google-cloud-kms-v1 0.10.2 → 0.13.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/AUTHENTICATION.md +6 -6
- data/README.md +14 -9
- data/lib/google/cloud/kms/v1/ekm_service/client.rb +731 -0
- data/lib/google/cloud/kms/v1/ekm_service/credentials.rb +52 -0
- data/lib/google/cloud/kms/v1/ekm_service/paths.rb +90 -0
- data/lib/google/cloud/kms/v1/ekm_service.rb +53 -0
- data/lib/google/cloud/kms/v1/ekm_service_pb.rb +80 -0
- data/lib/google/cloud/kms/v1/ekm_service_services_pb.rb +57 -0
- data/lib/google/cloud/kms/v1/iam_policy/client.rb +13 -4
- data/lib/google/cloud/kms/v1/iam_policy.rb +2 -1
- data/lib/google/cloud/kms/v1/key_management_service/client.rb +427 -276
- data/lib/google/cloud/kms/v1/resources_pb.rb +12 -2
- data/lib/google/cloud/kms/v1/service_pb.rb +2 -1
- data/lib/google/cloud/kms/v1/service_services_pb.rb +84 -48
- data/lib/google/cloud/kms/v1/version.rb +1 -1
- data/lib/google/cloud/kms/v1.rb +4 -1
- data/proto_docs/google/cloud/kms/v1/ekm_service.rb +226 -0
- data/proto_docs/google/cloud/kms/v1/resources.rb +299 -160
- data/proto_docs/google/cloud/kms/v1/service.rb +653 -412
- data/proto_docs/google/iam/v1/iam_policy.rb +8 -1
- data/proto_docs/google/iam/v1/options.rb +14 -4
- data/proto_docs/google/iam/v1/policy.rb +208 -38
- metadata +23 -22
@@ -0,0 +1,52 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
require "googleauth"
|
20
|
+
|
21
|
+
module Google
|
22
|
+
module Cloud
|
23
|
+
module Kms
|
24
|
+
module V1
|
25
|
+
module EkmService
|
26
|
+
# Credentials for the EkmService API.
|
27
|
+
class Credentials < ::Google::Auth::Credentials
|
28
|
+
self.scope = [
|
29
|
+
"https://www.googleapis.com/auth/cloud-platform",
|
30
|
+
"https://www.googleapis.com/auth/cloudkms"
|
31
|
+
]
|
32
|
+
self.env_vars = [
|
33
|
+
"KMS_CREDENTIALS",
|
34
|
+
"KMS_KEYFILE",
|
35
|
+
"GOOGLE_CLOUD_CREDENTIALS",
|
36
|
+
"GOOGLE_CLOUD_KEYFILE",
|
37
|
+
"GCLOUD_KEYFILE",
|
38
|
+
"KMS_CREDENTIALS_JSON",
|
39
|
+
"KMS_KEYFILE_JSON",
|
40
|
+
"GOOGLE_CLOUD_CREDENTIALS_JSON",
|
41
|
+
"GOOGLE_CLOUD_KEYFILE_JSON",
|
42
|
+
"GCLOUD_KEYFILE_JSON"
|
43
|
+
]
|
44
|
+
self.paths = [
|
45
|
+
"~/.config/google_cloud/application_default_credentials.json"
|
46
|
+
]
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
@@ -0,0 +1,90 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Google
|
21
|
+
module Cloud
|
22
|
+
module Kms
|
23
|
+
module V1
|
24
|
+
module EkmService
|
25
|
+
# Path helper methods for the EkmService API.
|
26
|
+
module Paths
|
27
|
+
##
|
28
|
+
# Create a fully-qualified EkmConnection resource string.
|
29
|
+
#
|
30
|
+
# The resource will be in the following format:
|
31
|
+
#
|
32
|
+
# `projects/{project}/locations/{location}/ekmConnections/{ekm_connection}`
|
33
|
+
#
|
34
|
+
# @param project [String]
|
35
|
+
# @param location [String]
|
36
|
+
# @param ekm_connection [String]
|
37
|
+
#
|
38
|
+
# @return [::String]
|
39
|
+
def ekm_connection_path project:, location:, ekm_connection:
|
40
|
+
raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/"
|
41
|
+
raise ::ArgumentError, "location cannot contain /" if location.to_s.include? "/"
|
42
|
+
|
43
|
+
"projects/#{project}/locations/#{location}/ekmConnections/#{ekm_connection}"
