google-cloud-kms-v1 0.6.0 → 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5037e70b86fc808722a8a1f2937ee740a9cbebd903a72c52ec52a38b4dd7ddd6
4
- data.tar.gz: 35707f1908b1330a758109e5f5990b562e909c8bdf0fd0a3907717b504e039d0
3
+ metadata.gz: 366f739162ab5400a7d321c89b3283faa619b89e0ce78a22729aaec42cf319f2
4
+ data.tar.gz: 9b07da8889a3a6804331abc9f78882ee7cc89ae0f8d848cb8ce321a027d0ca98
5
5
  SHA512:
6
- metadata.gz: 943f1f9adc9daa3756f786fae9d0956674687ab35890552d6a3dac40f0304a2dc761e7f5dd24738b8c01bb74b61ebd6d631e2aebaf22be2b6abac8c7f53a55db
7
- data.tar.gz: e77f44c6fac533bebac6262b074a51738ec7ccde1d89edaa44bf04738cb92ff029fd25b189d5ff4ecc5ec9a4b45bc5294990e3733dec7a001092102be24469be
6
+ metadata.gz: f46892858f2569b83d67dd04ae66ad59eabb7acc9b6b3a55d1661f35d0fcf060af22ee2dafe271059fa461aac233afa458bccbc800850363bc055c925cbb178e
7
+ data.tar.gz: c8babfa3af90696ca1223d8dc2461615289de042c0a7beda99da0b9e75c951372e58e077f162f68c5b8cf61f65c3501d3229406da434a80a6f31cd0f0494eb49
data/AUTHENTICATION.md CHANGED
@@ -66,11 +66,11 @@ The environment variables that google-cloud-kms-v1
66
66
  checks for credentials are configured on the service Credentials class (such as
67
67
  {::Google::Cloud::Kms::V1::KeyManagementService::Credentials}):
68
68
 
69
- 1. `KMS_CREDENTIALS` - Path to JSON file, or JSON contents
70
- 2. `KMS_KEYFILE` - Path to JSON file, or JSON contents
71
- 3. `GOOGLE_CLOUD_CREDENTIALS` - Path to JSON file, or JSON contents
72
- 4. `GOOGLE_CLOUD_KEYFILE` - Path to JSON file, or JSON contents
73
- 5. `GOOGLE_APPLICATION_CREDENTIALS` - Path to JSON file
69
+ * `KMS_CREDENTIALS` - Path to JSON file, or JSON contents
70
+ * `KMS_KEYFILE` - Path to JSON file, or JSON contents
71
+ * `GOOGLE_CLOUD_CREDENTIALS` - Path to JSON file, or JSON contents
72
+ * `GOOGLE_CLOUD_KEYFILE` - Path to JSON file, or JSON contents
73
+ * `GOOGLE_APPLICATION_CREDENTIALS` - Path to JSON file
74
74
 
75
75
  ```ruby
76
76
  require "google/cloud/kms/v1"
@@ -82,8 +82,8 @@ client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new
82
82
 
83
83
  ### Configuration
84
84
 
85
- The **Credentials JSON** can be configured instead of placing them in
86
- environment variables. Either on an individual client initialization:
85
+ The path to the **Credentials JSON** file can be configured instead of storing
86
+ it in an environment variable. Either on an individual client initialization:
87
87
 
88
88
  ```ruby
89
89
  require "google/cloud/kms/v1"
@@ -93,7 +93,7 @@ client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new do |config|
93
93
  end
94
94
  ```
95
95
 
96
- Or configured globally for all clients:
96
+ Or globally for all clients:
97
97
 
98
98
  ```ruby
99
99
  require "google/cloud/kms/v1"
data/README.md CHANGED
@@ -33,7 +33,7 @@ In order to use this library, you first need to go through the following steps:
33
33
  require "google/cloud/kms/v1"
34
34
 
35
35
  client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new
36
- request = my_create_request
36
+ request = ::Google::Cloud::Kms::V1::ListKeyRingsRequest.new # (request fields as keyword arguments...)
37
37
  response = client.list_key_rings request
38
38
  ```
39
39
 
@@ -63,13 +63,12 @@ module Google
63
63
  # See {::Google::Cloud::Kms::V1::IAMPolicy::Client::Configuration}
64
64
  # for a description of the configuration fields.
65
65
  #
66
- # ## Example
66
+ # @example
67
67
  #
68
- # To modify the configuration for all IAMPolicy clients:
