google-cloud-kms-v1 0.17.0 → 0.18.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '019a2267f33dda5561da56ed41cf332d8fd4b6fb3cb45587be780dc0db71460d'
-  data.tar.gz: bd72d7db29386ece91aed2c0eadfffa3ae802e4c57923d86c4de683d40ca06d4
+  metadata.gz: 59b86de14b63de4677b18bf0f2bd000fd989942c71966e4fc934e6402e42e0ee
+  data.tar.gz: 2b93be85406e63ca4f5f316a3704be88f32fb47ec5a7daf76133a3bcf4a48afb
 SHA512:
-  metadata.gz: 1a6a96462ae5e450a969e049c2ad9fb6c1e67fd6a49d19893a96c91933f24cde330b5d544cd347e6e271eff4647646e5caae299c159d64fbf9f46d37abbc137f
-  data.tar.gz: f822a78c784ef272766834567079b063847774afad91027b79309207c238d2161b5e6339cd3841389b06fec6dc295de32a790cccf08efc42e55c7fadf06ce624
+  metadata.gz: b5476742317b44f7715d20116b165bbd1827b02b837d3b2c65c2c606c5bebe4a1a42cf129896dc8f2ce35aeed907e87d1b8cbc927d71a7e702bab73260da6e21
+  data.tar.gz: e615bc561491044d5e42d26754fac81a63f781a249c6f061f58006ec0644508dedb84101528e62bd34232bd76b8b667d82b0e936d7e6d583ec26d2b11a55bb72

data/README.md

@@ -1,6 +1,6 @@
 # Ruby Client for the Cloud Key Management Service (KMS) V1 API
 
-API Client library for the Cloud Key Management Service (KMS) V1 API
+Manages keys and performs cryptographic operations in a central cloud service, for direct use by other cloud resources and applications.
 
 Manages keys and performs cryptographic operations in a central cloud service, for direct use by other cloud resources and applications.
 
@@ -47,7 +47,7 @@ for general usage information.
 
 To enable logging for this library, set the logger for the underlying [gRPC](https://github.com/grpc/grpc/tree/master/src/ruby) library.
 The logger that you set may be a Ruby stdlib [`Logger`](https://ruby-doc.org/current/stdlibs/logger/Logger.html) as shown below,
-or a [`Google::Cloud::Logging::Logger`](https://googleapis.dev/ruby/google-cloud-logging/latest)
+or a [`Google::Cloud::Logging::Logger`](https://cloud.google.com/ruby/docs/reference/google-cloud-logging/latest)
 that will write logs to [Cloud Logging](https://cloud.google.com/logging/). See [grpc/logconfig.rb](https://github.com/grpc/grpc/blob/master/src/ruby/lib/grpc/logconfig.rb)
 and the gRPC [spec_helper.rb](https://github.com/grpc/grpc/blob/master/src/ruby/spec/spec_helper.rb) for additional information.
 

data/lib/google/cloud/kms/v1/ekm_service/client.rb

@@ -578,6 +578,181 @@ module Google
               raise ::Google::Cloud::Error.from_error(e)
             end
 
