google-cloud-kms-v1 0.16.0 → 0.18.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,2843 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2023 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+ require "google/cloud/errors"
20
+ require "google/cloud/kms/v1/service_pb"
21
+ require "google/cloud/kms/v1/key_management_service/rest/service_stub"
22
+ require "google/cloud/location/rest"
23
+ require "google/iam/v1/rest"
24
+
25
+ module Google
26
+ module Cloud
27
+ module Kms
28
+ module V1
29
+ module KeyManagementService
30
+ module Rest
31
+ ##
32
+ # REST client for the KeyManagementService service.
33
+ #
34
+ # Google Cloud Key Management Service
35
+ #
36
+ # Manages cryptographic keys and operations using those keys. Implements a REST
37
+ # model with the following objects:
38
+ #
39
+ # * {::Google::Cloud::Kms::V1::KeyRing KeyRing}
40
+ # * {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}
41
+ # * {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}
42
+ # * {::Google::Cloud::Kms::V1::ImportJob ImportJob}
43
+ #
44
+ # If you are using manual gRPC libraries, see
45
+ # [Using gRPC with Cloud KMS](https://cloud.google.com/kms/docs/grpc).
46
+ #
47
+ class Client
48
+ include Paths
49
+
50
+ # @private
51
+ attr_reader :key_management_service_stub
52
+
53
+ ##
54
+ # Configure the KeyManagementService Client class.
55
+ #
56
+ # See {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client::Configuration}
57
+ # for a description of the configuration fields.
58
+ #
59
+ # @example
60
+ #
61
+ # # Modify the configuration for all KeyManagementService clients
62
+ # ::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client.configure do |config|
63
+ # config.timeout = 10.0
64
+ # end
65
+ #
66
+ # @yield [config] Configure the Client client.
67
+ # @yieldparam config [Client::Configuration]
68
+ #
69
+ # @return [Client::Configuration]
70
+ #
71
+ def self.configure
72
+ @configure ||= begin
73
+ namespace = ["Google", "Cloud", "Kms", "V1"]
74
+ parent_config = while namespace.any?
75
+ parent_name = namespace.join "::"
76
+ parent_const = const_get parent_name
77
+ break parent_const.configure if parent_const.respond_to? :configure
78
+ namespace.pop
79
+ end
80
+ default_config = Client::Configuration.new parent_config
81
+
82
+ default_config.rpcs.list_key_rings.timeout = 60.0
83
+ default_config.rpcs.list_key_rings.retry_policy = {
84
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
85
+ }
86
+
87
+ default_config.rpcs.list_crypto_keys.timeout = 60.0
88
+ default_config.rpcs.list_crypto_keys.retry_policy = {
89
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
90
+ }
91
+
92
+ default_config.rpcs.list_crypto_key_versions.timeout = 60.0
93
+ default_config.rpcs.list_crypto_key_versions.retry_policy = {
94
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
95
+ }
96
+
97
+ default_config.rpcs.list_import_jobs.timeout = 60.0
98
+ default_config.rpcs.list_import_jobs.retry_policy = {
99
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
100
+ }
101
+
102
+ default_config.rpcs.get_key_ring.timeout = 60.0
103
+ default_config.rpcs.get_key_ring.retry_policy = {
104
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
105
+ }
106
+
107
+ default_config.rpcs.get_crypto_key.timeout = 60.0
108
+ default_config.rpcs.get_crypto_key.retry_policy = {
109
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
110
+ }
111
+
112
+ default_config.rpcs.get_crypto_key_version.timeout = 60.0
113
+ default_config.rpcs.get_crypto_key_version.retry_policy = {
114
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
115
+ }
116
+
117
+ default_config.rpcs.get_public_key.timeout = 60.0
118
+ default_config.rpcs.get_public_key.retry_policy = {
119
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
120
+ }
121
+
122
+ default_config.rpcs.get_import_job.timeout = 60.0
123
+ default_config.rpcs.get_import_job.retry_policy = {
124
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
125
+ }
126
+
127
+ default_config.rpcs.create_key_ring.timeout = 60.0
128
+ default_config.rpcs.create_key_ring.retry_policy = {
129
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
130
+ }
131
+
132
+ default_config.rpcs.create_crypto_key.timeout = 60.0
133
+ default_config.rpcs.create_crypto_key.retry_policy = {
134
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
135
+ }
136
+
137
+ default_config.rpcs.create_crypto_key_version.timeout = 60.0
138
+
139
+ default_config.rpcs.import_crypto_key_version.timeout = 60.0
140
+
141
+ default_config.rpcs.create_import_job.timeout = 60.0
142
+ default_config.rpcs.create_import_job.retry_policy = {
143
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
144
+ }
145
+
146
+ default_config.rpcs.update_crypto_key.timeout = 60.0
147
+ default_config.rpcs.update_crypto_key.retry_policy = {
148
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
149
+ }
150
+
151
+ default_config.rpcs.update_crypto_key_version.timeout = 60.0
152
+ default_config.rpcs.update_crypto_key_version.retry_policy = {
153
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
154
+ }
155
+
156
+ default_config.rpcs.update_crypto_key_primary_version.timeout = 60.0
157
+ default_config.rpcs.update_crypto_key_primary_version.retry_policy = {
158
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
159
+ }
160
+
161
+ default_config.rpcs.destroy_crypto_key_version.timeout = 60.0
162
+ default_config.rpcs.destroy_crypto_key_version.retry_policy = {
163
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
164
+ }
165
+
166
+ default_config.rpcs.restore_crypto_key_version.timeout = 60.0
167
+ default_config.rpcs.restore_crypto_key_version.retry_policy = {
168
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
169
+ }
170
+
171
+ default_config.rpcs.encrypt.timeout = 60.0
172
+ default_config.rpcs.encrypt.retry_policy = {
173
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
174
+ }
175
+
176
+ default_config.rpcs.decrypt.timeout = 60.0
177
+ default_config.rpcs.decrypt.retry_policy = {
178
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
179
+ }
180
+
181
+ default_config.rpcs.asymmetric_sign.timeout = 60.0
182
+ default_config.rpcs.asymmetric_sign.retry_policy = {
183
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
184
+ }
185
+
186
+ default_config.rpcs.asymmetric_decrypt.timeout = 60.0
187
+ default_config.rpcs.asymmetric_decrypt.retry_policy = {
188
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
189
+ }
190
+
191
+ default_config.rpcs.mac_sign.timeout = 60.0
192
+ default_config.rpcs.mac_sign.retry_policy = {
193
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
194
+ }
195
+
196
+ default_config.rpcs.mac_verify.timeout = 60.0
197
+ default_config.rpcs.mac_verify.retry_policy = {
198
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
199
+ }
200
+
201
+ default_config.rpcs.generate_random_bytes.timeout = 60.0
202
+ default_config.rpcs.generate_random_bytes.retry_policy = {
203
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
204
+ }
205
+
206
+ default_config
207
+ end
208
+ yield @configure if block_given?
209
+ @configure
210
+ end
211
+
212
+ ##
213
+ # Configure the KeyManagementService Client instance.
214
+ #
215
+ # The configuration is set to the derived mode, meaning that values can be changed,
216
+ # but structural changes (adding new fields, etc.) are not allowed. Structural changes
217
+ # should be made on {Client.configure}.
218
+ #
219
+ # See {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client::Configuration}
220
+ # for a description of the configuration fields.
221
+ #
222
+ # @yield [config] Configure the Client client.
223
+ # @yieldparam config [Client::Configuration]
224
+ #
225
+ # @return [Client::Configuration]
226
+ #
227
+ def configure
228
+ yield @config if block_given?
229
+ @config
230
+ end
231
+
232
+ ##
233
+ # Create a new KeyManagementService REST client object.
234
+ #
235
+ # @example
236
+ #
237
+ # # Create a client using the default configuration
238
+ # client = ::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client.new
239
+ #
240
+ # # Create a client using a custom configuration
241
+ # client = ::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client.new do |config|
242
+ # config.timeout = 10.0
243
+ # end
244
+ #
245
+ # @yield [config] Configure the KeyManagementService client.
246
+ # @yieldparam config [Client::Configuration]
247
+ #
248
+ def initialize
249
+ # Create the configuration object
250
+ @config = Configuration.new Client.configure
251
+
252
+ # Yield the configuration if needed
253
+ yield @config if block_given?
254
+
255
+ # Create credentials
256
+ credentials = @config.credentials
257
+ # Use self-signed JWT if the endpoint is unchanged from default,
258
+ # but only if the default endpoint does not have a region prefix.
259
+ enable_self_signed_jwt = @config.endpoint == Client.configure.endpoint &&
260
+ !@config.endpoint.split(".").first.include?("-")
261
+ credentials ||= Credentials.default scope: @config.scope,
262
+ enable_self_signed_jwt: enable_self_signed_jwt
263
+ if credentials.is_a?(::String) || credentials.is_a?(::Hash)
264
+ credentials = Credentials.new credentials, scope: @config.scope
265
+ end
266
+
267
+ @quota_project_id = @config.quota_project
268
+ @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id
269
+
270
+ @location_client = Google::Cloud::Location::Locations::Rest::Client.new do |config|
271
+ config.credentials = credentials
272
+ config.quota_project = @quota_project_id
273
+ config.endpoint = @config.endpoint
274
+ config.bindings_override = @config.bindings_override
275
+ end
276
+
277
+ @iam_policy_client = Google::Iam::V1::IAMPolicy::Rest::Client.new do |config|
278
+ config.credentials = credentials
279
+ config.quota_project = @quota_project_id
280
+ config.endpoint = @config.endpoint
281
+ config.bindings_override = @config.bindings_override
282
+ end
283
+
284
+ @key_management_service_stub = ::Google::Cloud::Kms::V1::KeyManagementService::Rest::ServiceStub.new endpoint: @config.endpoint, credentials: credentials
285
+ end
286
+
287
+ ##
288
+ # Get the associated client for mix-in of the Locations.
289
+ #
290
+ # @return [Google::Cloud::Location::Locations::Rest::Client]
291
+ #
292
+ attr_reader :location_client
293
+
294
+ ##
295
+ # Get the associated client for mix-in of the IAMPolicy.
296
+ #
297
+ # @return [Google::Iam::V1::IAMPolicy::Rest::Client]
298
+ #
299
+ attr_reader :iam_policy_client
300
+
301
+ # Service calls
302
+
303
+ ##
304
+ # Lists {::Google::Cloud::Kms::V1::KeyRing KeyRings}.
305
+ #
306
+ # @overload list_key_rings(request, options = nil)
307
+ # Pass arguments to `list_key_rings` via a request object, either of type
308
+ # {::Google::Cloud::Kms::V1::ListKeyRingsRequest} or an equivalent Hash.
309
+ #
310
+ # @param request [::Google::Cloud::Kms::V1::ListKeyRingsRequest, ::Hash]
311
+ # A request object representing the call parameters. Required. To specify no
312
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
313
+ # @param options [::Gapic::CallOptions, ::Hash]
314
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
315
+ #
316
+ # @overload list_key_rings(parent: nil, page_size: nil, page_token: nil, filter: nil, order_by: nil)
317
+ # Pass arguments to `list_key_rings` via keyword arguments. Note that at
318
+ # least one keyword argument is required. To specify no parameters, or to keep all
319
+ # the default parameter values, pass an empty Hash as a request object (see above).
320
+ #
321
+ # @param parent [::String]
322
+ # Required. The resource name of the location associated with the
323
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format
324
+ # `projects/*/locations/*`.
325
+ # @param page_size [::Integer]
326
+ # Optional. Optional limit on the number of
327
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRings} to include in the response. Further
328
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRings} can subsequently be obtained by
329
+ # including the
330
+ # {::Google::Cloud::Kms::V1::ListKeyRingsResponse#next_page_token ListKeyRingsResponse.next_page_token}
331
+ # in a subsequent request. If unspecified, the server will pick an
332
+ # appropriate default.
333
+ # @param page_token [::String]
334
+ # Optional. Optional pagination token, returned earlier via
335
+ # {::Google::Cloud::Kms::V1::ListKeyRingsResponse#next_page_token ListKeyRingsResponse.next_page_token}.
336
+ # @param filter [::String]
337
+ # Optional. Only include resources that match the filter in the response. For
338
+ # more information, see
339
+ # [Sorting and filtering list
340
+ # results](https://cloud.google.com/kms/docs/sorting-and-filtering).
341
+ # @param order_by [::String]
342
+ # Optional. Specify how the results should be sorted. If not specified, the
343
+ # results will be sorted in the default order. For more information, see
344
+ # [Sorting and filtering list
345
+ # results](https://cloud.google.com/kms/docs/sorting-and-filtering).
346
+ # @yield [result, operation] Access the result along with the TransportOperation object
347
+ # @yieldparam result [::Gapic::Rest::PagedEnumerable<::Google::Cloud::Kms::V1::KeyRing>]
348
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
349
+ #
350
+ # @return [::Gapic::Rest::PagedEnumerable<::Google::Cloud::Kms::V1::KeyRing>]
351
+ #
352
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
353
+ def list_key_rings request, options = nil
354
+ raise ::ArgumentError, "request must be provided" if request.nil?
355
+
356
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ListKeyRingsRequest
357
+
358
+ # Converts hash and nil to an options object
359
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
360
+
361
+ # Customize the options with defaults
362
+ call_metadata = @config.rpcs.list_key_rings.metadata.to_h
363
+
364
+ # Set x-goog-api-client and x-goog-user-project headers
365
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
366
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
367
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
368
+ transports_version_send: [:rest]
369
+
370
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
371
+
372
+ options.apply_defaults timeout: @config.rpcs.list_key_rings.timeout,
373
+ metadata: call_metadata,
374
+ retry_policy: @config.rpcs.list_key_rings.retry_policy
375
+
376
+ options.apply_defaults timeout: @config.timeout,
377
+ metadata: @config.metadata,
378
+ retry_policy: @config.retry_policy
379
+
380
+ @key_management_service_stub.list_key_rings request, options do |result, operation|
381
+ result = ::Gapic::Rest::PagedEnumerable.new @key_management_service_stub, :list_key_rings, "key_rings", request, result, options
382
+ yield result, operation if block_given?
383
+ return result
384
+ end
385
+ rescue ::Gapic::Rest::Error => e
386
+ raise ::Google::Cloud::Error.from_error(e)
387
+ end
388
+
389
+ ##
390
+ # Lists {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
391
+ #
392
+ # @overload list_crypto_keys(request, options = nil)
393
+ # Pass arguments to `list_crypto_keys` via a request object, either of type
394
+ # {::Google::Cloud::Kms::V1::ListCryptoKeysRequest} or an equivalent Hash.
395
+ #
396
+ # @param request [::Google::Cloud::Kms::V1::ListCryptoKeysRequest, ::Hash]
397
+ # A request object representing the call parameters. Required. To specify no
398
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
399
+ # @param options [::Gapic::CallOptions, ::Hash]
400
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
401
+ #
402
+ # @overload list_crypto_keys(parent: nil, page_size: nil, page_token: nil, version_view: nil, filter: nil, order_by: nil)
403
+ # Pass arguments to `list_crypto_keys` via keyword arguments. Note that at
404
+ # least one keyword argument is required. To specify no parameters, or to keep all
405
+ # the default parameter values, pass an empty Hash as a request object (see above).
