google-cloud-kms-v1 0.10.1 → 0.12.0

data/lib/google/cloud/kms/v1/ekm_service/credentials.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+require "googleauth"
+
+module Google
+  module Cloud
+    module Kms
+      module V1
+        module EkmService
+          # Credentials for the EkmService API.
+          class Credentials < ::Google::Auth::Credentials
+            self.scope = [
+              "https://www.googleapis.com/auth/cloud-platform",
+              "https://www.googleapis.com/auth/cloudkms"
+            ]
+            self.env_vars = [
+              "KMS_CREDENTIALS",
+              "KMS_KEYFILE",
+              "GOOGLE_CLOUD_CREDENTIALS",
+              "GOOGLE_CLOUD_KEYFILE",
+              "GCLOUD_KEYFILE",
+              "KMS_CREDENTIALS_JSON",
+              "KMS_KEYFILE_JSON",
+              "GOOGLE_CLOUD_CREDENTIALS_JSON",
+              "GOOGLE_CLOUD_KEYFILE_JSON",
+              "GCLOUD_KEYFILE_JSON"
+            ]
+            self.paths = [
+              "~/.config/google_cloud/application_default_credentials.json"
+            ]
+          end
+        end
+      end
+    end
+  end
+end

data/lib/google/cloud/kms/v1/ekm_service/paths.rb

@@ -0,0 +1,90 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Google
+  module Cloud
+    module Kms
+      module V1
+        module EkmService
+          # Path helper methods for the EkmService API.
+          module Paths
+            ##
+            # Create a fully-qualified EkmConnection resource string.
+            #
+            # The resource will be in the following format:
+            #
+            # `projects/{project}/locations/{location}/ekmConnections/{ekm_connection}`
+            #
+            # @param project [String]
+            # @param location [String]
+            # @param ekm_connection [String]
+            #
+            # @return [::String]
+            def ekm_connection_path project:, location:, ekm_connection:
+              raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/"
+              raise ::ArgumentError, "location cannot contain /" if location.to_s.include? "/"
+
+              "projects/#{project}/locations/#{location}/ekmConnections/#{ekm_connection}"
+            end
+
+            ##
+            # Create a fully-qualified Location resource string.
+            #
+            # The resource will be in the following format:
+            #
+            # `projects/{project}/locations/{location}`
+            #
+            # @param project [String]
+            # @param location [String]
+            #
+            # @return [::String]
+            def location_path project:, location:
+              raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/"
+
+              "projects/#{project}/locations/#{location}"
+            end
+
+            ##
+            # Create a fully-qualified Service resource string.
+            #
+            # The resource will be in the following format:
+            #
+            # `projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}`
+            #
+            # @param project [String]
+            # @param location [String]
+            # @param namespace [String]
+            # @param service [String]
+            #
+            # @return [::String]
+            def service_path project:, location:, namespace:, service:
+              raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/"
+              raise ::ArgumentError, "location cannot contain /" if location.to_s.include? "/"
+              raise ::ArgumentError, "namespace cannot contain /" if namespace.to_s.include? "/"
+
+              "projects/#{project}/locations/#{location}/namespaces/#{namespace}/services/#{service}"
+            end
+
+            extend self
+          end
+        end
+      end
+    end
+  end
+end

data/lib/google/cloud/kms/v1/ekm_service.rb

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+require "gapic/common"
+require "gapic/config"
+require "gapic/config/method"
+
+require "google/cloud/kms/v1/version"
+
+require "google/cloud/kms/v1/ekm_service/credentials"
+require "google/cloud/kms/v1/ekm_service/paths"
+require "google/cloud/kms/v1/ekm_service/client"
+
+module Google
+  module Cloud
+    module Kms
+      module V1
+        ##
+        # Google Cloud Key Management EKM Service
+        #
+        # Manages external cryptographic keys and operations using those keys.
+        # Implements a REST model with the following objects:
+        # * {::Google::Cloud::Kms::V1::EkmConnection EkmConnection}
+        #
+        # To load this service and instantiate a client:
+        #
+        #     require "google/cloud/kms/v1/ekm_service"
+        #     client = ::Google::Cloud::Kms::V1::EkmService::Client.new
+        #
+        module EkmService
+        end
+      end
+    end
+  end
+end
+
+helper_path = ::File.join __dir__, "ekm_service", "helpers.rb"
+require "google/cloud/kms/v1/ekm_service/helpers" if ::File.file? helper_path

