google-cloud-kms-inventory-v1 0.17.0 → 0.18.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/google/cloud/kms/inventory/v1/key_dashboard_service_pb.rb +1 -1
- data/lib/google/cloud/kms/inventory/v1/key_tracking_service/client.rb +24 -8
- data/lib/google/cloud/kms/inventory/v1/key_tracking_service/paths.rb +14 -0
- data/lib/google/cloud/kms/inventory/v1/key_tracking_service/rest/client.rb +24 -8
- data/lib/google/cloud/kms/inventory/v1/key_tracking_service/rest/service_stub.rb +7 -0
- data/lib/google/cloud/kms/inventory/v1/key_tracking_service_pb.rb +4 -1
- data/lib/google/cloud/kms/inventory/v1/key_tracking_service_services_pb.rb +12 -5
- data/lib/google/cloud/kms/inventory/v1/version.rb +1 -1
- data/proto_docs/google/cloud/kms/inventory/v1/key_tracking_service.rb +69 -3
- data/proto_docs/google/cloud/kms/v1/resources.rb +54 -2
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d29fecfa64a3d5f43226287695c6a57079596966f52dd8fad9fd7f36a55c0c61
|
|
4
|
+
data.tar.gz: 67922d5676aeec57c0bc46f82ffad9bb2acda4e7f43754a8f974dfc39c77b7fe
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 06e0c5039fac0130f473f35f7690c95b3f4df447e44d5310f2d7ad9629c4aae65f66356b4cb6043b2fa332bef1c78da0cc0e508506aaa3829546aa784e9e7285
|
|
7
|
+
data.tar.gz: 10756d0856fb8efd6bb7f9e035b7f285a35bcdf83ebba1da9c8415b5843517113def6f57db6ef01e0229f5bcd4a5217325373d85e63fccdcae112c9172fb4d52
|
|
@@ -11,7 +11,7 @@ require 'google/api/resource_pb'
|
|
|
11
11
|
require 'google/cloud/kms/v1/resources_pb'
|
|
12
12
|
|
|
13
13
|
|
|
14
|
-
descriptor_data = "\n9google/cloud/kms/inventory/v1/key_dashboard_service.proto\x12\x1dgoogle.cloud.kms.inventory.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a#google/cloud/kms/v1/resources.proto\"\x8d\x01\n\x15ListCryptoKeysRequest\x12\x43\n\x06parent\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+cloudresourcemanager.googleapis.com/Project\x12\x16\n\tpage_size\x18\x02 \x01(\x05\x42\x03\xe0\x41\x01\x12\x17\n\npage_token\x18\x03 \x01(\tB\x03\xe0\x41\x01\"f\n\x16ListCryptoKeysResponse\x12\x33\n\x0b\x63rypto_keys\x18\x01 \x03(\x0b\x32\x1e.google.cloud.kms.v1.CryptoKey\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t2\x9b\x02\n\x13KeyDashboardService\x12\xb2\x01\n\x0eListCryptoKeys\x12\x34.google.cloud.kms.inventory.v1.ListCryptoKeysRequest\x1a\x35.google.cloud.kms.inventory.v1.ListCryptoKeysResponse\"3\xda\x41\x06parent\x82\xd3\xe4\x93\x02$\x12\"/v1/{parent=projects/*}/cryptoKeys\x1aO\xca\x41\x1bkmsinventory.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\
|
|
14
|
+
descriptor_data = "\n9google/cloud/kms/inventory/v1/key_dashboard_service.proto\x12\x1dgoogle.cloud.kms.inventory.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a#google/cloud/kms/v1/resources.proto\"\x8d\x01\n\x15ListCryptoKeysRequest\x12\x43\n\x06parent\x18\x01 \x01(\tB3\xe0\x41\x02\xfa\x41-\n+cloudresourcemanager.googleapis.com/Project\x12\x16\n\tpage_size\x18\x02 \x01(\x05\x42\x03\xe0\x41\x01\x12\x17\n\npage_token\x18\x03 \x01(\tB\x03\xe0\x41\x01\"f\n\x16ListCryptoKeysResponse\x12\x33\n\x0b\x63rypto_keys\x18\x01 \x03(\x0b\x32\x1e.google.cloud.kms.v1.CryptoKey\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t2\x9b\x02\n\x13KeyDashboardService\x12\xb2\x01\n\x0eListCryptoKeys\x12\x34.google.cloud.kms.inventory.v1.ListCryptoKeysRequest\x1a\x35.google.cloud.kms.inventory.v1.ListCryptoKeysResponse\"3\xda\x41\x06parent\x82\xd3\xe4\x93\x02$\x12\"/v1/{parent=projects/*}/cryptoKeys\x1aO\xca\x41\x1bkmsinventory.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\xc0\x01\n!com.google.cloud.kms.inventory.v1B\x18KeyDashboardServiceProtoP\x01Z?cloud.google.com/go/kms/inventory/apiv1/inventorypb;inventorypb\xaa\x02\x1dGoogle.Cloud.Kms.Inventory.V1\xca\x02\x1dGoogle\\Cloud\\Kms\\Inventory\\V1b\x06proto3"