+            ##
+            # Returns the {::Google::Cloud::Kms::V1::EkmConfig EkmConfig} singleton resource
+            # for a given project and location.
+            #
+            # @overload get_ekm_config(request, options = nil)
+            #   Pass arguments to `get_ekm_config` via a request object, either of type
+            #   {::Google::Cloud::Kms::V1::GetEkmConfigRequest} or an equivalent Hash.
+            #
+            #   @param request [::Google::Cloud::Kms::V1::GetEkmConfigRequest, ::Hash]
+            #     A request object representing the call parameters. Required. To specify no
+            #     parameters, or to keep all the default parameter values, pass an empty Hash.
+            #   @param options [::Gapic::CallOptions, ::Hash]
+            #     Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
+            #
+            # @overload get_ekm_config(name: nil)
+            #   Pass arguments to `get_ekm_config` via keyword arguments. Note that at
+            #   least one keyword argument is required. To specify no parameters, or to keep all
+            #   the default parameter values, pass an empty Hash as a request object (see above).
+            #
+            #   @param name [::String]
+            #     Required. The {::Google::Cloud::Kms::V1::EkmConfig#name name} of the
+            #     {::Google::Cloud::Kms::V1::EkmConfig EkmConfig} to get.
+            #
+            # @yield [response, operation] Access the result along with the RPC operation
+            # @yieldparam response [::Google::Cloud::Kms::V1::EkmConfig]
+            # @yieldparam operation [::GRPC::ActiveCall::Operation]
+            #
+            # @return [::Google::Cloud::Kms::V1::EkmConfig]
+            #
+            # @raise [::Google::Cloud::Error] if the RPC is aborted.
+            #
+            # @example Basic example
+            #   require "google/cloud/kms/v1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::Kms::V1::EkmService::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Cloud::Kms::V1::GetEkmConfigRequest.new
+            #
+            #   # Call the get_ekm_config method.
+            #   result = client.get_ekm_config request
+            #
+            #   # The returned object is of type Google::Cloud::Kms::V1::EkmConfig.
+            #   p result
+            #
+            def get_ekm_config request, options = nil
+              raise ::ArgumentError, "request must be provided" if request.nil?
+
+              request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetEkmConfigRequest
+
+              # Converts hash and nil to an options object
+              options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
+
+              # Customize the options with defaults
+              metadata = @config.rpcs.get_ekm_config.metadata.to_h
+
+              # Set x-goog-api-client and x-goog-user-project headers
+              metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
+                lib_name: @config.lib_name, lib_version: @config.lib_version,
+                gapic_version: ::Google::Cloud::Kms::V1::VERSION
+              metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
+
+              header_params = {}
+              if request.name
+                header_params["name"] = request.name
+              end
+
+              request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
+              metadata[:"x-goog-request-params"] ||= request_params_header
+
+              options.apply_defaults timeout:      @config.rpcs.get_ekm_config.timeout,
+                                     metadata:     metadata,
+                                     retry_policy: @config.rpcs.get_ekm_config.retry_policy
+
+              options.apply_defaults timeout:      @config.timeout,
+                                     metadata:     @config.metadata,
+                                     retry_policy: @config.retry_policy
+
+              @ekm_service_stub.call_rpc :get_ekm_config, request, options: options do |response, operation|
+                yield response, operation if block_given?
+                return response
+              end
+            rescue ::GRPC::BadStatus => e
+              raise ::Google::Cloud::Error.from_error(e)
+            end
+
+            ##
+            # Updates the {::Google::Cloud::Kms::V1::EkmConfig EkmConfig} singleton resource
+            # for a given project and location.
+            #
+            # @overload update_ekm_config(request, options = nil)
+            #   Pass arguments to `update_ekm_config` via a request object, either of type
+            #   {::Google::Cloud::Kms::V1::UpdateEkmConfigRequest} or an equivalent Hash.
+            #
+            #   @param request [::Google::Cloud::Kms::V1::UpdateEkmConfigRequest, ::Hash]
+            #     A request object representing the call parameters. Required. To specify no
+            #     parameters, or to keep all the default parameter values, pass an empty Hash.
+            #   @param options [::Gapic::CallOptions, ::Hash]
+            #     Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
+            #
+            # @overload update_ekm_config(ekm_config: nil, update_mask: nil)
+            #   Pass arguments to `update_ekm_config` via keyword arguments. Note that at
+            #   least one keyword argument is required. To specify no parameters, or to keep all
+            #   the default parameter values, pass an empty Hash as a request object (see above).
+            #
+            #   @param ekm_config [::Google::Cloud::Kms::V1::EkmConfig, ::Hash]
+            #     Required. {::Google::Cloud::Kms::V1::EkmConfig EkmConfig} with updated values.
+            #   @param update_mask [::Google::Protobuf::FieldMask, ::Hash]
+            #     Required. List of fields to be updated in this request.
+            #
+            # @yield [response, operation] Access the result along with the RPC operation
+            # @yieldparam response [::Google::Cloud::Kms::V1::EkmConfig]
+            # @yieldparam operation [::GRPC::ActiveCall::Operation]
+            #
+            # @return [::Google::Cloud::Kms::V1::EkmConfig]
+            #
+            # @raise [::Google::Cloud::Error] if the RPC is aborted.
+            #
+            # @example Basic example
+            #   require "google/cloud/kms/v1"
+            #
+            #   # Create a client object. The client can be reused for multiple calls.
+            #   client = Google::Cloud::Kms::V1::EkmService::Client.new
+            #
+            #   # Create a request. To set request fields, pass in keyword arguments.
+            #   request = Google::Cloud::Kms::V1::UpdateEkmConfigRequest.new
+            #
+            #   # Call the update_ekm_config method.
+            #   result = client.update_ekm_config request
+            #
+            #   # The returned object is of type Google::Cloud::Kms::V1::EkmConfig.
+            #   p result
+            #
+            def update_ekm_config request, options = nil
+              raise ::ArgumentError, "request must be provided" if request.nil?
+
+              request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::UpdateEkmConfigRequest
+
+              # Converts hash and nil to an options object
+              options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
+
+              # Customize the options with defaults
+              metadata = @config.rpcs.update_ekm_config.metadata.to_h
+
+              # Set x-goog-api-client and x-goog-user-project headers
+              metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
+                lib_name: @config.lib_name, lib_version: @config.lib_version,
+                gapic_version: ::Google::Cloud::Kms::V1::VERSION
+              metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
+
+              header_params = {}
+              if request.ekm_config&.name
+                header_params["ekm_config.name"] = request.ekm_config.name
+              end
+
+              request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
+              metadata[:"x-goog-request-params"] ||= request_params_header
+
+              options.apply_defaults timeout:      @config.rpcs.update_ekm_config.timeout,
+                                     metadata:     metadata,
+                                     retry_policy: @config.rpcs.update_ekm_config.retry_policy
+
+              options.apply_defaults timeout:      @config.timeout,
+                                     metadata:     @config.metadata,
+                                     retry_policy: @config.retry_policy
+
+              @ekm_service_stub.call_rpc :update_ekm_config, request, options: options do |response, operation|
+                yield response, operation if block_given?
+                return response
+              end
+            rescue ::GRPC::BadStatus => e
+              raise ::Google::Cloud::Error.from_error(e)
+            end
+
             ##
             # Configuration class for the EkmService API.
             #
@@ -616,9 +791,9 @@ module Google
             #    *  (`String`) The path to a service account key file in JSON format
             #    *  (`Hash`) A service account key as a Hash
             #    *  (`Google::Auth::Credentials`) A googleauth credentials object
-            #       (see the [googleauth docs](https://googleapis.dev/ruby/googleauth/latest/index.html))
+            #       (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials))
             #    *  (`Signet::OAuth2::Client`) A signet oauth2 client object
-            #       (see the [signet docs](https://googleapis.dev/ruby/signet/latest/Signet/OAuth2/Client.html))
+            #       (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client))
             #    *  (`GRPC::Core::Channel`) a gRPC channel with included credentials
             #    *  (`GRPC::Core::ChannelCredentials`) a gRPC credentails object
             #    *  (`nil`) indicating no credentials
@@ -733,6 +908,16 @@ module Google
                 # @return [::Gapic::Config::Method]
                 #
                 attr_reader :update_ekm_connection
+                ##
+                # RPC-specific configuration for `get_ekm_config`
+                # @return [::Gapic::Config::Method]
+                #
+                attr_reader :get_ekm_config
+                ##
+                # RPC-specific configuration for `update_ekm_config`
+                # @return [::Gapic::Config::Method]
+                #
+                attr_reader :update_ekm_config
 