|
44
|
+
end
|
45
|
+
|
46
|
+
##
|
47
|
+
# Create a fully-qualified Location resource string.
|
48
|
+
#
|
49
|
+
# The resource will be in the following format:
|
50
|
+
#
|
51
|
+
# `projects/{project}/locations/{location}`
|
52
|
+
#
|
53
|
+
# @param project [String]
|
54
|
+
# @param location [String]
|
55
|
+
#
|
56
|
+
# @return [::String]
|
57
|
+
def location_path project:, location:
|
58
|
+
raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/"
|
59
|
+
|
60
|
+
"projects/#{project}/locations/#{location}"
|
61
|
+
end
|
62
|
+
|
63
|
+
##
|
64
|
+
# Create a fully-qualified Service resource string.
|
65
|
+
#
|
66
|
+
# The resource will be in the following format:
|
67
|
+
#
|
68
|
+
# `projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}`
|
69
|
+
#
|
70
|
+
# @param project [String]
|
71
|
+
# @param location [String]
|
72
|
+
# @param namespace [String]
|
73
|
+
# @param service [String]
|
74
|
+
#
|
75
|
+
# @return [::String]
|
76
|
+
def service_path project:, location:, namespace:, service:
|
77
|
+
raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/"
|
78
|
+
raise ::ArgumentError, "location cannot contain /" if location.to_s.include? "/"
|
79
|
+
raise ::ArgumentError, "namespace cannot contain /" if namespace.to_s.include? "/"
|
80
|
+
|
81
|
+
"projects/#{project}/locations/#{location}/namespaces/#{namespace}/services/#{service}"
|
82
|
+
end
|
83
|
+
|
84
|
+
extend self
|
85
|
+
end
|
86
|
+
end
|
87
|
+
end
|
88
|
+
end
|
89
|
+
end
|
90
|
+
end
|
@@ -0,0 +1,53 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
require "gapic/common"
|
20
|
+
require "gapic/config"
|
21
|
+
require "gapic/config/method"
|
22
|
+
|
23
|
+
require "google/cloud/kms/v1/version"
|
24
|
+
|
25
|
+
require "google/cloud/kms/v1/ekm_service/credentials"
|
26
|
+
require "google/cloud/kms/v1/ekm_service/paths"
|
27
|
+
require "google/cloud/kms/v1/ekm_service/client"
|
28
|
+
|
29
|
+
module Google
|
30
|
+
module Cloud
|
31
|
+
module Kms
|
32
|
+
module V1
|
33
|
+
##
|
34
|
+
# Google Cloud Key Management EKM Service
|
35
|
+
#
|
36
|
+
# Manages external cryptographic keys and operations using those keys.
|
37
|
+
# Implements a REST model with the following objects:
|
38
|
+
# * {::Google::Cloud::Kms::V1::EkmConnection EkmConnection}
|
39
|
+
#
|
40
|
+
# To load this service and instantiate a client:
|
41
|
+
#
|
42
|
+
# require "google/cloud/kms/v1/ekm_service"
|
43
|
+
# client = ::Google::Cloud::Kms::V1::EkmService::Client.new
|
44
|
+
#
|
45
|
+
module EkmService
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
51
|
+
|
52
|
+
helper_path = ::File.join __dir__, "ekm_service", "helpers.rb"
|
53
|
+
require "google/cloud/kms/v1/ekm_service/helpers" if ::File.file? helper_path
|
@@ -0,0 +1,80 @@
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
+
# source: google/cloud/kms/v1/ekm_service.proto
|
3
|
+
|
4
|
+
require 'google/protobuf'
|
5
|
+
|
6
|
+
require 'google/api/annotations_pb'
|
7
|
+
require 'google/api/client_pb'
|
8
|
+
require 'google/api/field_behavior_pb'
|
9
|
+
require 'google/api/resource_pb'
|
10
|
+
require 'google/protobuf/field_mask_pb'
|
11
|
+
require 'google/protobuf/timestamp_pb'
|
12
|
+
|
13
|
+
Google::Protobuf::DescriptorPool.generated_pool.build do
|
14
|
+
add_file("google/cloud/kms/v1/ekm_service.proto", :syntax => :proto3) do
|
15
|
+
add_message "google.cloud.kms.v1.ListEkmConnectionsRequest" do
|
16
|
+
optional :parent, :string, 1
|
17
|
+
optional :page_size, :int32, 2
|
18
|
+
optional :page_token, :string, 3
|
19
|
+
optional :filter, :string, 4
|
20
|
+
optional :order_by, :string, 5
|
21
|
+
end
|
22
|
+
add_message "google.cloud.kms.v1.ListEkmConnectionsResponse" do
|
23
|
+
repeated :ekm_connections, :message, 1, "google.cloud.kms.v1.EkmConnection"
|
24
|
+
optional :next_page_token, :string, 2
|
25
|
+
optional :total_size, :int32, 3
|
26
|
+
end
|
27
|
+
add_message "google.cloud.kms.v1.GetEkmConnectionRequest" do
|
28
|
+
optional :name, :string, 1
|
29
|
+
end
|
30
|
+
add_message "google.cloud.kms.v1.CreateEkmConnectionRequest" do
|
31
|
+
optional :parent, :string, 1
|
32
|
+
optional :ekm_connection_id, :string, 2