data/lib/google/cloud/kms/v1/ekm_service_pb.rb

@@ -0,0 +1,79 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# source: google/cloud/kms/v1/ekm_service.proto
+
+require 'google/api/annotations_pb'
+require 'google/api/client_pb'
+require 'google/api/field_behavior_pb'
+require 'google/api/resource_pb'
+require 'google/protobuf/field_mask_pb'
+require 'google/protobuf/timestamp_pb'
+require 'google/protobuf'
+
+Google::Protobuf::DescriptorPool.generated_pool.build do
+  add_file("google/cloud/kms/v1/ekm_service.proto", :syntax => :proto3) do
+    add_message "google.cloud.kms.v1.ListEkmConnectionsRequest" do
+      optional :parent, :string, 1
+      optional :page_size, :int32, 2
+      optional :page_token, :string, 3
+      optional :filter, :string, 4
+      optional :order_by, :string, 5
+    end
+    add_message "google.cloud.kms.v1.ListEkmConnectionsResponse" do
+      repeated :ekm_connections, :message, 1, "google.cloud.kms.v1.EkmConnection"
+      optional :next_page_token, :string, 2
+      optional :total_size, :int32, 3
+    end
+    add_message "google.cloud.kms.v1.GetEkmConnectionRequest" do
+      optional :name, :string, 1
+    end
+    add_message "google.cloud.kms.v1.CreateEkmConnectionRequest" do
+      optional :parent, :string, 1
+      optional :ekm_connection_id, :string, 2
+      optional :ekm_connection, :message, 3, "google.cloud.kms.v1.EkmConnection"
+    end
+    add_message "google.cloud.kms.v1.UpdateEkmConnectionRequest" do
+      optional :ekm_connection, :message, 1, "google.cloud.kms.v1.EkmConnection"
+      optional :update_mask, :message, 2, "google.protobuf.FieldMask"
+    end
+    add_message "google.cloud.kms.v1.Certificate" do
+      optional :raw_der, :bytes, 1
+      optional :parsed, :bool, 2
+      optional :issuer, :string, 3
+      optional :subject, :string, 4
+      repeated :subject_alternative_dns_names, :string, 5
+      optional :not_before_time, :message, 6, "google.protobuf.Timestamp"
+      optional :not_after_time, :message, 7, "google.protobuf.Timestamp"
+      optional :serial_number, :string, 8
+      optional :sha256_fingerprint, :string, 9
+    end
+    add_message "google.cloud.kms.v1.EkmConnection" do
+      optional :name, :string, 1
+      optional :create_time, :message, 2, "google.protobuf.Timestamp"
+      repeated :service_resolvers, :message, 3, "google.cloud.kms.v1.EkmConnection.ServiceResolver"
+      optional :etag, :string, 5
+    end
+    add_message "google.cloud.kms.v1.EkmConnection.ServiceResolver" do
+      optional :service_directory_service, :string, 1
+      optional :endpoint_filter, :string, 2
+      optional :hostname, :string, 3
+      repeated :server_certificates, :message, 4, "google.cloud.kms.v1.Certificate"
+    end
+  end
+end
+
+module Google
+  module Cloud
+    module Kms
+      module V1
+        ListEkmConnectionsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.ListEkmConnectionsRequest").msgclass
+        ListEkmConnectionsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.ListEkmConnectionsResponse").msgclass
+        GetEkmConnectionRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.GetEkmConnectionRequest").msgclass
+        CreateEkmConnectionRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.CreateEkmConnectionRequest").msgclass
+        UpdateEkmConnectionRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.UpdateEkmConnectionRequest").msgclass
+        Certificate = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.Certificate").msgclass
+        EkmConnection = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.EkmConnection").msgclass
+        EkmConnection::ServiceResolver = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.EkmConnection.ServiceResolver").msgclass
+      end
+    end
+  end
+end