                 # @private
                 def initialize parent_rpcs = nil
@@ -744,6 +929,10 @@ module Google
                   @create_ekm_connection = ::Gapic::Config::Method.new create_ekm_connection_config
                   update_ekm_connection_config = parent_rpcs.update_ekm_connection if parent_rpcs.respond_to? :update_ekm_connection
                   @update_ekm_connection = ::Gapic::Config::Method.new update_ekm_connection_config
+                  get_ekm_config_config = parent_rpcs.get_ekm_config if parent_rpcs.respond_to? :get_ekm_config
+                  @get_ekm_config = ::Gapic::Config::Method.new get_ekm_config_config
+                  update_ekm_config_config = parent_rpcs.update_ekm_config if parent_rpcs.respond_to? :update_ekm_config
+                  @update_ekm_config = ::Gapic::Config::Method.new update_ekm_config_config
 
                   yield self if block_given?
                 end

data/lib/google/cloud/kms/v1/ekm_service/paths.rb

@@ -24,6 +24,23 @@ module Google
         module EkmService
           # Path helper methods for the EkmService API.
           module Paths
+            ##
+            # Create a fully-qualified EkmConfig resource string.
+            #
+            # The resource will be in the following format:
+            #
+            # `projects/{project}/locations/{location}/ekmConfig`
+            #
+            # @param project [String]
+            # @param location [String]
+            #
+            # @return [::String]
+            def ekm_config_path project:, location:
+              raise ::ArgumentError, "project cannot contain /" if project.to_s.include? "/"
+
+              "projects/#{project}/locations/#{location}/ekmConfig"
+            end
+
             ##
             # Create a fully-qualified EkmConnection resource string.
             #

data/lib/google/cloud/kms/v1/ekm_service/rest/client.rb

@@ -475,6 +475,135 @@ module Google
                 raise ::Google::Cloud::Error.from_error(e)
               end
 
+              ##
+              # Returns the {::Google::Cloud::Kms::V1::EkmConfig EkmConfig} singleton resource
+              # for a given project and location.
+              #
+              # @overload get_ekm_config(request, options = nil)
+              #   Pass arguments to `get_ekm_config` via a request object, either of type
+              #   {::Google::Cloud::Kms::V1::GetEkmConfigRequest} or an equivalent Hash.
+              #
+              #   @param request [::Google::Cloud::Kms::V1::GetEkmConfigRequest, ::Hash]
+              #     A request object representing the call parameters. Required. To specify no
+              #     parameters, or to keep all the default parameter values, pass an empty Hash.
+              #   @param options [::Gapic::CallOptions, ::Hash]
+              #     Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
+              #
+              # @overload get_ekm_config(name: nil)
+              #   Pass arguments to `get_ekm_config` via keyword arguments. Note that at
+              #   least one keyword argument is required. To specify no parameters, or to keep all
+              #   the default parameter values, pass an empty Hash as a request object (see above).
+              #
+              #   @param name [::String]
+              #     Required. The {::Google::Cloud::Kms::V1::EkmConfig#name name} of the
+              #     {::Google::Cloud::Kms::V1::EkmConfig EkmConfig} to get.
+              # @yield [result, operation] Access the result along with the TransportOperation object
+              # @yieldparam result [::Google::Cloud::Kms::V1::EkmConfig]
+              # @yieldparam operation [::Gapic::Rest::TransportOperation]
+              #
+              # @return [::Google::Cloud::Kms::V1::EkmConfig]
+              #
+              # @raise [::Google::Cloud::Error] if the REST call is aborted.
+              def get_ekm_config request, options = nil
+                raise ::ArgumentError, "request must be provided" if request.nil?
+
+                request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetEkmConfigRequest
+
+                # Converts hash and nil to an options object
+                options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
+
+                # Customize the options with defaults
+                call_metadata = @config.rpcs.get_ekm_config.metadata.to_h
+
+                # Set x-goog-api-client and x-goog-user-project headers
+                call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
+                  lib_name: @config.lib_name, lib_version: @config.lib_version,
+                  gapic_version: ::Google::Cloud::Kms::V1::VERSION,
+                  transports_version_send: [:rest]
+
+                call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
+
+                options.apply_defaults timeout:      @config.rpcs.get_ekm_config.timeout,
+                                       metadata:     call_metadata,
+                                       retry_policy: @config.rpcs.get_ekm_config.retry_policy
+
+                options.apply_defaults timeout:      @config.timeout,
+                                       metadata:     @config.metadata,
+                                       retry_policy: @config.retry_policy
+
+                @ekm_service_stub.get_ekm_config request, options do |result, operation|
+                  yield result, operation if block_given?
+                  return result
+                end
