google-cloud-kms-v1 0.16.0 → 0.18.0

data/lib/google/cloud/kms/v1/key_management_service/rest.rb

@@ -0,0 +1,64 @@
+# frozen_string_literal: true
+
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+require "gapic/rest"
+require "gapic/config"
+require "gapic/config/method"
+
+require "google/cloud/kms/v1/version"
+require "google/cloud/kms/v1/bindings_override"
+
+require "google/cloud/kms/v1/key_management_service/credentials"
+require "google/cloud/kms/v1/key_management_service/paths"
+require "google/cloud/kms/v1/key_management_service/rest/client"
+
+module Google
+  module Cloud
+    module Kms
+      module V1
+        ##
+        # Google Cloud Key Management Service
+        #
+        # Manages cryptographic keys and operations using those keys. Implements a REST
+        # model with the following objects:
+        #
+        # * {::Google::Cloud::Kms::V1::KeyRing KeyRing}
+        # * {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}
+        # * {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}
+        # * {::Google::Cloud::Kms::V1::ImportJob ImportJob}
+        #
+        # If you are using manual gRPC libraries, see
+        # [Using gRPC with Cloud KMS](https://cloud.google.com/kms/docs/grpc).
+        #
+        # To load this service and instantiate a REST client:
+        #
+        #     require "google/cloud/kms/v1/key_management_service/rest"
+        #     client = ::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client.new
+        #
+        module KeyManagementService
+          # Client for the REST transport
+          module Rest
+          end
+        end
+      end
+    end
+  end
+end
+
+helper_path = ::File.join __dir__, "rest", "helpers.rb"
+require "google/cloud/kms/v1/key_management_service/rest/helpers" if ::File.file? helper_path

data/lib/google/cloud/kms/v1/key_management_service.rb

@@ -25,6 +25,7 @@ require "google/cloud/kms/v1/version"
 require "google/cloud/kms/v1/key_management_service/credentials"
 require "google/cloud/kms/v1/key_management_service/paths"
 require "google/cloud/kms/v1/key_management_service/client"
+require "google/cloud/kms/v1/key_management_service/rest"
 
 module Google
   module Cloud
@@ -44,11 +45,16 @@ module Google
         # If you are using manual gRPC libraries, see
         # [Using gRPC with Cloud KMS](https://cloud.google.com/kms/docs/grpc).
         #
-        # To load this service and instantiate a client:
+        # @example Load this service and instantiate a gRPC client
         #
         #     require "google/cloud/kms/v1/key_management_service"
         #     client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new
         #
+        # @example Load this service and instantiate a REST client
+        #
+        #     require "google/cloud/kms/v1/key_management_service/rest"
+        #     client = ::Google::Cloud::Kms::V1::KeyManagementService::Rest::Client.new
+        #
         module KeyManagementService
         end
       end

data/lib/google/cloud/kms/v1/resources_pb.rb

@@ -69,6 +69,8 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :import_job, :string, 14
       optional :import_time, :message, 15, "google.protobuf.Timestamp"
       optional :import_failure_reason, :string, 16
+      optional :generation_failure_reason, :string, 19
+      optional :external_destruction_failure_reason, :string, 20
       optional :external_protection_level_options, :message, 17, "google.cloud.kms.v1.ExternalProtectionLevelOptions"
       optional :reimport_eligible, :bool, 18
     end
@@ -112,6 +114,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       value :DESTROY_SCHEDULED, 4
       value :PENDING_IMPORT, 6
       value :IMPORT_FAILED, 7
+      value :GENERATION_FAILED, 8
+      value :PENDING_EXTERNAL_DESTRUCTION, 9
+      value :EXTERNAL_DESTRUCTION_FAILED, 10
     end
     add_enum "google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionView" do
       value :CRYPTO_KEY_VERSION_VIEW_UNSPECIFIED, 0