|
33
|
+
optional :ekm_connection, :message, 3, "google.cloud.kms.v1.EkmConnection"
|
34
|
+
end
|
35
|
+
add_message "google.cloud.kms.v1.UpdateEkmConnectionRequest" do
|
36
|
+
optional :ekm_connection, :message, 1, "google.cloud.kms.v1.EkmConnection"
|
37
|
+
optional :update_mask, :message, 2, "google.protobuf.FieldMask"
|
38
|
+
end
|
39
|
+
add_message "google.cloud.kms.v1.Certificate" do
|
40
|
+
optional :raw_der, :bytes, 1
|
41
|
+
optional :parsed, :bool, 2
|
42
|
+
optional :issuer, :string, 3
|
43
|
+
optional :subject, :string, 4
|
44
|
+
repeated :subject_alternative_dns_names, :string, 5
|
45
|
+
optional :not_before_time, :message, 6, "google.protobuf.Timestamp"
|
46
|
+
optional :not_after_time, :message, 7, "google.protobuf.Timestamp"
|
47
|
+
optional :serial_number, :string, 8
|
48
|
+
optional :sha256_fingerprint, :string, 9
|
49
|
+
end
|
50
|
+
add_message "google.cloud.kms.v1.EkmConnection" do
|
51
|
+
optional :name, :string, 1
|
52
|
+
optional :create_time, :message, 2, "google.protobuf.Timestamp"
|
53
|
+
repeated :service_resolvers, :message, 3, "google.cloud.kms.v1.EkmConnection.ServiceResolver"
|
54
|
+
optional :etag, :string, 5
|
55
|
+
end
|
56
|
+
add_message "google.cloud.kms.v1.EkmConnection.ServiceResolver" do
|
57
|
+
optional :service_directory_service, :string, 1
|
58
|
+
optional :endpoint_filter, :string, 2
|
59
|
+
optional :hostname, :string, 3
|
60
|
+
repeated :server_certificates, :message, 4, "google.cloud.kms.v1.Certificate"
|
61
|
+
end
|
62
|
+
end
|
63
|
+
end
|
64
|
+
|
65
|
+
module Google
|
66
|
+
module Cloud
|
67
|
+
module Kms
|
68
|
+
module V1
|
69
|
+
ListEkmConnectionsRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.ListEkmConnectionsRequest").msgclass
|
70
|
+
ListEkmConnectionsResponse = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.ListEkmConnectionsResponse").msgclass
|
71
|
+
GetEkmConnectionRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.GetEkmConnectionRequest").msgclass
|
72
|
+
CreateEkmConnectionRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.CreateEkmConnectionRequest").msgclass
|
73
|
+
UpdateEkmConnectionRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.UpdateEkmConnectionRequest").msgclass
|
74
|
+
Certificate = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.Certificate").msgclass
|
75
|
+
EkmConnection = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.EkmConnection").msgclass
|
76
|
+
EkmConnection::ServiceResolver = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.EkmConnection.ServiceResolver").msgclass
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
@@ -0,0 +1,57 @@
|
|
1
|
+
# Generated by the protocol buffer compiler. DO NOT EDIT!
|
2
|
+
# Source: google/cloud/kms/v1/ekm_service.proto for package 'google.cloud.kms.v1'
|
3
|
+
# Original file comments:
|
4
|
+
# Copyright 2021 Google LLC
|
5
|
+
#
|
6
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
7
|
+
# you may not use this file except in compliance with the License.
|
8
|
+
# You may obtain a copy of the License at
|
9
|
+
#
|
10
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
11
|
+
#
|
12
|
+
# Unless required by applicable law or agreed to in writing, software
|
13
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
14
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
15
|
+
# See the License for the specific language governing permissions and
|
16
|
+
# limitations under the License.
|
17
|
+
#
|
18
|
+
|
19
|
+
require 'grpc'
|
20
|
+
require 'google/cloud/kms/v1/ekm_service_pb'
|
21
|
+
|
22
|
+
module Google
|
23
|
+
module Cloud
|
24
|
+
module Kms
|
25
|
+
module V1
|
26
|
+
module EkmService
|
27
|
+
# Google Cloud Key Management EKM Service
|
28
|
+
#
|
29
|
+
# Manages external cryptographic keys and operations using those keys.
|
30
|
+
# Implements a REST model with the following objects:
|
31
|
+
# * [EkmConnection][google.cloud.kms.v1.EkmConnection]
|
32
|
+
class Service
|
33
|
+
|
34
|
+
include ::GRPC::GenericService
|
35
|
+
|
36
|
+
self.marshal_class_method = :encode
|
37
|
+
self.unmarshal_class_method = :decode
|
38
|
+
self.service_name = 'google.cloud.kms.v1.EkmService'