+              rescue ::Gapic::Rest::Error => e
+                raise ::Google::Cloud::Error.from_error(e)
+              end
+
+              ##
+              # Updates the {::Google::Cloud::Kms::V1::EkmConfig EkmConfig} singleton resource
+              # for a given project and location.
+              #
+              # @overload update_ekm_config(request, options = nil)
+              #   Pass arguments to `update_ekm_config` via a request object, either of type
+              #   {::Google::Cloud::Kms::V1::UpdateEkmConfigRequest} or an equivalent Hash.
+              #
+              #   @param request [::Google::Cloud::Kms::V1::UpdateEkmConfigRequest, ::Hash]
+              #     A request object representing the call parameters. Required. To specify no
+              #     parameters, or to keep all the default parameter values, pass an empty Hash.
+              #   @param options [::Gapic::CallOptions, ::Hash]
+              #     Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
+              #
+              # @overload update_ekm_config(ekm_config: nil, update_mask: nil)
+              #   Pass arguments to `update_ekm_config` via keyword arguments. Note that at
+              #   least one keyword argument is required. To specify no parameters, or to keep all
+              #   the default parameter values, pass an empty Hash as a request object (see above).
+              #
+              #   @param ekm_config [::Google::Cloud::Kms::V1::EkmConfig, ::Hash]
+              #     Required. {::Google::Cloud::Kms::V1::EkmConfig EkmConfig} with updated values.
+              #   @param update_mask [::Google::Protobuf::FieldMask, ::Hash]
+              #     Required. List of fields to be updated in this request.
+              # @yield [result, operation] Access the result along with the TransportOperation object
+              # @yieldparam result [::Google::Cloud::Kms::V1::EkmConfig]
+              # @yieldparam operation [::Gapic::Rest::TransportOperation]
+              #
+              # @return [::Google::Cloud::Kms::V1::EkmConfig]
+              #
+              # @raise [::Google::Cloud::Error] if the REST call is aborted.
+              def update_ekm_config request, options = nil
+                raise ::ArgumentError, "request must be provided" if request.nil?
+
+                request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::UpdateEkmConfigRequest
+
+                # Converts hash and nil to an options object
+                options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
+
+                # Customize the options with defaults
+                call_metadata = @config.rpcs.update_ekm_config.metadata.to_h
+
+                # Set x-goog-api-client and x-goog-user-project headers
+                call_metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
+                  lib_name: @config.lib_name, lib_version: @config.lib_version,
+                  gapic_version: ::Google::Cloud::Kms::V1::VERSION,
+                  transports_version_send: [:rest]
+
+                call_metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
+
+                options.apply_defaults timeout:      @config.rpcs.update_ekm_config.timeout,
+                                       metadata:     call_metadata,
+                                       retry_policy: @config.rpcs.update_ekm_config.retry_policy
+
+                options.apply_defaults timeout:      @config.timeout,
+                                       metadata:     @config.metadata,
+                                       retry_policy: @config.retry_policy
+
+                @ekm_service_stub.update_ekm_config request, options do |result, operation|
+                  yield result, operation if block_given?
+                  return result
+                end
+              rescue ::Gapic::Rest::Error => e
+                raise ::Google::Cloud::Error.from_error(e)
+              end
+
               ##
               # Configuration class for the EkmService REST API.
               #
@@ -513,9 +642,9 @@ module Google
               #    *  (`String`) The path to a service account key file in JSON format
               #    *  (`Hash`) A service account key as a Hash
               #    *  (`Google::Auth::Credentials`) A googleauth credentials object
-              #       (see the [googleauth docs](https://googleapis.dev/ruby/googleauth/latest/index.html))
+              #       (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials))
               #    *  (`Signet::OAuth2::Client`) A signet oauth2 client object
-              #       (see the [signet docs](https://googleapis.dev/ruby/signet/latest/Signet/OAuth2/Client.html))
+              #       (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client))
               #    *  (`nil`) indicating no credentials
               #   @return [::Object]
               # @!attribute [rw] scope
@@ -625,6 +754,16 @@ module Google
                   # @return [::Gapic::Config::Method]
                   #
                   attr_reader :update_ekm_connection
+                  ##
+                  # RPC-specific configuration for `get_ekm_config`
+                  # @return [::Gapic::Config::Method]
+                  #
+                  attr_reader :get_ekm_config
+                  ##
+                  # RPC-specific configuration for `update_ekm_config`
+                  # @return [::Gapic::Config::Method]
+                  #
+                  attr_reader :update_ekm_config
 