406
+ #
407
+ # @param parent [::String]
408
+ # Required. The resource name of the {::Google::Cloud::Kms::V1::KeyRing KeyRing}
409
+ # to list, in the format `projects/*/locations/*/keyRings/*`.
410
+ # @param page_size [::Integer]
411
+ # Optional. Optional limit on the number of
412
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} to include in the response.
413
+ # Further {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} can subsequently be
414
+ # obtained by including the
415
+ # {::Google::Cloud::Kms::V1::ListCryptoKeysResponse#next_page_token ListCryptoKeysResponse.next_page_token}
416
+ # in a subsequent request. If unspecified, the server will pick an
417
+ # appropriate default.
418
+ # @param page_token [::String]
419
+ # Optional. Optional pagination token, returned earlier via
420
+ # {::Google::Cloud::Kms::V1::ListCryptoKeysResponse#next_page_token ListCryptoKeysResponse.next_page_token}.
421
+ # @param version_view [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionView]
422
+ # The fields of the primary version to include in the response.
423
+ # @param filter [::String]
424
+ # Optional. Only include resources that match the filter in the response. For
425
+ # more information, see
426
+ # [Sorting and filtering list
427
+ # results](https://cloud.google.com/kms/docs/sorting-and-filtering).
428
+ # @param order_by [::String]
429
+ # Optional. Specify how the results should be sorted. If not specified, the
430
+ # results will be sorted in the default order. For more information, see
431
+ # [Sorting and filtering list
432
+ # results](https://cloud.google.com/kms/docs/sorting-and-filtering).
433
+ # @yield [result, operation] Access the result along with the TransportOperation object
434
+ # @yieldparam result [::Gapic::Rest::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKey>]
435
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
436
+ #
437
+ # @return [::Gapic::Rest::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKey>]
438
+ #
439
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
440
+ def list_crypto_keys request, options = nil
441
+ raise ::ArgumentError, "request must be provided" if request.nil?
442
+
443
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ListCryptoKeysRequest
444
+
445
+ # Converts hash and nil to an options object
446
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
447
+
448
+ # Customize the options with defaults
449
+ call_metadata = @config.rpcs.list_crypto_keys.metadata.to_h
450
+
451
+ # Set x-goog-api-client and x-goog-user-project headers
452
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
453
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
454
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
455
+ transports_version_send: [:rest]
456
+
457
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
458
+
459
+ options.apply_defaults timeout: @config.rpcs.list_crypto_keys.timeout,
460
+ metadata: call_metadata,
461
+ retry_policy: @config.rpcs.list_crypto_keys.retry_policy
462
+
463
+ options.apply_defaults timeout: @config.timeout,
464
+ metadata: @config.metadata,
465
+ retry_policy: @config.retry_policy
466
+
467
+ @key_management_service_stub.list_crypto_keys request, options do |result, operation|
468
+ result = ::Gapic::Rest::PagedEnumerable.new @key_management_service_stub, :list_crypto_keys, "crypto_keys", request, result, options
469
+ yield result, operation if block_given?
470
+ return result
471
+ end
472
+ rescue ::Gapic::Rest::Error => e
473
+ raise ::Google::Cloud::Error.from_error(e)
474
+ end
475
+
476
+ ##
477
+ # Lists {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
478
+ #
479
+ # @overload list_crypto_key_versions(request, options = nil)
480
+ # Pass arguments to `list_crypto_key_versions` via a request object, either of type
481
+ # {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest} or an equivalent Hash.
482
+ #
483
+ # @param request [::Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest, ::Hash]
484
+ # A request object representing the call parameters. Required. To specify no
485
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
486
+ # @param options [::Gapic::CallOptions, ::Hash]
487
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
488
+ #
489
+ # @overload list_crypto_key_versions(parent: nil, page_size: nil, page_token: nil, view: nil, filter: nil, order_by: nil)
490
+ # Pass arguments to `list_crypto_key_versions` via keyword arguments. Note that at
491
+ # least one keyword argument is required. To specify no parameters, or to keep all
492
+ # the default parameter values, pass an empty Hash as a request object (see above).
493
+ #
494
+ # @param parent [::String]
495
+ # Required. The resource name of the
496
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to list, in the format
497
+ # `projects/*/locations/*/keyRings/*/cryptoKeys/*`.
498
+ # @param page_size [::Integer]
499
+ # Optional. Optional limit on the number of
500
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions} to include in the
501
+ # response. Further {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}
502
+ # can subsequently be obtained by including the
503
+ # {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsResponse#next_page_token ListCryptoKeyVersionsResponse.next_page_token}
504
+ # in a subsequent request. If unspecified, the server will pick an
505
+ # appropriate default.
506
+ # @param page_token [::String]
507
+ # Optional. Optional pagination token, returned earlier via
508
+ # {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsResponse#next_page_token ListCryptoKeyVersionsResponse.next_page_token}.
509
+ # @param view [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionView]
510
+ # The fields to include in the response.
511
+ # @param filter [::String]
512
+ # Optional. Only include resources that match the filter in the response. For
513
+ # more information, see
514
+ # [Sorting and filtering list
515
+ # results](https://cloud.google.com/kms/docs/sorting-and-filtering).
516
+ # @param order_by [::String]
517
+ # Optional. Specify how the results should be sorted. If not specified, the
518
+ # results will be sorted in the default order. For more information, see
519
+ # [Sorting and filtering list
520
+ # results](https://cloud.google.com/kms/docs/sorting-and-filtering).
521
+ # @yield [result, operation] Access the result along with the TransportOperation object
522
+ # @yieldparam result [::Gapic::Rest::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKeyVersion>]
523
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
524
+ #
525
+ # @return [::Gapic::Rest::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKeyVersion>]
526
+ #
527
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
528
+ def list_crypto_key_versions request, options = nil
529
+ raise ::ArgumentError, "request must be provided" if request.nil?
530
+
531
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest
532
+
533
+ # Converts hash and nil to an options object
534
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
535
+
536
+ # Customize the options with defaults
537
+ call_metadata = @config.rpcs.list_crypto_key_versions.metadata.to_h
538
+
539
+ # Set x-goog-api-client and x-goog-user-project headers
540
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
541
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
542
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
543
+ transports_version_send: [:rest]
544
+
545
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
546
+
547
+ options.apply_defaults timeout: @config.rpcs.list_crypto_key_versions.timeout,
548
+ metadata: call_metadata,
549
+ retry_policy: @config.rpcs.list_crypto_key_versions.retry_policy
550
+
551
+ options.apply_defaults timeout: @config.timeout,
552
+ metadata: @config.metadata,
553
+ retry_policy: @config.retry_policy
554
+
555
+ @key_management_service_stub.list_crypto_key_versions request, options do |result, operation|
556
+ result = ::Gapic::Rest::PagedEnumerable.new @key_management_service_stub, :list_crypto_key_versions, "crypto_key_versions", request, result, options
557
+ yield result, operation if block_given?
558
+ return result
559
+ end
560
+ rescue ::Gapic::Rest::Error => e
561
+ raise ::Google::Cloud::Error.from_error(e)
562
+ end
563
+
564
+ ##
565
+ # Lists {::Google::Cloud::Kms::V1::ImportJob ImportJobs}.
566
+ #
567
+ # @overload list_import_jobs(request, options = nil)
568
+ # Pass arguments to `list_import_jobs` via a request object, either of type
569
+ # {::Google::Cloud::Kms::V1::ListImportJobsRequest} or an equivalent Hash.
570
+ #
571
+ # @param request [::Google::Cloud::Kms::V1::ListImportJobsRequest, ::Hash]
572
+ # A request object representing the call parameters. Required. To specify no
573
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
574
+ # @param options [::Gapic::CallOptions, ::Hash]
575
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
576
+ #
577
+ # @overload list_import_jobs(parent: nil, page_size: nil, page_token: nil, filter: nil, order_by: nil)
578
+ # Pass arguments to `list_import_jobs` via keyword arguments. Note that at
579
+ # least one keyword argument is required. To specify no parameters, or to keep all
580
+ # the default parameter values, pass an empty Hash as a request object (see above).
581
+ #
582
+ # @param parent [::String]
583
+ # Required. The resource name of the {::Google::Cloud::Kms::V1::KeyRing KeyRing}
584
+ # to list, in the format `projects/*/locations/*/keyRings/*`.
585
+ # @param page_size [::Integer]
586
+ # Optional. Optional limit on the number of
587
+ # {::Google::Cloud::Kms::V1::ImportJob ImportJobs} to include in the response.
588
+ # Further {::Google::Cloud::Kms::V1::ImportJob ImportJobs} can subsequently be
589
+ # obtained by including the
590
+ # {::Google::Cloud::Kms::V1::ListImportJobsResponse#next_page_token ListImportJobsResponse.next_page_token}
591
+ # in a subsequent request. If unspecified, the server will pick an
592
+ # appropriate default.
593
+ # @param page_token [::String]
594
+ # Optional. Optional pagination token, returned earlier via
595
+ # {::Google::Cloud::Kms::V1::ListImportJobsResponse#next_page_token ListImportJobsResponse.next_page_token}.
596
+ # @param filter [::String]
597
+ # Optional. Only include resources that match the filter in the response. For
598
+ # more information, see
599
+ # [Sorting and filtering list
600
+ # results](https://cloud.google.com/kms/docs/sorting-and-filtering).
601
+ # @param order_by [::String]
602
+ # Optional. Specify how the results should be sorted. If not specified, the
603
+ # results will be sorted in the default order. For more information, see
604
+ # [Sorting and filtering list
605
+ # results](https://cloud.google.com/kms/docs/sorting-and-filtering).
606
+ # @yield [result, operation] Access the result along with the TransportOperation object
607
+ # @yieldparam result [::Gapic::Rest::PagedEnumerable<::Google::Cloud::Kms::V1::ImportJob>]
608
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
609
+ #
610
+ # @return [::Gapic::Rest::PagedEnumerable<::Google::Cloud::Kms::V1::ImportJob>]
611
+ #
612
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
613
+ def list_import_jobs request, options = nil
614
+ raise ::ArgumentError, "request must be provided" if request.nil?
615
+
616
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ListImportJobsRequest
617
+
618
+ # Converts hash and nil to an options object
619
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
620
+
621
+ # Customize the options with defaults
622
+ call_metadata = @config.rpcs.list_import_jobs.metadata.to_h
623
+
624
+ # Set x-goog-api-client and x-goog-user-project headers
625
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
626
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
627
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
628
+ transports_version_send: [:rest]
629
+
630
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
631
+
632
+ options.apply_defaults timeout: @config.rpcs.list_import_jobs.timeout,
633
+ metadata: call_metadata,
634
+ retry_policy: @config.rpcs.list_import_jobs.retry_policy
635
+
636
+ options.apply_defaults timeout: @config.timeout,
637
+ metadata: @config.metadata,
638
+ retry_policy: @config.retry_policy
639
+
640
+ @key_management_service_stub.list_import_jobs request, options do |result, operation|
641
+ result = ::Gapic::Rest::PagedEnumerable.new @key_management_service_stub, :list_import_jobs, "import_jobs", request, result, options
642
+ yield result, operation if block_given?
643
+ return result
644
+ end
645
+ rescue ::Gapic::Rest::Error => e
646
+ raise ::Google::Cloud::Error.from_error(e)
647
+ end
648
+
649
+ ##
650
+ # Returns metadata for a given {::Google::Cloud::Kms::V1::KeyRing KeyRing}.
651
+ #
652
+ # @overload get_key_ring(request, options = nil)
653
+ # Pass arguments to `get_key_ring` via a request object, either of type
654
+ # {::Google::Cloud::Kms::V1::GetKeyRingRequest} or an equivalent Hash.
655
+ #
656
+ # @param request [::Google::Cloud::Kms::V1::GetKeyRingRequest, ::Hash]
657
+ # A request object representing the call parameters. Required. To specify no
658
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
659
+ # @param options [::Gapic::CallOptions, ::Hash]
660
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
661
+ #
662
+ # @overload get_key_ring(name: nil)
663
+ # Pass arguments to `get_key_ring` via keyword arguments. Note that at
664
+ # least one keyword argument is required. To specify no parameters, or to keep all
665
+ # the default parameter values, pass an empty Hash as a request object (see above).
666
+ #
667
+ # @param name [::String]
668
+ # Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the
669
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRing} to get.
670
+ # @yield [result, operation] Access the result along with the TransportOperation object
671
+ # @yieldparam result [::Google::Cloud::Kms::V1::KeyRing]
672
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
673
+ #
674
+ # @return [::Google::Cloud::Kms::V1::KeyRing]
675
+ #
676
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
677
+ def get_key_ring request, options = nil
678
+ raise ::ArgumentError, "request must be provided" if request.nil?
679
+
680
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetKeyRingRequest
681
+
682
+ # Converts hash and nil to an options object
683
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
684
+
685
+ # Customize the options with defaults
686
+ call_metadata = @config.rpcs.get_key_ring.metadata.to_h
687
+
688
+ # Set x-goog-api-client and x-goog-user-project headers
689
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
690
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
691
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
692
+ transports_version_send: [:rest]
693
+
694
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
695
+
696
+ options.apply_defaults timeout: @config.rpcs.get_key_ring.timeout,
697
+ metadata: call_metadata,
698
+ retry_policy: @config.rpcs.get_key_ring.retry_policy
699
+
700
+ options.apply_defaults timeout: @config.timeout,
701
+ metadata: @config.metadata,
702
+ retry_policy: @config.retry_policy
703
+
704
+ @key_management_service_stub.get_key_ring request, options do |result, operation|
705
+ yield result, operation if block_given?
706
+ return result
707
+ end
708
+ rescue ::Gapic::Rest::Error => e
709
+ raise ::Google::Cloud::Error.from_error(e)
710
+ end
711
+
712
+ ##
713
+ # Returns metadata for a given {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}, as
714
+ # well as its {::Google::Cloud::Kms::V1::CryptoKey#primary primary}
715
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
716
+ #
717
+ # @overload get_crypto_key(request, options = nil)
718
+ # Pass arguments to `get_crypto_key` via a request object, either of type
719
+ # {::Google::Cloud::Kms::V1::GetCryptoKeyRequest} or an equivalent Hash.
720
+ #
721
+ # @param request [::Google::Cloud::Kms::V1::GetCryptoKeyRequest, ::Hash]
722
+ # A request object representing the call parameters. Required. To specify no
723
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
724
+ # @param options [::Gapic::CallOptions, ::Hash]
725
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
726
+ #
727
+ # @overload get_crypto_key(name: nil)
728
+ # Pass arguments to `get_crypto_key` via keyword arguments. Note that at
729
+ # least one keyword argument is required. To specify no parameters, or to keep all
730
+ # the default parameter values, pass an empty Hash as a request object (see above).
731
+ #
732
+ # @param name [::String]
733
+ # Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
734
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to get.
735
+ # @yield [result, operation] Access the result along with the TransportOperation object
736
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKey]
737
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
738
+ #
739
+ # @return [::Google::Cloud::Kms::V1::CryptoKey]
740
+ #
741
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
742
+ def get_crypto_key request, options = nil
743
+ raise ::ArgumentError, "request must be provided" if request.nil?