|
39
|
+
|
40
|
+
# Lists [EkmConnections][google.cloud.kms.v1.EkmConnection].
|
41
|
+
rpc :ListEkmConnections, ::Google::Cloud::Kms::V1::ListEkmConnectionsRequest, ::Google::Cloud::Kms::V1::ListEkmConnectionsResponse
|
42
|
+
# Returns metadata for a given
|
43
|
+
# [EkmConnection][google.cloud.kms.v1.EkmConnection].
|
44
|
+
rpc :GetEkmConnection, ::Google::Cloud::Kms::V1::GetEkmConnectionRequest, ::Google::Cloud::Kms::V1::EkmConnection
|
45
|
+
# Creates a new [EkmConnection][google.cloud.kms.v1.EkmConnection] in a given
|
46
|
+
# Project and Location.
|
47
|
+
rpc :CreateEkmConnection, ::Google::Cloud::Kms::V1::CreateEkmConnectionRequest, ::Google::Cloud::Kms::V1::EkmConnection
|
48
|
+
# Updates an [EkmConnection][google.cloud.kms.v1.EkmConnection]'s metadata.
|
49
|
+
rpc :UpdateEkmConnection, ::Google::Cloud::Kms::V1::UpdateEkmConnectionRequest, ::Google::Cloud::Kms::V1::EkmConnection
|
50
|
+
end
|
51
|
+
|
52
|
+
Stub = Service.rpc_stub_class
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
@@ -27,7 +27,8 @@ module Google
|
|
27
27
|
##
|
28
28
|
# Client for the IAMPolicy service.
|
29
29
|
#
|
30
|
-
#
|
30
|
+
# API Overview
|
31
|
+
#
|
31
32
|
#
|
32
33
|
# Manages Identity and Access Management (IAM) policies.
|
33
34
|
#
|
@@ -170,6 +171,8 @@ module Google
|
|
170
171
|
# Sets the access control policy on the specified resource. Replaces any
|
171
172
|
# existing policy.
|
172
173
|
#
|
174
|
+
# Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED` errors.
|
175
|
+
#
|
173
176
|
# @overload set_iam_policy(request, options = nil)
|
174
177
|
# Pass arguments to `set_iam_policy` via a request object, either of type
|
175
178
|
# {::Google::Iam::V1::SetIamPolicyRequest} or an equivalent Hash.
|
@@ -180,7 +183,7 @@ module Google
|
|
180
183
|
# @param options [::Gapic::CallOptions, ::Hash]
|
181
184
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
182
185
|
#
|
183
|
-
# @overload set_iam_policy(resource: nil, policy: nil)
|
186
|
+
# @overload set_iam_policy(resource: nil, policy: nil, update_mask: nil)
|
184
187
|
# Pass arguments to `set_iam_policy` via keyword arguments. Note that at
|
185
188
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
186
189
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
@@ -193,6 +196,12 @@ module Google
|
|
193
196
|
# the policy is limited to a few 10s of KB. An empty policy is a
|
194
197
|
# valid policy but certain Cloud Platform services (such as Projects)
|
195
198
|
# might reject them.
|
199
|
+
# @param update_mask [::Google::Protobuf::FieldMask, ::Hash]
|
200
|
+
# OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only
|
201
|
+
# the fields in the mask will be modified. If no mask is provided, the
|
202
|
+
# following default mask is used:
|
203
|
+
#
|
204
|
+
# `paths: "bindings, etag"`
|
196
205
|
#
|
197
206
|
# @yield [response, operation] Access the result along with the RPC operation
|
198
207
|
# @yieldparam response [::Google::Iam::V1::Policy]
|
@@ -283,7 +292,7 @@ module Google
|
|
283
292
|
# See the operation documentation for the appropriate value for this field.
|
284
293
|
# @param options [::Google::Iam::V1::GetPolicyOptions, ::Hash]
|
285
294
|
# OPTIONAL: A `GetPolicyOptions` object for specifying options to
|
286
|
-
# `GetIamPolicy`.
|
295
|
+
# `GetIamPolicy`.
|
287
296
|
#
|
288
297
|
# @yield [response, operation] Access the result along with the RPC operation
|
289
298
|
# @yieldparam response [::Google::Iam::V1::Policy]
|
@@ -352,7 +361,7 @@ module Google
|
|
352
361
|
##
|
353
362
|
# Returns permissions that a caller has on the specified resource.
|
354
363
|
# If the resource does not exist, this will return an empty set of
|
355
|
-
# permissions, not a NOT_FOUND error.
|
364
|
+
# permissions, not a `NOT_FOUND` error.
|
356
365
|
#
|
357
366
|
# Note: This operation is designed to be used for building permission-aware
|
358
367
|
# UIs and command-line tools, not for authorization checking. This operation
|