                   # @private
                   def initialize parent_rpcs = nil
@@ -636,6 +775,10 @@ module Google
                     @create_ekm_connection = ::Gapic::Config::Method.new create_ekm_connection_config
                     update_ekm_connection_config = parent_rpcs.update_ekm_connection if parent_rpcs.respond_to? :update_ekm_connection
                     @update_ekm_connection = ::Gapic::Config::Method.new update_ekm_connection_config
+                    get_ekm_config_config = parent_rpcs.get_ekm_config if parent_rpcs.respond_to? :get_ekm_config
+                    @get_ekm_config = ::Gapic::Config::Method.new get_ekm_config_config
+                    update_ekm_config_config = parent_rpcs.update_ekm_config if parent_rpcs.respond_to? :update_ekm_config
+                    @update_ekm_config = ::Gapic::Config::Method.new update_ekm_config_config
 
                     yield self if block_given?
                   end

data/lib/google/cloud/kms/v1/ekm_service/rest/service_stub.rb

@@ -192,6 +192,82 @@ module Google
                 result
               end
 
+              ##
+              # Baseline implementation for the get_ekm_config REST call
+              #
+              # @param request_pb [::Google::Cloud::Kms::V1::GetEkmConfigRequest]
+              #   A request object representing the call parameters. Required.
+              # @param options [::Gapic::CallOptions]
+              #   Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
+              #
+              # @yield [result, operation] Access the result along with the TransportOperation object
+              # @yieldparam result [::Google::Cloud::Kms::V1::EkmConfig]
+              # @yieldparam operation [::Gapic::Rest::TransportOperation]
+              #
+              # @return [::Google::Cloud::Kms::V1::EkmConfig]
+              #   A result object deserialized from the server's reply
+              def get_ekm_config request_pb, options = nil
+                raise ::ArgumentError, "request must be provided" if request_pb.nil?
+
+                verb, uri, query_string_params, body = ServiceStub.transcode_get_ekm_config_request request_pb
+                query_string_params = if query_string_params.any?
+                                        query_string_params.to_h { |p| p.split("=", 2) }
+                                      else
+                                        {}
+                                      end
+
+                response = @client_stub.make_http_request(
+                  verb,
+                  uri:     uri,
+                  body:    body || "",
+                  params:  query_string_params,
+                  options: options
+                )
+                operation = ::Gapic::Rest::TransportOperation.new response
+                result = ::Google::Cloud::Kms::V1::EkmConfig.decode_json response.body, ignore_unknown_fields: true
+
+                yield result, operation if block_given?
+                result
+              end
+
+              ##
+              # Baseline implementation for the update_ekm_config REST call
+              #
+              # @param request_pb [::Google::Cloud::Kms::V1::UpdateEkmConfigRequest]
+              #   A request object representing the call parameters. Required.
+              # @param options [::Gapic::CallOptions]
+              #   Overrides the default settings for this call, e.g, timeout, retries etc. Optional.
+              #
+              # @yield [result, operation] Access the result along with the TransportOperation object
+              # @yieldparam result [::Google::Cloud::Kms::V1::EkmConfig]
+              # @yieldparam operation [::Gapic::Rest::TransportOperation]
+              #
+              # @return [::Google::Cloud::Kms::V1::EkmConfig]
+              #   A result object deserialized from the server's reply
+              def update_ekm_config request_pb, options = nil
+                raise ::ArgumentError, "request must be provided" if request_pb.nil?
+
+                verb, uri, query_string_params, body = ServiceStub.transcode_update_ekm_config_request request_pb
+                query_string_params = if query_string_params.any?
+                                        query_string_params.to_h { |p| p.split("=", 2) }
+                                      else
+                                        {}
+                                      end
+
+                response = @client_stub.make_http_request(
+                  verb,
+                  uri:     uri,
+                  body:    body || "",
+                  params:  query_string_params,
+                  options: options
+                )
+                operation = ::Gapic::Rest::TransportOperation.new response
+                result = ::Google::Cloud::Kms::V1::EkmConfig.decode_json response.body, ignore_unknown_fields: true
+
+                yield result, operation if block_given?
+                result
+              end
+
               ##
               # @private
               #
@@ -277,6 +353,49 @@ module Google
                                                         )
                 transcoder.transcode request_pb
               end
+
+              ##
+              # @private
+              #
+              # GRPC transcoding helper method for the get_ekm_config REST call
+              #
+              # @param request_pb [::Google::Cloud::Kms::V1::GetEkmConfigRequest]
+              #   A request object representing the call parameters. Required.
+              # @return [Array(String, [String, nil], Hash{String => String})]
+              #   Uri, Body, Query string parameters
+              def self.transcode_get_ekm_config_request request_pb
+                transcoder = Gapic::Rest::GrpcTranscoder.new
+                                                        .with_bindings(
+                                                          uri_method: :get,
+                                                          uri_template: "/v1/{name}",
+                                                          matches: [
+                                                            ["name", %r{^projects/[^/]+/locations/[^/]+/ekmConfig/?$}, false]
+                                                          ]
+                                                        )
+                transcoder.transcode request_pb
+              end
+
+              ##
+              # @private
+              #
+              # GRPC transcoding helper method for the update_ekm_config REST call
+              #
+              # @param request_pb [::Google::Cloud::Kms::V1::UpdateEkmConfigRequest]
+              #   A request object representing the call parameters. Required.
+              # @return [Array(String, [String, nil], Hash{String => String})]
+              #   Uri, Body, Query string parameters
+              def self.transcode_update_ekm_config_request request_pb
+                transcoder = Gapic::Rest::GrpcTranscoder.new
+                                                        .with_bindings(
+                                                          uri_method: :patch,
+                                                          uri_template: "/v1/{ekm_config.name}",
+                                                          body: "ekm_config",
+                                                          matches: [
+                                                            ["ekm_config.name", %r{^projects/[^/]+/locations/[^/]+/ekmConfig/?$}, false]
+                                                          ]
+                                                        )
+                transcoder.transcode request_pb
+              end
             end
           end
         end

data/lib/google/cloud/kms/v1/ekm_service_pb.rb

@@ -36,6 +36,13 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :ekm_connection, :message, 1, "google.cloud.kms.v1.EkmConnection"
       optional :update_mask, :message, 2, "google.protobuf.FieldMask"
     end
+    add_message "google.cloud.kms.v1.GetEkmConfigRequest" do
+      optional :name, :string, 1
+    end
+    add_message "google.cloud.kms.v1.UpdateEkmConfigRequest" do
+      optional :ekm_config, :message, 1, "google.cloud.kms.v1.EkmConfig"
+      optional :update_mask, :message, 2, "google.protobuf.FieldMask"
+    end
     add_message "google.cloud.kms.v1.Certificate" do
       optional :raw_der, :bytes, 1
       optional :parsed, :bool, 2
@@ -52,6 +59,8 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :create_time, :message, 2, "google.protobuf.Timestamp"
       repeated :service_resolvers, :message, 3, "google.cloud.kms.v1.EkmConnection.ServiceResolver"
       optional :etag, :string, 5
+      optional :key_management_mode, :enum, 6, "google.cloud.kms.v1.EkmConnection.KeyManagementMode"
+      optional :crypto_space_path, :string, 7
     end
     add_message "google.cloud.kms.v1.EkmConnection.ServiceResolver" do
       optional :service_directory_service, :string, 1
@@ -59,6 +68,15 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :hostname, :string, 3
       repeated :server_certificates, :message, 4, "google.cloud.kms.v1.Certificate"
     end
+    add_enum "google.cloud.kms.v1.EkmConnection.KeyManagementMode" do
+      value :KEY_MANAGEMENT_MODE_UNSPECIFIED, 0
+      value :MANUAL, 1
+      value :CLOUD_KMS, 2
+    end
+    add_message "google.cloud.kms.v1.EkmConfig" do
+      optional :name, :string, 1
+      optional :default_ekm_connection, :string, 2
+    end
   end
 end
 