744
+
745
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetCryptoKeyRequest
746
+
747
+ # Converts hash and nil to an options object
748
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
749
+
750
+ # Customize the options with defaults
751
+ call_metadata = @config.rpcs.get_crypto_key.metadata.to_h
752
+
753
+ # Set x-goog-api-client and x-goog-user-project headers
754
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
755
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
756
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
757
+ transports_version_send: [:rest]
758
+
759
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
760
+
761
+ options.apply_defaults timeout: @config.rpcs.get_crypto_key.timeout,
762
+ metadata: call_metadata,
763
+ retry_policy: @config.rpcs.get_crypto_key.retry_policy
764
+
765
+ options.apply_defaults timeout: @config.timeout,
766
+ metadata: @config.metadata,
767
+ retry_policy: @config.retry_policy
768
+
769
+ @key_management_service_stub.get_crypto_key request, options do |result, operation|
770
+ yield result, operation if block_given?
771
+ return result
772
+ end
773
+ rescue ::Gapic::Rest::Error => e
774
+ raise ::Google::Cloud::Error.from_error(e)
775
+ end
776
+
777
+ ##
778
+ # Returns metadata for a given
779
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
780
+ #
781
+ # @overload get_crypto_key_version(request, options = nil)
782
+ # Pass arguments to `get_crypto_key_version` via a request object, either of type
783
+ # {::Google::Cloud::Kms::V1::GetCryptoKeyVersionRequest} or an equivalent Hash.
784
+ #
785
+ # @param request [::Google::Cloud::Kms::V1::GetCryptoKeyVersionRequest, ::Hash]
786
+ # A request object representing the call parameters. Required. To specify no
787
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
788
+ # @param options [::Gapic::CallOptions, ::Hash]
789
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
790
+ #
791
+ # @overload get_crypto_key_version(name: nil)
792
+ # Pass arguments to `get_crypto_key_version` via keyword arguments. Note that at
793
+ # least one keyword argument is required. To specify no parameters, or to keep all
794
+ # the default parameter values, pass an empty Hash as a request object (see above).
795
+ #
796
+ # @param name [::String]
797
+ # Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the
798
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to get.
799
+ # @yield [result, operation] Access the result along with the TransportOperation object
800
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKeyVersion]
801
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
802
+ #
803
+ # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
804
+ #
805
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
806
+ def get_crypto_key_version request, options = nil
807
+ raise ::ArgumentError, "request must be provided" if request.nil?
808
+
809
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetCryptoKeyVersionRequest
810
+
811
+ # Converts hash and nil to an options object
812
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
813
+
814
+ # Customize the options with defaults
815
+ call_metadata = @config.rpcs.get_crypto_key_version.metadata.to_h
816
+
817
+ # Set x-goog-api-client and x-goog-user-project headers
818
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
819
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
820
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
821
+ transports_version_send: [:rest]
822
+
823
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
824
+
825
+ options.apply_defaults timeout: @config.rpcs.get_crypto_key_version.timeout,
826
+ metadata: call_metadata,
827
+ retry_policy: @config.rpcs.get_crypto_key_version.retry_policy
828
+
829
+ options.apply_defaults timeout: @config.timeout,
830
+ metadata: @config.metadata,
831
+ retry_policy: @config.retry_policy
832
+
833
+ @key_management_service_stub.get_crypto_key_version request, options do |result, operation|
834
+ yield result, operation if block_given?
835
+ return result
836
+ end
837
+ rescue ::Gapic::Rest::Error => e
838
+ raise ::Google::Cloud::Error.from_error(e)
839
+ end
840
+
841
+ ##
842
+ # Returns the public key for the given
843
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. The
844
+ # {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} must be
845
+ # {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ASYMMETRIC_SIGN ASYMMETRIC_SIGN}
846
+ # or
847
+ # {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ASYMMETRIC_DECRYPT ASYMMETRIC_DECRYPT}.
848
+ #
849
+ # @overload get_public_key(request, options = nil)
850
+ # Pass arguments to `get_public_key` via a request object, either of type
851
+ # {::Google::Cloud::Kms::V1::GetPublicKeyRequest} or an equivalent Hash.
852
+ #
853
+ # @param request [::Google::Cloud::Kms::V1::GetPublicKeyRequest, ::Hash]
854
+ # A request object representing the call parameters. Required. To specify no
855
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
856
+ # @param options [::Gapic::CallOptions, ::Hash]
857
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
858
+ #
859
+ # @overload get_public_key(name: nil)
860
+ # Pass arguments to `get_public_key` via keyword arguments. Note that at
861
+ # least one keyword argument is required. To specify no parameters, or to keep all
862
+ # the default parameter values, pass an empty Hash as a request object (see above).
863
+ #
864
+ # @param name [::String]
865
+ # Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the
866
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} public key to get.
867
+ # @yield [result, operation] Access the result along with the TransportOperation object
868
+ # @yieldparam result [::Google::Cloud::Kms::V1::PublicKey]
869
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
870
+ #
871
+ # @return [::Google::Cloud::Kms::V1::PublicKey]
872
+ #
873
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
874
+ def get_public_key request, options = nil
875
+ raise ::ArgumentError, "request must be provided" if request.nil?
876
+
877
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetPublicKeyRequest
878
+
879
+ # Converts hash and nil to an options object
880
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
881
+
882
+ # Customize the options with defaults
883
+ call_metadata = @config.rpcs.get_public_key.metadata.to_h
884
+
885
+ # Set x-goog-api-client and x-goog-user-project headers
886
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
887
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
888
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
889
+ transports_version_send: [:rest]
890
+
891
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
892
+
893
+ options.apply_defaults timeout: @config.rpcs.get_public_key.timeout,
894
+ metadata: call_metadata,
895
+ retry_policy: @config.rpcs.get_public_key.retry_policy
896
+
897
+ options.apply_defaults timeout: @config.timeout,
898
+ metadata: @config.metadata,
899
+ retry_policy: @config.retry_policy
900
+
901
+ @key_management_service_stub.get_public_key request, options do |result, operation|
902
+ yield result, operation if block_given?
903
+ return result
904
+ end
905
+ rescue ::Gapic::Rest::Error => e
906
+ raise ::Google::Cloud::Error.from_error(e)
907
+ end
908
+
909
+ ##
910
+ # Returns metadata for a given {::Google::Cloud::Kms::V1::ImportJob ImportJob}.
911
+ #
912
+ # @overload get_import_job(request, options = nil)
913
+ # Pass arguments to `get_import_job` via a request object, either of type
914
+ # {::Google::Cloud::Kms::V1::GetImportJobRequest} or an equivalent Hash.
915
+ #
916
+ # @param request [::Google::Cloud::Kms::V1::GetImportJobRequest, ::Hash]
917
+ # A request object representing the call parameters. Required. To specify no
918
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
919
+ # @param options [::Gapic::CallOptions, ::Hash]
920
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
921
+ #
922
+ # @overload get_import_job(name: nil)
923
+ # Pass arguments to `get_import_job` via keyword arguments. Note that at
924
+ # least one keyword argument is required. To specify no parameters, or to keep all
925
+ # the default parameter values, pass an empty Hash as a request object (see above).
926
+ #
927
+ # @param name [::String]
928
+ # Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the
929
+ # {::Google::Cloud::Kms::V1::ImportJob ImportJob} to get.
930
+ # @yield [result, operation] Access the result along with the TransportOperation object
931
+ # @yieldparam result [::Google::Cloud::Kms::V1::ImportJob]
932
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
933
+ #
934
+ # @return [::Google::Cloud::Kms::V1::ImportJob]
935
+ #
936
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
937
+ def get_import_job request, options = nil
938
+ raise ::ArgumentError, "request must be provided" if request.nil?
939
+
940
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetImportJobRequest
941
+
942
+ # Converts hash and nil to an options object
943
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
944
+
945
+ # Customize the options with defaults
946
+ call_metadata = @config.rpcs.get_import_job.metadata.to_h
947
+
948
+ # Set x-goog-api-client and x-goog-user-project headers
949
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
950
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
951
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
952
+ transports_version_send: [:rest]
953
+
954
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
955
+
956
+ options.apply_defaults timeout: @config.rpcs.get_import_job.timeout,
957
+ metadata: call_metadata,
958
+ retry_policy: @config.rpcs.get_import_job.retry_policy
959
+
960
+ options.apply_defaults timeout: @config.timeout,
961
+ metadata: @config.metadata,
962
+ retry_policy: @config.retry_policy
963
+
964
+ @key_management_service_stub.get_import_job request, options do |result, operation|
965
+ yield result, operation if block_given?
966
+ return result
967
+ end
968
+ rescue ::Gapic::Rest::Error => e
969
+ raise ::Google::Cloud::Error.from_error(e)
970
+ end
971
+
972
+ ##
973
+ # Create a new {::Google::Cloud::Kms::V1::KeyRing KeyRing} in a given Project and
974
+ # Location.
975
+ #
976
+ # @overload create_key_ring(request, options = nil)
977
+ # Pass arguments to `create_key_ring` via a request object, either of type
978
+ # {::Google::Cloud::Kms::V1::CreateKeyRingRequest} or an equivalent Hash.
979
+ #
980
+ # @param request [::Google::Cloud::Kms::V1::CreateKeyRingRequest, ::Hash]
981
+ # A request object representing the call parameters. Required. To specify no
982
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
983
+ # @param options [::Gapic::CallOptions, ::Hash]
984
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
985
+ #
986
+ # @overload create_key_ring(parent: nil, key_ring_id: nil, key_ring: nil)
987
+ # Pass arguments to `create_key_ring` via keyword arguments. Note that at
988
+ # least one keyword argument is required. To specify no parameters, or to keep all
989
+ # the default parameter values, pass an empty Hash as a request object (see above).
990
+ #
991
+ # @param parent [::String]
992
+ # Required. The resource name of the location associated with the
993
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format
994
+ # `projects/*/locations/*`.
995
+ # @param key_ring_id [::String]
996
+ # Required. It must be unique within a location and match the regular
997
+ # expression `[a-zA-Z0-9_-]{1,63}`
998
+ # @param key_ring [::Google::Cloud::Kms::V1::KeyRing, ::Hash]
999
+ # Required. A {::Google::Cloud::Kms::V1::KeyRing KeyRing} with initial field
1000
+ # values.
1001
+ # @yield [result, operation] Access the result along with the TransportOperation object
1002
+ # @yieldparam result [::Google::Cloud::Kms::V1::KeyRing]
1003
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1004
+ #
1005
+ # @return [::Google::Cloud::Kms::V1::KeyRing]
1006
+ #
1007
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1008
+ def create_key_ring request, options = nil
1009
+ raise ::ArgumentError, "request must be provided" if request.nil?
1010
+
1011
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::CreateKeyRingRequest
1012
+
1013
+ # Converts hash and nil to an options object
1014
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1015
+
1016
+ # Customize the options with defaults
1017
+ call_metadata = @config.rpcs.create_key_ring.metadata.to_h
1018
+
1019
+ # Set x-goog-api-client and x-goog-user-project headers
1020
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1021
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1022
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1023
+ transports_version_send: [:rest]
1024
+
1025
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1026
+
1027
+ options.apply_defaults timeout: @config.rpcs.create_key_ring.timeout,
1028
+ metadata: call_metadata,
1029
+ retry_policy: @config.rpcs.create_key_ring.retry_policy
1030
+
1031
+ options.apply_defaults timeout: @config.timeout,
1032
+ metadata: @config.metadata,
1033
+ retry_policy: @config.retry_policy
1034
+
1035
+ @key_management_service_stub.create_key_ring request, options do |result, operation|
1036
+ yield result, operation if block_given?
1037
+ return result
1038
+ end
1039
+ rescue ::Gapic::Rest::Error => e
1040
+ raise ::Google::Cloud::Error.from_error(e)
1041
+ end
1042
+
1043
+ ##
1044
+ # Create a new {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} within a
1045
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRing}.
1046
+ #
1047
+ # {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} and
1048
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#algorithm CryptoKey.version_template.algorithm}
1049
+ # are required.
1050
+ #
1051
+ # @overload create_crypto_key(request, options = nil)
1052
+ # Pass arguments to `create_crypto_key` via a request object, either of type
1053
+ # {::Google::Cloud::Kms::V1::CreateCryptoKeyRequest} or an equivalent Hash.
1054
+ #
1055
+ # @param request [::Google::Cloud::Kms::V1::CreateCryptoKeyRequest, ::Hash]
1056
+ # A request object representing the call parameters. Required. To specify no
1057
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1058
+ # @param options [::Gapic::CallOptions, ::Hash]
1059
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1060
+ #
1061
+ # @overload create_crypto_key(parent: nil, crypto_key_id: nil, crypto_key: nil, skip_initial_version_creation: nil)
1062
+ # Pass arguments to `create_crypto_key` via keyword arguments. Note that at
1063
+ # least one keyword argument is required. To specify no parameters, or to keep all
1064
+ # the default parameter values, pass an empty Hash as a request object (see above).
1065
+ #
1066
+ # @param parent [::String]
1067
+ # Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the KeyRing
1068
+ # associated with the {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
1069
+ # @param crypto_key_id [::String]
1070
+ # Required. It must be unique within a KeyRing and match the regular
1071
+ # expression `[a-zA-Z0-9_-]{1,63}`
1072
+ # @param crypto_key [::Google::Cloud::Kms::V1::CryptoKey, ::Hash]
1073
+ # Required. A {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} with initial field
1074
+ # values.
1075
+ # @param skip_initial_version_creation [::Boolean]
1076
+ # If set to true, the request will create a
1077
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} without any
1078
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}. You must
1079
+ # manually call
1080
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#create_crypto_key_version CreateCryptoKeyVersion}
1081
+ # or
1082
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#import_crypto_key_version ImportCryptoKeyVersion}
1083
+ # before you can use this {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
1084
+ # @yield [result, operation] Access the result along with the TransportOperation object
1085
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKey]
1086
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1087
+ #
1088
+ # @return [::Google::Cloud::Kms::V1::CryptoKey]
1089
+ #
1090
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1091
+ def create_crypto_key request, options = nil
1092
+ raise ::ArgumentError, "request must be provided" if request.nil?
1093
+
1094
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::CreateCryptoKeyRequest
1095
+
1096
+ # Converts hash and nil to an options object
1097
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1098
+
1099
+ # Customize the options with defaults
1100
+ call_metadata = @config.rpcs.create_crypto_key.metadata.to_h
1101
+
1102
+ # Set x-goog-api-client and x-goog-user-project headers
1103
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1104
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1105
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1106
+ transports_version_send: [:rest]
1107
+
1108
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1109
+
1110
+ options.apply_defaults timeout: @config.rpcs.create_crypto_key.timeout,
1111
+ metadata: call_metadata,
1112
+ retry_policy: @config.rpcs.create_crypto_key.retry_policy
1113
+
1114
+ options.apply_defaults timeout: @config.timeout,
1115
+ metadata: @config.metadata,
1116
+ retry_policy: @config.retry_policy
1117
+
1118
+ @key_management_service_stub.create_crypto_key request, options do |result, operation|
1119
+ yield result, operation if block_given?