|
|
15
15
|
|
|
16
16
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
17
17
|
|
|
@@ -191,10 +191,16 @@ module Google
|
|
|
191
191
|
|
|
192
192
|
##
|
|
193
193
|
# Returns aggregate information about the resources protected by the given
|
|
194
|
-
# Cloud KMS {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
|
|
195
|
-
# the same Cloud organization as the key will be
|
|
196
|
-
#
|
|
197
|
-
#
|
|
194
|
+
# Cloud KMS {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}. By default,
|
|
195
|
+
# summary of resources within the same Cloud organization as the key will be
|
|
196
|
+
# returned, which requires the KMS organization service account to be
|
|
197
|
+
# configured(refer
|
|
198
|
+
# https://docs.cloud.google.com/kms/docs/view-key-usage#required-roles).
|
|
199
|
+
# If the KMS organization service account is not configured or key's project
|
|
200
|
+
# is not part of an organization, set
|
|
201
|
+
# {::Google::Cloud::Kms::Inventory::V1::GetProtectedResourcesSummaryRequest#fallback_scope fallback_scope}
|
|
202
|
+
# to `FALLBACK_SCOPE_PROJECT` to retrieve a summary of protected resources
|
|
203
|
+
# within the key's project.
|
|
198
204
|
#
|
|
199
205
|
# @overload get_protected_resources_summary(request, options = nil)
|
|
200
206
|
# Pass arguments to `get_protected_resources_summary` via a request object, either of type
|
|
@@ -206,7 +212,7 @@ module Google
|
|
|
206
212
|
# @param options [::Gapic::CallOptions, ::Hash]
|
|
207
213
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
|
208
214
|
#
|
|
209
|
-
# @overload get_protected_resources_summary(name: nil)
|
|
215
|
+
# @overload get_protected_resources_summary(name: nil, fallback_scope: nil)
|
|
210
216
|
# Pass arguments to `get_protected_resources_summary` via keyword arguments. Note that at
|
|
211
217
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
212
218
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
@@ -214,6 +220,9 @@ module Google
|
|
|
214
220
|
# @param name [::String]
|
|
215
221
|
# Required. The resource name of the
|
|
216
222
|
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
|
|
223
|
+
# @param fallback_scope [::Google::Cloud::Kms::Inventory::V1::FallbackScope]
|
|
224
|
+
# Optional. The scope to use if the kms organization service account is not
|
|
225
|
+
# configured.
|
|
217
226
|
#
|
|
218
227
|
# @yield [response, operation] Access the result along with the RPC operation
|
|
219
228
|
# @yieldparam response [::Google::Cloud::Kms::Inventory::V1::ProtectedResourcesSummary]
|
|
@@ -281,7 +290,8 @@ module Google
|
|
|
281
290
|
|
|
282
291
|
##
|
|
283
292
|
# Returns metadata about the resources protected by the given Cloud KMS
|
|
284
|
-
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} in the given Cloud
|
|
293
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} in the given Cloud
|
|
294
|
+
# organization/project.
|
|
285
295
|
#
|
|
286
296
|
# @overload search_protected_resources(request, options = nil)
|
|
287
297
|
# Pass arguments to `search_protected_resources` via a request object, either of type
|
|
@@ -299,8 +309,14 @@ module Google
|
|
|
299
309
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
300
310
|
#
|
|
301
311
|
# @param scope [::String]
|
|
302
|
-
# Required.
|
|
303
|
-
#
|
|
312
|
+
# Required. A scope can be an organization or a project. Resources protected
|
|
313
|
+
# by the crypto key in provided scope will be returned.
|
|
314
|
+
#
|
|
315
|
+
# The following values are allowed:
|
|
316
|
+
#
|
|
317
|
+
# * organizations/\\{ORGANIZATION_NUMBER} (e.g., "organizations/12345678")
|
|
318
|
+
# * projects/\\{PROJECT_ID} (e.g., "projects/foo-bar")
|
|
319
|
+
# * projects/\\{PROJECT_NUMBER} (e.g., "projects/12345678")
|
|
304
320
|
# @param crypto_key [::String]
|
|
305
321
|
# Required. The resource name of the
|
|
306
322
|
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
|
|
@@ -39,6 +39,20 @@ module Google
|
|
|
39
39
|
"organizations/#{organization}"