@@ -71,9 +89,13 @@ module Google
         GetEkmConnectionRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.GetEkmConnectionRequest").msgclass
         CreateEkmConnectionRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.CreateEkmConnectionRequest").msgclass
         UpdateEkmConnectionRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.UpdateEkmConnectionRequest").msgclass
+        GetEkmConfigRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.GetEkmConfigRequest").msgclass
+        UpdateEkmConfigRequest = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.UpdateEkmConfigRequest").msgclass
         Certificate = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.Certificate").msgclass
         EkmConnection = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.EkmConnection").msgclass
         EkmConnection::ServiceResolver = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.EkmConnection.ServiceResolver").msgclass
+        EkmConnection::KeyManagementMode = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.EkmConnection.KeyManagementMode").enummodule
+        EkmConfig = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("google.cloud.kms.v1.EkmConfig").msgclass
       end
     end
   end

data/lib/google/cloud/kms/v1/ekm_service_services_pb.rb

@@ -47,6 +47,12 @@ module Google
             rpc :CreateEkmConnection, ::Google::Cloud::Kms::V1::CreateEkmConnectionRequest, ::Google::Cloud::Kms::V1::EkmConnection
             # Updates an [EkmConnection][google.cloud.kms.v1.EkmConnection]'s metadata.
             rpc :UpdateEkmConnection, ::Google::Cloud::Kms::V1::UpdateEkmConnectionRequest, ::Google::Cloud::Kms::V1::EkmConnection
+            # Returns the [EkmConfig][google.cloud.kms.v1.EkmConfig] singleton resource
+            # for a given project and location.
+            rpc :GetEkmConfig, ::Google::Cloud::Kms::V1::GetEkmConfigRequest, ::Google::Cloud::Kms::V1::EkmConfig
+            # Updates the [EkmConfig][google.cloud.kms.v1.EkmConfig] singleton resource
+            # for a given project and location.
+            rpc :UpdateEkmConfig, ::Google::Cloud::Kms::V1::UpdateEkmConfigRequest, ::Google::Cloud::Kms::V1::EkmConfig
           end
 
           Stub = Service.rpc_stub_class

data/lib/google/cloud/kms/v1/key_management_service/client.rb

@@ -3173,9 +3173,9 @@ module Google
             #    *  (`String`) The path to a service account key file in JSON format
             #    *  (`Hash`) A service account key as a Hash
             #    *  (`Google::Auth::Credentials`) A googleauth credentials object
-            #       (see the [googleauth docs](https://googleapis.dev/ruby/googleauth/latest/index.html))
+            #       (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials))
             #    *  (`Signet::OAuth2::Client`) A signet oauth2 client object
-            #       (see the [signet docs](https://googleapis.dev/ruby/signet/latest/Signet/OAuth2/Client.html))
+            #       (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client))
             #    *  (`GRPC::Core::Channel`) a gRPC channel with included credentials
             #    *  (`GRPC::Core::ChannelCredentials`) a gRPC credentails object
             #    *  (`nil`) indicating no credentials

data/lib/google/cloud/kms/v1/key_management_service/rest/client.rb

@@ -2552,9 +2552,9 @@ module Google
               #    *  (`String`) The path to a service account key file in JSON format
               #    *  (`Hash`) A service account key as a Hash
               #    *  (`Google::Auth::Credentials`) A googleauth credentials object
-              #       (see the [googleauth docs](https://googleapis.dev/ruby/googleauth/latest/index.html))
+              #       (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials))
               #    *  (`Signet::OAuth2::Client`) A signet oauth2 client object
-              #       (see the [signet docs](https://googleapis.dev/ruby/signet/latest/Signet/OAuth2/Client.html))
+              #       (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client))
               #    *  (`nil`) indicating no credentials
               #   @return [::Object]
               # @!attribute [rw] scope

data/lib/google/cloud/kms/v1/resources_pb.rb

@@ -69,6 +69,8 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       optional :import_job, :string, 14
       optional :import_time, :message, 15, "google.protobuf.Timestamp"
       optional :import_failure_reason, :string, 16
+      optional :generation_failure_reason, :string, 19
+      optional :external_destruction_failure_reason, :string, 20
       optional :external_protection_level_options, :message, 17, "google.cloud.kms.v1.ExternalProtectionLevelOptions"
       optional :reimport_eligible, :bool, 18
     end
@@ -112,6 +114,9 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
       value :DESTROY_SCHEDULED, 4
       value :PENDING_IMPORT, 6
       value :IMPORT_FAILED, 7
+      value :GENERATION_FAILED, 8
+      value :PENDING_EXTERNAL_DESTRUCTION, 9
+      value :EXTERNAL_DESTRUCTION_FAILED, 10
     end
     add_enum "google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionView" do
       value :CRYPTO_KEY_VERSION_VIEW_UNSPECIFIED, 0

data/lib/google/cloud/kms/v1/version.rb

@@ -21,7 +21,7 @@ module Google
   module Cloud
     module Kms
       module V1
-        VERSION = "0.17.0"
+        VERSION = "0.18.1"
       end
     end
   end