69
- #
70
- # ::Google::Cloud::Kms::V1::IAMPolicy::Client.configure do |config|
71
- # config.timeout = 10.0
72
- # end
68
+ # # Modify the configuration for all IAMPolicy clients
69
+ # ::Google::Cloud::Kms::V1::IAMPolicy::Client.configure do |config|
70
+ # config.timeout = 10.0
71
+ # end
73
72
  #
74
73
  # @yield [config] Configure the Client client.
75
74
  # @yieldparam config [Client::Configuration]
@@ -116,19 +115,15 @@ module Google
116
115
  ##
117
116
  # Create a new IAMPolicy client object.
118
117
  #
119
- # ## Examples
120
- #
121
- # To create a new IAMPolicy client with the default
122
- # configuration:
123
- #
124
- # client = ::Google::Cloud::Kms::V1::IAMPolicy::Client.new
118
+ # @example
125
119
  #
126
- # To create a new IAMPolicy client with a custom
127
- # configuration:
120
+ # # Create a client using the default configuration
121
+ # client = ::Google::Cloud::Kms::V1::IAMPolicy::Client.new
128
122
  #
129
- # client = ::Google::Cloud::Kms::V1::IAMPolicy::Client.new do |config|
130
- # config.timeout = 10.0
131
- # end
123
+ # # Create a client using a custom configuration
124
+ # client = ::Google::Cloud::Kms::V1::IAMPolicy::Client.new do |config|
125
+ # config.timeout = 10.0
126
+ # end
132
127
  #
133
128
  # @yield [config] Configure the IAMPolicy client.
134
129
  # @yieldparam config [Client::Configuration]
@@ -148,14 +143,13 @@ module Google
148
143
 
149
144
  # Create credentials
150
145
  credentials = @config.credentials
151
- # Use self-signed JWT if the scope and endpoint are unchanged from default,
146
+ # Use self-signed JWT if the endpoint is unchanged from default,
152
147
  # but only if the default endpoint does not have a region prefix.
153
- enable_self_signed_jwt = @config.scope == Client.configure.scope &&
154
- @config.endpoint == Client.configure.endpoint &&
148
+ enable_self_signed_jwt = @config.endpoint == Client.configure.endpoint &&
155
149
  !@config.endpoint.split(".").first.include?("-")
156
150
  credentials ||= Credentials.default scope: @config.scope,
157
151
  enable_self_signed_jwt: enable_self_signed_jwt
158
- if credentials.is_a?(String) || credentials.is_a?(Hash)
152
+ if credentials.is_a?(::String) || credentials.is_a?(::Hash)
159
153
  credentials = Credentials.new credentials, scope: @config.scope
160
154
  end
161
155
  @quota_project_id = @config.quota_project
@@ -234,7 +228,9 @@ module Google
234
228
  options.apply_defaults timeout: @config.rpcs.set_iam_policy.timeout,
235
229
  metadata: metadata,
236
230
  retry_policy: @config.rpcs.set_iam_policy.retry_policy
237
- options.apply_defaults metadata: @config.metadata,
231
+
232
+ options.apply_defaults timeout: @config.timeout,
233
+ metadata: @config.metadata,
238
234
  retry_policy: @config.retry_policy
239
235
 
240
236
  @iam_policy_stub.call_rpc :set_iam_policy, request, options: options do |response, operation|
@@ -306,7 +302,9 @@ module Google
306
302
  options.apply_defaults timeout: @config.rpcs.get_iam_policy.timeout,
307
303
  metadata: metadata,
308
304
  retry_policy: @config.rpcs.get_iam_policy.retry_policy
309
- options.apply_defaults metadata: @config.metadata,
305
+
306
+ options.apply_defaults timeout: @config.timeout,
307
+ metadata: @config.metadata,
310
308
  retry_policy: @config.retry_policy
311
309
 
312
310
  @iam_policy_stub.call_rpc :get_iam_policy, request, options: options do |response, operation|
@@ -384,7 +382,9 @@ module Google
384
382
  options.apply_defaults timeout: @config.rpcs.test_iam_permissions.timeout,
385
383
  metadata: metadata,
386
384
  retry_policy: @config.rpcs.test_iam_permissions.retry_policy
387
- options.apply_defaults metadata: @config.metadata,
385
+
386
+ options.apply_defaults timeout: @config.timeout,
387
+ metadata: @config.metadata,
388
388
  retry_policy: @config.retry_policy
389
389
 
390
390
  @iam_policy_stub.call_rpc :test_iam_permissions, request, options: options do |response, operation|
@@ -408,22 +408,21 @@ module Google
408
408
  # Configuration can be applied globally to all clients, or to a single client
409
409
  # on construction.
410
410
  #
411
- # # Examples
412
- #
413
- # To modify the global config, setting the timeout for set_iam_policy
414
- # to 20 seconds, and all remaining timeouts to 10 seconds:
415
- #
416
- # ::Google::Cloud::Kms::V1::IAMPolicy::Client.configure do |config|
417
- # config.timeout = 10.0
418
- # config.rpcs.set_iam_policy.timeout = 20.0
419
- # end
420
- #
421
- # To apply the above configuration only to a new client:
422
- #
423
- # client = ::Google::Cloud::Kms::V1::IAMPolicy::Client.new do |config|
424
- # config.timeout = 10.0
425
- # config.rpcs.set_iam_policy.timeout = 20.0
426
- # end
411
+ # @example
412
+ #
413
+ # # Modify the global config, setting the timeout for
414
+ # # set_iam_policy to 20 seconds,
415
+ # # and all remaining timeouts to 10 seconds.