data/lib/google/cloud/kms/v1/rest.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+require "google/cloud/kms/v1/ekm_service/rest"
+require "google/cloud/kms/v1/key_management_service/rest"
+require "google/cloud/kms/v1/bindings_override"
+require "google/cloud/kms/v1/version"
+
+module Google
+  module Cloud
+    module Kms
+      ##
+      # To load just the REST part of this package, including all its services, and instantiate a REST client:
+      #
+      # @example
+      #
+      #     require "google/cloud/kms/v1/rest"
+      #     client = ::Google::Cloud::Kms::V1::EkmService::Rest::Client.new
+      #
+      module V1
+      end
+    end
+  end
+end

data/lib/google/cloud/kms/v1/version.rb

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module Kms
       module V1
-        VERSION = "0.16.0"
+        VERSION = "0.18.0"
       end
     end
   end

data/lib/google/cloud/kms/v1.rb

@@ -24,13 +24,18 @@ module Google
   module Cloud
     module Kms
       ##
-      # To load this package, including all its services, and instantiate a client:
+      # API client module.
       #
-      # @example
+      # @example Load this package, including all its services, and instantiate a gRPC client
       #
       #     require "google/cloud/kms/v1"
       #     client = ::Google::Cloud::Kms::V1::EkmService::Client.new
       #
+      # @example Load this package, including all its services, and instantiate a REST client
+      #
+      #     require "google/cloud/kms/v1"
+      #     client = ::Google::Cloud::Kms::V1::EkmService::Rest::Client.new
+      #
       module V1
       end
     end