1120
+ return result
1121
+ end
1122
+ rescue ::Gapic::Rest::Error => e
1123
+ raise ::Google::Cloud::Error.from_error(e)
1124
+ end
1125
+
1126
+ ##
1127
+ # Create a new {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} in a
1128
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
1129
+ #
1130
+ # The server will assign the next sequential id. If unset,
1131
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} will be set to
1132
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::ENABLED ENABLED}.
1133
+ #
1134
+ # @overload create_crypto_key_version(request, options = nil)
1135
+ # Pass arguments to `create_crypto_key_version` via a request object, either of type
1136
+ # {::Google::Cloud::Kms::V1::CreateCryptoKeyVersionRequest} or an equivalent Hash.
1137
+ #
1138
+ # @param request [::Google::Cloud::Kms::V1::CreateCryptoKeyVersionRequest, ::Hash]
1139
+ # A request object representing the call parameters. Required. To specify no
1140
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1141
+ # @param options [::Gapic::CallOptions, ::Hash]
1142
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1143
+ #
1144
+ # @overload create_crypto_key_version(parent: nil, crypto_key_version: nil)
1145
+ # Pass arguments to `create_crypto_key_version` via keyword arguments. Note that at
1146
+ # least one keyword argument is required. To specify no parameters, or to keep all
1147
+ # the default parameter values, pass an empty Hash as a request object (see above).
1148
+ #
1149
+ # @param parent [::String]
1150
+ # Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
1151
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} associated with the
1152
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
1153
+ # @param crypto_key_version [::Google::Cloud::Kms::V1::CryptoKeyVersion, ::Hash]
1154
+ # Required. A {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with
1155
+ # initial field values.
1156
+ # @yield [result, operation] Access the result along with the TransportOperation object
1157
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1158
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1159
+ #
1160
+ # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1161
+ #
1162
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1163
+ def create_crypto_key_version request, options = nil
1164
+ raise ::ArgumentError, "request must be provided" if request.nil?
1165
+
1166
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::CreateCryptoKeyVersionRequest
1167
+
1168
+ # Converts hash and nil to an options object
1169
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1170
+
1171
+ # Customize the options with defaults
1172
+ call_metadata = @config.rpcs.create_crypto_key_version.metadata.to_h
1173
+
1174
+ # Set x-goog-api-client and x-goog-user-project headers
1175
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1176
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1177
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1178
+ transports_version_send: [:rest]
1179
+
1180
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1181
+
1182
+ options.apply_defaults timeout: @config.rpcs.create_crypto_key_version.timeout,
1183
+ metadata: call_metadata,
1184
+ retry_policy: @config.rpcs.create_crypto_key_version.retry_policy
1185
+
1186
+ options.apply_defaults timeout: @config.timeout,
1187
+ metadata: @config.metadata,
1188
+ retry_policy: @config.retry_policy
1189
+
1190
+ @key_management_service_stub.create_crypto_key_version request, options do |result, operation|
1191
+ yield result, operation if block_given?
1192
+ return result
1193
+ end
1194
+ rescue ::Gapic::Rest::Error => e
1195
+ raise ::Google::Cloud::Error.from_error(e)
1196
+ end
1197
+
1198
+ ##
1199
+ # Import wrapped key material into a
1200
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
1201
+ #
1202
+ # All requests must specify a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}. If
1203
+ # a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} is additionally
1204
+ # specified in the request, key material will be reimported into that
1205
+ # version. Otherwise, a new version will be created, and will be assigned the
1206
+ # next sequential id within the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
1207
+ #
1208
+ # @overload import_crypto_key_version(request, options = nil)
1209
+ # Pass arguments to `import_crypto_key_version` via a request object, either of type
1210
+ # {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest} or an equivalent Hash.
1211
+ #
1212
+ # @param request [::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest, ::Hash]
1213
+ # A request object representing the call parameters. Required. To specify no
1214
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1215
+ # @param options [::Gapic::CallOptions, ::Hash]
1216
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1217
+ #
1218
+ # @overload import_crypto_key_version(parent: nil, crypto_key_version: nil, algorithm: nil, import_job: nil, wrapped_key: nil, rsa_aes_wrapped_key: nil)
1219
+ # Pass arguments to `import_crypto_key_version` via keyword arguments. Note that at
1220
+ # least one keyword argument is required. To specify no parameters, or to keep all
1221
+ # the default parameter values, pass an empty Hash as a request object (see above).
1222
+ #
1223
+ # @param parent [::String]
1224
+ # Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the
1225
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to be imported into.
1226
+ #
1227
+ # The create permission is only required on this key when creating a new
1228
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
1229
+ # @param crypto_key_version [::String]
1230
+ # Optional. The optional {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of
1231
+ # an existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to
1232
+ # target for an import operation. If this field is not present, a new
1233
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} containing the
1234
+ # supplied key material is created.
1235
+ #
1236
+ # If this field is present, the supplied key material is imported into
1237
+ # the existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. To
1238
+ # import into an existing
1239
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}, the
1240
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} must be a child of
1241
+ # {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest#parent ImportCryptoKeyVersionRequest.parent},
1242
+ # have been previously created via [ImportCryptoKeyVersion][], and be in
1243
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED}
1244
+ # or
1245
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::IMPORT_FAILED IMPORT_FAILED}
1246
+ # state. The key material and algorithm must match the previous
1247
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} exactly if the
1248
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} has ever contained
1249
+ # key material.
1250
+ # @param algorithm [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm]
1251
+ # Required. The
1252
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm algorithm}
1253
+ # of the key being imported. This does not need to match the
1254
+ # {::Google::Cloud::Kms::V1::CryptoKey#version_template version_template} of the
1255
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} this version imports into.
1256
+ # @param import_job [::String]
1257
+ # Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the
1258
+ # {::Google::Cloud::Kms::V1::ImportJob ImportJob} that was used to wrap this key
1259
+ # material.
1260
+ # @param wrapped_key [::String]
1261
+ # Optional. The wrapped key material to import.
1262
+ #
1263
+ # Before wrapping, key material must be formatted. If importing symmetric key
1264
+ # material, the expected key material format is plain bytes. If importing
1265
+ # asymmetric key material, the expected key material format is PKCS#8-encoded
1266
+ # DER (the PrivateKeyInfo structure from RFC 5208).
1267
+ #
1268
+ # When wrapping with import methods
1269
+ # ({::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_3072_SHA1_AES_256 RSA_OAEP_3072_SHA1_AES_256}
1270
+ # or
1271
+ # {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_4096_SHA1_AES_256 RSA_OAEP_4096_SHA1_AES_256}
1272
+ # or
1273
+ # {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_3072_SHA256_AES_256 RSA_OAEP_3072_SHA256_AES_256}
1274
+ # or
1275
+ # {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_4096_SHA256_AES_256 RSA_OAEP_4096_SHA256_AES_256}),
1276
+ #
1277
+ # this field must contain the concatenation of:
1278
+ # <ol>
1279
+ # <li>An ephemeral AES-256 wrapping key wrapped with the
1280
+ # {::Google::Cloud::Kms::V1::ImportJob#public_key public_key} using
1281
+ # RSAES-OAEP with SHA-1/SHA-256, MGF1 with SHA-1/SHA-256, and an empty
1282
+ # label.
1283
+ # </li>
1284
+ # <li>The formatted key to be imported, wrapped with the ephemeral AES-256
1285
+ # key using AES-KWP (RFC 5649).
1286
+ # </li>
1287
+ # </ol>
1288
+ #
1289
+ # This format is the same as the format produced by PKCS#11 mechanism
1290
+ # CKM_RSA_AES_KEY_WRAP.
1291
+ #
1292
+ # When wrapping with import methods
1293
+ # ({::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_3072_SHA256 RSA_OAEP_3072_SHA256}
1294
+ # or
1295
+ # {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_4096_SHA256 RSA_OAEP_4096_SHA256}),
1296
+ #
1297
+ # this field must contain the formatted key to be imported, wrapped with the
1298
+ # {::Google::Cloud::Kms::V1::ImportJob#public_key public_key} using RSAES-OAEP
1299
+ # with SHA-256, MGF1 with SHA-256, and an empty label.
1300
+ # @param rsa_aes_wrapped_key [::String]
1301
+ # Optional. This field has the same meaning as
1302
+ # {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest#wrapped_key wrapped_key}.
1303
+ # Prefer to use that field in new work. Either that field or this field
1304
+ # (but not both) must be specified.
1305
+ # @yield [result, operation] Access the result along with the TransportOperation object
1306
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1307
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1308
+ #
1309
+ # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1310
+ #
1311
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1312
+ def import_crypto_key_version request, options = nil
1313
+ raise ::ArgumentError, "request must be provided" if request.nil?
1314
+
1315
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest
1316
+
1317
+ # Converts hash and nil to an options object
1318
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1319
+
1320
+ # Customize the options with defaults
1321
+ call_metadata = @config.rpcs.import_crypto_key_version.metadata.to_h
1322
+
1323
+ # Set x-goog-api-client and x-goog-user-project headers
1324
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1325
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1326
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1327
+ transports_version_send: [:rest]
1328
+
1329
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1330
+
1331
+ options.apply_defaults timeout: @config.rpcs.import_crypto_key_version.timeout,
1332
+ metadata: call_metadata,
1333
+ retry_policy: @config.rpcs.import_crypto_key_version.retry_policy
1334
+
1335
+ options.apply_defaults timeout: @config.timeout,
1336
+ metadata: @config.metadata,
1337
+ retry_policy: @config.retry_policy
1338
+
1339
+ @key_management_service_stub.import_crypto_key_version request, options do |result, operation|
1340
+ yield result, operation if block_given?
1341
+ return result
1342
+ end
1343
+ rescue ::Gapic::Rest::Error => e
1344
+ raise ::Google::Cloud::Error.from_error(e)
1345
+ end
1346
+
1347
+ ##
1348
+ # Create a new {::Google::Cloud::Kms::V1::ImportJob ImportJob} within a
1349
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRing}.
1350
+ #
1351
+ # {::Google::Cloud::Kms::V1::ImportJob#import_method ImportJob.import_method} is
1352
+ # required.
1353
+ #
1354
+ # @overload create_import_job(request, options = nil)
1355
+ # Pass arguments to `create_import_job` via a request object, either of type
1356
+ # {::Google::Cloud::Kms::V1::CreateImportJobRequest} or an equivalent Hash.
1357
+ #
1358
+ # @param request [::Google::Cloud::Kms::V1::CreateImportJobRequest, ::Hash]
1359
+ # A request object representing the call parameters. Required. To specify no
1360
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1361
+ # @param options [::Gapic::CallOptions, ::Hash]
1362
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1363
+ #
1364
+ # @overload create_import_job(parent: nil, import_job_id: nil, import_job: nil)
1365
+ # Pass arguments to `create_import_job` via keyword arguments. Note that at
1366
+ # least one keyword argument is required. To specify no parameters, or to keep all
1367
+ # the default parameter values, pass an empty Hash as a request object (see above).
1368
+ #
1369
+ # @param parent [::String]
1370
+ # Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the
1371
+ # {::Google::Cloud::Kms::V1::KeyRing KeyRing} associated with the
1372
+ # {::Google::Cloud::Kms::V1::ImportJob ImportJobs}.
1373
+ # @param import_job_id [::String]
1374
+ # Required. It must be unique within a KeyRing and match the regular
1375
+ # expression `[a-zA-Z0-9_-]{1,63}`
1376
+ # @param import_job [::Google::Cloud::Kms::V1::ImportJob, ::Hash]
1377
+ # Required. An {::Google::Cloud::Kms::V1::ImportJob ImportJob} with initial field
1378
+ # values.
1379
+ # @yield [result, operation] Access the result along with the TransportOperation object
1380
+ # @yieldparam result [::Google::Cloud::Kms::V1::ImportJob]
1381
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1382
+ #
1383
+ # @return [::Google::Cloud::Kms::V1::ImportJob]
1384
+ #
1385
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1386
+ def create_import_job request, options = nil
1387
+ raise ::ArgumentError, "request must be provided" if request.nil?
1388
+
1389
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::CreateImportJobRequest
1390
+
1391
+ # Converts hash and nil to an options object
1392
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1393
+
1394
+ # Customize the options with defaults
1395
+ call_metadata = @config.rpcs.create_import_job.metadata.to_h
1396
+
1397
+ # Set x-goog-api-client and x-goog-user-project headers
1398
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1399
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1400
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1401
+ transports_version_send: [:rest]
1402
+
1403
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1404
+
1405
+ options.apply_defaults timeout: @config.rpcs.create_import_job.timeout,
1406
+ metadata: call_metadata,
1407
+ retry_policy: @config.rpcs.create_import_job.retry_policy
1408
+
1409
+ options.apply_defaults timeout: @config.timeout,
1410
+ metadata: @config.metadata,
1411
+ retry_policy: @config.retry_policy
1412
+
1413
+ @key_management_service_stub.create_import_job request, options do |result, operation|
1414
+ yield result, operation if block_given?
1415
+ return result
1416
+ end
1417
+ rescue ::Gapic::Rest::Error => e
1418
+ raise ::Google::Cloud::Error.from_error(e)
1419
+ end
1420
+
1421
+ ##
1422
+ # Update a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
1423
+ #
1424
+ # @overload update_crypto_key(request, options = nil)
1425
+ # Pass arguments to `update_crypto_key` via a request object, either of type
1426
+ # {::Google::Cloud::Kms::V1::UpdateCryptoKeyRequest} or an equivalent Hash.
1427
+ #
1428
+ # @param request [::Google::Cloud::Kms::V1::UpdateCryptoKeyRequest, ::Hash]
1429
+ # A request object representing the call parameters. Required. To specify no
1430
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1431
+ # @param options [::Gapic::CallOptions, ::Hash]
1432
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1433
+ #
1434
+ # @overload update_crypto_key(crypto_key: nil, update_mask: nil)
1435
+ # Pass arguments to `update_crypto_key` via keyword arguments. Note that at
1436
+ # least one keyword argument is required. To specify no parameters, or to keep all
1437
+ # the default parameter values, pass an empty Hash as a request object (see above).
1438
+ #
1439
+ # @param crypto_key [::Google::Cloud::Kms::V1::CryptoKey, ::Hash]
1440
+ # Required. {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} with updated values.
1441
+ # @param update_mask [::Google::Protobuf::FieldMask, ::Hash]
1442
+ # Required. List of fields to be updated in this request.
1443
+ # @yield [result, operation] Access the result along with the TransportOperation object
1444
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKey]
1445
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1446
+ #
1447
+ # @return [::Google::Cloud::Kms::V1::CryptoKey]
1448
+ #
1449
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1450
+ def update_crypto_key request, options = nil
1451
+ raise ::ArgumentError, "request must be provided" if request.nil?
1452
+
1453
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::UpdateCryptoKeyRequest
1454
+
1455
+ # Converts hash and nil to an options object
1456
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1457
+
1458
+ # Customize the options with defaults
1459
+ call_metadata = @config.rpcs.update_crypto_key.metadata.to_h
1460
+
1461
+ # Set x-goog-api-client and x-goog-user-project headers
1462
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1463
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1464
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1465
+ transports_version_send: [:rest]
1466
+
1467
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1468
+
1469
+ options.apply_defaults timeout: @config.rpcs.update_crypto_key.timeout,
1470
+ metadata: call_metadata,
1471
+ retry_policy: @config.rpcs.update_crypto_key.retry_policy
1472
+
1473
+ options.apply_defaults timeout: @config.timeout,
1474
+ metadata: @config.metadata,
1475
+ retry_policy: @config.retry_policy
1476
+
1477
+ @key_management_service_stub.update_crypto_key request, options do |result, operation|
1478
+ yield result, operation if block_given?