416
+ # ::Google::Cloud::Kms::V1::IAMPolicy::Client.configure do |config|
417
+ # config.timeout = 10.0
418
+ # config.rpcs.set_iam_policy.timeout = 20.0
419
+ # end
420
+ #
421
+ # # Apply the above configuration only to a new client.
422
+ # client = ::Google::Cloud::Kms::V1::IAMPolicy::Client.new do |config|
423
+ # config.timeout = 10.0
424
+ # config.rpcs.set_iam_policy.timeout = 20.0
425
+ # end
427
426
  #
428
427
  # @!attribute [rw] endpoint
429
428
  # The hostname or hostname:port of the service endpoint.
@@ -52,13 +52,12 @@ module Google
52
52
  # See {::Google::Cloud::Kms::V1::KeyManagementService::Client::Configuration}
53
53
  # for a description of the configuration fields.
54
54
  #
55
- # ## Example
55
+ # @example
56
56
  #
57
- # To modify the configuration for all KeyManagementService clients:
58
- #
59
- # ::Google::Cloud::Kms::V1::KeyManagementService::Client.configure do |config|
60
- # config.timeout = 10.0
61
- # end
57
+ # # Modify the configuration for all KeyManagementService clients
58
+ # ::Google::Cloud::Kms::V1::KeyManagementService::Client.configure do |config|
59
+ # config.timeout = 10.0
60
+ # end
62
61
  #
63
62
  # @yield [config] Configure the Client client.
64
63
  # @yieldparam config [Client::Configuration]
@@ -78,90 +77,57 @@ module Google
78
77
 
79
78
  default_config.rpcs.list_key_rings.timeout = 60.0
80
79
  default_config.rpcs.list_key_rings.retry_policy = {
81
- initial_delay: 0.1,
82
- max_delay: 60.0,
83
- multiplier: 1.3,
84
- retry_codes: [14, 4]
80
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
85
81
  }
86
82
 
87
83
  default_config.rpcs.list_crypto_keys.timeout = 60.0
88
84
  default_config.rpcs.list_crypto_keys.retry_policy = {
89
- initial_delay: 0.1,
90
- max_delay: 60.0,
91
- multiplier: 1.3,
92
- retry_codes: [14, 4]
85
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
93
86
  }
94
87
 
95
88
  default_config.rpcs.list_crypto_key_versions.timeout = 60.0
96
89
  default_config.rpcs.list_crypto_key_versions.retry_policy = {
97
- initial_delay: 0.1,
98
- max_delay: 60.0,
99
- multiplier: 1.3,
100
- retry_codes: [14, 4]
90
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
101
91
  }
102
92
 
103
93
  default_config.rpcs.list_import_jobs.timeout = 60.0
104
94
  default_config.rpcs.list_import_jobs.retry_policy = {
105
- initial_delay: 0.1,
106
- max_delay: 60.0,
107
- multiplier: 1.3,
108
- retry_codes: [14, 4]
95
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
109
96
  }
110
97
 
111
98
  default_config.rpcs.get_key_ring.timeout = 60.0
112
99
  default_config.rpcs.get_key_ring.retry_policy = {
113
- initial_delay: 0.1,
114
- max_delay: 60.0,
115
- multiplier: 1.3,
116
- retry_codes: [14, 4]
100
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
117
101
  }
118
102
 
119
103
  default_config.rpcs.get_crypto_key.timeout = 60.0
120
104
  default_config.rpcs.get_crypto_key.retry_policy = {
121
- initial_delay: 0.1,
122
- max_delay: 60.0,
123
- multiplier: 1.3,
124
- retry_codes: [14, 4]
105
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
125
106
  }
126
107
 
127
108
  default_config.rpcs.get_crypto_key_version.timeout = 60.0
128
109
  default_config.rpcs.get_crypto_key_version.retry_policy = {
129
- initial_delay: 0.1,
130
- max_delay: 60.0,
131
- multiplier: 1.3,
132
- retry_codes: [14, 4]
110
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
133
111
  }
134
112
 
135
113
  default_config.rpcs.get_public_key.timeout = 60.0
136
114
  default_config.rpcs.get_public_key.retry_policy = {
137
- initial_delay: 0.1,
138
- max_delay: 60.0,
139
- multiplier: 1.3,
140
- retry_codes: [14, 4]
115
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
141
116
  }
142
117
 
143
118
  default_config.rpcs.get_import_job.timeout = 60.0
144
119
  default_config.rpcs.get_import_job.retry_policy = {
145
- initial_delay: 0.1,
146
- max_delay: 60.0,
147
- multiplier: 1.3,
148
- retry_codes: [14, 4]
120
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
149
121
  }
150
122
 
151
123
  default_config.rpcs.create_key_ring.timeout = 60.0
152
124
  default_config.rpcs.create_key_ring.retry_policy = {