data/proto_docs/google/cloud/kms/v1/ekm_service.rb

@@ -122,6 +122,30 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
+        # Request message for
+        # {::Google::Cloud::Kms::V1::EkmService::Client#get_ekm_config EkmService.GetEkmConfig}.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The {::Google::Cloud::Kms::V1::EkmConfig#name name} of the
+        #     {::Google::Cloud::Kms::V1::EkmConfig EkmConfig} to get.
+        class GetEkmConfigRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for
+        # {::Google::Cloud::Kms::V1::EkmService::Client#update_ekm_config EkmService.UpdateEkmConfig}.
+        # @!attribute [rw] ekm_config
+        #   @return [::Google::Cloud::Kms::V1::EkmConfig]
+        #     Required. {::Google::Cloud::Kms::V1::EkmConfig EkmConfig} with updated values.
+        # @!attribute [rw] update_mask
+        #   @return [::Google::Protobuf::FieldMask]
+        #     Required. List of fields to be updated in this request.
+        class UpdateEkmConfigRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # A {::Google::Cloud::Kms::V1::Certificate Certificate} represents an X.509
         # certificate used to authenticate HTTPS connections to EKM replicas.
         # @!attribute [rw] raw_der
@@ -192,6 +216,18 @@ module Google
         #   @return [::String]
         #     Optional. Etag of the currently stored
         #     {::Google::Cloud::Kms::V1::EkmConnection EkmConnection}.
+        # @!attribute [rw] key_management_mode
+        #   @return [::Google::Cloud::Kms::V1::EkmConnection::KeyManagementMode]
+        #     Optional. Describes who can perform control plane operations on the EKM. If
+        #     unset, this defaults to
+        #     {::Google::Cloud::Kms::V1::EkmConnection::KeyManagementMode::MANUAL MANUAL}.
+        # @!attribute [rw] crypto_space_path
+        #   @return [::String]
+        #     Optional. Identifies the EKM Crypto Space that this
+        #     {::Google::Cloud::Kms::V1::EkmConnection EkmConnection} maps to. Note: This
+        #     field is required if
+        #     {::Google::Cloud::Kms::V1::EkmConnection::KeyManagementMode KeyManagementMode} is
+        #     {::Google::Cloud::Kms::V1::EkmConnection::KeyManagementMode::CLOUD_KMS CLOUD_KMS}.
         class EkmConnection
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -224,6 +260,66 @@ module Google
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
           end
+
+          # {::Google::Cloud::Kms::V1::EkmConnection::KeyManagementMode KeyManagementMode}
+          # describes who can perform control plane cryptographic operations using this
+          # {::Google::Cloud::Kms::V1::EkmConnection EkmConnection}.
+          module KeyManagementMode
+            # Not specified.
+            KEY_MANAGEMENT_MODE_UNSPECIFIED = 0
+
+            # EKM-side key management operations on
+            # {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} created with this
+            # {::Google::Cloud::Kms::V1::EkmConnection EkmConnection} must be initiated from
+            # the EKM directly and cannot be performed from Cloud KMS. This means that:
+            # * When creating a
+            # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} associated with
+            # this
+            #   {::Google::Cloud::Kms::V1::EkmConnection EkmConnection}, the caller must
+            #   supply the key path of pre-existing external key material that will be
+            #   linked to the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
+            # * Destruction of external key material cannot be requested via the
+            #   Cloud KMS API and must be performed directly in the EKM.
+            # * Automatic rotation of key material is not supported.
+            MANUAL = 1
+
+            # All {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} created with this
+            # {::Google::Cloud::Kms::V1::EkmConnection EkmConnection} use EKM-side key
+            # management operations initiated from Cloud KMS. This means that:
+            # * When a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}
+            # associated with this {::Google::Cloud::Kms::V1::EkmConnection EkmConnection}
+            # is
+            #   created, the EKM automatically generates new key material and a new
+            #   key path. The caller cannot supply the key path of pre-existing
+            #   external key material.
+            # * Destruction of external key material associated with this
+            #   {::Google::Cloud::Kms::V1::EkmConnection EkmConnection} can be requested by
+            #   calling [DestroyCryptoKeyVersion][EkmService.DestroyCryptoKeyVersion].
+            # * Automatic rotation of key material is supported.
+            CLOUD_KMS = 2
+          end
+        end
+
+        # An {::Google::Cloud::Kms::V1::EkmConfig EkmConfig} is a singleton resource that
+        # represents configuration parameters that apply to all
+        # {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} and
+        # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions} with a
+        # {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of
+        # [EXTERNAL_VPC][CryptoKeyVersion.ProtectionLevel.EXTERNAL_VPC] in a given
+        # project and location.
+        # @!attribute [r] name
+        #   @return [::String]
+        #     Output only. The resource name for the
+        #     {::Google::Cloud::Kms::V1::EkmConfig EkmConfig} in the format
+        #     `projects/*/locations/*/ekmConfig`.
+        # @!attribute [rw] default_ekm_connection
+        #   @return [::String]
+        #     Optional. Resource name of the default
+        #     {::Google::Cloud::Kms::V1::EkmConnection EkmConnection}. Setting this field to
+        #     the empty string removes the default.
+        class EkmConfig
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
         end
       end
     end

data/proto_docs/google/cloud/kms/v1/resources.rb

@@ -341,6 +341,17 @@ module Google
         #     Output only. The root cause of the most recent import failure. Only present
         #     if {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} is
         #     {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::IMPORT_FAILED IMPORT_FAILED}.
+        # @!attribute [r] generation_failure_reason
+        #   @return [::String]
+        #     Output only. The root cause of the most recent generation failure. Only
+        #     present if {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} is
+        #     {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::GENERATION_FAILED GENERATION_FAILED}.
+        # @!attribute [r] external_destruction_failure_reason
+        #   @return [::String]
+        #     Output only. The root cause of the most recent external destruction
+        #     failure. Only present if
+        #     {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} is
+        #     {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::EXTERNAL_DESTRUCTION_FAILED EXTERNAL_DESTRUCTION_FAILED}.
         # @!attribute [rw] external_protection_level_options
         #   @return [::Google::Cloud::Kms::V1::ExternalProtectionLevelOptions]
         #     ExternalProtectionLevelOptions stores a group of additional fields for
@@ -544,6 +555,23 @@ module Google
             # Additional details can be found in
             # {::Google::Cloud::Kms::V1::CryptoKeyVersion#import_failure_reason CryptoKeyVersion.import_failure_reason}.
             IMPORT_FAILED = 7
+
+            # This version was not generated successfully. It may not be used, enabled,
+            # disabled, or destroyed. Additional details can be found in
+            # {::Google::Cloud::Kms::V1::CryptoKeyVersion#generation_failure_reason CryptoKeyVersion.generation_failure_reason}.
+            GENERATION_FAILED = 8
+
+            # This version was destroyed, and it may not be used or enabled again.
+            # Cloud KMS is waiting for the corresponding key material residing in an
+            # external key manager to be destroyed.
+            PENDING_EXTERNAL_DESTRUCTION = 9
+
+            # This version was destroyed, and it may not be used or enabled again.
+            # However, Cloud KMS could not confirm that the corresponding key material
+            # residing in an external key manager was destroyed. Additional details can
+            # be found in
+            # {::Google::Cloud::Kms::V1::CryptoKeyVersion#external_destruction_failure_reason CryptoKeyVersion.external_destruction_failure_reason}.
+            EXTERNAL_DESTRUCTION_FAILED = 10
           end
 