1479
+ return result
1480
+ end
1481
+ rescue ::Gapic::Rest::Error => e
1482
+ raise ::Google::Cloud::Error.from_error(e)
1483
+ end
1484
+
1485
+ ##
1486
+ # Update a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s
1487
+ # metadata.
1488
+ #
1489
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} may be changed between
1490
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::ENABLED ENABLED}
1491
+ # and
1492
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DISABLED DISABLED}
1493
+ # using this method. See
1494
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#destroy_crypto_key_version DestroyCryptoKeyVersion}
1495
+ # and
1496
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#restore_crypto_key_version RestoreCryptoKeyVersion}
1497
+ # to move between other states.
1498
+ #
1499
+ # @overload update_crypto_key_version(request, options = nil)
1500
+ # Pass arguments to `update_crypto_key_version` via a request object, either of type
1501
+ # {::Google::Cloud::Kms::V1::UpdateCryptoKeyVersionRequest} or an equivalent Hash.
1502
+ #
1503
+ # @param request [::Google::Cloud::Kms::V1::UpdateCryptoKeyVersionRequest, ::Hash]
1504
+ # A request object representing the call parameters. Required. To specify no
1505
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1506
+ # @param options [::Gapic::CallOptions, ::Hash]
1507
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1508
+ #
1509
+ # @overload update_crypto_key_version(crypto_key_version: nil, update_mask: nil)
1510
+ # Pass arguments to `update_crypto_key_version` via keyword arguments. Note that at
1511
+ # least one keyword argument is required. To specify no parameters, or to keep all
1512
+ # the default parameter values, pass an empty Hash as a request object (see above).
1513
+ #
1514
+ # @param crypto_key_version [::Google::Cloud::Kms::V1::CryptoKeyVersion, ::Hash]
1515
+ # Required. {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with
1516
+ # updated values.
1517
+ # @param update_mask [::Google::Protobuf::FieldMask, ::Hash]
1518
+ # Required. List of fields to be updated in this request.
1519
+ # @yield [result, operation] Access the result along with the TransportOperation object
1520
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1521
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1522
+ #
1523
+ # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1524
+ #
1525
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1526
+ def update_crypto_key_version request, options = nil
1527
+ raise ::ArgumentError, "request must be provided" if request.nil?
1528
+
1529
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::UpdateCryptoKeyVersionRequest
1530
+
1531
+ # Converts hash and nil to an options object
1532
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1533
+
1534
+ # Customize the options with defaults
1535
+ call_metadata = @config.rpcs.update_crypto_key_version.metadata.to_h
1536
+
1537
+ # Set x-goog-api-client and x-goog-user-project headers
1538
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1539
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1540
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1541
+ transports_version_send: [:rest]
1542
+
1543
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1544
+
1545
+ options.apply_defaults timeout: @config.rpcs.update_crypto_key_version.timeout,
1546
+ metadata: call_metadata,
1547
+ retry_policy: @config.rpcs.update_crypto_key_version.retry_policy
1548
+
1549
+ options.apply_defaults timeout: @config.timeout,
1550
+ metadata: @config.metadata,
1551
+ retry_policy: @config.retry_policy
1552
+
1553
+ @key_management_service_stub.update_crypto_key_version request, options do |result, operation|
1554
+ yield result, operation if block_given?
1555
+ return result
1556
+ end
1557
+ rescue ::Gapic::Rest::Error => e
1558
+ raise ::Google::Cloud::Error.from_error(e)
1559
+ end
1560
+
1561
+ ##
1562
+ # Update the version of a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} that
1563
+ # will be used in
1564
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#encrypt Encrypt}.
1565
+ #
1566
+ # Returns an error if called on a key whose purpose is not
1567
+ # {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ENCRYPT_DECRYPT ENCRYPT_DECRYPT}.
1568
+ #
1569
+ # @overload update_crypto_key_primary_version(request, options = nil)
1570
+ # Pass arguments to `update_crypto_key_primary_version` via a request object, either of type
1571
+ # {::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest} or an equivalent Hash.
1572
+ #
1573
+ # @param request [::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest, ::Hash]
1574
+ # A request object representing the call parameters. Required. To specify no
1575
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1576
+ # @param options [::Gapic::CallOptions, ::Hash]
1577
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1578
+ #
1579
+ # @overload update_crypto_key_primary_version(name: nil, crypto_key_version_id: nil)
1580
+ # Pass arguments to `update_crypto_key_primary_version` via keyword arguments. Note that at
1581
+ # least one keyword argument is required. To specify no parameters, or to keep all
1582
+ # the default parameter values, pass an empty Hash as a request object (see above).
1583
+ #
1584
+ # @param name [::String]
1585
+ # Required. The resource name of the
1586
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to update.
1587
+ # @param crypto_key_version_id [::String]
1588
+ # Required. The id of the child
1589
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use as primary.
1590
+ # @yield [result, operation] Access the result along with the TransportOperation object
1591
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKey]
1592
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1593
+ #
1594
+ # @return [::Google::Cloud::Kms::V1::CryptoKey]
1595
+ #
1596
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1597
+ def update_crypto_key_primary_version request, options = nil
1598
+ raise ::ArgumentError, "request must be provided" if request.nil?
1599
+
1600
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest
1601
+
1602
+ # Converts hash and nil to an options object
1603
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1604
+
1605
+ # Customize the options with defaults
1606
+ call_metadata = @config.rpcs.update_crypto_key_primary_version.metadata.to_h
1607
+
1608
+ # Set x-goog-api-client and x-goog-user-project headers
1609
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1610
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1611
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1612
+ transports_version_send: [:rest]
1613
+
1614
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1615
+
1616
+ options.apply_defaults timeout: @config.rpcs.update_crypto_key_primary_version.timeout,
1617
+ metadata: call_metadata,
1618
+ retry_policy: @config.rpcs.update_crypto_key_primary_version.retry_policy
1619
+
1620
+ options.apply_defaults timeout: @config.timeout,
1621
+ metadata: @config.metadata,
1622
+ retry_policy: @config.retry_policy
1623
+
1624
+ @key_management_service_stub.update_crypto_key_primary_version request, options do |result, operation|
1625
+ yield result, operation if block_given?
1626
+ return result
1627
+ end
1628
+ rescue ::Gapic::Rest::Error => e
1629
+ raise ::Google::Cloud::Error.from_error(e)
1630
+ end
1631
+
1632
+ ##
1633
+ # Schedule a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} for
1634
+ # destruction.
1635
+ #
1636
+ # Upon calling this method,
1637
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion#state CryptoKeyVersion.state} will
1638
+ # be set to
1639
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROY_SCHEDULED DESTROY_SCHEDULED},
1640
+ # and {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will
1641
+ # be set to the time
1642
+ # {::Google::Cloud::Kms::V1::CryptoKey#destroy_scheduled_duration destroy_scheduled_duration}
1643
+ # in the future. At that time, the
1644
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} will automatically
1645
+ # change to
1646
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED},
1647
+ # and the key material will be irrevocably destroyed.
1648
+ #
1649
+ # Before the
1650
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} is
1651
+ # reached,
1652
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#restore_crypto_key_version RestoreCryptoKeyVersion}
1653
+ # may be called to reverse the process.
1654
+ #
1655
+ # @overload destroy_crypto_key_version(request, options = nil)
1656
+ # Pass arguments to `destroy_crypto_key_version` via a request object, either of type
1657
+ # {::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest} or an equivalent Hash.
1658
+ #
1659
+ # @param request [::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest, ::Hash]
1660
+ # A request object representing the call parameters. Required. To specify no
1661
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1662
+ # @param options [::Gapic::CallOptions, ::Hash]
1663
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1664
+ #
1665
+ # @overload destroy_crypto_key_version(name: nil)
1666
+ # Pass arguments to `destroy_crypto_key_version` via keyword arguments. Note that at
1667
+ # least one keyword argument is required. To specify no parameters, or to keep all
1668
+ # the default parameter values, pass an empty Hash as a request object (see above).
1669
+ #
1670
+ # @param name [::String]
1671
+ # Required. The resource name of the
1672
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to destroy.
1673
+ # @yield [result, operation] Access the result along with the TransportOperation object
1674
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1675
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1676
+ #
1677
+ # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1678
+ #
1679
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1680
+ def destroy_crypto_key_version request, options = nil
1681
+ raise ::ArgumentError, "request must be provided" if request.nil?
1682
+
1683
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest
1684
+
1685
+ # Converts hash and nil to an options object
1686
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1687
+
1688
+ # Customize the options with defaults
1689
+ call_metadata = @config.rpcs.destroy_crypto_key_version.metadata.to_h
1690
+
1691
+ # Set x-goog-api-client and x-goog-user-project headers
1692
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1693
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1694
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1695
+ transports_version_send: [:rest]
1696
+
1697
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1698
+
1699
+ options.apply_defaults timeout: @config.rpcs.destroy_crypto_key_version.timeout,
1700
+ metadata: call_metadata,
1701
+ retry_policy: @config.rpcs.destroy_crypto_key_version.retry_policy
1702
+
1703
+ options.apply_defaults timeout: @config.timeout,
1704
+ metadata: @config.metadata,
1705
+ retry_policy: @config.retry_policy
1706
+
1707
+ @key_management_service_stub.destroy_crypto_key_version request, options do |result, operation|
1708
+ yield result, operation if block_given?
1709
+ return result
1710
+ end
1711
+ rescue ::Gapic::Rest::Error => e
1712
+ raise ::Google::Cloud::Error.from_error(e)
1713
+ end
1714
+
1715
+ ##
1716
+ # Restore a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} in the
1717
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROY_SCHEDULED DESTROY_SCHEDULED}
1718
+ # state.
1719
+ #
1720
+ # Upon restoration of the CryptoKeyVersion,
1721
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} will be set to
1722
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DISABLED DISABLED},
1723
+ # and {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will
1724
+ # be cleared.
1725
+ #
1726
+ # @overload restore_crypto_key_version(request, options = nil)
1727
+ # Pass arguments to `restore_crypto_key_version` via a request object, either of type
1728
+ # {::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest} or an equivalent Hash.
1729
+ #
1730
+ # @param request [::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest, ::Hash]
1731
+ # A request object representing the call parameters. Required. To specify no
1732
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1733
+ # @param options [::Gapic::CallOptions, ::Hash]
1734
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1735
+ #
1736
+ # @overload restore_crypto_key_version(name: nil)
1737
+ # Pass arguments to `restore_crypto_key_version` via keyword arguments. Note that at
1738
+ # least one keyword argument is required. To specify no parameters, or to keep all
1739
+ # the default parameter values, pass an empty Hash as a request object (see above).
1740
+ #
1741
+ # @param name [::String]
1742
+ # Required. The resource name of the
1743
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to restore.
1744
+ # @yield [result, operation] Access the result along with the TransportOperation object
1745
+ # @yieldparam result [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1746
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1747
+ #
1748
+ # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1749
+ #
1750
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1751
+ def restore_crypto_key_version request, options = nil
1752
+ raise ::ArgumentError, "request must be provided" if request.nil?
1753
+
1754
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest
1755
+
1756
+ # Converts hash and nil to an options object
1757
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1758
+
1759
+ # Customize the options with defaults
1760
+ call_metadata = @config.rpcs.restore_crypto_key_version.metadata.to_h
1761
+
1762
+ # Set x-goog-api-client and x-goog-user-project headers
1763
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1764
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1765
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1766
+ transports_version_send: [:rest]
1767
+
1768
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1769
+
1770
+ options.apply_defaults timeout: @config.rpcs.restore_crypto_key_version.timeout,
1771
+ metadata: call_metadata,
1772
+ retry_policy: @config.rpcs.restore_crypto_key_version.retry_policy
1773
+
1774
+ options.apply_defaults timeout: @config.timeout,
1775
+ metadata: @config.metadata,
1776
+ retry_policy: @config.retry_policy
1777
+
1778
+ @key_management_service_stub.restore_crypto_key_version request, options do |result, operation|
1779
+ yield result, operation if block_given?
1780
+ return result
1781
+ end
1782
+ rescue ::Gapic::Rest::Error => e
1783
+ raise ::Google::Cloud::Error.from_error(e)
1784
+ end
1785
+
1786
+ ##
1787
+ # Encrypts data, so that it can only be recovered by a call to
1788
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#decrypt Decrypt}. The
1789
+ # {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} must be
1790
+ # {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ENCRYPT_DECRYPT ENCRYPT_DECRYPT}.
1791
+ #
1792
+ # @overload encrypt(request, options = nil)
1793
+ # Pass arguments to `encrypt` via a request object, either of type
1794
+ # {::Google::Cloud::Kms::V1::EncryptRequest} or an equivalent Hash.
1795
+ #
1796
+ # @param request [::Google::Cloud::Kms::V1::EncryptRequest, ::Hash]
1797
+ # A request object representing the call parameters. Required. To specify no
1798
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1799
+ # @param options [::Gapic::CallOptions, ::Hash]
1800
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1801
+ #
1802
+ # @overload encrypt(name: nil, plaintext: nil, additional_authenticated_data: nil, plaintext_crc32c: nil, additional_authenticated_data_crc32c: nil)
1803
+ # Pass arguments to `encrypt` via keyword arguments. Note that at
1804
+ # least one keyword argument is required. To specify no parameters, or to keep all
1805
+ # the default parameter values, pass an empty Hash as a request object (see above).
1806
+ #
1807
+ # @param name [::String]
1808
+ # Required. The resource name of the
1809
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} or
1810
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
1811
+ # encryption.
1812
+ #
1813
+ # If a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} is specified, the server
1814
+ # will use its {::Google::Cloud::Kms::V1::CryptoKey#primary primary version}.
1815
+ # @param plaintext [::String]
1816
+ # Required. The data to encrypt. Must be no larger than 64KiB.
1817
+ #
1818
+ # The maximum size depends on the key version's
1819
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
1820
+ # For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE},
1821
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL EXTERNAL}, and
1822
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL_VPC EXTERNAL_VPC} keys, the
1823
+ # plaintext must be no larger than 64KiB. For
1824
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of
1825
+ # the plaintext and additional_authenticated_data fields must be no larger
1826
+ # than 8KiB.
1827
+ # @param additional_authenticated_data [::String]
1828
+ # Optional. Optional data that, if specified, must also be provided during
1829
+ # decryption through
1830
+ # {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}.
1831
+ #
1832
+ # The maximum size depends on the key version's
1833
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
1834
+ # For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE},
1835
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL EXTERNAL}, and
1836
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::EXTERNAL_VPC EXTERNAL_VPC} keys the
1837
+ # AAD must be no larger than 64KiB. For
1838
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of
1839
+ # the plaintext and additional_authenticated_data fields must be no larger
1840
+ # than 8KiB.
1841
+ # @param plaintext_crc32c [::Google::Protobuf::Int64Value, ::Hash]
1842
+ # Optional. An optional CRC32C checksum of the
1843
+ # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}.
