google-cloud-kms-v1 0.16.0 → 0.18.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,2843 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2023 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+ require "google/cloud/errors"
20
+ require "google/cloud/kms/v1/service_pb"
21
+ require "google/cloud/kms/v1/key_management_service/rest/service_stub"
22
+ require "google/cloud/location/rest"
23
+ require "google/iam/v1/rest"
24
+
25
+ module Google
26
+ module Cloud
27
+ module Kms
28
+ module V1
29
+ module KeyManagementService
30
+ module Rest
31
+ ##
32
+ # REST client for the KeyManagementService service.
33
+ #
34
+ # Google Cloud Key Management Service
35
+ #
36
+ # Manages cryptographic keys and operations using those keys. Implements a REST
37
+ # model with the following objects:
38
+ #
39
+ # * {::Google::Cloud::Kms::V1::KeyRing KeyRing}
40
+ # * {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}
41
+ # * {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}
42
+ # * {::Google::Cloud::Kms::V1::ImportJob ImportJob}
43
+ #
44
+ # If you are using manual gRPC libraries, see
45
+ # [Using gRPC with Cloud KMS](https://cloud.google.com/kms/docs/grpc).
46
+ #
47
+ class Client
48
+ include Paths
49
+
50
+ # @private
51
+ attr_reader :key_management_service_stub
52
+
53
+ ##
54
+ # Configure the KeyManagementService Client class.
55
+ #
56
+ # See {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client::Configuration}
57
+ # for a description of the configuration fields.
58
+ #
59
+ # @example
60
+ #
61
+ # # Modify the configuration for all KeyManagementService clients
62
+ # ::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client.configure do |config|
63
+ # config.timeout = 10.0
64
+ # end
65
+ #
66
+ # @yield [config] Configure the Client client.
67
+ # @yieldparam config [Client::Configuration]
68
+ #
69
+ # @return [Client::Configuration]
70
+ #
71
+ def self.configure
72
+ @configure ||= begin
73
+ namespace = ["Google", "Cloud", "Kms", "V1"]
74
+ parent_config = while namespace.any?
75
+ parent_name = namespace.join "::"
76
+ parent_const = const_get parent_name
77
+ break parent_const.configure if parent_const.respond_to? :configure
78
+ namespace.pop
79
+ end
80
+ default_config = Client::Configuration.new parent_config
81
+
82
+ default_config.rpcs.list_key_rings.timeout = 60.0
83
+ default_config.rpcs.list_key_rings.retry_policy = {
84
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
85
+ }
86
+
87
+ default_config.rpcs.list_crypto_keys.timeout = 60.0
88
+ default_config.rpcs.list_crypto_keys.retry_policy = {
89
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
90
+ }
91
+
92
+ default_config.rpcs.list_crypto_key_versions.timeout = 60.0
93
+ default_config.rpcs.list_crypto_key_versions.retry_policy = {
94
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
95
+ }
96
+
97
+ default_config.rpcs.list_import_jobs.timeout = 60.0
98
+ default_config.rpcs.list_import_jobs.retry_policy = {
99
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
100
+ }
101
+
102
+ default_config.rpcs.get_key_ring.timeout = 60.0
103
+ default_config.rpcs.get_key_ring.retry_policy = {
104
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
105
+ }
106
+
107
+ default_config.rpcs.get_crypto_key.timeout = 60.0
108
+ default_config.rpcs.get_crypto_key.retry_policy = {
109
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
110
+ }
111
+
112
+ default_config.rpcs.get_crypto_key_version.timeout = 60.0
113
+ default_config.rpcs.get_crypto_key_version.retry_policy = {
114
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
115
+ }
116
+
117
+ default_config.rpcs.get_public_key.timeout = 60.0
118
+ default_config.rpcs.get_public_key.retry_policy = {
119
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
120
+ }
121
+
122
+ default_config.rpcs.get_import_job.timeout = 60.0
123
+ default_config.rpcs.get_import_job.retry_policy = {
124
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
125
+ }
126
+
127
+ default_config.rpcs.create_key_ring.timeout = 60.0
128
+ default_config.rpcs.create_key_ring.retry_policy = {
129
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
130
+ }
131
+
132
+ default_config.rpcs.create_crypto_key.timeout = 60.0
133
+ default_config.rpcs.create_crypto_key.retry_policy = {
134
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
135
+ }
136
+
137
+ default_config.rpcs.create_crypto_key_version.timeout = 60.0
138
+
139
+ default_config.rpcs.import_crypto_key_version.timeout = 60.0
140
+
141
+ default_config.rpcs.create_import_job.timeout = 60.0
142
+ default_config.rpcs.create_import_job.retry_policy = {
143
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
144
+ }
145
+
146
+ default_config.rpcs.update_crypto_key.timeout = 60.0
147
+ default_config.rpcs.update_crypto_key.retry_policy = {
148
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
149
+ }
150
+
151
+ default_config.rpcs.update_crypto_key_version.timeout = 60.0
152
+ default_config.rpcs.update_crypto_key_version.retry_policy = {
153
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
154
+ }
155
+
156
+ default_config.rpcs.update_crypto_key_primary_version.timeout = 60.0
157
+ default_config.rpcs.update_crypto_key_primary_version.retry_policy = {
158
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
159
+ }
160
+
161
+ default_config.rpcs.destroy_crypto_key_version.timeout = 60.0
162
+ default_config.rpcs.destroy_crypto_key_version.retry_policy = {
163
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
164
+ }
165
+
166
+ default_config.rpcs.restore_crypto_key_version.timeout = 60.0
167
+ default_config.rpcs.restore_crypto_key_version.retry_policy = {
168
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
169
+ }
170
+
171
+ default_config.rpcs.encrypt.timeout = 60.0
172
+ default_config.rpcs.encrypt.retry_policy = {
173
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
174
+ }
175
+
176
+ default_config.rpcs.decrypt.timeout = 60.0
177
+ default_config.rpcs.decrypt.retry_policy = {
178
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
179
+ }
180
+
181
+ default_config.rpcs.asymmetric_sign.timeout = 60.0
182
+ default_config.rpcs.asymmetric_sign.retry_policy = {
183
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
184
+ }
185
+
186
+ default_config.rpcs.asymmetric_decrypt.timeout = 60.0
187
+ default_config.rpcs.asymmetric_decrypt.retry_policy = {
188
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
189
+ }
190
+
191
+ default_config.rpcs.mac_sign.timeout = 60.0
192
+ default_config.rpcs.mac_sign.retry_policy = {
193
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
194
+ }
195
+
196
+ default_config.rpcs.mac_verify.timeout = 60.0
197
+ default_config.rpcs.mac_verify.retry_policy = {
198
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
199
+ }
200
+
201
+ default_config.rpcs.generate_random_bytes.timeout = 60.0
202
+ default_config.rpcs.generate_random_bytes.retry_policy = {
203
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
204
+ }
205
+
206
+ default_config
207
+ end
208
+ yield @configure if block_given?
209
+ @configure
210
+ end
211
+
212
+ ##
213
+ # Configure the KeyManagementService Client instance.
214
+ #
215
+ # The configuration is set to the derived mode, meaning that values can be changed,
216
+ # but structural changes (adding new fields, etc.) are not allowed. Structural changes
217
+ # should be made on {Client.configure}.
218
+ #
219
+ # See {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client::Configuration}
220
+ # for a description of the configuration fields.
221
+ #
222
+ # @yield [config] Configure the Client client.
223
+ # @yieldparam config [Client::Configuration]
224
+ #
225
+ # @return [Client::Configuration]
226
+ #
227
+ def configure
228
+ yield @config if block_given?
229
+ @config
230
+ end
231
+
232
+ ##
233
+ # Create a new KeyManagementService REST client object.
234
+ #
235
+ # @example
236
+ #
237
+ # # Create a client using the default configuration
238
+ # client = ::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client.new
239
+ #
240
+ # # Create a client using a custom configuration
241
+ # client = ::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client.new do |config|
242
+ # config.timeout = 10.0
243
+ # end
244
+ #
245
+ # @yield [config] Configure the KeyManagementService client.
246
+ # @yieldparam config [Client::Configuration]
247
+ #
248
+ def initialize
249
+ # Create the configuration object
250
+ @config = Configuration.new Client.configure
251
+
252
+ # Yield the configuration if needed
253
+ yield @config if block_given?
254
+
255
+ # Create credentials
256
+ credentials = @config.credentials
257
+ # Use self-signed JWT if the endpoint is unchanged from default,
258
+ # but only if the default endpoint does not have a region prefix.
259
+ enable_self_signed_jwt = @config.endpoint == Client.configure.endpoint &&
260
+ !@config.endpoint.split(".").first.include?("-")
261
+ credentials ||= Credentials.default scope: @config.scope,
262
+ enable_self_signed_jwt: enable_self_signed_jwt
263
+ if credentials.is_a?(::String) || credentials.is_a?(::Hash)
264
+ credentials = Credentials.new credentials, scope: @config.scope
265
+ end
266
+
267
+ @quota_project_id = @config.quota_project
268
+ @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id
269
+
270
+ @location_client = Google::Cloud::Location::Locations::Rest::Client.new do |config|
271
+ config.credentials = credentials
272
+ config.quota_project = @quota_project_id
273
+ config.endpoint = @config.endpoint
274
+ config.bindings_override = @config.bindings_override
275
+ end
276
+
277
+ @iam_policy_client = Google::Iam::V1::IAMPolicy::Rest::Client.new do |config|
278
+ config.credentials = credentials
279
+ config.quota_project = @quota_project_id
280
+ config.endpoint = @config.endpoint
281
+ config.bindings_override = @config.bindings_override
282
+ end
283
+
284
+ @key_management_service_stub = ::Google::Cloud::Kms::V1::KeyManagementService::Rest::ServiceStub.new endpoint: @config.endpoint, credentials: credentials
285
+ end
286
+
287
+ ##
288
+ # Get the associated client for mix-in of the Locations.
289
+ #
290
+ # @return [Google::Cloud::Location::Locations::Rest::Client]
291
+ #
292
+ attr_reader :location_client
293
+
294
+ ##
295
+ # Get the associated client for mix-in of the IAMPolicy.
296
+ #
297
+ # @return [Google::Iam::V1::IAMPolicy::Rest::Client]
298
+ #
299
+ attr_reader :iam_policy_client
300
+
301
+ # Service calls
302
+
303
+ ##
304
+ # Lists {::Google::Cloud::Kms::V1::KeyRing KeyRings}.
305
+ #
306
+ # @overload list_key_rings(request, options = nil)
307
+ # Pass arguments to `list_key_rings` via a request object, either of type
308
+ # {::Google::Cloud::Kms::V1::ListKeyRingsRequest} or an equivalent Hash.
309
+ #
310
+ # @param request [::Google::Cloud::Kms::V1::ListKeyRingsRequest, ::Hash]
311
+ # A request object representing the call parameters. Required. To specify no
312
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
313
+ # @param options [::Gapic::CallOptions, ::Hash]
314
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
315
+ #
316
+ # @overload list_key_rings(parent: nil, page_size: nil, page_token: nil, filter: nil, order_by: nil)
317
+ # Pass arguments to `list_key_rings` via keyword arguments. Note that at
318
+ # least one keyword argument is required. To specify no parameters, or to keep all
319
+ # the default parameter values, pass an empty Hash as a request object (see above).
320
+ #
321
+ # @param parent [::String]
322
+ # Required. The resource name of the location associated with the
323
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format
324
+ # `projects/*/locations/*`.
325
+ # @param page_size [::Integer]
326
+ # Optional. Optional limit on the number of
327
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRings} to include in the response. Further
328
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRings} can subsequently be obtained by
329
+ # including the
330
+ # {::Google::Cloud::Kms::V1::ListKeyRingsResponse#next_page_token ListKeyRingsResponse.next_page_token}
331
+ # in a subsequent request. If unspecified, the server will pick an
332
+ # appropriate default.
333
+ # @param page_token [::String]
334
+ # Optional. Optional pagination token, returned earlier via
335
+ # {::Google::Cloud::Kms::V1::ListKeyRingsResponse#next_page_token ListKeyRingsResponse.next_page_token}.
336
+ # @param filter [::String]
337
+ # Optional. Only include resources that match the filter in the response. For
338
+ # more information, see
339
+ # [Sorting and filtering list
340
+ # results](https://cloud.google.com/kms/docs/sorting-and-filtering).
341
+ # @param order_by [::String]
342
+ # Optional. Specify how the results should be sorted. If not specified, the
343
+ # results will be sorted in the default order. For more information, see
344
+ # [Sorting and filtering list
345
+ # results](https://cloud.google.com/kms/docs/sorting-and-filtering).
346
+ # @yield [result, operation] Access the result along with the TransportOperation object
347
+ # @yieldparam result [::Gapic::Rest::PagedEnumerable<::Google::Cloud::Kms::V1::KeyRing>]
348
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
349
+ #
350
+ # @return [::Gapic::Rest::PagedEnumerable<::Google::Cloud::Kms::V1::KeyRing>]
351
+ #
352
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
353
+ def list_key_rings request, options = nil
354
+ raise ::ArgumentError, "request must be provided" if request.nil?
355
+
356
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ListKeyRingsRequest
357
+
358
+ # Converts hash and nil to an options object
359
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
360
+
361
+ # Customize the options with defaults
362
+ call_metadata = @config.rpcs.list_key_rings.metadata.to_h
363
+
364
+ # Set x-goog-api-client and x-goog-user-project headers
365
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
366
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
367
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
368
+ transports_version_send: [:rest]
369
+
370
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
371
+
372
+ options.apply_defaults timeout: @config.rpcs.list_key_rings.timeout,
373
+ metadata: call_metadata,
374
+ retry_policy: @config.rpcs.list_key_rings.retry_policy
375
+
376
+ options.apply_defaults timeout: @config.timeout,
377
+ metadata: @config.metadata,
378
+ retry_policy: @config.retry_policy
379
+
380
+ @key_management_service_stub.list_key_rings request, options do |result, operation|
381
+ result = ::Gapic::Rest::PagedEnumerable.new @key_management_service_stub, :list_key_rings, "key_rings", request, result, options
382
+ yield result, operation if block_given?
383
+ return result
384
+ end
385
+ rescue ::Gapic::Rest::Error => e
386
+ raise ::Google::Cloud::Error.from_error(e)
387
+ end
388
+
389
+ ##
390
+ # Lists {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
391
+ #
392
+ # @overload list_crypto_keys(request, options = nil)
393
+ # Pass arguments to `list_crypto_keys` via a request object, either of type
394
+ # {::Google::Cloud::Kms::V1::ListCryptoKeysRequest} or an equivalent Hash.
395
+ #
396
+ # @param request [::Google::Cloud::Kms::V1::ListCryptoKeysRequest, ::Hash]
397
+ # A request object representing the call parameters. Required. To specify no
398
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
399
+ # @param options [::Gapic::CallOptions, ::Hash]
400
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
401
+ #
402
+ # @overload list_crypto_keys(parent: nil, page_size: nil, page_token: nil, version_view: nil, filter: nil, order_by: nil)
403
+ # Pass arguments to `list_crypto_keys` via keyword arguments. Note that at
404
+ # least one keyword argument is required. To specify no parameters, or to keep all
405
+ # the default parameter values, pass an empty Hash as a request object (see above).