data/proto_docs/google/api/client.rb

@@ -35,7 +35,9 @@ module Google
     # Details about how and where to publish client libraries.
     # @!attribute [rw] version
     #   @return [::String]
-    #     Version of the API to apply these settings to.
+    #     Version of the API to apply these settings to. This is the full protobuf
+    #     package for the API, ending in the version element.
+    #     Examples: "google.cloud.speech.v1" and "google.spanner.admin.database.v1".
     # @!attribute [rw] launch_stage
     #   @return [::Google::Api::LaunchStage]
     #     Launch stage of this version of the API.
@@ -111,6 +113,10 @@ module Google
     #     Client library settings.  If the same version string appears multiple
     #     times in this list, then the last one wins.  Settings from earlier
     #     settings with the same version string are discarded.
+    # @!attribute [rw] proto_reference_documentation_uri
+    #   @return [::String]
+    #     Optional link to proto reference documentation.  Example:
+    #     https://cloud.google.com/pubsub/lite/docs/reference/rpc
     class Publishing
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -203,9 +209,57 @@ module Google
     # @!attribute [rw] common
     #   @return [::Google::Api::CommonLanguageSettings]
     #     Some settings.
+    # @!attribute [rw] renamed_services
+    #   @return [::Google::Protobuf::Map{::String => ::String}]
+    #     Map from original service names to renamed versions.
+    #     This is used when the default generated types
+    #     would cause a naming conflict. (Neither name is
+    #     fully-qualified.)
+    #     Example: Subscriber to SubscriberServiceApi.
+    # @!attribute [rw] renamed_resources
+    #   @return [::Google::Protobuf::Map{::String => ::String}]
+    #     Map from full resource types to the effective short name
+    #     for the resource. This is used when otherwise resource
+    #     named from different services would cause naming collisions.
+    #     Example entry:
+    #     "datalabeling.googleapis.com/Dataset": "DataLabelingDataset"
+    # @!attribute [rw] ignored_resources
+    #   @return [::Array<::String>]
+    #     List of full resource types to ignore during generation.
+    #     This is typically used for API-specific Location resources,
+    #     which should be handled by the generator as if they were actually
+    #     the common Location resources.
+    #     Example entry: "documentai.googleapis.com/Location"
+    # @!attribute [rw] forced_namespace_aliases
+    #   @return [::Array<::String>]
+    #     Namespaces which must be aliased in snippets due to
+    #     a known (but non-generator-predictable) naming collision
+    # @!attribute [rw] handwritten_signatures
+    #   @return [::Array<::String>]
+    #     Method signatures (in the form "service.method(signature)")
+    #     which are provided separately, so shouldn't be generated.
+    #     Snippets *calling* these methods are still generated, however.
     class DotnetSettings
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # @!attribute [rw] key
+      #   @return [::String]
+      # @!attribute [rw] value
+      #   @return [::String]
+      class RenamedServicesEntry
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # @!attribute [rw] key
+      #   @return [::String]
+      # @!attribute [rw] value
+      #   @return [::String]
+      class RenamedResourcesEntry
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
     end
 
     # Settings for Ruby client libraries.
@@ -240,8 +294,8 @@ module Google
     #     Example of a YAML configuration::
     #
     #      publishing:
-    #        method_behavior:
-    #          - selector: CreateAdDomain
+    #        method_settings:
+    #          - selector: google.cloud.speech.v2.Speech.BatchRecognize
     #            long_running:
     #              initial_poll_delay:
     #                seconds: 60 # 1 minute

data/proto_docs/google/cloud/kms/v1/ekm_service.rb

@@ -122,6 +122,30 @@ module Google
           extend ::Google::Protobuf::MessageExts::ClassMethods
         end
 
+        # Request message for
+        # {::Google::Cloud::Kms::V1::EkmService::Client#get_ekm_config EkmService.GetEkmConfig}.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The {::Google::Cloud::Kms::V1::EkmConfig#name name} of the
+        #     {::Google::Cloud::Kms::V1::EkmConfig EkmConfig} to get.
+        class GetEkmConfigRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
+        # Request message for
+        # {::Google::Cloud::Kms::V1::EkmService::Client#update_ekm_config EkmService.UpdateEkmConfig}.
+        # @!attribute [rw] ekm_config
+        #   @return [::Google::Cloud::Kms::V1::EkmConfig]
+        #     Required. {::Google::Cloud::Kms::V1::EkmConfig EkmConfig} with updated values.
+        # @!attribute [rw] update_mask
+        #   @return [::Google::Protobuf::FieldMask]
+        #     Required. List of fields to be updated in this request.
+        class UpdateEkmConfigRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+
         # A {::Google::Cloud::Kms::V1::Certificate Certificate} represents an X.509
         # certificate used to authenticate HTTPS connections to EKM replicas.
         # @!attribute [rw] raw_der
@@ -192,6 +216,18 @@ module Google
         #   @return [::String]
         #     Optional. Etag of the currently stored
         #     {::Google::Cloud::Kms::V1::EkmConnection EkmConnection}.
+        # @!attribute [rw] key_management_mode
+        #   @return [::Google::Cloud::Kms::V1::EkmConnection::KeyManagementMode]
+        #     Optional. Describes who can perform control plane operations on the EKM. If
+        #     unset, this defaults to
+        #     {::Google::Cloud::Kms::V1::EkmConnection::KeyManagementMode::MANUAL MANUAL}.
+        # @!attribute [rw] crypto_space_path
+        #   @return [::String]
+        #     Optional. Identifies the EKM Crypto Space that this
+        #     {::Google::Cloud::Kms::V1::EkmConnection EkmConnection} maps to. Note: This
+        #     field is required if
+        #     {::Google::Cloud::Kms::V1::EkmConnection::KeyManagementMode KeyManagementMode} is
+        #     {::Google::Cloud::Kms::V1::EkmConnection::KeyManagementMode::CLOUD_KMS CLOUD_KMS}.
         class EkmConnection
           include ::Google::Protobuf::MessageExts
           extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -224,6 +260,66 @@ module Google
             include ::Google::Protobuf::MessageExts
             extend ::Google::Protobuf::MessageExts::ClassMethods
           end
+
+          # {::Google::Cloud::Kms::V1::EkmConnection::KeyManagementMode KeyManagementMode}
+          # describes who can perform control plane cryptographic operations using this
+          # {::Google::Cloud::Kms::V1::EkmConnection EkmConnection}.
+          module KeyManagementMode
+            # Not specified.
+            KEY_MANAGEMENT_MODE_UNSPECIFIED = 0
+
+            # EKM-side key management operations on
+            # {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} created with this
+            # {::Google::Cloud::Kms::V1::EkmConnection EkmConnection} must be initiated from
+            # the EKM directly and cannot be performed from Cloud KMS. This means that:
+            # * When creating a
+            # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} associated with
+            # this
+            #   {::Google::Cloud::Kms::V1::EkmConnection EkmConnection}, the caller must
+            #   supply the key path of pre-existing external key material that will be
+            #   linked to the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
+            # * Destruction of external key material cannot be requested via the
+            #   Cloud KMS API and must be performed directly in the EKM.
+            # * Automatic rotation of key material is not supported.
+            MANUAL = 1
+
+            # All {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} created with this
+            # {::Google::Cloud::Kms::V1::EkmConnection EkmConnection} use EKM-side key
+            # management operations initiated from Cloud KMS. This means that:
+            # * When a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}
+            # associated with this {::Google::Cloud::Kms::V1::EkmConnection EkmConnection}
+            # is
+            #   created, the EKM automatically generates new key material and a new
+            #   key path. The caller cannot supply the key path of pre-existing
+            #   external key material.
+            # * Destruction of external key material associated with this
+            #   {::Google::Cloud::Kms::V1::EkmConnection EkmConnection} can be requested by
+            #   calling [DestroyCryptoKeyVersion][EkmService.DestroyCryptoKeyVersion].
+            # * Automatic rotation of key material is supported.
+            CLOUD_KMS = 2
+          end
+        end
+
+        # An {::Google::Cloud::Kms::V1::EkmConfig EkmConfig} is a singleton resource that
+        # represents configuration parameters that apply to all
+        # {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} and
+        # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions} with a
+        # {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of
+        # [EXTERNAL_VPC][CryptoKeyVersion.ProtectionLevel.EXTERNAL_VPC] in a given
+        # project and location.
+        # @!attribute [r] name
+        #   @return [::String]
+        #     Output only. The resource name for the
+        #     {::Google::Cloud::Kms::V1::EkmConfig EkmConfig} in the format
+        #     `projects/*/locations/*/ekmConfig`.
+        # @!attribute [rw] default_ekm_connection
+        #   @return [::String]
+        #     Optional. Resource name of the default
+        #     {::Google::Cloud::Kms::V1::EkmConnection EkmConnection}. Setting this field to
+        #     the empty string removes the default.
+        class EkmConfig
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
         end
       end
     end