|
|
40
40
|
end
|
|
41
41
|
|
|
42
|
+
##
|
|
43
|
+
# Create a fully-qualified Project resource string.
|
|
44
|
+
#
|
|
45
|
+
# The resource will be in the following format:
|
|
46
|
+
#
|
|
47
|
+
# `projects/{project}`
|
|
48
|
+
#
|
|
49
|
+
# @param project [String]
|
|
50
|
+
#
|
|
51
|
+
# @return [::String]
|
|
52
|
+
def project_path project:
|
|
53
|
+
"projects/#{project}"
|
|
54
|
+
end
|
|
55
|
+
|
|
42
56
|
##
|
|
43
57
|
# Create a fully-qualified ProtectedResourcesSummary resource string.
|
|
44
58
|
#
|
|
@@ -184,10 +184,16 @@ module Google
|
|
|
184
184
|
|
|
185
185
|
##
|
|
186
186
|
# Returns aggregate information about the resources protected by the given
|
|
187
|
-
# Cloud KMS {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
|
|
188
|
-
# the same Cloud organization as the key will be
|
|
189
|
-
#
|
|
190
|
-
#
|
|
187
|
+
# Cloud KMS {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}. By default,
|
|
188
|
+
# summary of resources within the same Cloud organization as the key will be
|
|
189
|
+
# returned, which requires the KMS organization service account to be
|
|
190
|
+
# configured(refer
|
|
191
|
+
# https://docs.cloud.google.com/kms/docs/view-key-usage#required-roles).
|
|
192
|
+
# If the KMS organization service account is not configured or key's project
|
|
193
|
+
# is not part of an organization, set
|
|
194
|
+
# {::Google::Cloud::Kms::Inventory::V1::GetProtectedResourcesSummaryRequest#fallback_scope fallback_scope}
|
|
195
|
+
# to `FALLBACK_SCOPE_PROJECT` to retrieve a summary of protected resources
|
|
196
|
+
# within the key's project.
|
|
191
197
|
#
|
|
192
198
|
# @overload get_protected_resources_summary(request, options = nil)
|
|
193
199
|
# Pass arguments to `get_protected_resources_summary` via a request object, either of type
|
|
@@ -199,7 +205,7 @@ module Google
|
|
|
199
205
|
# @param options [::Gapic::CallOptions, ::Hash]
|
|
200
206
|
# Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
|
|
201
207
|
#
|
|
202
|
-
# @overload get_protected_resources_summary(name: nil)
|
|
208
|
+
# @overload get_protected_resources_summary(name: nil, fallback_scope: nil)
|
|
203
209
|
# Pass arguments to `get_protected_resources_summary` via keyword arguments. Note that at
|
|
204
210
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
|
205
211
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
@@ -207,6 +213,9 @@ module Google
|
|
|
207
213
|
# @param name [::String]
|
|
208
214
|
# Required. The resource name of the
|
|
209
215
|
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
|
|
216
|
+
# @param fallback_scope [::Google::Cloud::Kms::Inventory::V1::FallbackScope]
|
|
217
|
+
# Optional. The scope to use if the kms organization service account is not
|
|
218
|
+
# configured.
|
|
210
219
|
# @yield [result, operation] Access the result along with the TransportOperation object
|
|
211
220
|
# @yieldparam result [::Google::Cloud::Kms::Inventory::V1::ProtectedResourcesSummary]
|
|
212
221
|
# @yieldparam operation [::Gapic::Rest::TransportOperation]
|
|
@@ -267,7 +276,8 @@ module Google
|
|
|
267
276
|
|
|
268
277
|
##
|
|
269
278
|
# Returns metadata about the resources protected by the given Cloud KMS
|
|
270
|
-
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} in the given Cloud
|
|
279
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} in the given Cloud
|
|
280
|
+
# organization/project.
|
|
271
281
|
#
|
|
272
282
|
# @overload search_protected_resources(request, options = nil)
|
|
273
283
|
# Pass arguments to `search_protected_resources` via a request object, either of type
|
|
@@ -285,8 +295,14 @@ module Google
|
|
|
285
295
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