406
+ #
407
+ # @param parent [::String]
408
+ # Required. The resource name of the {::Google::Cloud::Kms::V1::KeyRing KeyRing}
409
+ # to list, in the format `projects/*/locations/*/keyRings/*`.
410
+ # @param page_size [::Integer]
411
+ # Optional. Optional limit on the number of
412
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} to include in the response.
413
+ # Further {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} can subsequently be
414
+ # obtained by including the
415
+ # {::Google::Cloud::Kms::V1::ListCryptoKeysResponse#next_page_token ListCryptoKeysResponse.next_page_token}
416
+ # in a subsequent request. If unspecified, the server will pick an
417
+ # appropriate default.
418
+ # @param page_token [::String]
419
+ # Optional. Optional pagination token, returned earlier via
420
+ # {::Google::Cloud::Kms::V1::ListCryptoKeysResponse#next_page_token ListCryptoKeysResponse.next_page_token}.
421
+ # @param version_view [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionView]
422
+ # The fields of the primary version to include in the response.
423
+ # @param filter [::String]
424
+ # Optional. Only include resources that match the filter in the response. For
425
+ # more information, see
426
+ # [Sorting and filtering list
427
+ # results](https://cloud.google.com/kms/docs/sorting-and-filtering).
428
+ # @param order_by [::String]
429
+ # Optional. Specify how the results should be sorted. If not specified, the
430
+ # results will be sorted in the default order. For more information, see
431
+ # [Sorting and filtering list
432
+ # results](https://cloud.google.com/kms/docs/sorting-and-filtering).
433
+ # @yield [result, operation] Access the result along with the TransportOperation object
434
+ # @yieldparam result [::Gapic::Rest::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKey>]
435
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
436
+ #
437
+ # @return [::Gapic::Rest::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKey>]
438
+ #
439
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
440
+ def list_crypto_keys request, options = nil
441
+ raise ::ArgumentError, "request must be provided" if request.nil?
442
+
443
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ListCryptoKeysRequest
444
+
445
+ # Converts hash and nil to an options object
446
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
447
+
448
+ # Customize the options with defaults
449
+ call_metadata = @config.rpcs.list_crypto_keys.metadata.to_h
450
+
451
+ # Set x-goog-api-client and x-goog-user-project headers
452
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
453
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
454
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
455
+ transports_version_send: [:rest]
456
+
457
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
458
+
459
+ options.apply_defaults timeout: @config.rpcs.list_crypto_keys.timeout,
460
+ metadata: call_metadata,
461
+ retry_policy: @config.rpcs.list_crypto_keys.retry_policy
462
+
463
+ options.apply_defaults timeout: @config.timeout,
464
+ metadata: @config.metadata,
465
+ retry_policy: @config.retry_policy
466
+
467
+ @key_management_service_stub.list_crypto_keys request, options do |result, operation|
468
+ result = ::Gapic::Rest::PagedEnumerable.new @key_management_service_stub, :list_crypto_keys, "crypto_keys", request, result, options
469
+ yield result, operation if block_given?
470
+ return result
471
+ end
472
+ rescue ::Gapic::Rest::Error => e
473
+ raise ::Google::Cloud::Error.from_error(e)
474
+ end
475
+
476
+ ##
477
+ # Lists {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
478
+ #
479
+ # @overload list_crypto_key_versions(request, options = nil)
480
+ # Pass arguments to `list_crypto_key_versions` via a request object, either of type
481
+ # {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest} or an equivalent Hash.
482
+ #
483
+ # @param request [::Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest, ::Hash]
484
+ # A request object representing the call parameters. Required. To specify no
485
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
486
+ # @param options [::Gapic::CallOptions, ::Hash]
487
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
488
+ #
489
+ # @overload list_crypto_key_versions(parent: nil, page_size: nil, page_token: nil, view: nil, filter: nil, order_by: nil)
490
+ # Pass arguments to `list_crypto_key_versions` via keyword arguments. Note that at
491
+ # least one keyword argument is required. To specify no parameters, or to keep all
492
+ # the default parameter values, pass an empty Hash as a request object (see above).
493
+ #
494
+ # @param parent [::String]
495
+ # Required. The resource name of the
496
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to list, in the format
497
+ # `projects/*/locations/*/keyRings/*/cryptoKeys/*`.
498
+ # @param page_size [::Integer]
499
+ # Optional. Optional limit on the number of
500
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions} to include in the
501
+ # response. Further {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}
502
+ # can subsequently be obtained by including the
503
+ # {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsResponse#next_page_token ListCryptoKeyVersionsResponse.next_page_token}
504
+ # in a subsequent request. If unspecified, the server will pick an
505
+ # appropriate default.
506
+ # @param page_token [::String]
507
+ # Optional. Optional pagination token, returned earlier via
508
+ # {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsResponse#next_page_token ListCryptoKeyVersionsResponse.next_page_token}.
509
+ # @param view [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionView]
510
+ # The fields to include in the response.
511
+ # @param filter [::String]
512
+ # Optional. Only include resources that match the filter in the response. For
513
+ # more information, see
514
+ # [Sorting and filtering list
515
+ # results](https://cloud.google.com/kms/docs/sorting-and-filtering).
516
+ # @param order_by [::String]
517
+ # Optional. Specify how the results should be sorted. If not specified, the
518
+ # results will be sorted in the default order. For more information, see
519
+ # [Sorting and filtering list
520
+ # results](https://cloud.google.com/kms/docs/sorting-and-filtering).
521
+ # @yield [result, operation] Access the result along with the TransportOperation object
522
+ # @yieldparam result [::Gapic::Rest::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKeyVersion>]
523
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
524
+ #
525
+ # @return [::Gapic::Rest::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKeyVersion>]
526
+ #
527
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
528
+ def list_crypto_key_versions request, options = nil
529
+ raise ::ArgumentError, "request must be provided" if request.nil?
530
+
531
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest
532
+
533
+ # Converts hash and nil to an options object
534
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
535
+
536
+ # Customize the options with defaults
537
+ call_metadata = @config.rpcs.list_crypto_key_versions.metadata.to_h
538
+
539
+ # Set x-goog-api-client and x-goog-user-project headers
540
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
541
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
542
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
543
+ transports_version_send: [:rest]
544
+
545
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
546
+
547
+ options.apply_defaults timeout: @config.rpcs.list_crypto_key_versions.timeout,
548
+ metadata: call_metadata,
549
+ retry_policy: @config.rpcs.list_crypto_key_versions.retry_policy
550
+
551
+ options.apply_defaults timeout: @config.timeout,
552
+ metadata: @config.metadata,
553
+ retry_policy: @config.retry_policy
554
+
555
+ @key_management_service_stub.list_crypto_key_versions request, options do |result, operation|
556
+ result = ::Gapic::Rest::PagedEnumerable.new @key_management_service_stub, :list_crypto_key_versions, "crypto_key_versions", request, result, options
557
+ yield result, operation if block_given?
558
+ return result
559
+ end
560
+ rescue ::Gapic::Rest::Error => e
561
+ raise ::Google::Cloud::Error.from_error(e)
562
+ end
563
+
564
+ ##
565
+ # Lists {::Google::Cloud::Kms::V1::ImportJob ImportJobs}.
566
+ #
567
+ # @overload list_import_jobs(request, options = nil)
568
+ # Pass arguments to `list_import_jobs` via a request object, either of type
569
+ # {::Google::Cloud::Kms::V1::ListImportJobsRequest} or an equivalent Hash.
570
+ #
571
+ # @param request [::Google::Cloud::Kms::V1::ListImportJobsRequest, ::Hash]
572
+ # A request object representing the call parameters. Required. To specify no
573
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
574
+ # @param options [::Gapic::CallOptions, ::Hash]
575
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
576
+ #
577
+ # @overload list_import_jobs(parent: nil, page_size: nil, page_token: nil, filter: nil, order_by: nil)
578
+ # Pass arguments to `list_import_jobs` via keyword arguments. Note that at
579
+ # least one keyword argument is required. To specify no parameters, or to keep all
580
+ # the default parameter values, pass an empty Hash as a request object (see above).
581
+ #
582
+ # @param parent [::String]
583
+ # Required. The resource name of the {::Google::Cloud::Kms::V1::KeyRing KeyRing}
584
+ # to list, in the format `projects/*/locations/*/keyRings/*`.
585
+ # @param page_size [::Integer]
586
+ # Optional. Optional limit on the number of
587
+ # {::Google::Cloud::Kms::V1::ImportJob ImportJobs} to include in the response.
588
+ # Further {::Google::Cloud::Kms::V1::ImportJob ImportJobs} can subsequently be
589
+ # obtained by including the
590
+ # {::Google::Cloud::Kms::V1::ListImportJobsResponse#next_page_token ListImportJobsResponse.next_page_token}
591
+ # in a subsequent request. If unspecified, the server will pick an
592
+ # appropriate default.
593
+ # @param page_token [::String]
594
+ # Optional. Optional pagination token, returned earlier via
595
+ # {::Google::Cloud::Kms::V1::ListImportJobsResponse#next_page_token ListImportJobsResponse.next_page_token}.
596
+ # @param filter [::String]
597
+ # Optional. Only include resources that match the filter in the response. For
598
+ # more information, see
599
+ # [Sorting and filtering list
600
+ # results](https://cloud.google.com/kms/docs/sorting-and-filtering).
601
+ # @param order_by [::String]
602
+ # Optional. Specify how the results should be sorted. If not specified, the
603
+ # results will be sorted in the default order. For more information, see
604
+ # [Sorting and filtering list
605
+ # results](https://cloud.google.com/kms/docs/sorting-and-filtering).
606
+ # @yield [result, operation] Access the result along with the TransportOperation object
607
+ # @yieldparam result [::Gapic::Rest::PagedEnumerable<::Google::Cloud::Kms::V1::ImportJob>]
608
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
609
+ #
610
+ # @return [::Gapic::Rest::PagedEnumerable<::Google::Cloud::Kms::V1::ImportJob>]
611
+ #
612
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
613
+ def list_import_jobs request, options = nil
614
+ raise ::ArgumentError, "request must be provided" if request.nil?
615
+
616
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ListImportJobsRequest
617
+
618
+ # Converts hash and nil to an options object
619
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
620
+
621
+ # Customize the options with defaults
622
+ call_metadata = @config.rpcs.list_import_jobs.metadata.to_h
623
+
624
+ # Set x-goog-api-client and x-goog-user-project headers
625
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
626
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
627
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
628
+ transports_version_send: [:rest]
629
+
630
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
631
+
632
+ options.apply_defaults timeout: @config.rpcs.list_import_jobs.timeout,
633
+ metadata: call_metadata,
634
+ retry_policy: @config.rpcs.list_import_jobs.retry_policy
635
+
636
+ options.apply_defaults timeout: @config.timeout,
637
+ metadata: @config.metadata,
638
+ retry_policy: @config.retry_policy
639
+
640
+ @key_management_service_stub.list_import_jobs request, options do |result, operation|
641
+ result = ::Gapic::Rest::PagedEnumerable.new @key_management_service_stub, :list_import_jobs, "import_jobs", request, result, options
642
+ yield result, operation if block_given?
643
+ return result
644
+ end
645
+ rescue ::Gapic::Rest::Error => e
646
+ raise ::Google::Cloud::Error.from_error(e)
647
+ end
648
+
649
+ ##
650
+ # Returns metadata for a given {::Google::Cloud::Kms::V1::KeyRing KeyRing}.
651
+ #
652
+ # @overload get_key_ring(request, options = nil)
653
+ # Pass arguments to `get_key_ring` via a request object, either of type
654
+ # {::Google::Cloud::Kms::V1::GetKeyRingRequest} or an equivalent Hash.
655
+ #
656
+ # @param request [::Google::Cloud::Kms::V1::GetKeyRingRequest, ::Hash]
657
+ # A request object representing the call parameters. Required. To specify no
658
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
659
+ # @param options [::Gapic::CallOptions, ::Hash]
660
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
661
+ #
662
+ # @overload get_key_ring(name: nil)
663
+ # Pass arguments to `get_key_ring` via keyword arguments. Note that at
664
+ # least one keyword argument is required. To specify no parameters, or to keep all
665
+ # the default parameter values, pass an empty Hash as a request object (see above).
666
+ #
667
+ # @param name [::String]
668
+ # Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the
669
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRing} to get.
670
+ # @yield [result, operation] Access the result along with the TransportOperation object
671
+ # @yieldparam result [::Google::Cloud::Kms::V1::KeyRing]
672
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
673
+ #
674
+ # @return [::Google::Cloud::Kms::V1::KeyRing]
675
+ #
676
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
677
+ def get_key_ring request, options = nil
678
+ raise ::ArgumentError, "request must be provided" if request.nil?
679
+
680
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetKeyRingRequest
681
+
682
+ # Converts hash and nil to an options object
683
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
684
+
685
+ # Customize the options with defaults
686
+ call_metadata = @config.rpcs.get_key_ring.metadata.to_h
687
+
688
+ # Set x-goog-api-client and x-goog-user-project headers
689
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
690
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
691
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
692
+ transports_version_send: [:rest]
693
+
694
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
695
+
696
+ options.apply_defaults timeout: @config.rpcs.get_key_ring.timeout,
697
+ metadata: call_metadata,
698
+ retry_policy: @config.rpcs.get_key_ring.retry_policy
699
+
700
+ options.apply_defaults timeout: @config.timeout,
701
+ metadata: @config.metadata,
702
+ retry_policy: @config.retry_policy
703
+
704
+ @key_management_service_stub.get_key_ring request, options do |result, operation|
705
+ yield result, operation if block_given?
706
+ return result
707
+ end
708
+ rescue ::Gapic::Rest::Error => e
709
+ raise ::Google::Cloud::Error.from_error(e)
710
+ end
711
+
712
+ ##
713
+ # Returns metadata for a given {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}, as
714
+ # well as its {::Google::Cloud::Kms::V1::CryptoKey#primary primary}
715
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
716
+ #
717
+ # @overload get_crypto_key(request, options = nil)
718
+ # Pass arguments to `get_crypto_key` via a request object, either of type
719
+ # {::Google::Cloud::Kms::V1::GetCryptoKeyRequest} or an equivalent Hash.
720
+ #
721
+ # @param request [::Google::Cloud::Kms::V1::GetCryptoKeyRequest, ::Hash]
722
+ # A request object representing the call parameters. Required. To specify no
723
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
724
+ # @param options [::Gapic::CallOptions, ::Hash]
725
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
726
+ #
727
+ # @overload get_crypto_key(name: nil)
728
+ # Pass arguments to `get_crypto_key` via keyword arguments. Note that at
729
+ # least one keyword argument is required. To specify no parameters, or to keep all
730
+ # the default parameter values, pass an empty Hash as a request object (see above).
731
+ #
732
+ # @param name [::String]
733
+ # Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
734
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to get.