153
- initial_delay: 0.1,
154
- max_delay: 60.0,
155
- multiplier: 1.3,
156
- retry_codes: [14, 4]
125
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
157
126
  }
158
127
 
159
128
  default_config.rpcs.create_crypto_key.timeout = 60.0
160
129
  default_config.rpcs.create_crypto_key.retry_policy = {
161
- initial_delay: 0.1,
162
- max_delay: 60.0,
163
- multiplier: 1.3,
164
- retry_codes: [14, 4]
130
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
165
131
  }
166
132
 
167
133
  default_config.rpcs.create_crypto_key_version.timeout = 60.0
@@ -170,82 +136,52 @@ module Google
170
136
 
171
137
  default_config.rpcs.create_import_job.timeout = 60.0
172
138
  default_config.rpcs.create_import_job.retry_policy = {
173
- initial_delay: 0.1,
174
- max_delay: 60.0,
175
- multiplier: 1.3,
176
- retry_codes: [14, 4]
139
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
177
140
  }
178
141
 
179
142
  default_config.rpcs.update_crypto_key.timeout = 60.0
180
143
  default_config.rpcs.update_crypto_key.retry_policy = {
181
- initial_delay: 0.1,
182
- max_delay: 60.0,
183
- multiplier: 1.3,
184
- retry_codes: [14, 4]
144
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
185
145
  }
186
146
 
187
147
  default_config.rpcs.update_crypto_key_version.timeout = 60.0
188
148
  default_config.rpcs.update_crypto_key_version.retry_policy = {
189
- initial_delay: 0.1,
190
- max_delay: 60.0,
191
- multiplier: 1.3,
192
- retry_codes: [14, 4]
149
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
150
+ }
151
+
152
+ default_config.rpcs.update_crypto_key_primary_version.timeout = 60.0
153
+ default_config.rpcs.update_crypto_key_primary_version.retry_policy = {
154
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
155
+ }
156
+
157
+ default_config.rpcs.destroy_crypto_key_version.timeout = 60.0
158
+ default_config.rpcs.destroy_crypto_key_version.retry_policy = {
159
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
160
+ }
161
+
162
+ default_config.rpcs.restore_crypto_key_version.timeout = 60.0
163
+ default_config.rpcs.restore_crypto_key_version.retry_policy = {
164
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
193
165
  }
194
166
 
195
167
  default_config.rpcs.encrypt.timeout = 60.0
196
168
  default_config.rpcs.encrypt.retry_policy = {
197
- initial_delay: 0.1,
198
- max_delay: 60.0,
199
- multiplier: 1.3,
200
- retry_codes: [14, 4]
169
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
201
170
  }
202
171
 
203
172
  default_config.rpcs.decrypt.timeout = 60.0
204
173
  default_config.rpcs.decrypt.retry_policy = {
205
- initial_delay: 0.1,
206
- max_delay: 60.0,
207
- multiplier: 1.3,
208
- retry_codes: [14, 4]
174
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
209
175
  }
210
176
 
211
177
  default_config.rpcs.asymmetric_sign.timeout = 60.0
212
178
  default_config.rpcs.asymmetric_sign.retry_policy = {
213
- initial_delay: 0.1,
214
- max_delay: 60.0,
215
- multiplier: 1.3,
216
- retry_codes: [14, 4]
179
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
217
180
  }
218
181
 
219
182
  default_config.rpcs.asymmetric_decrypt.timeout = 60.0
220
183
  default_config.rpcs.asymmetric_decrypt.retry_policy = {
221
- initial_delay: 0.1,
222
- max_delay: 60.0,
223
- multiplier: 1.3,
224
- retry_codes: [14, 4]
225
- }
226
-
227
- default_config.rpcs.update_crypto_key_primary_version.timeout = 60.0
228
- default_config.rpcs.update_crypto_key_primary_version.retry_policy = {
229
- initial_delay: 0.1,
230
- max_delay: 60.0,
231
- multiplier: 1.3,
232
- retry_codes: [14, 4]
233
- }
234
-
235
- default_config.rpcs.destroy_crypto_key_version.timeout = 60.0
236
- default_config.rpcs.destroy_crypto_key_version.retry_policy = {
237
- initial_delay: 0.1,
238
- max_delay: 60.0,
239
- multiplier: 1.3,
240
- retry_codes: [14, 4]
241
- }
242
-
243
- default_config.rpcs.restore_crypto_key_version.timeout = 60.0
244
- default_config.rpcs.restore_crypto_key_version.retry_policy = {
245
- initial_delay: 0.1,
246
- max_delay: 60.0,
247
- multiplier: 1.3,
248
- retry_codes: [14, 4]
184
+ initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
249
185
  }
250
186
 