|
286
296
|
#
|
|
287
297
|
# @param scope [::String]
|
|
288
|
-
# Required.
|
|
289
|
-
#
|
|
298
|
+
# Required. A scope can be an organization or a project. Resources protected
|
|
299
|
+
# by the crypto key in provided scope will be returned.
|
|
300
|
+
#
|
|
301
|
+
# The following values are allowed:
|
|
302
|
+
#
|
|
303
|
+
# * organizations/\\{ORGANIZATION_NUMBER} (e.g., "organizations/12345678")
|
|
304
|
+
# * projects/\\{PROJECT_ID} (e.g., "projects/foo-bar")
|
|
305
|
+
# * projects/\\{PROJECT_NUMBER} (e.g., "projects/12345678")
|
|
290
306
|
# @param crypto_key [::String]
|
|
291
307
|
# Required. The resource name of the
|
|
292
308
|
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
|
|
@@ -193,6 +193,13 @@ module Google
|
|
|
193
193
|
["scope", %r{^organizations/[^/]+/?$}, false]
|
|
194
194
|
]
|
|
195
195
|
)
|
|
196
|
+
.with_bindings(
|
|
197
|
+
uri_method: :get,
|
|
198
|
+
uri_template: "/v1/{scope}/protectedResources:search",
|
|
199
|
+
matches: [
|
|
200
|
+
["scope", %r{^projects/[^/]+/?$}, false]
|
|
201
|
+
]
|
|
202
|
+
)
|
|
196
203
|
transcoder.transcode request_pb
|
|
197
204
|
end
|
|
198
205
|
end
|
|
@@ -11,7 +11,7 @@ require 'google/api/resource_pb'
|
|
|
11
11
|
require 'google/protobuf/timestamp_pb'
|
|
12
12
|
|
|
13
13
|
|
|
14
|
-
descriptor_data = "\n8google/cloud/kms/inventory/v1/key_tracking_service.proto\x12\x1dgoogle.cloud.kms.inventory.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"
|
|
14
|
+
descriptor_data = "\n8google/cloud/kms/inventory/v1/key_tracking_service.proto\x12\x1dgoogle.cloud.kms.inventory.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x17google/api/client.proto\x1a\x1fgoogle/api/field_behavior.proto\x1a\x19google/api/resource.proto\x1a\x1fgoogle/protobuf/timestamp.proto\"\xbd\x01\n#GetProtectedResourcesSummaryRequest\x12K\n\x04name\x18\x01 \x01(\tB=\xe0\x41\x02\xfa\x41\x37\n5kmsinventory.googleapis.com/ProtectedResourcesSummary\x12I\n\x0e\x66\x61llback_scope\x18\x02 \x01(\x0e\x32,.google.cloud.kms.inventory.v1.FallbackScopeB\x03\xe0\x41\x01\"\x9a\x07\n\x19ProtectedResourcesSummary\x12\x0c\n\x04name\x18\x05 \x01(\t\x12\x16\n\x0eresource_count\x18\x01 \x01(\x03\x12\x15\n\rproject_count\x18\x02 \x01(\x05\x12\x63\n\x0eresource_types\x18\x03 \x03(\x0b\x32K.google.cloud.kms.inventory.v1.ProtectedResourcesSummary.ResourceTypesEntry\x12\x63\n\x0e\x63loud_products\x18\x06 \x03(\x0b\x32K.google.cloud.kms.inventory.v1.ProtectedResourcesSummary.CloudProductsEntry\x12Z\n\tlocations\x18\x04 \x03(\x0b\x32G.google.cloud.kms.inventory.v1.ProtectedResourcesSummary.LocationsEntry\x12\x38\n\x08warnings\x18\x07 \x03(\x0b\x32&.google.cloud.kms.inventory.v1.Warning\x1a\x34\n\x12ResourceTypesEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\x03:\x02\x38\x01\x1a\x34\n\x12\x43loudProductsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\x03:\x02\x38\x01\x1a\x30\n\x0eLocationsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\x03:\x02\x38\x01:\xc1\x02\xea\x41\xbd\x02\n5kmsinventory.googleapis.com/ProtectedResourcesSummary\x12mprojects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/protectedResourcesSummary\x12\x94\x01projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}/protectedResourcesSummary\"\xcf\x01\n\x1fSearchProtectedResourcesRequest\x12I\n\x05scope\x18\x02 \x01(\tB:\xe0\x41\x02\xfa\x41\x34\x12\x32kmsinventory.googleapis.com/ProtectedResourceScope\x12\x1d\n\ncrypto_key\x18\x01 \x01(\tB\t\xe0\x41\x02\xfa\x41\x03\n\x01*\x12\x11\n\tpage_size\x18\x03 \x01(\x05\x12\x12\n\npage_token\x18\x04 \x01(\t\x12\x1b\n\x0eresource_types\x18\x05 \x03(\tB\x03\xe0\x41\x01\"\x8a\x01\n SearchProtectedResourcesResponse\x12M\n\x13protected_resources\x18\x01 \x03(\x0b\x32\x30.google.cloud.kms.inventory.v1.ProtectedResource\x12\x17\n\x0fnext_page_token\x18\x02 \x01(\t\"\xf9\x03\n\x11ProtectedResource\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x0f\n\x07project\x18\x02 \x01(\t\x12\x12\n\nproject_id\x18\t \x01(\t\x12\x15\n\rcloud_product\x18\x08 \x01(\t\x12\x15\n\rresource_type\x18\x03 \x01(\t\x12\x10\n\x08location\x18\x04 \x01(\t\x12L\n\x06labels\x18\x05 \x03(\x0b\x32<.google.cloud.kms.inventory.v1.ProtectedResource.LabelsEntry\x12I\n\x12\x63rypto_key_version\x18\x06 \x01(\tB-\xfa\x41*\n(cloudkms.googleapis.com/CryptoKeyVersion\x12J\n\x13\x63rypto_key_versions\x18\n \x03(\tB-\xfa\x41*\n(cloudkms.googleapis.com/CryptoKeyVersion\x12\x34\n\x0b\x63reate_time\x18\x07 \x01(\x0b\x32\x1a.google.protobuf.TimestampB\x03\xe0\x41\x03\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01:\'\xea\x41$\n\x1f\x63loudasset.googleapis.com/Asset\x12\x01*\"\x92\x02\n\x07Warning\x12H\n\x0cwarning_code\x18\x01 \x01(\x0e\x32\x32.google.cloud.kms.inventory.v1.Warning.WarningCode\x12\x17\n\x0f\x64isplay_message\x18\x02 \x01(\t\"\xa3\x01\n\x0bWarningCode\x12\x1c\n\x18WARNING_CODE_UNSPECIFIED\x10\x00\x12)\n%INSUFFICIENT_PERMISSIONS_PARTIAL_DATA\x10\x01\x12(\n$RESOURCE_LIMIT_EXCEEDED_PARTIAL_DATA\x10\x02\x12!\n\x1dORG_LESS_PROJECT_PARTIAL_DATA\x10\x03*K\n\rFallbackScope\x12\x1e\n\x1a\x46\x41LLBACK_SCOPE_UNSPECIFIED\x10\x00\x12\x1a\n\x16\x46\x41LLBACK_SCOPE_PROJECT\x10\x01\x32\x8f\x05\n\x12KeyTrackingService\x12\x81\x02\n\x1cGetProtectedResourcesSummary\x12\x42.google.cloud.kms.inventory.v1.GetProtectedResourcesSummaryRequest\x1a\x38.google.cloud.kms.inventory.v1.ProtectedResourcesSummary\"c\xda\x41\x04name\x82\xd3\xe4\x93\x02V\x12T/v1/{name=projects/*/locations/*/keyRings/*/cryptoKeys/**}/protectedResourcesSummary\x12\xa3\x02\n\x18SearchProtectedResources\x12>.google.cloud.kms.inventory.v1.SearchProtectedResourcesRequest\x1a?.google.cloud.kms.inventory.v1.SearchProtectedResourcesResponse\"\x85\x01\xda\x41\x11scope, crypto_key\x82\xd3\xe4\x93\x02k\x12\x35/v1/{scope=organizations/*}/protectedResources:searchZ2\x12\x30/v1/{scope=projects/*}/protectedResources:search\x1aO\xca\x41\x1bkmsinventory.googleapis.com\xd2\x41.https://www.googleapis.com/auth/cloud-platformB\xd7\x02\n!com.google.cloud.kms.inventory.v1B\x17KeyTrackingServiceProtoP\x01Z?cloud.google.com/go/kms/inventory/apiv1/inventorypb;inventorypb\xaa\x02\x1dGoogle.Cloud.Kms.Inventory.V1\xca\x02\x1dGoogle\\Cloud\\Kms\\Inventory\\V1\xea\x41\x94\x01\n2kmsinventory.googleapis.com/ProtectedResourceScope\x12\x33organizations/{organization}/protectedResourceScope\x12)projects/{project}/protectedResourceScopeb\x06proto3"
|
|
15
15
|
|
|
16
16
|
pool = Google::Protobuf::DescriptorPool.generated_pool
|
|
17
17
|
|
|
@@ -48,6 +48,9 @@ module Google
|
|
|
48
48
|
SearchProtectedResourcesRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.inventory.v1.SearchProtectedResourcesRequest").msgclass
|
|
49
49
|
SearchProtectedResourcesResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.inventory.v1.SearchProtectedResourcesResponse").msgclass
|
|
50
50
|
ProtectedResource = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.inventory.v1.ProtectedResource").msgclass
|
|
51
|
+
Warning = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.inventory.v1.Warning").msgclass
|
|
52
|
+
Warning::WarningCode = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.inventory.v1.Warning.WarningCode").enummodule
|
|
53
|
+
FallbackScope = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.inventory.v1.FallbackScope").enummodule
|
|
51
54
|
end
|
|
52
55
|
end
|
|
53
56
|
end
|
|
@@ -36,13 +36,20 @@ module Google
|
|
|
36
36
|
self.service_name = 'google.cloud.kms.inventory.v1.KeyTrackingService'