735
+ # @yield [result, operation] Access the result along with the TransportOperation object
736
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKey]
737
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
738
+ #
739
+ # @return [::Google::Cloud::Kms::V1::CryptoKey]
740
+ #
741
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
742
+ def get_crypto_key request, options = nil
743
+ raise ::ArgumentError, "request must be provided" if request.nil?
744
+
745
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetCryptoKeyRequest
746
+
747
+ # Converts hash and nil to an options object
748
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
749
+
750
+ # Customize the options with defaults
751
+ call_metadata = @config.rpcs.get_crypto_key.metadata.to_h
752
+
753
+ # Set x-goog-api-client and x-goog-user-project headers
754
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
755
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
756
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
757
+ transports_version_send: [:rest]
758
+
759
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
760
+
761
+ options.apply_defaults timeout: @config.rpcs.get_crypto_key.timeout,
762
+ metadata: call_metadata,
763
+ retry_policy: @config.rpcs.get_crypto_key.retry_policy
764
+
765
+ options.apply_defaults timeout: @config.timeout,
766
+ metadata: @config.metadata,
767
+ retry_policy: @config.retry_policy
768
+
769
+ @key_management_service_stub.get_crypto_key request, options do |result, operation|
770
+ yield result, operation if block_given?
771
+ return result
772
+ end
773
+ rescue ::Gapic::Rest::Error => e
774
+ raise ::Google::Cloud::Error.from_error(e)
775
+ end
776
+
777
+ ##
778
+ # Returns metadata for a given
779
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
780
+ #
781
+ # @overload get_crypto_key_version(request, options = nil)
782
+ # Pass arguments to `get_crypto_key_version` via a request object, either of type
783
+ # {::Google::Cloud::Kms::V1::GetCryptoKeyVersionRequest} or an equivalent Hash.
784
+ #
785
+ # @param request [::Google::Cloud::Kms::V1::GetCryptoKeyVersionRequest, ::Hash]
786
+ # A request object representing the call parameters. Required. To specify no
787
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
788
+ # @param options [::Gapic::CallOptions, ::Hash]
789
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
790
+ #
791
+ # @overload get_crypto_key_version(name: nil)
792
+ # Pass arguments to `get_crypto_key_version` via keyword arguments. Note that at
793
+ # least one keyword argument is required. To specify no parameters, or to keep all
794
+ # the default parameter values, pass an empty Hash as a request object (see above).
795
+ #
796
+ # @param name [::String]
797
+ # Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the
798
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to get.
799
+ # @yield [result, operation] Access the result along with the TransportOperation object
800
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKeyVersion]
801
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
802
+ #
803
+ # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
804
+ #
805
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
806
+ def get_crypto_key_version request, options = nil
807
+ raise ::ArgumentError, "request must be provided" if request.nil?
808
+
809
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetCryptoKeyVersionRequest
810
+
811
+ # Converts hash and nil to an options object
812
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
813
+
814
+ # Customize the options with defaults
815
+ call_metadata = @config.rpcs.get_crypto_key_version.metadata.to_h
816
+
817
+ # Set x-goog-api-client and x-goog-user-project headers
818
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
819
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
820
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
821
+ transports_version_send: [:rest]
822
+
823
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
824
+
825
+ options.apply_defaults timeout: @config.rpcs.get_crypto_key_version.timeout,
826
+ metadata: call_metadata,
827
+ retry_policy: @config.rpcs.get_crypto_key_version.retry_policy
828
+
829
+ options.apply_defaults timeout: @config.timeout,
830
+ metadata: @config.metadata,
831
+ retry_policy: @config.retry_policy
832
+
833
+ @key_management_service_stub.get_crypto_key_version request, options do |result, operation|
834
+ yield result, operation if block_given?
835
+ return result
836
+ end
837
+ rescue ::Gapic::Rest::Error => e
838
+ raise ::Google::Cloud::Error.from_error(e)
839
+ end
840
+
841
+ ##
842
+ # Returns the public key for the given
843
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. The
844
+ # {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} must be
845
+ # {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ASYMMETRIC_SIGN ASYMMETRIC_SIGN}
846
+ # or
847
+ # {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ASYMMETRIC_DECRYPT ASYMMETRIC_DECRYPT}.
848
+ #
849
+ # @overload get_public_key(request, options = nil)
850
+ # Pass arguments to `get_public_key` via a request object, either of type
851
+ # {::Google::Cloud::Kms::V1::GetPublicKeyRequest} or an equivalent Hash.
852
+ #
853
+ # @param request [::Google::Cloud::Kms::V1::GetPublicKeyRequest, ::Hash]
854
+ # A request object representing the call parameters. Required. To specify no
855
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
856
+ # @param options [::Gapic::CallOptions, ::Hash]
857
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
858
+ #
859
+ # @overload get_public_key(name: nil)
860
+ # Pass arguments to `get_public_key` via keyword arguments. Note that at
861
+ # least one keyword argument is required. To specify no parameters, or to keep all
862
+ # the default parameter values, pass an empty Hash as a request object (see above).
863
+ #
864
+ # @param name [::String]
865
+ # Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the
866
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} public key to get.
867
+ # @yield [result, operation] Access the result along with the TransportOperation object
868
+ # @yieldparam result [::Google::Cloud::Kms::V1::PublicKey]
869
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
870
+ #
871
+ # @return [::Google::Cloud::Kms::V1::PublicKey]
872
+ #
873
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
874
+ def get_public_key request, options = nil
875
+ raise ::ArgumentError, "request must be provided" if request.nil?
876
+
877
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetPublicKeyRequest
878
+
879
+ # Converts hash and nil to an options object
880
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
881
+
882
+ # Customize the options with defaults
883
+ call_metadata = @config.rpcs.get_public_key.metadata.to_h
884
+
885
+ # Set x-goog-api-client and x-goog-user-project headers
886
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
887
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
888
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
889
+ transports_version_send: [:rest]
890
+
891
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
892
+
893
+ options.apply_defaults timeout: @config.rpcs.get_public_key.timeout,
894
+ metadata: call_metadata,
895
+ retry_policy: @config.rpcs.get_public_key.retry_policy
896
+
897
+ options.apply_defaults timeout: @config.timeout,
898
+ metadata: @config.metadata,
899
+ retry_policy: @config.retry_policy
900
+
901
+ @key_management_service_stub.get_public_key request, options do |result, operation|
902
+ yield result, operation if block_given?
903
+ return result
904
+ end
905
+ rescue ::Gapic::Rest::Error => e
906
+ raise ::Google::Cloud::Error.from_error(e)
907
+ end
908
+
909
+ ##
910
+ # Returns metadata for a given {::Google::Cloud::Kms::V1::ImportJob ImportJob}.
911
+ #
912
+ # @overload get_import_job(request, options = nil)
913
+ # Pass arguments to `get_import_job` via a request object, either of type
914
+ # {::Google::Cloud::Kms::V1::GetImportJobRequest} or an equivalent Hash.
915
+ #
916
+ # @param request [::Google::Cloud::Kms::V1::GetImportJobRequest, ::Hash]
917
+ # A request object representing the call parameters. Required. To specify no
918
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
919
+ # @param options [::Gapic::CallOptions, ::Hash]
920
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
921
+ #
922
+ # @overload get_import_job(name: nil)
923
+ # Pass arguments to `get_import_job` via keyword arguments. Note that at
924
+ # least one keyword argument is required. To specify no parameters, or to keep all
925
+ # the default parameter values, pass an empty Hash as a request object (see above).
926
+ #
927
+ # @param name [::String]
928
+ # Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the
929
+ # {::Google::Cloud::Kms::V1::ImportJob ImportJob} to get.
930
+ # @yield [result, operation] Access the result along with the TransportOperation object
931
+ # @yieldparam result [::Google::Cloud::Kms::V1::ImportJob]
932
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
933
+ #
934
+ # @return [::Google::Cloud::Kms::V1::ImportJob]
935
+ #
936
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
937
+ def get_import_job request, options = nil
938
+ raise ::ArgumentError, "request must be provided" if request.nil?
939
+
940
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetImportJobRequest
941
+
942
+ # Converts hash and nil to an options object
943
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
944
+
945
+ # Customize the options with defaults
946
+ call_metadata = @config.rpcs.get_import_job.metadata.to_h
947
+
948
+ # Set x-goog-api-client and x-goog-user-project headers
949
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
950
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
951
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
952
+ transports_version_send: [:rest]
953
+
954
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
955
+
956
+ options.apply_defaults timeout: @config.rpcs.get_import_job.timeout,
957
+ metadata: call_metadata,
958
+ retry_policy: @config.rpcs.get_import_job.retry_policy
959
+
960
+ options.apply_defaults timeout: @config.timeout,
961
+ metadata: @config.metadata,
962
+ retry_policy: @config.retry_policy
963
+
964
+ @key_management_service_stub.get_import_job request, options do |result, operation|
965
+ yield result, operation if block_given?
966
+ return result
967
+ end
968
+ rescue ::Gapic::Rest::Error => e
969
+ raise ::Google::Cloud::Error.from_error(e)
970
+ end
971
+
972
+ ##
973
+ # Create a new {::Google::Cloud::Kms::V1::KeyRing KeyRing} in a given Project and
974
+ # Location.
975
+ #
976
+ # @overload create_key_ring(request, options = nil)
977
+ # Pass arguments to `create_key_ring` via a request object, either of type
978
+ # {::Google::Cloud::Kms::V1::CreateKeyRingRequest} or an equivalent Hash.
979
+ #
980
+ # @param request [::Google::Cloud::Kms::V1::CreateKeyRingRequest, ::Hash]
981
+ # A request object representing the call parameters. Required. To specify no
982
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
983
+ # @param options [::Gapic::CallOptions, ::Hash]
984
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
985
+ #
986
+ # @overload create_key_ring(parent: nil, key_ring_id: nil, key_ring: nil)
987
+ # Pass arguments to `create_key_ring` via keyword arguments. Note that at
988
+ # least one keyword argument is required. To specify no parameters, or to keep all
989
+ # the default parameter values, pass an empty Hash as a request object (see above).
990
+ #
991
+ # @param parent [::String]
992
+ # Required. The resource name of the location associated with the
993
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format
994
+ # `projects/*/locations/*`.
995
+ # @param key_ring_id [::String]
996
+ # Required. It must be unique within a location and match the regular
997
+ # expression `[a-zA-Z0-9_-]{1,63}`
998
+ # @param key_ring [::Google::Cloud::Kms::V1::KeyRing, ::Hash]
999
+ # Required. A {::Google::Cloud::Kms::V1::KeyRing KeyRing} with initial field
1000
+ # values.
1001
+ # @yield [result, operation] Access the result along with the TransportOperation object
1002
+ # @yieldparam result [::Google::Cloud::Kms::V1::KeyRing]
1003
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1004
+ #
1005
+ # @return [::Google::Cloud::Kms::V1::KeyRing]
1006
+ #
1007
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1008
+ def create_key_ring request, options = nil
1009
+ raise ::ArgumentError, "request must be provided" if request.nil?
1010
+
1011
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::CreateKeyRingRequest
1012
+
1013
+ # Converts hash and nil to an options object
1014
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1015
+
1016
+ # Customize the options with defaults
1017
+ call_metadata = @config.rpcs.create_key_ring.metadata.to_h
1018
+
1019
+ # Set x-goog-api-client and x-goog-user-project headers
1020
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1021
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1022
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1023
+ transports_version_send: [:rest]
1024
+
1025
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1026
+
1027
+ options.apply_defaults timeout: @config.rpcs.create_key_ring.timeout,
1028
+ metadata: call_metadata,
1029
+ retry_policy: @config.rpcs.create_key_ring.retry_policy
1030
+
1031
+ options.apply_defaults timeout: @config.timeout,
1032
+ metadata: @config.metadata,
1033
+ retry_policy: @config.retry_policy
1034
+
1035
+ @key_management_service_stub.create_key_ring request, options do |result, operation|
1036
+ yield result, operation if block_given?
1037
+ return result
1038
+ end
1039
+ rescue ::Gapic::Rest::Error => e
1040
+ raise ::Google::Cloud::Error.from_error(e)
1041
+ end
1042
+
1043
+ ##
1044
+ # Create a new {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} within a
1045
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRing}.
1046
+ #
1047
+ # {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} and
1048
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#algorithm CryptoKey.version_template.algorithm}
1049
+ # are required.
1050
+ #
1051
+ # @overload create_crypto_key(request, options = nil)
1052
+ # Pass arguments to `create_crypto_key` via a request object, either of type
1053
+ # {::Google::Cloud::Kms::V1::CreateCryptoKeyRequest} or an equivalent Hash.
1054
+ #
1055
+ # @param request [::Google::Cloud::Kms::V1::CreateCryptoKeyRequest, ::Hash]
1056
+ # A request object representing the call parameters. Required. To specify no
1057
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1058
+ # @param options [::Gapic::CallOptions, ::Hash]
1059
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1060
+ #
1061
+ # @overload create_crypto_key(parent: nil, crypto_key_id: nil, crypto_key: nil, skip_initial_version_creation: nil)
1062
+ # Pass arguments to `create_crypto_key` via keyword arguments. Note that at
1063
+ # least one keyword argument is required. To specify no parameters, or to keep all
1064
+ # the default parameter values, pass an empty Hash as a request object (see above).
1065
+ #
1066
+ # @param parent [::String]
1067
+ # Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the KeyRing
1068
+ # associated with the {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
1069
+ # @param crypto_key_id [::String]
1070
+ # Required. It must be unique within a KeyRing and match the regular
1071
+ # expression `[a-zA-Z0-9_-]{1,63}`
1072
+ # @param crypto_key [::Google::Cloud::Kms::V1::CryptoKey, ::Hash]
1073
+ # Required. A {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} with initial field
1074
+ # values.
1075
+ # @param skip_initial_version_creation [::Boolean]
1076
+ # If set to true, the request will create a
1077
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} without any
1078
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}. You must
1079
+ # manually call
1080
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#create_crypto_key_version CreateCryptoKeyVersion}
1081
+ # or
1082
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#import_crypto_key_version ImportCryptoKeyVersion}
1083
+ # before you can use this {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
1084
+ # @yield [result, operation] Access the result along with the TransportOperation object
1085
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKey]
1086
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1087
+ #
1088
+ # @return [::Google::Cloud::Kms::V1::CryptoKey]
1089
+ #
1090
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1091
+ def create_crypto_key request, options = nil
1092
+ raise ::ArgumentError, "request must be provided" if request.nil?
1093
+
1094
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::CreateCryptoKeyRequest
1095
+
1096
+ # Converts hash and nil to an options object
1097
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1098
+
1099
+ # Customize the options with defaults
1100
+ call_metadata = @config.rpcs.create_crypto_key.metadata.to_h
1101
+
1102
+ # Set x-goog-api-client and x-goog-user-project headers
1103
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1104
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1105
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1106
+ transports_version_send: [:rest]
1107
+
1108
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1109
+
1110
+ options.apply_defaults timeout: @config.rpcs.create_crypto_key.timeout,
1111
+ metadata: call_metadata,
1112
+ retry_policy: @config.rpcs.create_crypto_key.retry_policy
1113
+
1114
+ options.apply_defaults timeout: @config.timeout,
1115
+ metadata: @config.metadata,
1116
+ retry_policy: @config.retry_policy
1117
+
1118
+ @key_management_service_stub.create_crypto_key request, options do |result, operation|
1119
+ yield result, operation if block_given?
