
+          command.response_class = Google::Apis::CloudkmsV1::GenerateRandomBytesResponse
+          command.params['location'] = location unless location.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
         # Gets information about a location.
         # @param [String] name
         #   Resource name for the location.
@@ -848,11 +883,11 @@ module Google
         end
         
         # Schedule a CryptoKeyVersion for destruction. Upon calling this method,
-        # CryptoKeyVersion.state will be set to DESTROY_SCHEDULED and destroy_time will
-        # be set to a time 24 hours in the future, at which point the state will be
-        # changed to DESTROYED, and the key material will be irrevocably destroyed.
-        # Before the destroy_time is reached, RestoreCryptoKeyVersion may be called to
-        # reverse the process.
+        # CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and destroy_time will
+        # be set to the time destroy_scheduled_duration in the future. At that time, the
+        # state will automatically change to DESTROYED, and the key material will be
+        # irrevocably destroyed. Before the destroy_time is reached,
+        # RestoreCryptoKeyVersion may be called to reverse the process.
         # @param [String] name
         #   Required. The resource name of the CryptoKeyVersion to destroy.
         # @param [Google::Apis::CloudkmsV1::DestroyCryptoKeyVersionRequest] destroy_crypto_key_version_request_object
@@ -946,11 +981,14 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
-        # Imports a new CryptoKeyVersion into an existing CryptoKey using the wrapped
-        # key material provided in the request. The version ID will be assigned the next
-        # sequential id within the CryptoKey.
+        # Import wrapped key material into a CryptoKeyVersion. All requests must specify
+        # a CryptoKey. If a CryptoKeyVersion is additionally specified in the request,
+        # key material will be reimported into that version. Otherwise, a new version
+        # will be created, and will be assigned the next sequential id within the
+        # CryptoKey.
         # @param [String] parent
-        #   Required. The name of the CryptoKey to be imported into.
+        #   Required. The name of the CryptoKey to be imported into. The create permission
+        #   is only required on this key when creating a new CryptoKeyVersion.
         # @param [Google::Apis::CloudkmsV1::ImportCryptoKeyVersionRequest] import_crypto_key_version_request_object
         # @param [String] fields
         #   Selector specifying which fields to include in a partial response.
@@ -1036,6 +1074,75 @@ module Google
           execute_or_queue_command(command, &block)
         end
         
+        # Signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, producing a
+        # tag that can be verified by another source with the same key.
+        # @param [String] name
+        #   Required. The resource name of the CryptoKeyVersion to use for signing.
+        # @param [Google::Apis::CloudkmsV1::MacSignRequest] mac_sign_request_object
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::CloudkmsV1::MacSignResponse] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::CloudkmsV1::MacSignResponse]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def mac_crypto_key_version_sign(name, mac_sign_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:post, 'v1/{+name}:macSign', options)
+          command.request_representation = Google::Apis::CloudkmsV1::MacSignRequest::Representation
+          command.request_object = mac_sign_request_object
+          command.response_representation = Google::Apis::CloudkmsV1::MacSignResponse::Representation
+          command.response_class = Google::Apis::CloudkmsV1::MacSignResponse
+          command.params['name'] = name unless name.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
+        # Verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, and
+        # returns a response that indicates whether or not the verification was
+        # successful.
+        # @param [String] name
+        #   Required. The resource name of the CryptoKeyVersion to use for verification.
+        # @param [Google::Apis::CloudkmsV1::MacVerifyRequest] mac_verify_request_object
+        # @param [String] fields
+        #   Selector specifying which fields to include in a partial response.
+        # @param [String] quota_user
+        #   Available to use for quota purposes for server-side applications. Can be any
+        #   arbitrary string assigned to a user, but should not exceed 40 characters.
+        # @param [Google::Apis::RequestOptions] options
+        #   Request-specific options
+        #
+        # @yield [result, err] Result & error if block supplied
+        # @yieldparam result [Google::Apis::CloudkmsV1::MacVerifyResponse] parsed result object
+        # @yieldparam err [StandardError] error object if request failed
+        #
+        # @return [Google::Apis::CloudkmsV1::MacVerifyResponse]
+        #
+        # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
+        # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
+        # @raise [Google::Apis::AuthorizationError] Authorization is required
+        def mac_crypto_key_version_verify(name, mac_verify_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
+          command = make_simple_command(:post, 'v1/{+name}:macVerify', options)
+          command.request_representation = Google::Apis::CloudkmsV1::MacVerifyRequest::Representation
+          command.request_object = mac_verify_request_object
+          command.response_representation = Google::Apis::CloudkmsV1::MacVerifyResponse::Representation
+          command.response_class = Google::Apis::CloudkmsV1::MacVerifyResponse
+          command.params['name'] = name unless name.nil?
+          command.query['fields'] = fields unless fields.nil?
+          command.query['quotaUser'] = quota_user unless quota_user.nil?
+          execute_or_queue_command(command, &block)
+        end
+        
         # Update a CryptoKeyVersion's metadata. state may be changed between ENABLED and
         # DISABLED using this method. See DestroyCryptoKeyVersion and
         # RestoreCryptoKeyVersion to move between other states.

data/lib/google/apis/cloudkms_v1.rb

@@ -30,7 +30,7 @@ module Google
       # This is NOT the gem version.
       VERSION = 'V1'
 
-      # See, edit, configure, and delete your Google Cloud Platform data
+      # See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.
       AUTH_CLOUD_PLATFORM = 'https://www.googleapis.com/auth/cloud-platform'
 
       # View and manage your keys and secrets stored in Cloud Key Management Service

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-apis-cloudkms_v1
 version: !ruby/object:Gem::Version
-  version: 0.8.0
+  version: 0.12.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-06-28 00:00:00.000000000 Z
+date: 2021-09-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: google-apis-core
@@ -16,7 +16,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.3'
+        version: '0.4'
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -26,7 +26,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.3'
+        version: '0.4'
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -58,7 +58,7 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
   changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/master/generated/google-apis-cloudkms_v1/CHANGELOG.md
-  documentation_uri: https://googleapis.dev/ruby/google-apis-cloudkms_v1/v0.8.0
+  documentation_uri: https://googleapis.dev/ruby/google-apis-cloudkms_v1/v0.12.0
   source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/master/generated/google-apis-cloudkms_v1
 post_install_message: 
 rdoc_options: []