1844
+ # If specified,
1845
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
1846
+ # verify the integrity of the received
1847
+ # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}
1848
+ # using this checksum.
1849
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
1850
+ # report an error if the checksum verification fails. If you receive a
1851
+ # checksum error, your client should verify that
1852
+ # CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext})
1853
+ # is equal to
1854
+ # {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c},
1855
+ # and if so, perform a limited number of retries. A persistent mismatch may
1856
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
1857
+ # field is defined as int64 for reasons of compatibility across different
1858
+ # languages. However, it is a non-negative integer, which will never exceed
1859
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
1860
+ # this type.
1861
+ # @param additional_authenticated_data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
1862
+ # Optional. An optional CRC32C checksum of the
1863
+ # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}.
1864
+ # If specified,
1865
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
1866
+ # verify the integrity of the received
1867
+ # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}
1868
+ # using this checksum.
1869
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
1870
+ # report an error if the checksum verification fails. If you receive a
1871
+ # checksum error, your client should verify that
1872
+ # CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data})
1873
+ # is equal to
1874
+ # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c},
1875
+ # and if so, perform a limited number of retries. A persistent mismatch may
1876
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
1877
+ # field is defined as int64 for reasons of compatibility across different
1878
+ # languages. However, it is a non-negative integer, which will never exceed
1879
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
1880
+ # this type.
1881
+ # @yield [result, operation] Access the result along with the TransportOperation object
1882
+ # @yieldparam result [::Google::Cloud::Kms::V1::EncryptResponse]
1883
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1884
+ #
1885
+ # @return [::Google::Cloud::Kms::V1::EncryptResponse]
1886
+ #
1887
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
1888
+ def encrypt request, options = nil
1889
+ raise ::ArgumentError, "request must be provided" if request.nil?
1890
+
1891
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::EncryptRequest
1892
+
1893
+ # Converts hash and nil to an options object
1894
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1895
+
1896
+ # Customize the options with defaults
1897
+ call_metadata = @config.rpcs.encrypt.metadata.to_h
1898
+
1899
+ # Set x-goog-api-client and x-goog-user-project headers
1900
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1901
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1902
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
1903
+ transports_version_send: [:rest]
1904
+
1905
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1906
+
1907
+ options.apply_defaults timeout: @config.rpcs.encrypt.timeout,
1908
+ metadata: call_metadata,
1909
+ retry_policy: @config.rpcs.encrypt.retry_policy
1910
+
1911
+ options.apply_defaults timeout: @config.timeout,
1912
+ metadata: @config.metadata,
1913
+ retry_policy: @config.retry_policy
1914
+
1915
+ @key_management_service_stub.encrypt request, options do |result, operation|
1916
+ yield result, operation if block_given?
1917
+ return result
1918
+ end
1919
+ rescue ::Gapic::Rest::Error => e
1920
+ raise ::Google::Cloud::Error.from_error(e)
1921
+ end
1922
+
1923
+ ##
1924
+ # Decrypts data that was protected by
1925
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#encrypt Encrypt}. The
1926
+ # {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} must be
1927
+ # {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ENCRYPT_DECRYPT ENCRYPT_DECRYPT}.
1928
+ #
1929
+ # @overload decrypt(request, options = nil)
1930
+ # Pass arguments to `decrypt` via a request object, either of type
1931
+ # {::Google::Cloud::Kms::V1::DecryptRequest} or an equivalent Hash.
1932
+ #
1933
+ # @param request [::Google::Cloud::Kms::V1::DecryptRequest, ::Hash]
1934
+ # A request object representing the call parameters. Required. To specify no
1935
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1936
+ # @param options [::Gapic::CallOptions, ::Hash]
1937
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
1938
+ #
1939
+ # @overload decrypt(name: nil, ciphertext: nil, additional_authenticated_data: nil, ciphertext_crc32c: nil, additional_authenticated_data_crc32c: nil)
1940
+ # Pass arguments to `decrypt` via keyword arguments. Note that at
1941
+ # least one keyword argument is required. To specify no parameters, or to keep all
1942
+ # the default parameter values, pass an empty Hash as a request object (see above).
1943
+ #
1944
+ # @param name [::String]
1945
+ # Required. The resource name of the
1946
+ # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to use for decryption. The
1947
+ # server will choose the appropriate version.
1948
+ # @param ciphertext [::String]
1949
+ # Required. The encrypted data originally returned in
1950
+ # {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext}.
1951
+ # @param additional_authenticated_data [::String]
1952
+ # Optional. Optional data that must match the data originally supplied in
1953
+ # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}.
1954
+ # @param ciphertext_crc32c [::Google::Protobuf::Int64Value, ::Hash]
1955
+ # Optional. An optional CRC32C checksum of the
1956
+ # {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}.
1957
+ # If specified,
1958
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
1959
+ # verify the integrity of the received
1960
+ # {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}
1961
+ # using this checksum.
1962
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
1963
+ # report an error if the checksum verification fails. If you receive a
1964
+ # checksum error, your client should verify that
1965
+ # CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext})
1966
+ # is equal to
1967
+ # {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext_crc32c DecryptRequest.ciphertext_crc32c},
1968
+ # and if so, perform a limited number of retries. A persistent mismatch may
1969
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
1970
+ # field is defined as int64 for reasons of compatibility across different
1971
+ # languages. However, it is a non-negative integer, which will never exceed
1972
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
1973
+ # this type.
1974
+ # @param additional_authenticated_data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
1975
+ # Optional. An optional CRC32C checksum of the
1976
+ # {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}.
1977
+ # If specified,
1978
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
1979
+ # verify the integrity of the received
1980
+ # {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}
1981
+ # using this checksum.
1982
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
1983
+ # report an error if the checksum verification fails. If you receive a
1984
+ # checksum error, your client should verify that
1985
+ # CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data})
1986
+ # is equal to
1987
+ # {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data_crc32c DecryptRequest.additional_authenticated_data_crc32c},
1988
+ # and if so, perform a limited number of retries. A persistent mismatch may
1989
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
1990
+ # field is defined as int64 for reasons of compatibility across different
1991
+ # languages. However, it is a non-negative integer, which will never exceed
1992
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
1993
+ # this type.
1994
+ # @yield [result, operation] Access the result along with the TransportOperation object
1995
+ # @yieldparam result [::Google::Cloud::Kms::V1::DecryptResponse]
1996
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
1997
+ #
1998
+ # @return [::Google::Cloud::Kms::V1::DecryptResponse]
1999
+ #
2000
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
2001
+ def decrypt request, options = nil
2002
+ raise ::ArgumentError, "request must be provided" if request.nil?
2003
+
2004
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::DecryptRequest
2005
+
2006
+ # Converts hash and nil to an options object
2007
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
2008
+
2009
+ # Customize the options with defaults
2010
+ call_metadata = @config.rpcs.decrypt.metadata.to_h
2011
+
2012
+ # Set x-goog-api-client and x-goog-user-project headers
2013
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
2014
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
2015
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
2016
+ transports_version_send: [:rest]
2017
+
2018
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
2019
+
2020
+ options.apply_defaults timeout: @config.rpcs.decrypt.timeout,
2021
+ metadata: call_metadata,
2022
+ retry_policy: @config.rpcs.decrypt.retry_policy
2023
+
2024
+ options.apply_defaults timeout: @config.timeout,
2025
+ metadata: @config.metadata,
2026
+ retry_policy: @config.retry_policy
2027
+
2028
+ @key_management_service_stub.decrypt request, options do |result, operation|
2029
+ yield result, operation if block_given?
2030
+ return result
2031
+ end
2032
+ rescue ::Gapic::Rest::Error => e
2033
+ raise ::Google::Cloud::Error.from_error(e)
2034
+ end
2035
+
2036
+ ##
2037
+ # Signs data using a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}
2038
+ # with {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose}
2039
+ # ASYMMETRIC_SIGN, producing a signature that can be verified with the public
2040
+ # key retrieved from
2041
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#get_public_key GetPublicKey}.
2042
+ #
2043
+ # @overload asymmetric_sign(request, options = nil)
2044
+ # Pass arguments to `asymmetric_sign` via a request object, either of type
2045
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest} or an equivalent Hash.
2046
+ #
2047
+ # @param request [::Google::Cloud::Kms::V1::AsymmetricSignRequest, ::Hash]
2048
+ # A request object representing the call parameters. Required. To specify no
2049
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
2050
+ # @param options [::Gapic::CallOptions, ::Hash]
2051
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
2052
+ #
2053
+ # @overload asymmetric_sign(name: nil, digest: nil, digest_crc32c: nil, data: nil, data_crc32c: nil)
2054
+ # Pass arguments to `asymmetric_sign` via keyword arguments. Note that at
2055
+ # least one keyword argument is required. To specify no parameters, or to keep all
2056
+ # the default parameter values, pass an empty Hash as a request object (see above).
2057
+ #
2058
+ # @param name [::String]
2059
+ # Required. The resource name of the
2060
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
2061
+ # signing.
2062
+ # @param digest [::Google::Cloud::Kms::V1::Digest, ::Hash]
2063
+ # Optional. The digest of the data to sign. The digest must be produced with
2064
+ # the same digest algorithm as specified by the key version's
2065
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion#algorithm algorithm}.
2066
+ #
2067
+ # This field may not be supplied if
2068
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}
2069
+ # is supplied.
2070
+ # @param digest_crc32c [::Google::Protobuf::Int64Value, ::Hash]
2071
+ # Optional. An optional CRC32C checksum of the
2072
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}.
2073
+ # If specified,
2074
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
2075
+ # verify the integrity of the received
2076
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}
2077
+ # using this checksum.
2078
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
2079
+ # report an error if the checksum verification fails. If you receive a
2080
+ # checksum error, your client should verify that
2081
+ # CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest})
2082
+ # is equal to
2083
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c},
2084
+ # and if so, perform a limited number of retries. A persistent mismatch may
2085
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
2086
+ # field is defined as int64 for reasons of compatibility across different
2087
+ # languages. However, it is a non-negative integer, which will never exceed
2088
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
2089
+ # this type.
2090
+ # @param data [::String]
2091
+ # Optional. The data to sign.
2092
+ # It can't be supplied if
2093
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}
2094
+ # is supplied.
2095
+ # @param data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
2096
+ # Optional. An optional CRC32C checksum of the
2097
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}.
2098
+ # If specified,
2099
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
2100
+ # verify the integrity of the received
2101
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data}
2102
+ # using this checksum.
2103
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
2104
+ # report an error if the checksum verification fails. If you receive a
2105
+ # checksum error, your client should verify that
2106
+ # CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#data AsymmetricSignRequest.data})
2107
+ # is equal to
2108
+ # {::Google::Cloud::Kms::V1::AsymmetricSignRequest#data_crc32c AsymmetricSignRequest.data_crc32c},
2109
+ # and if so, perform a limited number of retries. A persistent mismatch may
2110
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
2111
+ # field is defined as int64 for reasons of compatibility across different
2112
+ # languages. However, it is a non-negative integer, which will never exceed
2113
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
2114
+ # this type.
2115
+ # @yield [result, operation] Access the result along with the TransportOperation object
2116
+ # @yieldparam result [::Google::Cloud::Kms::V1::AsymmetricSignResponse]
2117
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
2118
+ #
2119
+ # @return [::Google::Cloud::Kms::V1::AsymmetricSignResponse]
2120
+ #
2121
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
2122
+ def asymmetric_sign request, options = nil
2123
+ raise ::ArgumentError, "request must be provided" if request.nil?
2124
+
2125
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::AsymmetricSignRequest
2126
+
2127
+ # Converts hash and nil to an options object
2128
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
2129
+
2130
+ # Customize the options with defaults
2131
+ call_metadata = @config.rpcs.asymmetric_sign.metadata.to_h
2132
+
2133
+ # Set x-goog-api-client and x-goog-user-project headers
2134
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
2135
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
2136
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
2137
+ transports_version_send: [:rest]
2138
+
2139
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
2140
+
2141
+ options.apply_defaults timeout: @config.rpcs.asymmetric_sign.timeout,
2142
+ metadata: call_metadata,
2143
+ retry_policy: @config.rpcs.asymmetric_sign.retry_policy
2144
+
2145
+ options.apply_defaults timeout: @config.timeout,
2146
+ metadata: @config.metadata,
2147
+ retry_policy: @config.retry_policy
2148
+
2149
+ @key_management_service_stub.asymmetric_sign request, options do |result, operation|
2150
+ yield result, operation if block_given?
2151
+ return result
2152
+ end
2153
+ rescue ::Gapic::Rest::Error => e
2154
+ raise ::Google::Cloud::Error.from_error(e)
2155
+ end
2156
+
2157
+ ##
2158
+ # Decrypts data that was encrypted with a public key retrieved from
2159
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client#get_public_key GetPublicKey}
2160
+ # corresponding to a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}
2161
+ # with {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose}
2162
+ # ASYMMETRIC_DECRYPT.
2163
+ #
2164
+ # @overload asymmetric_decrypt(request, options = nil)
2165
+ # Pass arguments to `asymmetric_decrypt` via a request object, either of type
2166
+ # {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest} or an equivalent Hash.
2167
+ #
2168
+ # @param request [::Google::Cloud::Kms::V1::AsymmetricDecryptRequest, ::Hash]
2169
+ # A request object representing the call parameters. Required. To specify no
2170
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
2171
+ # @param options [::Gapic::CallOptions, ::Hash]
2172
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
2173
+ #
2174
+ # @overload asymmetric_decrypt(name: nil, ciphertext: nil, ciphertext_crc32c: nil)
2175
+ # Pass arguments to `asymmetric_decrypt` via keyword arguments. Note that at
2176
+ # least one keyword argument is required. To specify no parameters, or to keep all
2177
+ # the default parameter values, pass an empty Hash as a request object (see above).
2178
+ #
2179
+ # @param name [::String]
2180
+ # Required. The resource name of the
2181
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
2182
+ # decryption.
2183
+ # @param ciphertext [::String]
2184
+ # Required. The data encrypted with the named
2185
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s public key using
2186
+ # OAEP.
2187
+ # @param ciphertext_crc32c [::Google::Protobuf::Int64Value, ::Hash]
2188
+ # Optional. An optional CRC32C checksum of the
2189
+ # {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}.
2190
+ # If specified,
2191
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
2192
+ # verify the integrity of the received
2193
+ # {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}
2194
+ # using this checksum.
2195
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
2196
+ # report an error if the checksum verification fails. If you receive a
2197
+ # checksum error, your client should verify that
2198
+ # CRC32C({::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext})
2199
+ # is equal to
2200
+ # {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c},
2201
+ # and if so, perform a limited number of retries. A persistent mismatch may
2202
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
2203
+ # field is defined as int64 for reasons of compatibility across different
2204
+ # languages. However, it is a non-negative integer, which will never exceed
2205
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
2206
+ # this type.
2207
+ # @yield [result, operation] Access the result along with the TransportOperation object
2208
+ # @yieldparam result [::Google::Cloud::Kms::V1::AsymmetricDecryptResponse]
2209
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
2210
+ #
2211
+ # @return [::Google::Cloud::Kms::V1::AsymmetricDecryptResponse]
2212
+ #
2213
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
2214
+ def asymmetric_decrypt request, options = nil
2215
+ raise ::ArgumentError, "request must be provided" if request.nil?