1120
+ return result
1121
+ end
1122
+ rescue ::Gapic::Rest::Error => e
1123
+ raise ::Google::Cloud::Error.from_error(e)
1124
+ end
1125
+
1126
+ ##
1127
+ # Create a new {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} in a
1128
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
1129
+ #
1130
+ # The server will assign the next sequential id. If unset,
1131
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} will be set to
1132
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::ENABLED ENABLED}.
1133
+ #
1134
+ # @overload create_crypto_key_version(request, options = nil)
1135
+ # Pass arguments to `create_crypto_key_version` via a request object, either of type
1136
+ # {::Google::Cloud::Kms::V1::CreateCryptoKeyVersionRequest} or an equivalent Hash.
1137
+ #
1138
+ # @param request [::Google::Cloud::Kms::V1::CreateCryptoKeyVersionRequest, ::Hash]
1139
+ # A request object representing the call parameters. Required. To specify no
1140
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1141
+ # @param options [::Gapic::CallOptions, ::Hash]
1142
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1143
+ #
1144
+ # @overload create_crypto_key_version(parent: nil, crypto_key_version: nil)
1145
+ # Pass arguments to `create_crypto_key_version` via keyword arguments. Note that at
1146
+ # least one keyword argument is required. To specify no parameters, or to keep all
1147
+ # the default parameter values, pass an empty Hash as a request object (see above).
1148
+ #
1149
+ # @param parent [::String]
1150
+ # Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
1151
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} associated with the
1152
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
1153
+ # @param crypto_key_version [::Google::Cloud::Kms::V1::CryptoKeyVersion, ::Hash]
1154
+ # Required. A {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with
1155
+ # initial field values.
1156
+ # @yield [result, operation] Access the result along with the TransportOperation object
1157
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1158
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1159
+ #
1160
+ # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1161
+ #
1162
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1163
+ def create_crypto_key_version request, options = nil
1164
+ raise ::ArgumentError, "request must be provided" if request.nil?
1165
+
1166
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::CreateCryptoKeyVersionRequest
1167
+
1168
+ # Converts hash and nil to an options object
1169
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1170
+
1171
+ # Customize the options with defaults
1172
+ call_metadata = @config.rpcs.create_crypto_key_version.metadata.to_h
1173
+
1174
+ # Set x-goog-api-client and x-goog-user-project headers
1175
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1176
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1177
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1178
+ transports_version_send: [:rest]
1179
+
1180
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1181
+
1182
+ options.apply_defaults timeout: @config.rpcs.create_crypto_key_version.timeout,
1183
+ metadata: call_metadata,
1184
+ retry_policy: @config.rpcs.create_crypto_key_version.retry_policy
1185
+
1186
+ options.apply_defaults timeout: @config.timeout,
1187
+ metadata: @config.metadata,
1188
+ retry_policy: @config.retry_policy
1189
+
1190
+ @key_management_service_stub.create_crypto_key_version request, options do |result, operation|
1191
+ yield result, operation if block_given?
1192
+ return result
1193
+ end
1194
+ rescue ::Gapic::Rest::Error => e
1195
+ raise ::Google::Cloud::Error.from_error(e)
1196
+ end
1197
+
1198
+ ##
1199
+ # Import wrapped key material into a
1200
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
1201
+ #
1202
+ # All requests must specify a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}. If
1203
+ # a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} is additionally
1204
+ # specified in the request, key material will be reimported into that
1205
+ # version. Otherwise, a new version will be created, and will be assigned the
1206
+ # next sequential id within the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
1207
+ #
1208
+ # @overload import_crypto_key_version(request, options = nil)
1209
+ # Pass arguments to `import_crypto_key_version` via a request object, either of type
1210
+ # {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest} or an equivalent Hash.
1211
+ #
1212
+ # @param request [::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest, ::Hash]
1213
+ # A request object representing the call parameters. Required. To specify no
1214
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1215
+ # @param options [::Gapic::CallOptions, ::Hash]
1216
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1217
+ #
1218
+ # @overload import_crypto_key_version(parent: nil, crypto_key_version: nil, algorithm: nil, import_job: nil, wrapped_key: nil, rsa_aes_wrapped_key: nil)
1219
+ # Pass arguments to `import_crypto_key_version` via keyword arguments. Note that at
1220
+ # least one keyword argument is required. To specify no parameters, or to keep all
1221
+ # the default parameter values, pass an empty Hash as a request object (see above).
1222
+ #
1223
+ # @param parent [::String]
1224
+ # Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
1225
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to be imported into.
1226
+ #
1227
+ # The create permission is only required on this key when creating a new
1228
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
1229
+ # @param crypto_key_version [::String]
1230
+ # Optional. The optional {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of
1231
+ # an existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to
1232
+ # target for an import operation. If this field is not present, a new
1233
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} containing the
1234
+ # supplied key material is created.
1235
+ #
1236
+ # If this field is present, the supplied key material is imported into
1237
+ # the existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. To
1238
+ # import into an existing
1239
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}, the
1240
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} must be a child of
1241
+ # {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest#parent ImportCryptoKeyVersionRequest.parent},
1242
+ # have been previously created via [ImportCryptoKeyVersion][], and be in
1243
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED}
1244
+ # or
1245
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::IMPORT_FAILED IMPORT_FAILED}
1246
+ # state. The key material and algorithm must match the previous
1247
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} exactly if the
1248
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} has ever contained
1249
+ # key material.
1250
+ # @param algorithm [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm]
1251
+ # Required. The
1252
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm algorithm}
1253
+ # of the key being imported. This does not need to match the
1254
+ # {::Google::Cloud::Kms::V1::CryptoKey#version_template version_template} of the
1255
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} this version imports into.
1256
+ # @param import_job [::String]
1257
+ # Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the
1258
+ # {::Google::Cloud::Kms::V1::ImportJob ImportJob} that was used to wrap this key
1259
+ # material.
1260
+ # @param wrapped_key [::String]
1261
+ # Optional. The wrapped key material to import.
1262
+ #
1263
+ # Before wrapping, key material must be formatted. If importing symmetric key
1264
+ # material, the expected key material format is plain bytes. If importing
1265
+ # asymmetric key material, the expected key material format is PKCS#8-encoded
1266
+ # DER (the PrivateKeyInfo structure from RFC 5208).
1267
+ #
1268
+ # When wrapping with import methods
1269
+ # ({::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_3072_SHA1_AES_256 RSA_OAEP_3072_SHA1_AES_256}
1270
+ # or
1271
+ # {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_4096_SHA1_AES_256 RSA_OAEP_4096_SHA1_AES_256}
1272
+ # or
1273
+ # {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_3072_SHA256_AES_256 RSA_OAEP_3072_SHA256_AES_256}
1274
+ # or
1275
+ # {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_4096_SHA256_AES_256 RSA_OAEP_4096_SHA256_AES_256}),
1276
+ #
1277
+ # this field must contain the concatenation of:
1278
+ # <ol>
1279
+ # <li>An ephemeral AES-256 wrapping key wrapped with the
1280
+ # {::Google::Cloud::Kms::V1::ImportJob#public_key public_key} using
1281
+ # RSAES-OAEP with SHA-1/SHA-256, MGF1 with SHA-1/SHA-256, and an empty
1282
+ # label.
1283
+ # </li>
1284
+ # <li>The formatted key to be imported, wrapped with the ephemeral AES-256
1285
+ # key using AES-KWP (RFC 5649).
1286
+ # </li>
1287
+ # </ol>
1288
+ #
1289
+ # This format is the same as the format produced by PKCS#11 mechanism
1290
+ # CKM_RSA_AES_KEY_WRAP.
1291
+ #
1292
+ # When wrapping with import methods
1293
+ # ({::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_3072_SHA256 RSA_OAEP_3072_SHA256}
1294
+ # or
1295
+ # {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_4096_SHA256 RSA_OAEP_4096_SHA256}),
1296
+ #
1297
+ # this field must contain the formatted key to be imported, wrapped with the
1298
+ # {::Google::Cloud::Kms::V1::ImportJob#public_key public_key} using RSAES-OAEP
1299
+ # with SHA-256, MGF1 with SHA-256, and an empty label.
1300
+ # @param rsa_aes_wrapped_key [::String]
1301
+ # Optional. This field has the same meaning as
1302
+ # {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest#wrapped_key wrapped_key}.
1303
+ # Prefer to use that field in new work. Either that field or this field
1304
+ # (but not both) must be specified.
1305
+ # @yield [result, operation] Access the result along with the TransportOperation object
1306
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1307
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1308
+ #
1309
+ # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1310
+ #
1311
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1312
+ def import_crypto_key_version request, options = nil
1313
+ raise ::ArgumentError, "request must be provided" if request.nil?
1314
+
1315
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest
1316
+
1317
+ # Converts hash and nil to an options object
1318
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1319
+
1320
+ # Customize the options with defaults
1321
+ call_metadata = @config.rpcs.import_crypto_key_version.metadata.to_h
1322
+
1323
+ # Set x-goog-api-client and x-goog-user-project headers
1324
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1325
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1326
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1327
+ transports_version_send: [:rest]
1328
+
1329
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1330
+
1331
+ options.apply_defaults timeout: @config.rpcs.import_crypto_key_version.timeout,
1332
+ metadata: call_metadata,
1333
+ retry_policy: @config.rpcs.import_crypto_key_version.retry_policy
1334
+
1335
+ options.apply_defaults timeout: @config.timeout,
1336
+ metadata: @config.metadata,
1337
+ retry_policy: @config.retry_policy
1338
+
1339
+ @key_management_service_stub.import_crypto_key_version request, options do |result, operation|
1340
+ yield result, operation if block_given?
1341
+ return result
1342
+ end
1343
+ rescue ::Gapic::Rest::Error => e
1344
+ raise ::Google::Cloud::Error.from_error(e)
1345
+ end
1346
+
1347
+ ##
1348
+ # Create a new {::Google::Cloud::Kms::V1::ImportJob ImportJob} within a
1349
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRing}.
1350
+ #
1351
+ # {::Google::Cloud::Kms::V1::ImportJob#import_method ImportJob.import_method} is
1352
+ # required.
1353
+ #
1354
+ # @overload create_import_job(request, options = nil)
1355
+ # Pass arguments to `create_import_job` via a request object, either of type
1356
+ # {::Google::Cloud::Kms::V1::CreateImportJobRequest} or an equivalent Hash.
1357
+ #
1358
+ # @param request [::Google::Cloud::Kms::V1::CreateImportJobRequest, ::Hash]
1359
+ # A request object representing the call parameters. Required. To specify no
1360
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1361
+ # @param options [::Gapic::CallOptions, ::Hash]
1362
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1363
+ #
1364
+ # @overload create_import_job(parent: nil, import_job_id: nil, import_job: nil)
1365
+ # Pass arguments to `create_import_job` via keyword arguments. Note that at
1366
+ # least one keyword argument is required. To specify no parameters, or to keep all
1367
+ # the default parameter values, pass an empty Hash as a request object (see above).
1368
+ #
1369
+ # @param parent [::String]
1370
+ # Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the
1371
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRing} associated with the
1372
+ # {::Google::Cloud::Kms::V1::ImportJob ImportJobs}.
1373
+ # @param import_job_id [::String]
1374
+ # Required. It must be unique within a KeyRing and match the regular
1375
+ # expression `[a-zA-Z0-9_-]{1,63}`
1376
+ # @param import_job [::Google::Cloud::Kms::V1::ImportJob, ::Hash]
1377
+ # Required. An {::Google::Cloud::Kms::V1::ImportJob ImportJob} with initial field
1378
+ # values.
1379
+ # @yield [result, operation] Access the result along with the TransportOperation object
1380
+ # @yieldparam result [::Google::Cloud::Kms::V1::ImportJob]
1381
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1382
+ #
1383
+ # @return [::Google::Cloud::Kms::V1::ImportJob]
1384
+ #
1385
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1386
+ def create_import_job request, options = nil
1387
+ raise ::ArgumentError, "request must be provided" if request.nil?
1388
+
1389
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::CreateImportJobRequest
1390
+
1391
+ # Converts hash and nil to an options object
1392
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1393
+
1394
+ # Customize the options with defaults
1395
+ call_metadata = @config.rpcs.create_import_job.metadata.to_h
1396
+
1397
+ # Set x-goog-api-client and x-goog-user-project headers
1398
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1399
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1400
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1401
+ transports_version_send: [:rest]
1402
+
1403
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1404
+
1405
+ options.apply_defaults timeout: @config.rpcs.create_import_job.timeout,
1406
+ metadata: call_metadata,
1407
+ retry_policy: @config.rpcs.create_import_job.retry_policy
1408
+
1409
+ options.apply_defaults timeout: @config.timeout,
1410
+ metadata: @config.metadata,
1411
+ retry_policy: @config.retry_policy
1412
+
1413
+ @key_management_service_stub.create_import_job request, options do |result, operation|
1414
+ yield result, operation if block_given?
1415
+ return result
1416
+ end
1417
+ rescue ::Gapic::Rest::Error => e
1418
+ raise ::Google::Cloud::Error.from_error(e)
1419
+ end
1420
+
1421
+ ##
1422
+ # Update a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
1423
+ #
1424
+ # @overload update_crypto_key(request, options = nil)
1425
+ # Pass arguments to `update_crypto_key` via a request object, either of type
1426
+ # {::Google::Cloud::Kms::V1::UpdateCryptoKeyRequest} or an equivalent Hash.
1427
+ #
1428
+ # @param request [::Google::Cloud::Kms::V1::UpdateCryptoKeyRequest, ::Hash]
1429
+ # A request object representing the call parameters. Required. To specify no
1430
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1431
+ # @param options [::Gapic::CallOptions, ::Hash]
1432
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1433
+ #
1434
+ # @overload update_crypto_key(crypto_key: nil, update_mask: nil)
1435
+ # Pass arguments to `update_crypto_key` via keyword arguments. Note that at
1436
+ # least one keyword argument is required. To specify no parameters, or to keep all
1437
+ # the default parameter values, pass an empty Hash as a request object (see above).
1438
+ #
1439
+ # @param crypto_key [::Google::Cloud::Kms::V1::CryptoKey, ::Hash]
1440
+ # Required. {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} with updated values.
1441
+ # @param update_mask [::Google::Protobuf::FieldMask, ::Hash]
1442
+ # Required. List of fields to be updated in this request.
1443
+ # @yield [result, operation] Access the result along with the TransportOperation object
1444
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKey]
1445
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1446
+ #
1447
+ # @return [::Google::Cloud::Kms::V1::CryptoKey]
1448
+ #
1449
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1450
+ def update_crypto_key request, options = nil
1451
+ raise ::ArgumentError, "request must be provided" if request.nil?