251
187
  default_config
@@ -277,19 +213,15 @@ module Google
277
213
  ##
278
214
  # Create a new KeyManagementService client object.
279
215
  #
280
- # ## Examples
281
- #
282
- # To create a new KeyManagementService client with the default
283
- # configuration:
216
+ # @example
284
217
  #
285
- # client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new
218
+ # # Create a client using the default configuration
219
+ # client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new
286
220
  #
287
- # To create a new KeyManagementService client with a custom
288
- # configuration:
289
- #
290
- # client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new do |config|
291
- # config.timeout = 10.0
292
- # end
221
+ # # Create a client using a custom configuration
222
+ # client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new do |config|
223
+ # config.timeout = 10.0
224
+ # end
293
225
  #
294
226
  # @yield [config] Configure the KeyManagementService client.
295
227
  # @yieldparam config [Client::Configuration]
@@ -309,14 +241,13 @@ module Google
309
241
 
310
242
  # Create credentials
311
243
  credentials = @config.credentials
312
- # Use self-signed JWT if the scope and endpoint are unchanged from default,
244
+ # Use self-signed JWT if the endpoint is unchanged from default,
313
245
  # but only if the default endpoint does not have a region prefix.
314
- enable_self_signed_jwt = @config.scope == Client.configure.scope &&
315
- @config.endpoint == Client.configure.endpoint &&
246
+ enable_self_signed_jwt = @config.endpoint == Client.configure.endpoint &&
316
247
  !@config.endpoint.split(".").first.include?("-")
317
248
  credentials ||= Credentials.default scope: @config.scope,
318
249
  enable_self_signed_jwt: enable_self_signed_jwt
319
- if credentials.is_a?(String) || credentials.is_a?(Hash)
250
+ if credentials.is_a?(::String) || credentials.is_a?(::Hash)
320
251
  credentials = Credentials.new credentials, scope: @config.scope
321
252
  end
322
253
  @quota_project_id = @config.quota_project
@@ -407,7 +338,9 @@ module Google
407
338
  options.apply_defaults timeout: @config.rpcs.list_key_rings.timeout,
408
339
  metadata: metadata,
409
340
  retry_policy: @config.rpcs.list_key_rings.retry_policy
410
- options.apply_defaults metadata: @config.metadata,
341
+
342
+ options.apply_defaults timeout: @config.timeout,
343
+ metadata: @config.metadata,
411
344
  retry_policy: @config.retry_policy
412
345
 
413
346
  @key_management_service_stub.call_rpc :list_key_rings, request, options: options do |response, operation|
@@ -495,7 +428,9 @@ module Google
495
428
  options.apply_defaults timeout: @config.rpcs.list_crypto_keys.timeout,
496
429
  metadata: metadata,
497
430
  retry_policy: @config.rpcs.list_crypto_keys.retry_policy
498
- options.apply_defaults metadata: @config.metadata,
431
+
432
+ options.apply_defaults timeout: @config.timeout,
433
+ metadata: @config.metadata,
499
434
  retry_policy: @config.retry_policy
500
435
 
501
436
  @key_management_service_stub.call_rpc :list_crypto_keys, request, options: options do |response, operation|
@@ -584,7 +519,9 @@ module Google
584
519
  options.apply_defaults timeout: @config.rpcs.list_crypto_key_versions.timeout,
585
520
  metadata: metadata,
586
521
  retry_policy: @config.rpcs.list_crypto_key_versions.retry_policy
587
- options.apply_defaults metadata: @config.metadata,
522
+
523
+ options.apply_defaults timeout: @config.timeout,
524
+ metadata: @config.metadata,
588
525
  retry_policy: @config.retry_policy
589
526
 
590
527
  @key_management_service_stub.call_rpc :list_crypto_key_versions, request, options: options do |response, operation|
@@ -670,7 +607,9 @@ module Google
670
607
  options.apply_defaults timeout: @config.rpcs.list_import_jobs.timeout,
671
608
  metadata: metadata,
672
609
  retry_policy: @config.rpcs.list_import_jobs.retry_policy
673
- options.apply_defaults metadata: @config.metadata,
610
+
611
+ options.apply_defaults timeout: @config.timeout,
612
+ metadata: @config.metadata,
674
613
  retry_policy: @config.retry_policy
675
614
 
676
615
  @key_management_service_stub.call_rpc :list_import_jobs, request, options: options do |response, operation|
@@ -737,7 +676,9 @@ module Google
737
676
  options.apply_defaults timeout: @config.rpcs.get_key_ring.timeout,
738
677
  metadata: metadata,
739
678
  retry_policy: @config.rpcs.get_key_ring.retry_policy
740