2216
+
2217
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::AsymmetricDecryptRequest
2218
+
2219
+ # Converts hash and nil to an options object
2220
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
2221
+
2222
+ # Customize the options with defaults
2223
+ call_metadata = @config.rpcs.asymmetric_decrypt.metadata.to_h
2224
+
2225
+ # Set x-goog-api-client and x-goog-user-project headers
2226
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
2227
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
2228
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
2229
+ transports_version_send: [:rest]
2230
+
2231
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
2232
+
2233
+ options.apply_defaults timeout: @config.rpcs.asymmetric_decrypt.timeout,
2234
+ metadata: call_metadata,
2235
+ retry_policy: @config.rpcs.asymmetric_decrypt.retry_policy
2236
+
2237
+ options.apply_defaults timeout: @config.timeout,
2238
+ metadata: @config.metadata,
2239
+ retry_policy: @config.retry_policy
2240
+
2241
+ @key_management_service_stub.asymmetric_decrypt request, options do |result, operation|
2242
+ yield result, operation if block_given?
2243
+ return result
2244
+ end
2245
+ rescue ::Gapic::Rest::Error => e
2246
+ raise ::Google::Cloud::Error.from_error(e)
2247
+ end
2248
+
2249
+ ##
2250
+ # Signs data using a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}
2251
+ # with {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} MAC,
2252
+ # producing a tag that can be verified by another source with the same key.
2253
+ #
2254
+ # @overload mac_sign(request, options = nil)
2255
+ # Pass arguments to `mac_sign` via a request object, either of type
2256
+ # {::Google::Cloud::Kms::V1::MacSignRequest} or an equivalent Hash.
2257
+ #
2258
+ # @param request [::Google::Cloud::Kms::V1::MacSignRequest, ::Hash]
2259
+ # A request object representing the call parameters. Required. To specify no
2260
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
2261
+ # @param options [::Gapic::CallOptions, ::Hash]
2262
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
2263
+ #
2264
+ # @overload mac_sign(name: nil, data: nil, data_crc32c: nil)
2265
+ # Pass arguments to `mac_sign` via keyword arguments. Note that at
2266
+ # least one keyword argument is required. To specify no parameters, or to keep all
2267
+ # the default parameter values, pass an empty Hash as a request object (see above).
2268
+ #
2269
+ # @param name [::String]
2270
+ # Required. The resource name of the
2271
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
2272
+ # signing.
2273
+ # @param data [::String]
2274
+ # Required. The data to sign. The MAC tag is computed over this data field
2275
+ # based on the specific algorithm.
2276
+ # @param data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
2277
+ # Optional. An optional CRC32C checksum of the
2278
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}. If
2279
+ # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService}
2280
+ # will verify the integrity of the received
2281
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} using this
2282
+ # checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService}
2283
+ # will report an error if the checksum verification fails. If you receive a
2284
+ # checksum error, your client should verify that
2285
+ # CRC32C({::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}) is
2286
+ # equal to
2287
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c},
2288
+ # and if so, perform a limited number of retries. A persistent mismatch may
2289
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
2290
+ # field is defined as int64 for reasons of compatibility across different
2291
+ # languages. However, it is a non-negative integer, which will never exceed
2292
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
2293
+ # this type.
2294
+ # @yield [result, operation] Access the result along with the TransportOperation object
2295
+ # @yieldparam result [::Google::Cloud::Kms::V1::MacSignResponse]
2296
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
2297
+ #
2298
+ # @return [::Google::Cloud::Kms::V1::MacSignResponse]
2299
+ #
2300
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
2301
+ def mac_sign request, options = nil
2302
+ raise ::ArgumentError, "request must be provided" if request.nil?
2303
+
2304
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::MacSignRequest
2305
+
2306
+ # Converts hash and nil to an options object
2307
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
2308
+
2309
+ # Customize the options with defaults
2310
+ call_metadata = @config.rpcs.mac_sign.metadata.to_h
2311
+
2312
+ # Set x-goog-api-client and x-goog-user-project headers
2313
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
2314
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
2315
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
2316
+ transports_version_send: [:rest]
2317
+
2318
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
2319
+
2320
+ options.apply_defaults timeout: @config.rpcs.mac_sign.timeout,
2321
+ metadata: call_metadata,
2322
+ retry_policy: @config.rpcs.mac_sign.retry_policy
2323
+
2324
+ options.apply_defaults timeout: @config.timeout,
2325
+ metadata: @config.metadata,
2326
+ retry_policy: @config.retry_policy
2327
+
2328
+ @key_management_service_stub.mac_sign request, options do |result, operation|
2329
+ yield result, operation if block_given?
2330
+ return result
2331
+ end
2332
+ rescue ::Gapic::Rest::Error => e
2333
+ raise ::Google::Cloud::Error.from_error(e)
2334
+ end
2335
+
2336
+ ##
2337
+ # Verifies MAC tag using a
2338
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with
2339
+ # {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} MAC, and returns
2340
+ # a response that indicates whether or not the verification was successful.
2341
+ #
2342
+ # @overload mac_verify(request, options = nil)
2343
+ # Pass arguments to `mac_verify` via a request object, either of type
2344
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest} or an equivalent Hash.
2345
+ #
2346
+ # @param request [::Google::Cloud::Kms::V1::MacVerifyRequest, ::Hash]
2347
+ # A request object representing the call parameters. Required. To specify no
2348
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
2349
+ # @param options [::Gapic::CallOptions, ::Hash]
2350
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
2351
+ #
2352
+ # @overload mac_verify(name: nil, data: nil, data_crc32c: nil, mac: nil, mac_crc32c: nil)
2353
+ # Pass arguments to `mac_verify` via keyword arguments. Note that at
2354
+ # least one keyword argument is required. To specify no parameters, or to keep all
2355
+ # the default parameter values, pass an empty Hash as a request object (see above).
2356
+ #
2357
+ # @param name [::String]
2358
+ # Required. The resource name of the
2359
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
2360
+ # verification.
2361
+ # @param data [::String]
2362
+ # Required. The data used previously as a
2363
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} to generate
2364
+ # the MAC tag.
2365
+ # @param data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
2366
+ # Optional. An optional CRC32C checksum of the
2367
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}. If
2368
+ # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService}
2369
+ # will verify the integrity of the received
2370
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} using
2371
+ # this checksum.
2372
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService} will
2373
+ # report an error if the checksum verification fails. If you receive a
2374
+ # checksum error, your client should verify that
2375
+ # CRC32C({::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data})
2376
+ # is equal to
2377
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c},
2378
+ # and if so, perform a limited number of retries. A persistent mismatch may
2379
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
2380
+ # field is defined as int64 for reasons of compatibility across different
2381
+ # languages. However, it is a non-negative integer, which will never exceed
2382
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
2383
+ # this type.
2384
+ # @param mac [::String]
2385
+ # Required. The signature to verify.
2386
+ # @param mac_crc32c [::Google::Protobuf::Int64Value, ::Hash]
2387
+ # Optional. An optional CRC32C checksum of the
2388
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac}. If
2389
+ # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService}
2390
+ # will verify the integrity of the received
2391
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} using this
2392
+ # checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client KeyManagementService}
2393
+ # will report an error if the checksum verification fails. If you receive a
2394
+ # checksum error, your client should verify that
2395
+ # CRC32C([MacVerifyRequest.tag][]) is equal to
2396
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c},
2397
+ # and if so, perform a limited number of retries. A persistent mismatch may
2398
+ # indicate an issue in your computation of the CRC32C checksum. Note: This
2399
+ # field is defined as int64 for reasons of compatibility across different
2400
+ # languages. However, it is a non-negative integer, which will never exceed
2401
+ # 2^32-1, and can be safely downconverted to uint32 in languages that support
2402
+ # this type.
2403
+ # @yield [result, operation] Access the result along with the TransportOperation object
2404
+ # @yieldparam result [::Google::Cloud::Kms::V1::MacVerifyResponse]
2405
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
2406
+ #
2407
+ # @return [::Google::Cloud::Kms::V1::MacVerifyResponse]
2408
+ #
2409
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
2410
+ def mac_verify request, options = nil
2411
+ raise ::ArgumentError, "request must be provided" if request.nil?
2412
+
2413
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::MacVerifyRequest
2414
+
2415
+ # Converts hash and nil to an options object
2416
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
2417
+
2418
+ # Customize the options with defaults
2419
+ call_metadata = @config.rpcs.mac_verify.metadata.to_h
2420
+
2421
+ # Set x-goog-api-client and x-goog-user-project headers
2422
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
2423
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
2424
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
2425
+ transports_version_send: [:rest]
2426
+
2427
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
2428
+
2429
+ options.apply_defaults timeout: @config.rpcs.mac_verify.timeout,
2430
+ metadata: call_metadata,
2431
+ retry_policy: @config.rpcs.mac_verify.retry_policy
2432
+
2433
+ options.apply_defaults timeout: @config.timeout,
2434
+ metadata: @config.metadata,
2435
+ retry_policy: @config.retry_policy
2436
+
2437
+ @key_management_service_stub.mac_verify request, options do |result, operation|
2438
+ yield result, operation if block_given?
2439
+ return result
2440
+ end
2441
+ rescue ::Gapic::Rest::Error => e
2442
+ raise ::Google::Cloud::Error.from_error(e)
2443
+ end
2444
+
2445
+ ##
2446
+ # Generate random bytes using the Cloud KMS randomness source in the provided
2447
+ # location.
2448
+ #
2449
+ # @overload generate_random_bytes(request, options = nil)
2450
+ # Pass arguments to `generate_random_bytes` via a request object, either of type
2451
+ # {::Google::Cloud::Kms::V1::GenerateRandomBytesRequest} or an equivalent Hash.
2452
+ #
2453
+ # @param request [::Google::Cloud::Kms::V1::GenerateRandomBytesRequest, ::Hash]
2454
+ # A request object representing the call parameters. Required. To specify no
2455
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
2456
+ # @param options [::Gapic::CallOptions, ::Hash]
2457
+ # Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
2458
+ #
2459
+ # @overload generate_random_bytes(location: nil, length_bytes: nil, protection_level: nil)
2460
+ # Pass arguments to `generate_random_bytes` via keyword arguments. Note that at
2461
+ # least one keyword argument is required. To specify no parameters, or to keep all
2462
+ # the default parameter values, pass an empty Hash as a request object (see above).
2463
+ #
2464
+ # @param location [::String]
2465
+ # The project-specific location in which to generate random bytes.
2466
+ # For example, "projects/my-project/locations/us-central1".
2467
+ # @param length_bytes [::Integer]
2468
+ # The length in bytes of the amount of randomness to retrieve. Minimum 8
2469
+ # bytes, maximum 1024 bytes.
2470
+ # @param protection_level [::Google::Cloud::Kms::V1::ProtectionLevel]
2471
+ # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} to use when
2472
+ # generating the random data. Currently, only
2473
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} protection level is
2474
+ # supported.
2475
+ # @yield [result, operation] Access the result along with the TransportOperation object
2476
+ # @yieldparam result [::Google::Cloud::Kms::V1::GenerateRandomBytesResponse]
2477
+ # @yieldparam operation [::Gapic::Rest::TransportOperation]
2478
+ #
2479
+ # @return [::Google::Cloud::Kms::V1::GenerateRandomBytesResponse]
2480
+ #
2481
+ # @raise [::Google::Cloud::Error] if the REST call is aborted.
2482
+ def generate_random_bytes request, options = nil
2483
+ raise ::ArgumentError, "request must be provided" if request.nil?
2484
+
2485
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GenerateRandomBytesRequest
2486
+
2487
+ # Converts hash and nil to an options object
2488
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
2489
+
2490
+ # Customize the options with defaults
2491
+ call_metadata = @config.rpcs.generate_random_bytes.metadata.to_h
2492
+
2493
+ # Set x-goog-api-client and x-goog-user-project headers
2494
+ call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
2495
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
2496
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION,
2497
+ transports_version_send: [:rest]
2498
+
2499
+ call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
2500
+
2501
+ options.apply_defaults timeout: @config.rpcs.generate_random_bytes.timeout,
2502
+ metadata: call_metadata,
2503
+ retry_policy: @config.rpcs.generate_random_bytes.retry_policy
2504
+
2505
+ options.apply_defaults timeout: @config.timeout,
2506
+ metadata: @config.metadata,
2507
+ retry_policy: @config.retry_policy
2508
+
2509
+ @key_management_service_stub.generate_random_bytes request, options do |result, operation|
2510
+ yield result, operation if block_given?
2511
+ return result
2512
+ end
2513
+ rescue ::Gapic::Rest::Error => e
2514
+ raise ::Google::Cloud::Error.from_error(e)
2515
+ end
2516
+
2517
+ ##
2518
+ # Configuration class for the KeyManagementService REST API.
2519
+ #
2520
+ # This class represents the configuration for KeyManagementService REST,
2521
+ # providing control over timeouts, retry behavior, logging, transport
2522
+ # parameters, and other low-level controls. Certain parameters can also be
2523
+ # applied individually to specific RPCs. See
2524
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client::Configuration::Rpcs}
2525
+ # for a list of RPCs that can be configured independently.
2526
+ #
2527
+ # Configuration can be applied globally to all clients, or to a single client
2528
+ # on construction.
2529
+ #
2530
+ # @example
2531
+ #
2532
+ # # Modify the global config, setting the timeout for
2533
+ # # list_key_rings to 20 seconds,
2534
+ # # and all remaining timeouts to 10 seconds.
2535
+ # ::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client.configure do |config|
2536
+ # config.timeout = 10.0
2537
+ # config.rpcs.list_key_rings.timeout = 20.0
2538
+ # end
2539
+ #
2540
+ # # Apply the above configuration only to a new client.
2541
+ # client = ::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client.new do |config|
2542
+ # config.timeout = 10.0
2543
+ # config.rpcs.list_key_rings.timeout = 20.0
2544
+ # end
2545
+ #
2546
+ # @!attribute [rw] endpoint
2547
+ # The hostname or hostname:port of the service endpoint.
2548
+ # Defaults to `"cloudkms.googleapis.com"`.
2549
+ # @return [::String]
2550
+ # @!attribute [rw] credentials
2551
+ # Credentials to send with calls. You may provide any of the following types:
2552
+ # * (`String`) The path to a service account key file in JSON format
2553
+ # * (`Hash`) A service account key as a Hash
2554
+ # * (`Google::Auth::Credentials`) A googleauth credentials object
2555
+ # (see the [googleauth docs](https://googleapis.dev/ruby/googleauth/latest/index.html))
2556
+ # * (`Signet::OAuth2::Client`) A signet oauth2 client object
2557
+ # (see the [signet docs](https://googleapis.dev/ruby/signet/latest/Signet/OAuth2/Client.html))
2558
+ # * (`nil`) indicating no credentials
2559
+ # @return [::Object]
2560
+ # @!attribute [rw] scope
2561
+ # The OAuth scopes
2562
+ # @return [::Array<::String>]
2563
+ # @!attribute [rw] lib_name
2564
+ # The library name as recorded in instrumentation and logging
2565
+ # @return [::String]
2566
+ # @!attribute [rw] lib_version
2567
+ # The library version as recorded in instrumentation and logging
2568
+ # @return [::String]
2569
+ # @!attribute [rw] timeout
2570
+ # The call timeout in seconds.