data/proto_docs/google/cloud/kms/v1/resources.rb

@@ -341,6 +341,17 @@ module Google
         #     Output only. The root cause of the most recent import failure. Only present
         #     if {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} is
         #     {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::IMPORT_FAILED IMPORT_FAILED}.
+        # @!attribute [r] generation_failure_reason
+        #   @return [::String]
+        #     Output only. The root cause of the most recent generation failure. Only
+        #     present if {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} is
+        #     {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::GENERATION_FAILED GENERATION_FAILED}.
+        # @!attribute [r] external_destruction_failure_reason
+        #   @return [::String]
+        #     Output only. The root cause of the most recent external destruction
+        #     failure. Only present if
+        #     {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} is
+        #     {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::EXTERNAL_DESTRUCTION_FAILED EXTERNAL_DESTRUCTION_FAILED}.
         # @!attribute [rw] external_protection_level_options
         #   @return [::Google::Cloud::Kms::V1::ExternalProtectionLevelOptions]
         #     ExternalProtectionLevelOptions stores a group of additional fields for
@@ -465,13 +476,19 @@ module Google
             RSA_DECRYPT_OAEP_4096_SHA1 = 39
 
             # ECDSA on the NIST P-256 curve with a SHA256 digest.
+            # Other hash functions can also be used:
+            # https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms
             EC_SIGN_P256_SHA256 = 12
 
             # ECDSA on the NIST P-384 curve with a SHA384 digest.
+            # Other hash functions can also be used:
+            # https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms
             EC_SIGN_P384_SHA384 = 13
 
             # ECDSA on the non-NIST secp256k1 curve. This curve is only supported for
             # HSM protection level.
+            # Other hash functions can also be used:
+            # https://cloud.google.com/kms/docs/create-validate-signatures#ecdsa_support_for_other_hash_algorithms
             EC_SIGN_SECP256K1_SHA256 = 31
 
             # HMAC-SHA256 signing with a 256 bit key.
@@ -544,6 +561,23 @@ module Google
             # Additional details can be found in
             # {::Google::Cloud::Kms::V1::CryptoKeyVersion#import_failure_reason CryptoKeyVersion.import_failure_reason}.
             IMPORT_FAILED = 7
+
+            # This version was not generated successfully. It may not be used, enabled,
+            # disabled, or destroyed. Additional details can be found in
+            # {::Google::Cloud::Kms::V1::CryptoKeyVersion#generation_failure_reason CryptoKeyVersion.generation_failure_reason}.
+            GENERATION_FAILED = 8
+
+            # This version was destroyed, and it may not be used or enabled again.
+            # Cloud KMS is waiting for the corresponding key material residing in an
+            # external key manager to be destroyed.
+            PENDING_EXTERNAL_DESTRUCTION = 9
+
+            # This version was destroyed, and it may not be used or enabled again.
+            # However, Cloud KMS could not confirm that the corresponding key material
+            # residing in an external key manager was destroyed. Additional details can
+            # be found in
+            # {::Google::Cloud::Kms::V1::CryptoKeyVersion#external_destruction_failure_reason CryptoKeyVersion.external_destruction_failure_reason}.
+            EXTERNAL_DESTRUCTION_FAILED = 10
           end
 
           # A view for {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}s.

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-kms-v1
 version: !ruby/object:Gem::Version
-  version: 0.17.0
+  version: 0.18.1
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-02-17 00:00:00.000000000 Z
+date: 2023-03-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common
@@ -16,7 +16,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.17.1
+        version: 0.18.0
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -26,7 +26,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.17.1
+        version: 0.18.0
     - - "<"
       - !ruby/object:Gem::Version
         version: 2.a
@@ -273,5 +273,6 @@ requirements: []
 rubygems_version: 3.4.2
 signing_key: 
 specification_version: 4
-summary: API Client library for the Cloud Key Management Service (KMS) V1 API
+summary: Manages keys and performs cryptographic operations in a central cloud service,
+  for direct use by other cloud resources and applications.
 test_files: []