|
|
37
37
|
|
|
38
38
|
# Returns aggregate information about the resources protected by the given
|
|
39
|
-
# Cloud KMS [CryptoKey][google.cloud.kms.v1.CryptoKey].
|
|
40
|
-
# the same Cloud organization as the key will be
|
|
41
|
-
#
|
|
42
|
-
#
|
|
39
|
+
# Cloud KMS [CryptoKey][google.cloud.kms.v1.CryptoKey]. By default,
|
|
40
|
+
# summary of resources within the same Cloud organization as the key will be
|
|
41
|
+
# returned, which requires the KMS organization service account to be
|
|
42
|
+
# configured(refer
|
|
43
|
+
# https://docs.cloud.google.com/kms/docs/view-key-usage#required-roles).
|
|
44
|
+
# If the KMS organization service account is not configured or key's project
|
|
45
|
+
# is not part of an organization, set
|
|
46
|
+
# [fallback_scope][google.cloud.kms.inventory.v1.GetProtectedResourcesSummaryRequest.fallback_scope]
|
|
47
|
+
# to `FALLBACK_SCOPE_PROJECT` to retrieve a summary of protected resources
|
|
48
|
+
# within the key's project.
|
|
43
49
|
rpc :GetProtectedResourcesSummary, ::Google::Cloud::Kms::Inventory::V1::GetProtectedResourcesSummaryRequest, ::Google::Cloud::Kms::Inventory::V1::ProtectedResourcesSummary
|
|
44
50
|
# Returns metadata about the resources protected by the given Cloud KMS
|
|
45
|
-
# [CryptoKey][google.cloud.kms.v1.CryptoKey] in the given Cloud
|
|
51
|
+
# [CryptoKey][google.cloud.kms.v1.CryptoKey] in the given Cloud
|
|
52
|
+
# organization/project.
|
|
46
53
|
rpc :SearchProtectedResources, ::Google::Cloud::Kms::Inventory::V1::SearchProtectedResourcesRequest, ::Google::Cloud::Kms::Inventory::V1::SearchProtectedResourcesResponse
|
|
47
54
|
end
|
|
48
55
|
|
|
@@ -28,13 +28,17 @@ module Google
|
|
|
28
28
|
# @return [::String]
|
|
29
29
|
# Required. The resource name of the
|
|
30
30
|
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
|
|
31
|
+
# @!attribute [rw] fallback_scope
|
|
32
|
+
# @return [::Google::Cloud::Kms::Inventory::V1::FallbackScope]
|
|
33
|
+
# Optional. The scope to use if the kms organization service account is not
|
|
34
|
+
# configured.
|
|
31
35
|
class GetProtectedResourcesSummaryRequest
|
|
32
36
|
include ::Google::Protobuf::MessageExts
|
|
33
37
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
34
38
|
end
|
|
35
39
|
|
|
36
40
|
# Aggregate information about the resources protected by a Cloud KMS key in the
|
|
37
|
-
# same Cloud organization as the key.
|
|
41
|
+
# same Cloud organization/project as the key.
|
|
38
42
|
# @!attribute [rw] name
|
|
39
43
|
# @return [::String]
|
|
40
44
|
# The full name of the ProtectedResourcesSummary resource.
|
|
@@ -57,6 +61,12 @@ module Google
|
|
|
57
61
|
# @!attribute [rw] locations
|
|
58
62
|
# @return [::Google::Protobuf::Map{::String => ::Integer}]
|
|
59
63
|
# The number of resources protected by the key grouped by region.
|
|
64
|
+
# @!attribute [rw] warnings
|
|
65
|
+
# @return [::Array<::Google::Cloud::Kms::Inventory::V1::Warning>]
|
|
66
|
+
# Warning messages for the state of response
|
|
67
|
+
# {::Google::Cloud::Kms::Inventory::V1::ProtectedResourcesSummary ProtectedResourcesSummary}
|
|
68
|
+
# For example, if the organization service account is not configured,
|
|
69
|
+
# INSUFFICIENT_PERMISSIONS_PARTIAL_DATA warning will be returned.
|
|
60
70
|
class ProtectedResourcesSummary
|
|
61
71
|
include ::Google::Protobuf::MessageExts
|
|
62
72
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
@@ -93,8 +103,14 @@ module Google
|
|
|
93
103
|
# {::Google::Cloud::Kms::Inventory::V1::KeyTrackingService::Client#search_protected_resources KeyTrackingService.SearchProtectedResources}.