1452
+
1453
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::UpdateCryptoKeyRequest
1454
+
1455
+ # Converts hash and nil to an options object
1456
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1457
+
1458
+ # Customize the options with defaults
1459
+ call_metadata = @config.rpcs.update_crypto_key.metadata.to_h
1460
+
1461
+ # Set x-goog-api-client and x-goog-user-project headers
1462
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1463
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1464
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1465
+ transports_version_send: [:rest]
1466
+
1467
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1468
+
1469
+ options.apply_defaults timeout: @config.rpcs.update_crypto_key.timeout,
1470
+ metadata: call_metadata,
1471
+ retry_policy: @config.rpcs.update_crypto_key.retry_policy
1472
+
1473
+ options.apply_defaults timeout: @config.timeout,
1474
+ metadata: @config.metadata,
1475
+ retry_policy: @config.retry_policy
1476
+
1477
+ @key_management_service_stub.update_crypto_key request, options do |result, operation|
1478
+ yield result, operation if block_given?
1479
+ return result
1480
+ end
1481
+ rescue ::Gapic::Rest::Error => e
1482
+ raise ::Google::Cloud::Error.from_error(e)
1483
+ end
1484
+
1485
+ ##
1486
+ # Update a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s
1487
+ # metadata.
1488
+ #
1489
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} may be changed between
1490
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::ENABLED ENABLED}
1491
+ # and
1492
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DISABLED DISABLED}
1493
+ # using this method. See
1494
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#destroy_crypto_key_version DestroyCryptoKeyVersion}
1495
+ # and
1496
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#restore_crypto_key_version RestoreCryptoKeyVersion}
1497
+ # to move between other states.
1498
+ #
1499
+ # @overload update_crypto_key_version(request, options = nil)
1500
+ # Pass arguments to `update_crypto_key_version` via a request object, either of type
1501
+ # {::Google::Cloud::Kms::V1::UpdateCryptoKeyVersionRequest} or an equivalent Hash.
1502
+ #
1503
+ # @param request [::Google::Cloud::Kms::V1::UpdateCryptoKeyVersionRequest, ::Hash]
1504
+ # A request object representing the call parameters. Required. To specify no
1505
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1506
+ # @param options [::Gapic::CallOptions, ::Hash]
1507
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1508
+ #
1509
+ # @overload update_crypto_key_version(crypto_key_version: nil, update_mask: nil)
1510
+ # Pass arguments to `update_crypto_key_version` via keyword arguments. Note that at
1511
+ # least one keyword argument is required. To specify no parameters, or to keep all
1512
+ # the default parameter values, pass an empty Hash as a request object (see above).
1513
+ #
1514
+ # @param crypto_key_version [::Google::Cloud::Kms::V1::CryptoKeyVersion, ::Hash]
1515
+ # Required. {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with
1516
+ # updated values.
1517
+ # @param update_mask [::Google::Protobuf::FieldMask, ::Hash]
1518
+ # Required. List of fields to be updated in this request.
1519
+ # @yield [result, operation] Access the result along with the TransportOperation object
1520
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1521
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1522
+ #
1523
+ # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1524
+ #
1525
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1526
+ def update_crypto_key_version request, options = nil
1527
+ raise ::ArgumentError, "request must be provided" if request.nil?
1528
+
1529
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::UpdateCryptoKeyVersionRequest
1530
+
1531
+ # Converts hash and nil to an options object
1532
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1533
+
1534
+ # Customize the options with defaults
1535
+ call_metadata = @config.rpcs.update_crypto_key_version.metadata.to_h
1536
+
1537
+ # Set x-goog-api-client and x-goog-user-project headers
1538
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1539
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1540
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1541
+ transports_version_send: [:rest]
1542
+
1543
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1544
+
1545
+ options.apply_defaults timeout: @config.rpcs.update_crypto_key_version.timeout,
1546
+ metadata: call_metadata,
1547
+ retry_policy: @config.rpcs.update_crypto_key_version.retry_policy
1548
+
1549
+ options.apply_defaults timeout: @config.timeout,
1550
+ metadata: @config.metadata,
1551
+ retry_policy: @config.retry_policy
1552
+
1553
+ @key_management_service_stub.update_crypto_key_version request, options do |result, operation|
1554
+ yield result, operation if block_given?
1555
+ return result
1556
+ end
1557
+ rescue ::Gapic::Rest::Error => e
1558
+ raise ::Google::Cloud::Error.from_error(e)
1559
+ end
1560
+
1561
+ ##
1562
+ # Update the version of a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} that
1563
+ # will be used in
1564
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#encrypt Encrypt}.
1565
+ #
1566
+ # Returns an error if called on a key whose purpose is not
1567
+ # {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ENCRYPT_DECRYPT ENCRYPT_DECRYPT}.
1568
+ #
1569
+ # @overload update_crypto_key_primary_version(request, options = nil)
1570
+ # Pass arguments to `update_crypto_key_primary_version` via a request object, either of type
1571
+ # {::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest} or an equivalent Hash.
1572
+ #
1573
+ # @param request [::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest, ::Hash]
1574
+ # A request object representing the call parameters. Required. To specify no
1575
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1576
+ # @param options [::Gapic::CallOptions, ::Hash]
1577
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1578
+ #
1579
+ # @overload update_crypto_key_primary_version(name: nil, crypto_key_version_id: nil)
1580
+ # Pass arguments to `update_crypto_key_primary_version` via keyword arguments. Note that at
1581
+ # least one keyword argument is required. To specify no parameters, or to keep all
1582
+ # the default parameter values, pass an empty Hash as a request object (see above).
1583
+ #
1584
+ # @param name [::String]
1585
+ # Required. The resource name of the
1586
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to update.
1587
+ # @param crypto_key_version_id [::String]
1588
+ # Required. The id of the child
1589
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use as primary.
1590
+ # @yield [result, operation] Access the result along with the TransportOperation object
1591
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKey]
1592
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1593
+ #
1594
+ # @return [::Google::Cloud::Kms::V1::CryptoKey]
1595
+ #
1596
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1597
+ def update_crypto_key_primary_version request, options = nil
1598
+ raise ::ArgumentError, "request must be provided" if request.nil?
1599
+
1600
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest
1601
+
1602
+ # Converts hash and nil to an options object
1603
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1604
+
1605
+ # Customize the options with defaults
1606
+ call_metadata = @config.rpcs.update_crypto_key_primary_version.metadata.to_h
1607
+
1608
+ # Set x-goog-api-client and x-goog-user-project headers
1609
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1610
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1611
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1612
+ transports_version_send: [:rest]
1613
+
1614
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1615
+
1616
+ options.apply_defaults timeout: @config.rpcs.update_crypto_key_primary_version.timeout,
1617
+ metadata: call_metadata,
1618
+ retry_policy: @config.rpcs.update_crypto_key_primary_version.retry_policy
1619
+
1620
+ options.apply_defaults timeout: @config.timeout,
1621
+ metadata: @config.metadata,
1622
+ retry_policy: @config.retry_policy
1623
+
1624
+ @key_management_service_stub.update_crypto_key_primary_version request, options do |result, operation|
1625
+ yield result, operation if block_given?
1626
+ return result
1627
+ end
1628
+ rescue ::Gapic::Rest::Error => e
1629
+ raise ::Google::Cloud::Error.from_error(e)
1630
+ end
1631
+
1632
+ ##
1633
+ # Schedule a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} for
1634
+ # destruction.
1635
+ #
1636
+ # Upon calling this method,
1637
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion#state CryptoKeyVersion.state} will
1638
+ # be set to
1639
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROY_SCHEDULED DESTROY_SCHEDULED},
1640
+ # and {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will
1641
+ # be set to the time
1642
+ # {::Google::Cloud::Kms::V1::CryptoKey#destroy_scheduled_duration destroy_scheduled_duration}
1643
+ # in the future. At that time, the
1644
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} will automatically
1645
+ # change to
1646
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED},
1647
+ # and the key material will be irrevocably destroyed.
1648
+ #
1649
+ # Before the
1650
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} is
1651
+ # reached,
1652
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#restore_crypto_key_version RestoreCryptoKeyVersion}
1653
+ # may be called to reverse the process.
1654
+ #
1655
+ # @overload destroy_crypto_key_version(request, options = nil)
1656
+ # Pass arguments to `destroy_crypto_key_version` via a request object, either of type
1657
+ # {::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest} or an equivalent Hash.
1658
+ #
1659
+ # @param request [::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest, ::Hash]
1660
+ # A request object representing the call parameters. Required. To specify no
1661
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1662
+ # @param options [::Gapic::CallOptions, ::Hash]
1663
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1664
+ #
1665
+ # @overload destroy_crypto_key_version(name: nil)
1666
+ # Pass arguments to `destroy_crypto_key_version` via keyword arguments. Note that at
1667
+ # least one keyword argument is required. To specify no parameters, or to keep all
1668
+ # the default parameter values, pass an empty Hash as a request object (see above).
1669
+ #
1670
+ # @param name [::String]
1671
+ # Required. The resource name of the
1672
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to destroy.
1673
+ # @yield [result, operation] Access the result along with the TransportOperation object
1674
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1675
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1676
+ #
1677
+ # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1678
+ #
1679
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1680
+ def destroy_crypto_key_version request, options = nil
1681
+ raise ::ArgumentError, "request must be provided" if request.nil?
1682
+
1683
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest
1684
+
1685
+ # Converts hash and nil to an options object
1686
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1687
+
1688
+ # Customize the options with defaults
1689
+ call_metadata = @config.rpcs.destroy_crypto_key_version.metadata.to_h
1690
+
1691
+ # Set x-goog-api-client and x-goog-user-project headers
1692
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1693
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1694
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1695
+ transports_version_send: [:rest]
1696
+
1697
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1698
+
1699
+ options.apply_defaults timeout: @config.rpcs.destroy_crypto_key_version.timeout,
1700
+ metadata: call_metadata,
1701
+ retry_policy: @config.rpcs.destroy_crypto_key_version.retry_policy
1702
+
1703
+ options.apply_defaults timeout: @config.timeout,
1704
+ metadata: @config.metadata,
1705
+ retry_policy: @config.retry_policy
1706
+
1707
+ @key_management_service_stub.destroy_crypto_key_version request, options do |result, operation|
1708
+ yield result, operation if block_given?
1709
+ return result
1710
+ end
1711
+ rescue ::Gapic::Rest::Error => e
1712
+ raise ::Google::Cloud::Error.from_error(e)
1713
+ end
1714
+
1715
+ ##
1716
+ # Restore a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} in the
1717
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROY_SCHEDULED DESTROY_SCHEDULED}
1718
+ # state.
1719
+ #
1720
+ # Upon restoration of the CryptoKeyVersion,
1721
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} will be set to
1722
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DISABLED DISABLED},
1723
+ # and {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will
1724
+ # be cleared.
1725
+ #
1726
+ # @overload restore_crypto_key_version(request, options = nil)
1727
+ # Pass arguments to `restore_crypto_key_version` via a request object, either of type
1728
+ # {::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest} or an equivalent Hash.
1729
+ #
1730
+ # @param request [::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest, ::Hash]
1731
+ # A request object representing the call parameters. Required. To specify no
1732
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1733
+ # @param options [::Gapic::CallOptions, ::Hash]
1734
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1735
+ #
1736
+ # @overload restore_crypto_key_version(name: nil)
1737
+ # Pass arguments to `restore_crypto_key_version` via keyword arguments. Note that at
1738
+ # least one keyword argument is required. To specify no parameters, or to keep all
1739
+ # the default parameter values, pass an empty Hash as a request object (see above).
1740
+ #
1741
+ # @param name [::String]
1742
+ # Required. The resource name of the
1743
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to restore.
1744
+ # @yield [result, operation] Access the result along with the TransportOperation object
1745
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1746
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1747
+ #
1748
+ # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1749
+ #
1750
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1751
+ def restore_crypto_key_version request, options = nil
1752
+ raise ::ArgumentError, "request must be provided" if request.nil?
1753
+
1754
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest
1755
+
1756
+ # Converts hash and nil to an options object
1757
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1758
+
1759
+ # Customize the options with defaults
1760
+ call_metadata = @config.rpcs.restore_crypto_key_version.metadata.to_h
1761
+
1762
+ # Set x-goog-api-client and x-goog-user-project headers
1763
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1764
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1765
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1766
+ transports_version_send: [:rest]
1767
+
1768
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1769
+
1770
+ options.apply_defaults timeout: @config.rpcs.restore_crypto_key_version.timeout,
1771
+ metadata: call_metadata,
1772
+ retry_policy: @config.rpcs.restore_crypto_key_version.retry_policy
1773
+
1774
+ options.apply_defaults timeout: @config.timeout,
1775
+ metadata: @config.metadata,
1776
+ retry_policy: @config.retry_policy
1777
+
1778
+ @key_management_service_stub.restore_crypto_key_version request, options do |result, operation|
1779
+ yield result, operation if block_given?
1780
+ return result
1781
+ end
1782
+ rescue ::Gapic::Rest::Error => e
1783
+ raise ::Google::Cloud::Error.from_error(e)
1784
+ end
1785
+
1786
+ ##
1787
+ # Encrypts data, so that it can only be recovered by a call to
1788
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#decrypt Decrypt}. The
1789
+ # {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} must be
1790
+ # {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ENCRYPT_DECRYPT ENCRYPT_DECRYPT}.
1791
+ #
1792
+ # @overload encrypt(request, options = nil)
1793
+ # Pass arguments to `encrypt` via a request object, either of type
1794
+ # {::Google::Cloud::Kms::V1::EncryptRequest} or an equivalent Hash.
1795
+ #
1796
+ # @param request [::Google::Cloud::Kms::V1::EncryptRequest, ::Hash]
1797
+ # A request object representing the call parameters. Required. To specify no
1798
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1799
+ # @param options [::Gapic::CallOptions, ::Hash]
1800
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1801
+ #
1802
+ # @overload encrypt(name: nil, plaintext: nil, additional_authenticated_data: nil, plaintext_crc32c: nil, additional_authenticated_data_crc32c: nil)
1803
+ # Pass arguments to `encrypt` via keyword arguments. Note that at
1804
+ # least one keyword argument is required. To specify no parameters, or to keep all
1805
+ # the default parameter values, pass an empty Hash as a request object (see above).
1806
+ #
1807
+ # @param name [::String]
1808
+ # Required. The resource name of the
1809
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} or
1810
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
1811
+ # encryption.
1812
+ #
1813
+ # If a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} is specified, the server
1814
+ # will use its {::Google::Cloud::Kms::V1::CryptoKey#primary primary version}.
1815
+ # @param plaintext [::String]
1816
+ # Required. The data to encrypt. Must be no larger than 64KiB.
1817
+ #
1818
+ # The maximum size depends on the key version's
1819
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
1820
+ # For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE},
1821
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL EXTERNAL}, and
1822
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL_VPC EXTERNAL_VPC} keys, the
1823
+ # plaintext must be no larger than 64KiB. For
1824
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of
1825
+ # the plaintext and additional_authenticated_data fields must be no larger
1826
+ # than 8KiB.