           # A view for {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}s.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-kms-v1
 version: !ruby/object:Gem::Version
-  version: 0.16.0
+  version: 0.18.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-12-09 00:00:00.000000000 Z
+date: 2023-03-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common
@@ -16,7 +16,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.12'
+        version: 0.18.0
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -26,7 +26,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.12'
+        version: 0.18.0
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -50,7 +50,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.0'
+        version: '0.4'
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -60,7 +60,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.0'
+        version: '0.4'
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -70,7 +70,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.0'
+        version: '0.4'
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -80,7 +80,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0.0'
+        version: '0.4'
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -90,14 +90,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.26.1
+        version: 1.26.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.26.1
+        version: 1.26.3
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -212,10 +212,14 @@ files:
 - lib/google-cloud-kms-v1.rb
 - lib/google/cloud/kms/v1.rb
 - lib/google/cloud/kms/v1/_helpers.rb
+- lib/google/cloud/kms/v1/bindings_override.rb
 - lib/google/cloud/kms/v1/ekm_service.rb
 - lib/google/cloud/kms/v1/ekm_service/client.rb
 - lib/google/cloud/kms/v1/ekm_service/credentials.rb
 - lib/google/cloud/kms/v1/ekm_service/paths.rb
+- lib/google/cloud/kms/v1/ekm_service/rest.rb
+- lib/google/cloud/kms/v1/ekm_service/rest/client.rb
+- lib/google/cloud/kms/v1/ekm_service/rest/service_stub.rb
 - lib/google/cloud/kms/v1/ekm_service_pb.rb
 - lib/google/cloud/kms/v1/ekm_service_services_pb.rb
 - lib/google/cloud/kms/v1/iam_policy.rb
@@ -225,7 +229,11 @@ files:
 - lib/google/cloud/kms/v1/key_management_service/client.rb
 - lib/google/cloud/kms/v1/key_management_service/credentials.rb
 - lib/google/cloud/kms/v1/key_management_service/paths.rb
+- lib/google/cloud/kms/v1/key_management_service/rest.rb
+- lib/google/cloud/kms/v1/key_management_service/rest/client.rb
+- lib/google/cloud/kms/v1/key_management_service/rest/service_stub.rb
 - lib/google/cloud/kms/v1/resources_pb.rb
+- lib/google/cloud/kms/v1/rest.rb
 - lib/google/cloud/kms/v1/service_pb.rb
 - lib/google/cloud/kms/v1/service_services_pb.rb
 - lib/google/cloud/kms/v1/version.rb
@@ -262,8 +270,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.14
+rubygems_version: 3.4.2
 signing_key: 
 specification_version: 4
-summary: API Client library for the Cloud Key Management Service (KMS) V1 API
+summary: Manages keys and performs cryptographic operations in a central cloud service,
+  for direct use by other cloud resources and applications.
 test_files: []