- options.apply_defaults metadata: @config.metadata,
679
+
680
+ options.apply_defaults timeout: @config.timeout,
681
+ metadata: @config.metadata,
741
682
  retry_policy: @config.retry_policy
742
683
 
743
684
  @key_management_service_stub.call_rpc :get_key_ring, request, options: options do |response, operation|
@@ -804,7 +745,9 @@ module Google
804
745
  options.apply_defaults timeout: @config.rpcs.get_crypto_key.timeout,
805
746
  metadata: metadata,
806
747
  retry_policy: @config.rpcs.get_crypto_key.retry_policy
807
- options.apply_defaults metadata: @config.metadata,
748
+
749
+ options.apply_defaults timeout: @config.timeout,
750
+ metadata: @config.metadata,
808
751
  retry_policy: @config.retry_policy
809
752
 
810
753
  @key_management_service_stub.call_rpc :get_crypto_key, request, options: options do |response, operation|
@@ -870,7 +813,9 @@ module Google
870
813
  options.apply_defaults timeout: @config.rpcs.get_crypto_key_version.timeout,
871
814
  metadata: metadata,
872
815
  retry_policy: @config.rpcs.get_crypto_key_version.retry_policy
873
- options.apply_defaults metadata: @config.metadata,
816
+
817
+ options.apply_defaults timeout: @config.timeout,
818
+ metadata: @config.metadata,
874
819
  retry_policy: @config.retry_policy
875
820
 
876
821
  @key_management_service_stub.call_rpc :get_crypto_key_version, request, options: options do |response, operation|
@@ -940,7 +885,9 @@ module Google
940
885
  options.apply_defaults timeout: @config.rpcs.get_public_key.timeout,
941
886
  metadata: metadata,
942
887
  retry_policy: @config.rpcs.get_public_key.retry_policy
943
- options.apply_defaults metadata: @config.metadata,
888
+
889
+ options.apply_defaults timeout: @config.timeout,
890
+ metadata: @config.metadata,
944
891
  retry_policy: @config.retry_policy
945
892
 
946
893
  @key_management_service_stub.call_rpc :get_public_key, request, options: options do |response, operation|
@@ -1006,7 +953,9 @@ module Google
1006
953
  options.apply_defaults timeout: @config.rpcs.get_import_job.timeout,
1007
954
  metadata: metadata,
1008
955
  retry_policy: @config.rpcs.get_import_job.retry_policy
1009
- options.apply_defaults metadata: @config.metadata,
956
+
957
+ options.apply_defaults timeout: @config.timeout,
958
+ metadata: @config.metadata,
1010
959
  retry_policy: @config.retry_policy
1011
960
 
1012
961
  @key_management_service_stub.call_rpc :get_import_job, request, options: options do |response, operation|
@@ -1078,7 +1027,9 @@ module Google
1078
1027
  options.apply_defaults timeout: @config.rpcs.create_key_ring.timeout,
1079
1028
  metadata: metadata,
1080
1029
  retry_policy: @config.rpcs.create_key_ring.retry_policy
1081
- options.apply_defaults metadata: @config.metadata,
1030
+
1031
+ options.apply_defaults timeout: @config.timeout,
1032
+ metadata: @config.metadata,
1082
1033
  retry_policy: @config.retry_policy
1083
1034
 
1084
1035
  @key_management_service_stub.call_rpc :create_key_ring, request, options: options do |response, operation|
@@ -1160,7 +1111,9 @@ module Google
1160
1111
  options.apply_defaults timeout: @config.rpcs.create_crypto_key.timeout,
1161
1112
  metadata: metadata,
1162
1113
  retry_policy: @config.rpcs.create_crypto_key.retry_policy
1163
- options.apply_defaults metadata: @config.metadata,
1114
+
1115
+ options.apply_defaults timeout: @config.timeout,
1116
+ metadata: @config.metadata,
1164
1117
  retry_policy: @config.retry_policy
1165
1118
 
1166
1119
  @key_management_service_stub.call_rpc :create_crypto_key, request, options: options do |response, operation|
@@ -1233,7 +1186,9 @@ module Google
1233
1186
  options.apply_defaults timeout: @config.rpcs.create_crypto_key_version.timeout,
1234
1187
  metadata: metadata,
1235
1188
  retry_policy: @config.rpcs.create_crypto_key_version.retry_policy
1236
- options.apply_defaults metadata: @config.metadata,
1189
+
1190
+ options.apply_defaults timeout: @config.timeout,
1191
+ metadata: @config.metadata,
1237
1192
  retry_policy: @config.retry_policy
1238
1193
 
1239
1194
  @key_management_service_stub.call_rpc :create_crypto_key_version, request, options: options do |response, operation|
@@ -1245,11 +1200,12 @@ module Google
1245
1200
  end
1246
1201
 
1247
1202
  ##
1248
- # Imports a new {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} into an existing {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} using the
1249
- # wrapped key material provided in the request.