2571
+ # @return [::Numeric]
2572
+ # @!attribute [rw] metadata
2573
+ # Additional headers to be sent with the call.
2574
+ # @return [::Hash{::Symbol=>::String}]
2575
+ # @!attribute [rw] retry_policy
2576
+ # The retry policy. The value is a hash with the following keys:
2577
+ # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
2578
+ # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
2579
+ # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
2580
+ # * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
2581
+ # trigger a retry.
2582
+ # @return [::Hash]
2583
+ # @!attribute [rw] quota_project
2584
+ # A separate project against which to charge quota.
2585
+ # @return [::String]
2586
+ #
2587
+ class Configuration
2588
+ extend ::Gapic::Config
2589
+
2590
+ config_attr :endpoint, "cloudkms.googleapis.com", ::String
2591
+ config_attr :credentials, nil do |value|
2592
+ allowed = [::String, ::Hash, ::Proc, ::Symbol, ::Google::Auth::Credentials, ::Signet::OAuth2::Client, nil]
2593
+ allowed.any? { |klass| klass === value }
2594
+ end
2595
+ config_attr :scope, nil, ::String, ::Array, nil
2596
+ config_attr :lib_name, nil, ::String, nil
2597
+ config_attr :lib_version, nil, ::String, nil
2598
+ config_attr :timeout, nil, ::Numeric, nil
2599
+ config_attr :metadata, nil, ::Hash, nil
2600
+ config_attr :retry_policy, nil, ::Hash, ::Proc, nil
2601
+ config_attr :quota_project, nil, ::String, nil
2602
+
2603
+ # @private
2604
+ # Overrides for http bindings for the RPCs of this service
2605
+ # are only used when this service is used as mixin, and only
2606
+ # by the host service.
2607
+ # @return [::Hash{::Symbol=>::Array<::Gapic::Rest::GrpcTranscoder::HttpBinding>}]
2608
+ config_attr :bindings_override, {}, ::Hash, nil
2609
+
2610
+ # @private
2611
+ def initialize parent_config = nil
2612
+ @parent_config = parent_config unless parent_config.nil?
2613
+
2614
+ yield self if block_given?
2615
+ end
2616
+
2617
+ ##
2618
+ # Configurations for individual RPCs
2619
+ # @return [Rpcs]
2620
+ #
2621
+ def rpcs
2622
+ @rpcs ||= begin
2623
+ parent_rpcs = nil
2624
+ parent_rpcs = @parent_config.rpcs if defined?(@parent_config) && @parent_config.respond_to?(:rpcs)
2625
+ Rpcs.new parent_rpcs
2626
+ end
2627
+ end
2628
+
2629
+ ##
2630
+ # Configuration RPC class for the KeyManagementService API.
2631
+ #
2632
+ # Includes fields providing the configuration for each RPC in this service.
2633
+ # Each configuration object is of type `Gapic::Config::Method` and includes
2634
+ # the following configuration fields:
2635
+ #
2636
+ # * `timeout` (*type:* `Numeric`) - The call timeout in seconds
2637
+ # * `metadata` (*type:* `Hash{Symbol=>String}`) - Additional headers
2638
+ # * `retry_policy (*type:* `Hash`) - The retry policy. The policy fields
2639
+ # include the following keys:
2640
+ # * `:initial_delay` (*type:* `Numeric`) - The initial delay in seconds.
2641
+ # * `:max_delay` (*type:* `Numeric`) - The max delay in seconds.
2642
+ # * `:multiplier` (*type:* `Numeric`) - The incremental backoff multiplier.
2643
+ # * `:retry_codes` (*type:* `Array<String>`) - The error codes that should
2644
+ # trigger a retry.
2645
+ #
2646
+ class Rpcs
2647
+ ##
2648
+ # RPC-specific configuration for `list_key_rings`
2649
+ # @return [::Gapic::Config::Method]
2650
+ #
2651
+ attr_reader :list_key_rings
2652
+ ##
2653
+ # RPC-specific configuration for `list_crypto_keys`
2654
+ # @return [::Gapic::Config::Method]
2655
+ #
2656
+ attr_reader :list_crypto_keys
2657
+ ##
2658
+ # RPC-specific configuration for `list_crypto_key_versions`
2659
+ # @return [::Gapic::Config::Method]
2660
+ #
2661
+ attr_reader :list_crypto_key_versions
2662
+ ##
2663
+ # RPC-specific configuration for `list_import_jobs`
2664
+ # @return [::Gapic::Config::Method]
2665
+ #
2666
+ attr_reader :list_import_jobs
2667
+ ##
2668
+ # RPC-specific configuration for `get_key_ring`
2669
+ # @return [::Gapic::Config::Method]
2670
+ #
2671
+ attr_reader :get_key_ring
2672
+ ##
2673
+ # RPC-specific configuration for `get_crypto_key`
2674
+ # @return [::Gapic::Config::Method]
2675
+ #
2676
+ attr_reader :get_crypto_key
2677
+ ##
2678
+ # RPC-specific configuration for `get_crypto_key_version`
2679
+ # @return [::Gapic::Config::Method]
2680
+ #
2681
+ attr_reader :get_crypto_key_version
2682
+ ##
2683
+ # RPC-specific configuration for `get_public_key`
2684
+ # @return [::Gapic::Config::Method]
2685
+ #
2686
+ attr_reader :get_public_key
2687
+ ##
2688
+ # RPC-specific configuration for `get_import_job`
2689
+ # @return [::Gapic::Config::Method]
2690
+ #
2691
+ attr_reader :get_import_job
2692
+ ##
2693
+ # RPC-specific configuration for `create_key_ring`
2694
+ # @return [::Gapic::Config::Method]
2695
+ #
2696
+ attr_reader :create_key_ring
2697
+ ##
2698
+ # RPC-specific configuration for `create_crypto_key`
2699
+ # @return [::Gapic::Config::Method]
2700
+ #
2701
+ attr_reader :create_crypto_key
2702
+ ##
2703
+ # RPC-specific configuration for `create_crypto_key_version`
2704
+ # @return [::Gapic::Config::Method]
2705
+ #
2706
+ attr_reader :create_crypto_key_version
2707
+ ##
2708
+ # RPC-specific configuration for `import_crypto_key_version`
2709
+ # @return [::Gapic::Config::Method]
2710
+ #
2711
+ attr_reader :import_crypto_key_version
2712
+ ##
2713
+ # RPC-specific configuration for `create_import_job`
2714
+ # @return [::Gapic::Config::Method]
2715
+ #
2716
+ attr_reader :create_import_job
2717
+ ##
2718
+ # RPC-specific configuration for `update_crypto_key`
2719
+ # @return [::Gapic::Config::Method]
2720
+ #
2721
+ attr_reader :update_crypto_key
2722
+ ##
2723
+ # RPC-specific configuration for `update_crypto_key_version`
2724
+ # @return [::Gapic::Config::Method]
2725
+ #
2726
+ attr_reader :update_crypto_key_version
2727
+ ##
2728
+ # RPC-specific configuration for `update_crypto_key_primary_version`
2729
+ # @return [::Gapic::Config::Method]
2730
+ #
2731
+ attr_reader :update_crypto_key_primary_version
2732
+ ##
2733
+ # RPC-specific configuration for `destroy_crypto_key_version`
2734
+ # @return [::Gapic::Config::Method]
2735
+ #
2736
+ attr_reader :destroy_crypto_key_version
2737
+ ##
2738
+ # RPC-specific configuration for `restore_crypto_key_version`
2739
+ # @return [::Gapic::Config::Method]
2740
+ #
2741
+ attr_reader :restore_crypto_key_version
2742
+ ##
2743
+ # RPC-specific configuration for `encrypt`
2744
+ # @return [::Gapic::Config::Method]
2745
+ #
2746
+ attr_reader :encrypt
2747
+ ##
2748
+ # RPC-specific configuration for `decrypt`
2749
+ # @return [::Gapic::Config::Method]
2750
+ #
2751
+ attr_reader :decrypt
2752
+ ##
2753
+ # RPC-specific configuration for `asymmetric_sign`
2754
+ # @return [::Gapic::Config::Method]
2755
+ #
2756
+ attr_reader :asymmetric_sign
2757
+ ##
2758
+ # RPC-specific configuration for `asymmetric_decrypt`
2759
+ # @return [::Gapic::Config::Method]
2760
+ #
2761
+ attr_reader :asymmetric_decrypt
2762
+ ##
2763
+ # RPC-specific configuration for `mac_sign`
2764
+ # @return [::Gapic::Config::Method]
2765
+ #
2766
+ attr_reader :mac_sign
2767
+ ##
2768
+ # RPC-specific configuration for `mac_verify`
2769
+ # @return [::Gapic::Config::Method]
2770
+ #
2771
+ attr_reader :mac_verify
2772
+ ##
2773
+ # RPC-specific configuration for `generate_random_bytes`
2774
+ # @return [::Gapic::Config::Method]
2775
+ #
2776
+ attr_reader :generate_random_bytes
2777
+
2778
+ # @private
2779
+ def initialize parent_rpcs = nil
2780
+ list_key_rings_config = parent_rpcs.list_key_rings if parent_rpcs.respond_to? :list_key_rings
2781
+ @list_key_rings = ::Gapic::Config::Method.new list_key_rings_config
2782
+ list_crypto_keys_config = parent_rpcs.list_crypto_keys if parent_rpcs.respond_to? :list_crypto_keys
2783
+ @list_crypto_keys = ::Gapic::Config::Method.new list_crypto_keys_config
2784
+ list_crypto_key_versions_config = parent_rpcs.list_crypto_key_versions if parent_rpcs.respond_to? :list_crypto_key_versions
2785
+ @list_crypto_key_versions = ::Gapic::Config::Method.new list_crypto_key_versions_config
2786
+ list_import_jobs_config = parent_rpcs.list_import_jobs if parent_rpcs.respond_to? :list_import_jobs
2787
+ @list_import_jobs = ::Gapic::Config::Method.new list_import_jobs_config
2788
+ get_key_ring_config = parent_rpcs.get_key_ring if parent_rpcs.respond_to? :get_key_ring
2789
+ @get_key_ring = ::Gapic::Config::Method.new get_key_ring_config
2790
+ get_crypto_key_config = parent_rpcs.get_crypto_key if parent_rpcs.respond_to? :get_crypto_key
2791
+ @get_crypto_key = ::Gapic::Config::Method.new get_crypto_key_config
2792
+ get_crypto_key_version_config = parent_rpcs.get_crypto_key_version if parent_rpcs.respond_to? :get_crypto_key_version
2793
+ @get_crypto_key_version = ::Gapic::Config::Method.new get_crypto_key_version_config
2794
+ get_public_key_config = parent_rpcs.get_public_key if parent_rpcs.respond_to? :get_public_key
2795
+ @get_public_key = ::Gapic::Config::Method.new get_public_key_config
2796
+ get_import_job_config = parent_rpcs.get_import_job if parent_rpcs.respond_to? :get_import_job
2797
+ @get_import_job = ::Gapic::Config::Method.new get_import_job_config
2798
+ create_key_ring_config = parent_rpcs.create_key_ring if parent_rpcs.respond_to? :create_key_ring
2799
+ @create_key_ring = ::Gapic::Config::Method.new create_key_ring_config
2800
+ create_crypto_key_config = parent_rpcs.create_crypto_key if parent_rpcs.respond_to? :create_crypto_key
2801
+ @create_crypto_key = ::Gapic::Config::Method.new create_crypto_key_config
2802
+ create_crypto_key_version_config = parent_rpcs.create_crypto_key_version if parent_rpcs.respond_to? :create_crypto_key_version
2803
+ @create_crypto_key_version = ::Gapic::Config::Method.new create_crypto_key_version_config
2804
+ import_crypto_key_version_config = parent_rpcs.import_crypto_key_version if parent_rpcs.respond_to? :import_crypto_key_version
2805
+ @import_crypto_key_version = ::Gapic::Config::Method.new import_crypto_key_version_config
2806
+ create_import_job_config = parent_rpcs.create_import_job if parent_rpcs.respond_to? :create_import_job
2807
+ @create_import_job = ::Gapic::Config::Method.new create_import_job_config
2808
+ update_crypto_key_config = parent_rpcs.update_crypto_key if parent_rpcs.respond_to? :update_crypto_key
2809
+ @update_crypto_key = ::Gapic::Config::Method.new update_crypto_key_config
2810
+ update_crypto_key_version_config = parent_rpcs.update_crypto_key_version if parent_rpcs.respond_to? :update_crypto_key_version
2811
+ @update_crypto_key_version = ::Gapic::Config::Method.new update_crypto_key_version_config
2812
+ update_crypto_key_primary_version_config = parent_rpcs.update_crypto_key_primary_version if parent_rpcs.respond_to? :update_crypto_key_primary_version
2813
+ @update_crypto_key_primary_version = ::Gapic::Config::Method.new update_crypto_key_primary_version_config
2814
+ destroy_crypto_key_version_config = parent_rpcs.destroy_crypto_key_version if parent_rpcs.respond_to? :destroy_crypto_key_version
2815
+ @destroy_crypto_key_version = ::Gapic::Config::Method.new destroy_crypto_key_version_config
2816
+ restore_crypto_key_version_config = parent_rpcs.restore_crypto_key_version if parent_rpcs.respond_to? :restore_crypto_key_version
2817
+ @restore_crypto_key_version = ::Gapic::Config::Method.new restore_crypto_key_version_config
2818
+ encrypt_config = parent_rpcs.encrypt if parent_rpcs.respond_to? :encrypt
2819
+ @encrypt = ::Gapic::Config::Method.new encrypt_config
2820
+ decrypt_config = parent_rpcs.decrypt if parent_rpcs.respond_to? :decrypt
2821
+ @decrypt = ::Gapic::Config::Method.new decrypt_config
2822
+ asymmetric_sign_config = parent_rpcs.asymmetric_sign if parent_rpcs.respond_to? :asymmetric_sign
2823
+ @asymmetric_sign = ::Gapic::Config::Method.new asymmetric_sign_config
2824
+ asymmetric_decrypt_config = parent_rpcs.asymmetric_decrypt if parent_rpcs.respond_to? :asymmetric_decrypt
2825
+ @asymmetric_decrypt = ::Gapic::Config::Method.new asymmetric_decrypt_config
2826
+ mac_sign_config = parent_rpcs.mac_sign if parent_rpcs.respond_to? :mac_sign
2827
+ @mac_sign = ::Gapic::Config::Method.new mac_sign_config
2828
+ mac_verify_config = parent_rpcs.mac_verify if parent_rpcs.respond_to? :mac_verify
2829
+ @mac_verify = ::Gapic::Config::Method.new mac_verify_config
2830
+ generate_random_bytes_config = parent_rpcs.generate_random_bytes if parent_rpcs.respond_to? :generate_random_bytes
2831
+ @generate_random_bytes = ::Gapic::Config::Method.new generate_random_bytes_config
2832
+
2833
+ yield self if block_given?
2834
+ end
2835
+ end
2836
+ end
2837
+ end
2838
+ end
2839
+ end
2840
+ end
2841
+ end
2842
+ end
2843
+ end