|
|
94
104
|
# @!attribute [rw] scope
|
|
95
105
|
# @return [::String]
|
|
96
|
-
# Required.
|
|
97
|
-
#
|
|
106
|
+
# Required. A scope can be an organization or a project. Resources protected
|
|
107
|
+
# by the crypto key in provided scope will be returned.
|
|
108
|
+
#
|
|
109
|
+
# The following values are allowed:
|
|
110
|
+
#
|
|
111
|
+
# * organizations/\\{ORGANIZATION_NUMBER} (e.g., "organizations/12345678")
|
|
112
|
+
# * projects/\\{PROJECT_ID} (e.g., "projects/foo-bar")
|
|
113
|
+
# * projects/\\{PROJECT_NUMBER} (e.g., "projects/12345678")
|
|
98
114
|
# @!attribute [rw] crypto_key
|
|
99
115
|
# @return [::String]
|
|
100
116
|
# Required. The resource name of the
|
|
@@ -209,6 +225,56 @@ module Google
|
|
|
209
225
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
210
226
|
end
|
|
211
227
|
end
|
|
228
|
+
|
|
229
|
+
# A warning message that indicates potential problems with the response data.
|
|
230
|
+
# @!attribute [rw] warning_code
|
|
231
|
+
# @return [::Google::Cloud::Kms::Inventory::V1::Warning::WarningCode]
|
|
232
|
+
# The specific warning code for the displayed message.
|
|
233
|
+
# @!attribute [rw] display_message
|
|
234
|
+
# @return [::String]
|
|
235
|
+
# The literal message providing context and details about the warnings.
|
|
236
|
+
class Warning
|
|
237
|
+
include ::Google::Protobuf::MessageExts
|
|
238
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
239
|
+
|
|
240
|
+
# Different types of warnings that can be returned to the user.
|
|
241
|
+
# The display_message contains detailed information regarding the
|
|
242
|
+
# warning_code.
|
|
243
|
+
module WarningCode
|
|
244
|
+
# Default value. This value is unused.
|
|
245
|
+
WARNING_CODE_UNSPECIFIED = 0
|
|
246
|
+
|
|
247
|
+
# Indicates that the caller or service agent lacks necessary permissions
|
|
248
|
+
# to view some of the requested data. The response may be partial.
|
|
249
|
+
# Example:
|
|
250
|
+
# - KMS organization service agent \\{service_agent_name} lacks the
|
|
251
|
+
# `cloudasset.assets.searchAllResources` permission on the scope.
|
|
252
|
+
INSUFFICIENT_PERMISSIONS_PARTIAL_DATA = 1
|
|
253
|
+
|
|
254
|
+
# Indicates that a resource limit has been exceeded, resulting in partial
|
|
255
|
+
# data. Example:
|
|
256
|
+
# - The project has more than 10,000 assets (resources,
|
|
257
|
+
# crypto keys, key handles, IAM policies, etc).
|
|
258
|
+
RESOURCE_LIMIT_EXCEEDED_PARTIAL_DATA = 2
|
|
259
|
+
|
|
260
|
+
# Indicates that the project exists outside of an organization resource.
|
|
261
|
+
# Thus the analysis is only done for the project level data and results
|
|
262
|
+
# might be partial.
|
|
263
|
+
ORG_LESS_PROJECT_PARTIAL_DATA = 3
|
|
264
|
+
end
|
|
265
|
+
end
|
|
266
|
+
|
|
267
|
+
# Specifies the scope to use if the organization service agent is not
|
|
268
|
+
# configured.
|
|
269
|
+
module FallbackScope
|
|
270
|
+
# Unspecified scope type.
|
|
271
|
+
FALLBACK_SCOPE_UNSPECIFIED = 0
|
|
272
|
+
|
|
273
|
+
# If set to `FALLBACK_SCOPE_PROJECT`, the API will fall back to using key's
|
|
274
|
+
# project as request scope if the kms organization service account is not
|
|
275
|
+
# configured.
|
|
276
|
+
FALLBACK_SCOPE_PROJECT = 1
|
|
277
|
+
end
|
|
212
278
|
end
|
|
213
279
|
end
|
|
214
280
|
end
|
|
@@ -570,13 +570,40 @@ module Google
|
|
|
570
570
|
# datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/.
|
|
571
571
|
KEM_XWING = 63
|
|
572
572
|
|
|
573
|
+
# The post-quantum Module-Lattice-Based Digital Signature Algorithm, at
|
|
574
|
+
# security level 1. Randomized version.
|
|
575
|
+
PQ_SIGN_ML_DSA_44 = 68
|
|
576
|
+
|
|
573
577
|
# The post-quantum Module-Lattice-Based Digital Signature Algorithm, at
|
|
574
578
|
# security level 3. Randomized version.
|
|
575
579
|
PQ_SIGN_ML_DSA_65 = 56
|
|
576
580
|
|
|
581
|
+
# The post-quantum Module-Lattice-Based Digital Signature Algorithm, at
|
|
582
|
+