1203
+ # Import wrapped key material into a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
1250
1204
  #
1251
- # The version ID will be assigned the next sequential id within the
1252
- # {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
1205
+ # All requests must specify a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}. If a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} is
1206
+ # additionally specified in the request, key material will be reimported into
1207
+ # that version. Otherwise, a new version will be created, and will be
1208
+ # assigned the next sequential id within the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
1253
1209
  #
1254
1210
  # @overload import_crypto_key_version(request, options = nil)
1255
1211
  # Pass arguments to `import_crypto_key_version` via a request object, either of type
@@ -1261,14 +1217,32 @@ module Google
1261
1217
  # @param options [::Gapic::CallOptions, ::Hash]
1262
1218
  # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
1263
1219
  #
1264
- # @overload import_crypto_key_version(parent: nil, algorithm: nil, import_job: nil, rsa_aes_wrapped_key: nil)
1220
+ # @overload import_crypto_key_version(parent: nil, crypto_key_version: nil, algorithm: nil, import_job: nil, rsa_aes_wrapped_key: nil)
1265
1221
  # Pass arguments to `import_crypto_key_version` via keyword arguments. Note that at
1266
1222
  # least one keyword argument is required. To specify no parameters, or to keep all
1267
1223
  # the default parameter values, pass an empty Hash as a request object (see above).
1268
1224
  #
1269
1225
  # @param parent [::String]
1270
- # Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to
1271
- # be imported into.
1226
+ # Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to be imported into.
1227
+ #
1228
+ # The create permission is only required on this key when creating a new
1229
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
1230
+ # @param crypto_key_version [::String]
1231
+ # Optional. The optional {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of an existing
1232
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to target for an import operation.
1233
+ # If this field is not present, a new {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} containing the
1234
+ # supplied key material is created.
1235
+ #
1236
+ # If this field is present, the supplied key material is imported into
1237
+ # the existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. To import into an existing
1238
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}, the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} must be a child of
1239
+ # {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest#parent ImportCryptoKeyVersionRequest.parent}, have been previously created via
1240
+ # [ImportCryptoKeyVersion][], and be in
1241
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED} or
1242
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::IMPORT_FAILED IMPORT_FAILED}
1243
+ # state. The key material and algorithm must match the previous
1244
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} exactly if the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} has ever contained
1245
+ # key material.
1272
1246
  # @param algorithm [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm]
1273
1247
  # Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm algorithm} of
1274
1248
  # the key being imported. This does not need to match the
@@ -1336,7 +1310,9 @@ module Google
1336
1310
  options.apply_defaults timeout: @config.rpcs.import_crypto_key_version.timeout,
1337
1311
  metadata: metadata,
1338
1312
  retry_policy: @config.rpcs.import_crypto_key_version.retry_policy
1339
- options.apply_defaults metadata: @config.metadata,
1313
+
1314
+ options.apply_defaults timeout: @config.timeout,
1315
+ metadata: @config.metadata,
1340
1316
  retry_policy: @config.retry_policy
1341
1317
 
1342
1318
  @key_management_service_stub.call_rpc :import_crypto_key_version, request, options: options do |response, operation|
@@ -1410,7 +1386,9 @@ module Google
1410
1386
  options.apply_defaults timeout: @config.rpcs.create_import_job.timeout,
1411
1387
  metadata: metadata,
1412
1388
  retry_policy: @config.rpcs.create_import_job.retry_policy
1413
- options.apply_defaults metadata: @config.metadata,
1389
+
1390
+ options.apply_defaults timeout: @config.timeout,
1391
+ metadata: @config.metadata,
1414
1392
  retry_policy: @config.retry_policy
1415
1393
 
1416
1394
  @key_management_service_stub.call_rpc :create_import_job, request, options: options do |response, operation|
@@ -1478,7 +1456,9 @@ module Google
1478
1456
  options.apply_defaults timeout: @config.rpcs.update_crypto_key.timeout,
1479
1457
  metadata: metadata,
1480
1458
  retry_policy: @config.rpcs.update_crypto_key.retry_policy
1481
- options.apply_defaults metadata: @config.metadata,
1459
+
1460
+ options.apply_defaults timeout: @config.timeout,
1461
+ metadata: @config.metadata,
1482
1462
  retry_policy: @config.retry_policy
1483
1463
 
1484
1464
  @key_management_service_stub.call_rpc :update_crypto_key, request, options: options do |response, operation|
@@ -1552,7 +1532,9 @@ module Google
1552
1532
  options.apply_defaults timeout: @config.rpcs.update_crypto_key_version.timeout,
1553
1533
  metadata: metadata,
1554
1534
  retry_policy: @config.rpcs.update_crypto_key_version.retry_policy
1555
- options.apply_defaults metadata: @config.metadata,
1535
+
1536
+ options.apply_defaults timeout: @config.timeout,
1537
+ metadata: @config.metadata,
1556
1538
  retry_policy: @config.retry_policy
1557
1539
 
1558
1540
  @key_management_service_stub.call_rpc :update_crypto_key_version, request, options: options do |response, operation|
@@ -1563,6 +1545,233 @@ module Google
1563
1545
  raise ::Google::Cloud::Error.from_error(e)
1564
1546
  end
1565
1547
 
1548
+ ##
1549
+ # Update the version of a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} that will be used in {::Google::Cloud::Kms::V1::KeyManagementService::Client#encrypt Encrypt}.