1827
+ # @param additional_authenticated_data [::String]
1828
+ # Optional. Optional data that, if specified, must also be provided during
1829
+ # decryption through
1830
+ # {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}.
1831
+ #
1832
+ # The maximum size depends on the key version's
1833
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
1834
+ # For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE},
1835
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL EXTERNAL}, and
1836
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL_VPC EXTERNAL_VPC} keys the
1837
+ # AAD must be no larger than 64KiB. For
1838
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of
1839
+ # the plaintext and additional_authenticated_data fields must be no larger
1840
+ # than 8KiB.
1841
+ # @param plaintext_crc32c [::Google::Protobuf::Int64Value, ::Hash]
1842
+ # Optional. An optional CRC32C checksum of the
1843
+ # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}.
1844
+ # If specified,
1845
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
1846
+ # verify the integrity of the received
1847
+ # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}
1848
+ # using this checksum.
1849
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
1850
+ # report an error if the checksum verification fails. If you receive a
1851
+ # checksum error, your client should verify that
1852
+ # CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext})
1853
+ # is equal to
1854
+ # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c},
1855
+ # and if so, perform a limited number of retries. A persistent mismatch may
1856
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
1857
+ # field is defined as int64 for reasons of compatibility across different
1858
+ # languages. However, it is a non-negative integer, which will never exceed
1859
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
1860
+ # this type.
1861
+ # @param additional_authenticated_data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
1862
+ # Optional. An optional CRC32C checksum of the
1863
+ # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}.
1864
+ # If specified,
1865
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
1866
+ # verify the integrity of the received
1867
+ # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}
1868
+ # using this checksum.
1869
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
1870
+ # report an error if the checksum verification fails. If you receive a
1871
+ # checksum error, your client should verify that
1872
+ # CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data})
1873
+ # is equal to
1874
+ # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c},
1875
+ # and if so, perform a limited number of retries. A persistent mismatch may
1876
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
1877
+ # field is defined as int64 for reasons of compatibility across different
1878
+ # languages. However, it is a non-negative integer, which will never exceed
1879
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
1880
+ # this type.
1881
+ # @yield [result, operation] Access the result along with the TransportOperation object
1882
+ # @yieldparam result [::Google::Cloud::Kms::V1::EncryptResponse]
1883
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1884
+ #
1885
+ # @return [::Google::Cloud::Kms::V1::EncryptResponse]
1886
+ #
1887
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1888
+ def encrypt request, options = nil
1889
+ raise ::ArgumentError, "request must be provided" if request.nil?
1890
+
1891
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::EncryptRequest
1892
+
1893
+ # Converts hash and nil to an options object
1894
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1895
+
1896
+ # Customize the options with defaults
1897
+ call_metadata = @config.rpcs.encrypt.metadata.to_h
1898
+
1899
+ # Set x-goog-api-client and x-goog-user-project headers
1900
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1901
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1902
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1903
+ transports_version_send: [:rest]
1904
+
1905
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1906
+
1907
+ options.apply_defaults timeout: @config.rpcs.encrypt.timeout,
1908
+ metadata: call_metadata,
1909
+ retry_policy: @config.rpcs.encrypt.retry_policy
1910
+
1911
+ options.apply_defaults timeout: @config.timeout,
1912
+ metadata: @config.metadata,
1913
+ retry_policy: @config.retry_policy
1914
+
1915
+ @key_management_service_stub.encrypt request, options do |result, operation|
1916
+ yield result, operation if block_given?
1917
+ return result
1918
+ end
1919
+ rescue ::Gapic::Rest::Error => e
1920
+ raise ::Google::Cloud::Error.from_error(e)
1921
+ end
1922
+
1923
+ ##
1924
+ # Decrypts data that was protected by
1925
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#encrypt Encrypt}. The
1926
+ # {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} must be
1927
+ # {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ENCRYPT_DECRYPT ENCRYPT_DECRYPT}.
1928
+ #
1929
+ # @overload decrypt(request, options = nil)
1930
+ # Pass arguments to `decrypt` via a request object, either of type
1931
+ # {::Google::Cloud::Kms::V1::DecryptRequest} or an equivalent Hash.
1932
+ #
1933
+ # @param request [::Google::Cloud::Kms::V1::DecryptRequest, ::Hash]
1934
+ # A request object representing the call parameters. Required. To specify no
1935
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1936
+ # @param options [::Gapic::CallOptions, ::Hash]
1937
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1938
+ #
1939
+ # @overload decrypt(name: nil, ciphertext: nil, additional_authenticated_data: nil, ciphertext_crc32c: nil, additional_authenticated_data_crc32c: nil)
1940
+ # Pass arguments to `decrypt` via keyword arguments. Note that at
1941
+ # least one keyword argument is required. To specify no parameters, or to keep all
1942
+ # the default parameter values, pass an empty Hash as a request object (see above).
1943
+ #
1944
+ # @param name [::String]
1945
+ # Required. The resource name of the
1946
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to use for decryption. The
1947
+ # server will choose the appropriate version.
1948
+ # @param ciphertext [::String]
1949
+ # Required. The encrypted data originally returned in
1950
+ # {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext}.
1951
+ # @param additional_authenticated_data [::String]
1952
+ # Optional. Optional data that must match the data originally supplied in
1953
+ # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}.
1954
+ # @param ciphertext_crc32c [::Google::Protobuf::Int64Value, ::Hash]
1955
+ # Optional. An optional CRC32C checksum of the
1956
+ # {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}.
1957
+ # If specified,
1958
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
1959
+ # verify the integrity of the received
1960
+ # {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}
1961
+ # using this checksum.
1962
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
1963
+ # report an error if the checksum verification fails. If you receive a
1964
+ # checksum error, your client should verify that
1965
+ # CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext})
1966
+ # is equal to
1967
+ # {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext_crc32c DecryptRequest.ciphertext_crc32c},
1968
+ # and if so, perform a limited number of retries. A persistent mismatch may
1969
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
1970
+ # field is defined as int64 for reasons of compatibility across different
1971
+ # languages. However, it is a non-negative integer, which will never exceed
1972
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
1973
+ # this type.
1974
+ # @param additional_authenticated_data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
1975
+ # Optional. An optional CRC32C checksum of the
1976
+ # {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}.
1977
+ # If specified,
1978
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
1979
+ # verify the integrity of the received
1980
+ # {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}
1981
+ # using this checksum.
1982
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
1983
+ # report an error if the checksum verification fails. If you receive a
1984
+ # checksum error, your client should verify that
1985
+ # CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data})
1986
+ # is equal to
1987
+ # {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data_crc32c DecryptRequest.additional_authenticated_data_crc32c},
1988
+ # and if so, perform a limited number of retries. A persistent mismatch may
1989
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
1990
+ # field is defined as int64 for reasons of compatibility across different
1991
+ # languages. However, it is a non-negative integer, which will never exceed
1992
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
1993
+ # this type.
1994
+ # @yield [result, operation] Access the result along with the TransportOperation object
1995
+ # @yieldparam result [::Google::Cloud::Kms::V1::DecryptResponse]
1996
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1997
+ #
1998
+ # @return [::Google::Cloud::Kms::V1::DecryptResponse]
1999
+ #
2000
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
2001
+ def decrypt request, options = nil
2002
+ raise ::ArgumentError, "request must be provided" if request.nil?
2003
+
2004
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::DecryptRequest
2005
+
2006
+ # Converts hash and nil to an options object
2007
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
2008
+
2009
+ # Customize the options with defaults
2010
+ call_metadata = @config.rpcs.decrypt.metadata.to_h
2011
+
2012
+ # Set x-goog-api-client and x-goog-user-project headers
2013
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
2014
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
2015
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
2016
+ transports_version_send: [:rest]
2017
+
2018
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
2019
+
2020
+ options.apply_defaults timeout: @config.rpcs.decrypt.timeout,
2021
+ metadata: call_metadata,
2022
+ retry_policy: @config.rpcs.decrypt.retry_policy
2023
+
2024
+ options.apply_defaults timeout: @config.timeout,
2025
+ metadata: @config.metadata,
2026
+ retry_policy: @config.retry_policy
2027
+
2028
+ @key_management_service_stub.decrypt request, options do |result, operation|
2029
+ yield result, operation if block_given?
2030
+ return result
2031
+ end
2032
+ rescue ::Gapic::Rest::Error => e
2033
+ raise ::Google::Cloud::Error.from_error(e)
2034
+ end
2035
+
2036
+ ##
2037
+ # Signs data using a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}
2038
+ # with {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose}
2039
+ # ASYMMETRIC_SIGN, producing a signature that can be verified with the public
2040
+ # key retrieved from
2041
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#get_public_key GetPublicKey}.
2042
+ #
2043
+ # @overload asymmetric_sign(request, options = nil)
2044
+ # Pass arguments to `asymmetric_sign` via a request object, either of type
2045
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest} or an equivalent Hash.
2046
+ #
2047
+ # @param request [::Google::Cloud::Kms::V1::AsymmetricSignRequest, ::Hash]
2048
+ # A request object representing the call parameters. Required. To specify no
2049
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
2050
+ # @param options [::Gapic::CallOptions, ::Hash]
2051
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
2052
+ #
2053
+ # @overload asymmetric_sign(name: nil, digest: nil, digest_crc32c: nil, data: nil, data_crc32c: nil)
2054
+ # Pass arguments to `asymmetric_sign` via keyword arguments. Note that at
2055
+ # least one keyword argument is required. To specify no parameters, or to keep all
2056
+ # the default parameter values, pass an empty Hash as a request object (see above).
2057
+ #
2058
+ # @param name [::String]
2059
+ # Required. The resource name of the
2060
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
2061
+ # signing.
2062
+ # @param digest [::Google::Cloud::Kms::V1::Digest, ::Hash]
2063
+ # Optional. The digest of the data to sign. The digest must be produced with
2064
+ # the same digest algorithm as specified by the key version's
2065
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion#algorithm algorithm}.
2066
+ #
2067
+ # This field may not be supplied if
2068
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}
2069
+ # is supplied.
2070
+ # @param digest_crc32c [::Google::Protobuf::Int64Value, ::Hash]
2071
+ # Optional. An optional CRC32C checksum of the
2072
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}.
2073
+ # If specified,
2074
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
2075
+ # verify the integrity of the received
2076
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}
2077
+ # using this checksum.
2078
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
2079
+ # report an error if the checksum verification fails. If you receive a
2080
+ # checksum error, your client should verify that
2081
+ # CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest})
2082
+ # is equal to
2083
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c},
2084
+ # and if so, perform a limited number of retries. A persistent mismatch may
2085
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
2086
+ # field is defined as int64 for reasons of compatibility across different
2087
+ # languages. However, it is a non-negative integer, which will never exceed
2088
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
2089
+ # this type.
2090
+ # @param data [::String]
2091
+ # Optional. The data to sign.
2092
+ # It can't be supplied if
2093
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}
2094
+ # is supplied.
2095
+ # @param data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
2096
+ # Optional. An optional CRC32C checksum of the
2097
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}.
2098
+ # If specified,
2099
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
2100
+ # verify the integrity of the received
2101
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}
2102
+ # using this checksum.
2103
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
2104
+ # report an error if the checksum verification fails. If you receive a
2105
+ # checksum error, your client should verify that
2106
+ # CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data})
2107
+ # is equal to
2108
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c},
2109
+ # and if so, perform a limited number of retries. A persistent mismatch may
2110
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
2111
+ # field is defined as int64 for reasons of compatibility across different
2112
+ # languages. However, it is a non-negative integer, which will never exceed
2113
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
2114
+ # this type.
2115
+ # @yield [result, operation] Access the result along with the TransportOperation object
2116
+ # @yieldparam result [::Google::Cloud::Kms::V1::AsymmetricSignResponse]
2117
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
2118
+ #
2119
+ # @return [::Google::Cloud::Kms::V1::AsymmetricSignResponse]
2120
+ #
2121
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
2122
+ def asymmetric_sign request, options = nil
2123
+ raise ::ArgumentError, "request must be provided" if request.nil?
2124
+
2125
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::AsymmetricSignRequest
2126
+
2127
+ # Converts hash and nil to an options object
2128
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
2129
+
2130
+ # Customize the options with defaults
2131
+ call_metadata = @config.rpcs.asymmetric_sign.metadata.to_h
2132
+
2133
+ # Set x-goog-api-client and x-goog-user-project headers
2134
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
2135
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
2136
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
2137
+ transports_version_send: [:rest]
2138
+
2139
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
2140
+
2141
+ options.apply_defaults timeout: @config.rpcs.asymmetric_sign.timeout,
2142
+ metadata: call_metadata,
2143
+ retry_policy: @config.rpcs.asymmetric_sign.retry_policy
2144
+
2145
+ options.apply_defaults timeout: @config.timeout,
2146
+ metadata: @config.metadata,
2147
+ retry_policy: @config.retry_policy
2148
+
2149
+ @key_management_service_stub.asymmetric_sign request, options do |result, operation|
2150
+ yield result, operation if block_given?
2151
+ return result
2152
+ end
2153
+ rescue ::Gapic::Rest::Error => e
2154
+ raise ::Google::Cloud::Error.from_error(e)
2155
+ end
2156
+
2157
+ ##
2158
+ # Decrypts data that was encrypted with a public key retrieved from
2159
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#get_public_key GetPublicKey}
2160
+ # corresponding to a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}
2161
+ # with {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose}
2162
+ # ASYMMETRIC_DECRYPT.
2163
+ #
2164
+ # @overload asymmetric_decrypt(request, options = nil)
2165
+ # Pass arguments to `asymmetric_decrypt` via a request object, either of type
2166
+ # {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest} or an equivalent Hash.
2167
+ #
2168
+ # @param request [::Google::Cloud::Kms::V1::AsymmetricDecryptRequest, ::Hash]
2169
+ # A request object representing the call parameters. Required. To specify no
2170
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
2171
+ # @param options [::Gapic::CallOptions, ::Hash]
2172
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
2173
+ #
2174
+ # @overload asymmetric_decrypt(name: nil, ciphertext: nil, ciphertext_crc32c: nil)
2175
+ # Pass arguments to `asymmetric_decrypt` via keyword arguments. Note that at
2176
+ # least one keyword argument is required. To specify no parameters, or to keep all
2177
+ # the default parameter values, pass an empty Hash as a request object (see above).
2178
+ #
2179
+ # @param name [::String]
2180
+ # Required. The resource name of the
2181
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
2182
+ # decryption.
2183
+ # @param ciphertext [::String]
2184
+ # Required. The data encrypted with the named
2185
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s public key using
2186
+ # OAEP.
2187
+ # @param ciphertext_crc32c [::Google::Protobuf::Int64Value, ::Hash]
2188
+ # Optional. An optional CRC32C checksum of the
2189
+ # {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}.
2190
+ # If specified,
2191
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
2192
+ # verify the integrity of the received
2193
+ # {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}
2194
+ # using this checksum.