data/lib/google/cloud/kms/v1/ekm_service_services_pb.rb

@@ -0,0 +1,57 @@
+# Generated by the protocol buffer compiler.  DO NOT EDIT!
+# Source: google/cloud/kms/v1/ekm_service.proto for package 'google.cloud.kms.v1'
+# Original file comments:
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'grpc'
+require 'google/cloud/kms/v1/ekm_service_pb'
+
+module Google
+  module Cloud
+    module Kms
+      module V1
+        module EkmService
+          # Google Cloud Key Management EKM Service
+          #
+          # Manages external cryptographic keys and operations using those keys.
+          # Implements a REST model with the following objects:
+          # * [EkmConnection][google.cloud.kms.v1.EkmConnection]
+          class Service
+
+            include ::GRPC::GenericService
+
+            self.marshal_class_method = :encode
+            self.unmarshal_class_method = :decode
+            self.service_name = 'google.cloud.kms.v1.EkmService'
+
+            # Lists [EkmConnections][google.cloud.kms.v1.EkmConnection].
+            rpc :ListEkmConnections, ::Google::Cloud::Kms::V1::ListEkmConnectionsRequest, ::Google::Cloud::Kms::V1::ListEkmConnectionsResponse
+            # Returns metadata for a given
+            # [EkmConnection][google.cloud.kms.v1.EkmConnection].
+            rpc :GetEkmConnection, ::Google::Cloud::Kms::V1::GetEkmConnectionRequest, ::Google::Cloud::Kms::V1::EkmConnection
+            # Creates a new [EkmConnection][google.cloud.kms.v1.EkmConnection] in a given
+            # Project and Location.
+            rpc :CreateEkmConnection, ::Google::Cloud::Kms::V1::CreateEkmConnectionRequest, ::Google::Cloud::Kms::V1::EkmConnection
+            # Updates an [EkmConnection][google.cloud.kms.v1.EkmConnection]'s metadata.
+            rpc :UpdateEkmConnection, ::Google::Cloud::Kms::V1::UpdateEkmConnectionRequest, ::Google::Cloud::Kms::V1::EkmConnection
+          end
+
+          Stub = Service.rpc_stub_class
+        end
+      end
+    end
+  end
+end

data/lib/google/cloud/kms/v1/iam_policy/client.rb

@@ -27,7 +27,8 @@ module Google
           ##
           # Client for the IAMPolicy service.
           #
-          # ## API Overview
+          # API Overview
+          #
           #
           # Manages Identity and Access Management (IAM) policies.
           #
@@ -170,6 +171,8 @@ module Google
             # Sets the access control policy on the specified resource. Replaces any
             # existing policy.
             #
+            # Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.
+            #
             # @overload set_iam_policy(request, options = nil)
             #   Pass arguments to `set_iam_policy` via a request object, either of type
             #   {::Google::Iam::V1::SetIamPolicyRequest} or an equivalent Hash.
@@ -180,7 +183,7 @@ module Google
             #   @param options [::Gapic::CallOptions, ::Hash]
             #     Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
             #
-            # @overload set_iam_policy(resource: nil, policy: nil)
+            # @overload set_iam_policy(resource: nil, policy: nil, update_mask: nil)
             #   Pass arguments to `set_iam_policy` via keyword arguments. Note that at
             #   least one keyword argument is required. To specify no parameters, or to keep all
             #   the default parameter values, pass an empty Hash as a request object (see above).
@@ -193,6 +196,12 @@ module Google
             #     the policy is limited to a few 10s of KB. An empty policy is a
             #     valid policy but certain Cloud Platform services (such as Projects)
             #     might reject them.
+            #   @param update_mask [::Google::Protobuf::FieldMask, ::Hash]
+            #     OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
+            #     the fields in the mask will be modified. If no mask is provided, the
+            #     following default mask is used:
+            #
+            #     `paths: "bindings, etag"`
             #
             # @yield [response, operation] Access the result along with the RPC operation
             # @yieldparam response [::Google::Iam::V1::Policy]
@@ -283,7 +292,7 @@ module Google
             #     See the operation documentation for the appropriate value for this field.
             #   @param options [::Google::Iam::V1::GetPolicyOptions, ::Hash]
             #     OPTIONAL: A `GetPolicyOptions` object for specifying options to
-            #     `GetIamPolicy`. This field is only used by Cloud IAM.
+            #     `GetIamPolicy`.
             #
             # @yield [response, operation] Access the result along with the RPC operation
             # @yieldparam response [::Google::Iam::V1::Policy]
@@ -352,7 +361,7 @@ module Google
             ##
             # Returns permissions that a caller has on the specified resource.
             # If the resource does not exist, this will return an empty set of
-            # permissions, not a NOT_FOUND error.
+            # permissions, not a `NOT_FOUND` error.
             #
             # Note: This operation is designed to be used for building permission-aware
             # UIs and command-line tools, not for authorization checking. This operation

data/lib/google/cloud/kms/v1/iam_policy.rb

@@ -30,7 +30,8 @@ module Google
     module Kms
       module V1
         ##
-        # ## API Overview
+        # API Overview
+        #
         #
         # Manages Identity and Access Management (IAM) policies.
         #