# security level 5. Randomized version.
|
|
583
|
+
PQ_SIGN_ML_DSA_87 = 69
|
|
584
|
+
|
|
577
585
|
# The post-quantum stateless hash-based digital signature algorithm, at
|
|
578
586
|
# security level 1. Randomized version.
|
|
579
587
|
PQ_SIGN_SLH_DSA_SHA2_128S = 57
|
|
588
|
+
|
|
589
|
+
# The post-quantum stateless hash-based digital signature algorithm, at
|
|
590
|
+
# security level 1. Randomized pre-hash version supporting SHA256 digests.
|
|
591
|
+
PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256 = 60
|
|
592
|
+
|
|
593
|
+
# The post-quantum Module-Lattice-Based Digital Signature Algorithm, at
|
|
594
|
+
# security level 1. Randomized version supporting externally-computed
|
|
595
|
+
# message representatives.
|
|
596
|
+
PQ_SIGN_ML_DSA_44_EXTERNAL_MU = 70
|
|
597
|
+
|
|
598
|
+
# The post-quantum Module-Lattice-Based Digital Signature Algorithm, at
|
|
599
|
+
# security level 3. Randomized version supporting externally-computed
|
|
600
|
+
# message representatives.
|
|
601
|
+
PQ_SIGN_ML_DSA_65_EXTERNAL_MU = 67
|
|
602
|
+
|
|
603
|
+
# The post-quantum Module-Lattice-Based Digital Signature Algorithm, at
|
|
604
|
+
# security level 5. Randomized version supporting externally-computed
|
|
605
|
+
# message representatives.
|
|
606
|
+
PQ_SIGN_ML_DSA_87_EXTERNAL_MU = 71
|
|
580
607
|
end
|
|
581
608
|
|
|
582
609
|
# The state of a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion},
|
|
@@ -879,8 +906,7 @@ module Google
|
|
|
879
906
|
# operations are performed. Currently, this field is only populated for keys
|
|
880
907
|
# stored in HSM_SINGLE_TENANT. Note, this list is non-exhaustive and may
|
|
881
908
|
# apply to additional {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevels}
|
|
882
|
-
# in the future.
|
|
883
|
-
# Supported resources:
|
|
909
|
+
# in the future. Supported resources:
|
|
884
910
|
# * `"projects/*/locations/*/singleTenantHsmInstances/*"`
|
|
885
911
|
class ImportJob
|
|
886
912
|
include ::Google::Protobuf::MessageExts
|
|
@@ -1015,6 +1041,32 @@ module Google
|
|
|
1015
1041
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
1016
1042
|
end
|
|
1017
1043
|
|
|
1044
|
+
# A RetiredResource resource represents the record of a deleted
|
|
1045
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}. Its purpose is to provide
|
|
1046
|
+
# visibility into retained user data and to prevent reuse of these names for
|
|
1047
|
+
# new {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
|
|
1048
|
+
# @!attribute [r] name
|
|
1049
|
+
# @return [::String]
|
|
1050
|
+
# Output only. Identifier. The resource name for this
|
|
1051
|
+
# {::Google::Cloud::Kms::V1::RetiredResource RetiredResource} in the format
|
|
1052
|
+
# `projects/*/locations/*/retiredResources/*`.
|
|
1053
|
+
# @!attribute [r] original_resource
|
|
1054
|
+
# @return [::String]
|
|
1055
|
+
# Output only. The full resource name of the original
|
|
1056
|
+
# {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} that was deleted in the format
|
|
1057
|
+
# `projects/*/locations/*/keyRings/*/cryptoKeys/*`.
|
|
1058
|
+
# @!attribute [r] resource_type
|
|
1059
|
+
# @return [::String]
|
|
1060
|
+
# Output only. The resource type of the original deleted resource.
|
|
1061
|
+
# @!attribute [r] delete_time
|
|
1062
|
+
# @return [::Google::Protobuf::Timestamp]
|
|
1063
|
+
# Output only. The time at which the original resource was deleted and this
|
|
1064
|
+
# RetiredResource record was created.
|
|
1065
|
+
class RetiredResource
|
|
1066
|
+
include ::Google::Protobuf::MessageExts
|
|
1067
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
|
1068
|
+
end
|
|
1069
|
+
|
|
1018
1070
|
# {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} specifies how
|
|
1019
1071
|
# cryptographic operations are performed. For more information, see [Protection
|
|
1020
1072
|
# levels] (https://cloud.google.com/kms/docs/algorithms#protection_levels).
|