2195
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
2196
+ # report an error if the checksum verification fails. If you receive a
2197
+ # checksum error, your client should verify that
2198
+ # CRC32C({::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext})
2199
+ # is equal to
2200
+ # {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c},
2201
+ # and if so, perform a limited number of retries. A persistent mismatch may
2202
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
2203
+ # field is defined as int64 for reasons of compatibility across different
2204
+ # languages. However, it is a non-negative integer, which will never exceed
2205
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
2206
+ # this type.
2207
+ # @yield [result, operation] Access the result along with the TransportOperation object
2208
+ # @yieldparam result [::Google::Cloud::Kms::V1::AsymmetricDecryptResponse]
2209
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
2210
+ #
2211
+ # @return [::Google::Cloud::Kms::V1::AsymmetricDecryptResponse]
2212
+ #
2213
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
2214
+ def asymmetric_decrypt request, options = nil
2215
+ raise ::ArgumentError, "request must be provided" if request.nil?
2216
+
2217
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::AsymmetricDecryptRequest
2218
+
2219
+ # Converts hash and nil to an options object
2220
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
2221
+
2222
+ # Customize the options with defaults
2223
+ call_metadata = @config.rpcs.asymmetric_decrypt.metadata.to_h
2224
+
2225
+ # Set x-goog-api-client and x-goog-user-project headers
2226
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
2227
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
2228
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
2229
+ transports_version_send: [:rest]
2230
+
2231
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
2232
+
2233
+ options.apply_defaults timeout: @config.rpcs.asymmetric_decrypt.timeout,
2234
+ metadata: call_metadata,
2235
+ retry_policy: @config.rpcs.asymmetric_decrypt.retry_policy
2236
+
2237
+ options.apply_defaults timeout: @config.timeout,
2238
+ metadata: @config.metadata,
2239
+ retry_policy: @config.retry_policy
2240
+
2241
+ @key_management_service_stub.asymmetric_decrypt request, options do |result, operation|
2242
+ yield result, operation if block_given?
2243
+ return result
2244
+ end
2245
+ rescue ::Gapic::Rest::Error => e
2246
+ raise ::Google::Cloud::Error.from_error(e)
2247
+ end
2248
+
2249
+ ##
2250
+ # Signs data using a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}
2251
+ # with {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} MAC,
2252
+ # producing a tag that can be verified by another source with the same key.
2253
+ #
2254
+ # @overload mac_sign(request, options = nil)
2255
+ # Pass arguments to `mac_sign` via a request object, either of type
2256
+ # {::Google::Cloud::Kms::V1::MacSignRequest} or an equivalent Hash.
2257
+ #
2258
+ # @param request [::Google::Cloud::Kms::V1::MacSignRequest, ::Hash]
2259
+ # A request object representing the call parameters. Required. To specify no
2260
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
2261
+ # @param options [::Gapic::CallOptions, ::Hash]
2262
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
2263
+ #
2264
+ # @overload mac_sign(name: nil, data: nil, data_crc32c: nil)
2265
+ # Pass arguments to `mac_sign` via keyword arguments. Note that at
2266
+ # least one keyword argument is required. To specify no parameters, or to keep all
2267
+ # the default parameter values, pass an empty Hash as a request object (see above).
2268
+ #
2269
+ # @param name [::String]
2270
+ # Required. The resource name of the
2271
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
2272
+ # signing.
2273
+ # @param data [::String]
2274
+ # Required. The data to sign. The MAC tag is computed over this data field
2275
+ # based on the specific algorithm.
2276
+ # @param data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
2277
+ # Optional. An optional CRC32C checksum of the
2278
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}. If
2279
+ # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService}
2280
+ # will verify the integrity of the received
2281
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} using this
2282
+ # checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService}
2283
+ # will report an error if the checksum verification fails. If you receive a
2284
+ # checksum error, your client should verify that
2285
+ # CRC32C({::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}) is
2286
+ # equal to
2287
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c},
2288
+ # and if so, perform a limited number of retries. A persistent mismatch may
2289
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
2290
+ # field is defined as int64 for reasons of compatibility across different
2291
+ # languages. However, it is a non-negative integer, which will never exceed
2292
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
2293
+ # this type.
2294
+ # @yield [result, operation] Access the result along with the TransportOperation object
2295
+ # @yieldparam result [::Google::Cloud::Kms::V1::MacSignResponse]
2296
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
2297
+ #
2298
+ # @return [::Google::Cloud::Kms::V1::MacSignResponse]
2299
+ #
2300
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
2301
+ def mac_sign request, options = nil
2302
+ raise ::ArgumentError, "request must be provided" if request.nil?
2303
+
2304
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::MacSignRequest
2305
+
2306
+ # Converts hash and nil to an options object
2307
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
2308
+
2309
+ # Customize the options with defaults
2310
+ call_metadata = @config.rpcs.mac_sign.metadata.to_h
2311
+
2312
+ # Set x-goog-api-client and x-goog-user-project headers
2313
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
2314
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
2315
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
2316
+ transports_version_send: [:rest]
2317
+
2318
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
2319
+
2320
+ options.apply_defaults timeout: @config.rpcs.mac_sign.timeout,
2321
+ metadata: call_metadata,
2322
+ retry_policy: @config.rpcs.mac_sign.retry_policy
2323
+
2324
+ options.apply_defaults timeout: @config.timeout,
2325
+ metadata: @config.metadata,
2326
+ retry_policy: @config.retry_policy
2327
+
2328
+ @key_management_service_stub.mac_sign request, options do |result, operation|
2329
+ yield result, operation if block_given?
2330
+ return result
2331
+ end
2332
+ rescue ::Gapic::Rest::Error => e
2333
+ raise ::Google::Cloud::Error.from_error(e)
2334
+ end
2335
+
2336
+ ##
2337
+ # Verifies MAC tag using a
2338
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with
2339
+ # {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} MAC, and returns
2340
+ # a response that indicates whether or not the verification was successful.
2341
+ #
2342
+ # @overload mac_verify(request, options = nil)
2343
+ # Pass arguments to `mac_verify` via a request object, either of type
2344
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest} or an equivalent Hash.
2345
+ #
2346
+ # @param request [::Google::Cloud::Kms::V1::MacVerifyRequest, ::Hash]
2347
+ # A request object representing the call parameters. Required. To specify no
2348
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
2349
+ # @param options [::Gapic::CallOptions, ::Hash]
2350
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
2351
+ #
2352
+ # @overload mac_verify(name: nil, data: nil, data_crc32c: nil, mac: nil, mac_crc32c: nil)
2353
+ # Pass arguments to `mac_verify` via keyword arguments. Note that at
2354
+ # least one keyword argument is required. To specify no parameters, or to keep all
2355
+ # the default parameter values, pass an empty Hash as a request object (see above).
2356
+ #
2357
+ # @param name [::String]
2358
+ # Required. The resource name of the
2359
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
2360
+ # verification.
2361
+ # @param data [::String]
2362
+ # Required. The data used previously as a
2363
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} to generate
2364
+ # the MAC tag.
2365
+ # @param data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
2366
+ # Optional. An optional CRC32C checksum of the
2367
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}. If
2368
+ # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService}
2369
+ # will verify the integrity of the received
2370
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} using
2371
+ # this checksum.
2372
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
2373
+ # report an error if the checksum verification fails. If you receive a
2374
+ # checksum error, your client should verify that
2375
+ # CRC32C({::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data})
2376
+ # is equal to
2377
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c},
2378
+ # and if so, perform a limited number of retries. A persistent mismatch may
2379
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
2380
+ # field is defined as int64 for reasons of compatibility across different
2381
+ # languages. However, it is a non-negative integer, which will never exceed
2382
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
2383
+ # this type.
2384
+ # @param mac [::String]
2385
+ # Required. The signature to verify.
2386
+ # @param mac_crc32c [::Google::Protobuf::Int64Value, ::Hash]
2387
+ # Optional. An optional CRC32C checksum of the
2388
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac}. If
2389
+ # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService}
2390
+ # will verify the integrity of the received
2391
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} using this
2392
+ # checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService}
2393
+ # will report an error if the checksum verification fails. If you receive a
2394
+ # checksum error, your client should verify that
2395
+ # CRC32C([MacVerifyRequest.tag][]) is equal to
2396
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c},
2397
+ # and if so, perform a limited number of retries. A persistent mismatch may
2398
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
2399
+ # field is defined as int64 for reasons of compatibility across different
2400
+ # languages. However, it is a non-negative integer, which will never exceed
2401
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
2402
+ # this type.
2403
+ # @yield [result, operation] Access the result along with the TransportOperation object
2404
+ # @yieldparam result [::Google::Cloud::Kms::V1::MacVerifyResponse]
2405
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
2406
+ #
2407
+ # @return [::Google::Cloud::Kms::V1::MacVerifyResponse]
2408
+ #
2409
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
2410
+ def mac_verify request, options = nil
2411
+ raise ::ArgumentError, "request must be provided" if request.nil?
2412
+
2413
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::MacVerifyRequest
2414
+
2415
+ # Converts hash and nil to an options object
2416
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
2417
+
2418
+ # Customize the options with defaults
2419
+ call_metadata = @config.rpcs.mac_verify.metadata.to_h
2420
+
2421
+ # Set x-goog-api-client and x-goog-user-project headers
2422
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
2423
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
2424
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
2425
+ transports_version_send: [:rest]
2426
+
2427
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
2428
+
2429
+ options.apply_defaults timeout: @config.rpcs.mac_verify.timeout,
2430
+ metadata: call_metadata,
2431
+ retry_policy: @config.rpcs.mac_verify.retry_policy
2432
+
2433
+ options.apply_defaults timeout: @config.timeout,
2434
+ metadata: @config.metadata,
2435
+ retry_policy: @config.retry_policy
2436
+
2437
+ @key_management_service_stub.mac_verify request, options do |result, operation|
2438
+ yield result, operation if block_given?
2439
+ return result
2440
+ end
2441
+ rescue ::Gapic::Rest::Error => e
2442
+ raise ::Google::Cloud::Error.from_error(e)
2443
+ end
2444
+
2445
+ ##
2446
+ # Generate random bytes using the Cloud KMS randomness source in the provided
2447
+ # location.
2448
+ #
2449
+ # @overload generate_random_bytes(request, options = nil)
2450
+ # Pass arguments to `generate_random_bytes` via a request object, either of type
2451
+ # {::Google::Cloud::Kms::V1::GenerateRandomBytesRequest} or an equivalent Hash.
2452
+ #
2453
+ # @param request [::Google::Cloud::Kms::V1::GenerateRandomBytesRequest, ::Hash]
2454
+ # A request object representing the call parameters. Required. To specify no
2455
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
2456
+ # @param options [::Gapic::CallOptions, ::Hash]
2457
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
2458
+ #
2459
+ # @overload generate_random_bytes(location: nil, length_bytes: nil, protection_level: nil)
2460
+ # Pass arguments to `generate_random_bytes` via keyword arguments. Note that at
2461
+ # least one keyword argument is required. To specify no parameters, or to keep all
2462
+ # the default parameter values, pass an empty Hash as a request object (see above).
2463
+ #
2464
+ # @param location [::String]
2465
+ # The project-specific location in which to generate random bytes.
2466
+ # For example, "projects/my-project/locations/us-central1".
2467
+ # @param length_bytes [::Integer]
2468
+ # The length in bytes of the amount of randomness to retrieve. Minimum 8
2469
+ # bytes, maximum 1024 bytes.
2470
+ # @param protection_level [::Google::Cloud::Kms::V1::ProtectionLevel]
2471
+ # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} to use when
2472
+ # generating the random data. Currently, only
2473
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} protection level is
2474
+ # supported.
2475
+ # @yield [result, operation] Access the result along with the TransportOperation object
2476
+ # @yieldparam result [::Google::Cloud::Kms::V1::GenerateRandomBytesResponse]
2477
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
2478
+ #
2479
+ # @return [::Google::Cloud::Kms::V1::GenerateRandomBytesResponse]
2480
+ #
2481
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
2482
+ def generate_random_bytes request, options = nil
2483
+ raise ::ArgumentError, "request must be provided" if request.nil?
2484
+
2485
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GenerateRandomBytesRequest
2486
+
2487
+ # Converts hash and nil to an options object
2488
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
2489
+
2490
+ # Customize the options with defaults
2491
+ call_metadata = @config.rpcs.generate_random_bytes.metadata.to_h
2492
+
2493
+ # Set x-goog-api-client and x-goog-user-project headers
2494
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
2495
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
2496
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
2497
+ transports_version_send: [:rest]
2498
+
2499
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
2500
+
2501
+ options.apply_defaults timeout: @config.rpcs.generate_random_bytes.timeout,
2502
+ metadata: call_metadata,
2503
+ retry_policy: @config.rpcs.generate_random_bytes.retry_policy
2504
+
2505
+ options.apply_defaults timeout: @config.timeout,
2506
+ metadata: @config.metadata,
2507
+ retry_policy: @config.retry_policy
2508
+
2509
+ @key_management_service_stub.generate_random_bytes request, options do |result, operation|
2510
+ yield result, operation if block_given?
2511
+ return result
2512
+ end
2513
+ rescue ::Gapic::Rest::Error => e
2514
+ raise ::Google::Cloud::Error.from_error(e)
2515
+ end
2516
+
2517
+ ##
2518
+ # Configuration class for the KeyManagementService REST API.
2519
+ #
2520
+ # This class represents the configuration for KeyManagementService REST,
2521
+ # providing control over timeouts, retry behavior, logging, transport
2522
+ # parameters, and other low-level controls. Certain parameters can also be
2523
+ # applied individually to specific RPCs. See
2524
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client::Configuration::Rpcs}
2525
+ # for a list of RPCs that can be configured independently.
2526
+ #
2527
+ # Configuration can be applied globally to all clients, or to a single client
2528
+ # on construction.
2529
+ #
2530
+ # @example
2531
+ #
2532
+ # # Modify the global config, setting the timeout for
2533
+ # # list_key_rings to 20 seconds,
2534
+ # # and all remaining timeouts to 10 seconds.
2535
+ # ::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client.configure do |config|
2536
+ # config.timeout = 10.0
2537
+ # config.rpcs.list_key_rings.timeout = 20.0
2538
+ # end
2539
+ #
2540
+ # # Apply the above configuration only to a new client.
2541
+ # client = ::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client.new do |config|
2542
+ # config.timeout = 10.0
2543
+ # config.rpcs.list_key_rings.timeout = 20.0
2544
+ # end
2545
+ #
2546
+ # @!attribute [rw] endpoint
2547
+ # The hostname or hostname:port of the service endpoint.
2548
+ # Defaults to `"cloudkms.googleapis.com"`.
2549
+ # @return [::String]
2550
+ # @!attribute [rw] credentials
2551
+ # Credentials to send with calls. You may provide any of the following types:
2552
+ # * (`String`) The path to a service account key file in JSON format
2553
+ # * (`Hash`) A service account key as a Hash
2554
+ # * (`Google::Auth::Credentials`) A googleauth credentials object
2555
+ # (see the [googleauth docs](https://googleapis.dev/ruby/googleauth/latest/index.html))
2556
+ # * (`Signet::OAuth2::Client`) A signet oauth2 client object
2557
+ # (see the [signet docs](https://googleapis.dev/ruby/signet/latest/Signet/OAuth2/Client.html))
2558
+ # * (`nil`) indicating no credentials
2559
+ # @return [::Object]
2560
+ # @!attribute [rw] scope
2561
+ # The OAuth scopes
2562
+ # @return [::Array<::String>]
2563
+ # @!attribute [rw] lib_name
2564
+ # The library name as recorded in instrumentation and logging
2565
+ # @return [::String]
2566
+ # @!attribute [rw] lib_version
2567
+ # The library version as recorded in instrumentation and logging
2568
+ # @return [::String]
2569
+ # @!attribute [rw] timeout
2570
+ # The call timeout in seconds.
2571
+ # @return [::Numeric]
2572
+ # @!attribute [rw] metadata
2573
+ # Additional headers to be sent with the call.
2574
+ # @return [::Hash{::Symbol=>::String}]
2575
+ # @!attribute [rw] retry_policy
2576
+ # The retry policy. The value is a hash with the following keys:
2577
+ # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
2578
+ # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
2579
+ # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
2580
+ # * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
2581
+ # trigger a retry.
2582
+ # @return [::Hash]
2583
+ # @!attribute [rw] quota_project
2584
+ # A separate project against which to charge quota.
2585
+ # @return [::String]
2586
+ #
2587
+ class Configuration
2588
+ extend ::Gapic::Config
2589
+
2590
+ config_attr :endpoint, "cloudkms.googleapis.com", ::String
2591
+ config_attr :credentials, nil do |value|
2592
+ allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
2593
+ allowed.any? { |klass| klass === value }
2594
+ end
2595
+ config_attr :scope, nil, ::String, ::Array, nil
2596
+ config_attr :lib_name, nil, ::String, nil
2597
+ config_attr :lib_version, nil, ::String, nil
2598
+ config_attr :timeout, nil, ::Numeric, nil
2599
+ config_attr :metadata, nil, ::Hash, nil
2600
+ config_attr :retry_policy, nil, ::Hash, ::Proc, nil
2601
+ config_attr :quota_project, nil, ::String, nil
2602
+
2603
+ # @private
2604
+ # Overrides for http bindings for the RPCs of this service
2605
+ # are only used when this service is used as mixin, and only
2606
+ # by the host service.
2607
+ # @return [::Hash{::Symbol=>::Array<::Gapic::Rest::GrpcTranscoder::HttpBinding>}]
2608
+ config_attr :bindings_override, {}, ::Hash, nil
2609
+
2610
+ # @private
2611
+ def initialize parent_config = nil
2612
+ @parent_config = parent_config unless parent_config.nil?
2613
+
2614
+ yield self if block_given?
2615
+ end
2616
+
2617
+ ##
2618
+ # Configurations for individual RPCs
2619
+ # @return [Rpcs]
2620
+ #
2621
+ def rpcs
2622
+ @rpcs ||= begin
2623
+ parent_rpcs = nil
2624
+ parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs)
2625
+ Rpcs.new parent_rpcs
2626
+ end
2627
+ end
2628
+
2629
+ ##
2630
+ # Configuration RPC class for the KeyManagementService API.
2631
+ #
2632
+ # Includes fields providing the configuration for each RPC in this service.
2633
+ # Each configuration object is of type `Gapic::Config::Method` and includes
2634
+ # the following configuration fields:
2635
+ #
2636
+ # * `timeout` (*type:* `Numeric`) - The call timeout in seconds
2637
+ # * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional headers
2638
+ # * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields
2639
+ # include the following keys:
2640
+ # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
2641
+ # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
2642
+ # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
2643
+ # * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
2644
+ # trigger a retry.
2645
+ #
2646
+ class Rpcs
2647
+ ##
2648
+ # RPC-specific configuration for `list_key_rings`
2649
+ # @return [::Gapic::Config::Method]
2650
+ #
2651
+ attr_reader :list_key_rings
2652
+ ##
2653
+ # RPC-specific configuration for `list_crypto_keys`
2654
+ # @return [::Gapic::Config::Method]
2655
+ #
2656
+ attr_reader :list_crypto_keys
2657
+ ##
2658
+ # RPC-specific configuration for `list_crypto_key_versions`
2659
+ # @return [::Gapic::Config::Method]
2660
+ #
2661
+ attr_reader :list_crypto_key_versions
2662
+ ##
2663
+ # RPC-specific configuration for `list_import_jobs`
2664
+ # @return [::Gapic::Config::Method]
2665
+ #
2666
+ attr_reader :list_import_jobs
2667
+ ##
2668
+ # RPC-specific configuration for `get_key_ring`
2669
+ # @return [::Gapic::Config::Method]
2670
+ #
2671
+ attr_reader :get_key_ring
2672
+ ##
2673
+ # RPC-specific configuration for `get_crypto_key`
2674
+ # @return [::Gapic::Config::Method]
2675
+ #
2676
+ attr_reader :get_crypto_key
2677
+ ##
2678
+ # RPC-specific configuration for `get_crypto_key_version`
2679
+ # @return [::Gapic::Config::Method]
2680
+ #
2681
+ attr_reader :get_crypto_key_version
2682
+ ##
2683
+ # RPC-specific configuration for `get_public_key`
2684
+ # @return [::Gapic::Config::Method]
2685
+ #
2686
+ attr_reader :get_public_key
2687
+ ##
2688
+ # RPC-specific configuration for `get_import_job`
2689
+ # @return [::Gapic::Config::Method]
2690
+ #
2691
+ attr_reader :get_import_job
2692
+ ##
2693
+ # RPC-specific configuration for `create_key_ring`
2694
+ # @return [::Gapic::Config::Method]
2695
+ #
2696
+ attr_reader :create_key_ring
2697
+ ##
2698
+ # RPC-specific configuration for `create_crypto_key`
2699
+ # @return [::Gapic::Config::Method]
2700
+ #
2701
+ attr_reader :create_crypto_key
2702
+ ##
2703
+ # RPC-specific configuration for `create_crypto_key_version`
2704
+ # @return [::Gapic::Config::Method]
2705
+ #
2706
+ attr_reader :create_crypto_key_version
2707
+ ##
2708
+ # RPC-specific configuration for `import_crypto_key_version`
2709
+ # @return [::Gapic::Config::Method]
2710
+ #
2711
+ attr_reader :import_crypto_key_version
2712
+ ##
2713
+ # RPC-specific configuration for `create_import_job`
2714
+ # @return [::Gapic::Config::Method]
2715
+ #
2716
+ attr_reader :create_import_job
2717
+ ##
2718
+ # RPC-specific configuration for `update_crypto_key`
2719
+ # @return [::Gapic::Config::Method]
2720
+ #
2721
+ attr_reader :update_crypto_key
2722
+ ##
2723
+ # RPC-specific configuration for `update_crypto_key_version`
2724
+ # @return [::Gapic::Config::Method]
2725
+ #
2726
+ attr_reader :update_crypto_key_version
2727
+ ##
2728
+ # RPC-specific configuration for `update_crypto_key_primary_version`
2729
+ # @return [::Gapic::Config::Method]
2730
+ #
2731
+ attr_reader :update_crypto_key_primary_version
2732
+ ##
2733
+ # RPC-specific configuration for `destroy_crypto_key_version`
2734
+ # @return [::Gapic::Config::Method]
2735
+ #
2736
+ attr_reader :destroy_crypto_key_version
2737
+ ##
2738
+ # RPC-specific configuration for `restore_crypto_key_version`
2739
+ # @return [::Gapic::Config::Method]
2740
+ #
2741
+ attr_reader :restore_crypto_key_version
2742
+ ##
2743
+ # RPC-specific configuration for `encrypt`
2744
+ # @return [::Gapic::Config::Method]
2745
+ #
2746
+ attr_reader :encrypt
2747
+ ##
2748
+ # RPC-specific configuration for `decrypt`
2749
+ # @return [::Gapic::Config::Method]
2750
+ #
2751
+ attr_reader :decrypt
2752
+ ##
2753
+ # RPC-specific configuration for `asymmetric_sign`
2754
+ # @return [::Gapic::Config::Method]
2755
+ #
2756
+ attr_reader :asymmetric_sign
2757
+ ##
2758
+ # RPC-specific configuration for `asymmetric_decrypt`
2759
+ # @return [::Gapic::Config::Method]
2760
+ #
2761
+ attr_reader :asymmetric_decrypt
2762
+ ##
2763
+ # RPC-specific configuration for `mac_sign`
2764
+ # @return [::Gapic::Config::Method]
2765
+ #
2766
+ attr_reader :mac_sign
2767
+ ##
2768
+ # RPC-specific configuration for `mac_verify`
2769
+ # @return [::Gapic::Config::Method]
2770
+ #
2771
+ attr_reader :mac_verify
2772
+ ##
2773
+ # RPC-specific configuration for `generate_random_bytes`
2774
+ # @return [::Gapic::Config::Method]
2775
+ #
2776
+ attr_reader :generate_random_bytes
2777
+
2778
+ # @private
2779
+ def initialize parent_rpcs = nil
2780
+ list_key_rings_config = parent_rpcs.list_key_rings if parent_rpcs.respond_to? :list_key_rings
2781
+ @list_key_rings = ::Gapic::Config::Method.new list_key_rings_config
2782
+ list_crypto_keys_config = parent_rpcs.list_crypto_keys if parent_rpcs.respond_to? :list_crypto_keys
2783
+ @list_crypto_keys = ::Gapic::Config::Method.new list_crypto_keys_config
2784
+ list_crypto_key_versions_config = parent_rpcs.list_crypto_key_versions if parent_rpcs.respond_to? :list_crypto_key_versions
2785
+ @list_crypto_key_versions = ::Gapic::Config::Method.new list_crypto_key_versions_config
2786
+ list_import_jobs_config = parent_rpcs.list_import_jobs if parent_rpcs.respond_to? :list_import_jobs
2787
+ @list_import_jobs = ::Gapic::Config::Method.new list_import_jobs_config
2788
+ get_key_ring_config = parent_rpcs.get_key_ring if parent_rpcs.respond_to? :get_key_ring
2789
+ @get_key_ring = ::Gapic::Config::Method.new get_key_ring_config
2790
+ get_crypto_key_config = parent_rpcs.get_crypto_key if parent_rpcs.respond_to? :get_crypto_key
2791
+ @get_crypto_key = ::Gapic::Config::Method.new get_crypto_key_config
2792
+ get_crypto_key_version_config = parent_rpcs.get_crypto_key_version if parent_rpcs.respond_to? :get_crypto_key_version
2793
+ @get_crypto_key_version = ::Gapic::Config::Method.new get_crypto_key_version_config
2794
+ get_public_key_config = parent_rpcs.get_public_key if parent_rpcs.respond_to? :get_public_key
2795
+ @get_public_key = ::Gapic::Config::Method.new get_public_key_config
2796
+ get_import_job_config = parent_rpcs.get_import_job if parent_rpcs.respond_to? :get_import_job
2797
+ @get_import_job = ::Gapic::Config::Method.new get_import_job_config
2798
+ create_key_ring_config = parent_rpcs.create_key_ring if parent_rpcs.respond_to? :create_key_ring
2799
+ @create_key_ring = ::Gapic::Config::Method.new create_key_ring_config
2800
+ create_crypto_key_config = parent_rpcs.create_crypto_key if parent_rpcs.respond_to? :create_crypto_key
2801
+ @create_crypto_key = ::Gapic::Config::Method.new create_crypto_key_config
2802
+ create_crypto_key_version_config = parent_rpcs.create_crypto_key_version if parent_rpcs.respond_to? :create_crypto_key_version
2803
+ @create_crypto_key_version = ::Gapic::Config::Method.new create_crypto_key_version_config
2804
+ import_crypto_key_version_config = parent_rpcs.import_crypto_key_version if parent_rpcs.respond_to? :import_crypto_key_version
2805
+ @import_crypto_key_version = ::Gapic::Config::Method.new import_crypto_key_version_config
2806
+ create_import_job_config = parent_rpcs.create_import_job if parent_rpcs.respond_to? :create_import_job
2807
+ @create_import_job = ::Gapic::Config::Method.new create_import_job_config
2808
+ update_crypto_key_config = parent_rpcs.update_crypto_key if parent_rpcs.respond_to? :update_crypto_key
2809
+ @update_crypto_key = ::Gapic::Config::Method.new update_crypto_key_config
2810
+ update_crypto_key_version_config = parent_rpcs.update_crypto_key_version if parent_rpcs.respond_to? :update_crypto_key_version
2811
+ @update_crypto_key_version = ::Gapic::Config::Method.new update_crypto_key_version_config
2812
+ update_crypto_key_primary_version_config = parent_rpcs.update_crypto_key_primary_version if parent_rpcs.respond_to? :update_crypto_key_primary_version
2813
+ @update_crypto_key_primary_version = ::Gapic::Config::Method.new update_crypto_key_primary_version_config
2814
+ destroy_crypto_key_version_config = parent_rpcs.destroy_crypto_key_version if parent_rpcs.respond_to? :destroy_crypto_key_version
2815
+ @destroy_crypto_key_version = ::Gapic::Config::Method.new destroy_crypto_key_version_config
2816
+ restore_crypto_key_version_config = parent_rpcs.restore_crypto_key_version if parent_rpcs.respond_to? :restore_crypto_key_version
2817
+ @restore_crypto_key_version = ::Gapic::Config::Method.new restore_crypto_key_version_config
2818
+ encrypt_config = parent_rpcs.encrypt if parent_rpcs.respond_to? :encrypt
2819
+ @encrypt = ::Gapic::Config::Method.new encrypt_config
2820
+ decrypt_config = parent_rpcs.decrypt if parent_rpcs.respond_to? :decrypt
2821
+ @decrypt = ::Gapic::Config::Method.new decrypt_config
2822
+ asymmetric_sign_config = parent_rpcs.asymmetric_sign if parent_rpcs.respond_to? :asymmetric_sign
2823
+ @asymmetric_sign = ::Gapic::Config::Method.new asymmetric_sign_config
2824
+ asymmetric_decrypt_config = parent_rpcs.asymmetric_decrypt if parent_rpcs.respond_to? :asymmetric_decrypt
2825
+ @asymmetric_decrypt = ::Gapic::Config::Method.new asymmetric_decrypt_config
2826
+ mac_sign_config = parent_rpcs.mac_sign if parent_rpcs.respond_to? :mac_sign
2827
+ @mac_sign = ::Gapic::Config::Method.new mac_sign_config
2828
+ mac_verify_config = parent_rpcs.mac_verify if parent_rpcs.respond_to? :mac_verify
2829
+ @mac_verify = ::Gapic::Config::Method.new mac_verify_config
2830
+ generate_random_bytes_config = parent_rpcs.generate_random_bytes if parent_rpcs.respond_to? :generate_random_bytes
2831
+ @generate_random_bytes = ::Gapic::Config::Method.new generate_random_bytes_config
2832
+
2833
+ yield self if block_given?
2834
+ end
2835
+ end
2836
+ end
2837
+ end
2838
+ end
2839
+ end
2840
+ end
2841
+ end
2842
+ end
2843
+ end