1550
+ #
1551
+ # Returns an error if called on a key whose purpose is not
1552
+ # {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ENCRYPT_DECRYPT ENCRYPT_DECRYPT}.
1553
+ #
1554
+ # @overload update_crypto_key_primary_version(request, options = nil)
1555
+ # Pass arguments to `update_crypto_key_primary_version` via a request object, either of type
1556
+ # {::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest} or an equivalent Hash.
1557
+ #
1558
+ # @param request [::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest, ::Hash]
1559
+ # A request object representing the call parameters. Required. To specify no
1560
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1561
+ # @param options [::Gapic::CallOptions, ::Hash]
1562
+ # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
1563
+ #
1564
+ # @overload update_crypto_key_primary_version(name: nil, crypto_key_version_id: nil)
1565
+ # Pass arguments to `update_crypto_key_primary_version` via keyword arguments. Note that at
1566
+ # least one keyword argument is required. To specify no parameters, or to keep all
1567
+ # the default parameter values, pass an empty Hash as a request object (see above).
1568
+ #
1569
+ # @param name [::String]
1570
+ # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to update.
1571
+ # @param crypto_key_version_id [::String]
1572
+ # Required. The id of the child {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use as primary.
1573
+ #
1574
+ # @yield [response, operation] Access the result along with the RPC operation
1575
+ # @yieldparam response [::Google::Cloud::Kms::V1::CryptoKey]
1576
+ # @yieldparam operation [::GRPC::ActiveCall::Operation]
1577
+ #
1578
+ # @return [::Google::Cloud::Kms::V1::CryptoKey]
1579
+ #
1580
+ # @raise [::Google::Cloud::Error] if the RPC is aborted.
1581
+ #
1582
+ def update_crypto_key_primary_version request, options = nil
1583
+ raise ::ArgumentError, "request must be provided" if request.nil?
1584
+
1585
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest
1586
+
1587
+ # Converts hash and nil to an options object
1588
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1589
+
1590
+ # Customize the options with defaults
1591
+ metadata = @config.rpcs.update_crypto_key_primary_version.metadata.to_h
1592
+
1593
+ # Set x-goog-api-client and x-goog-user-project headers
1594
+ metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1595
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1596
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION
1597
+ metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1598
+
1599
+ header_params = {
1600
+ "name" => request.name
1601
+ }
1602
+ request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
1603
+ metadata[:"x-goog-request-params"] ||= request_params_header
1604
+
1605
+ options.apply_defaults timeout: @config.rpcs.update_crypto_key_primary_version.timeout,
1606
+ metadata: metadata,
1607
+ retry_policy: @config.rpcs.update_crypto_key_primary_version.retry_policy
1608
+
1609
+ options.apply_defaults timeout: @config.timeout,
1610
+ metadata: @config.metadata,
1611
+ retry_policy: @config.retry_policy
1612
+
1613
+ @key_management_service_stub.call_rpc :update_crypto_key_primary_version, request, options: options do |response, operation|
1614
+ yield response, operation if block_given?
1615
+ return response
1616
+ end
1617
+ rescue ::GRPC::BadStatus => e
1618
+ raise ::Google::Cloud::Error.from_error(e)
1619
+ end
1620
+
1621
+ ##
1622
+ # Schedule a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} for destruction.
1623
+ #
1624
+ # Upon calling this method, {::Google::Cloud::Kms::V1::CryptoKeyVersion#state CryptoKeyVersion.state} will be set to
1625
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROY_SCHEDULED DESTROY_SCHEDULED},
1626
+ # and {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will be set to the time
1627
+ # {::Google::Cloud::Kms::V1::CryptoKey#destroy_scheduled_duration destroy_scheduled_duration} in the
1628
+ # future. At that time, the {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} will
1629
+ # automatically change to
1630
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED}, and the key
1631
+ # material will be irrevocably destroyed.
1632
+ #
1633
+ # Before the {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} is reached,
1634
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client#restore_crypto_key_version RestoreCryptoKeyVersion} may be called to reverse the process.
1635
+ #
1636
+ # @overload destroy_crypto_key_version(request, options = nil)
1637
+ # Pass arguments to `destroy_crypto_key_version` via a request object, either of type
1638
+ # {::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest} or an equivalent Hash.
1639
+ #
1640
+ # @param request [::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest, ::Hash]
1641
+ # A request object representing the call parameters. Required. To specify no
1642
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1643
+ # @param options [::Gapic::CallOptions, ::Hash]
1644
+ # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
1645
+ #
1646
+ # @overload destroy_crypto_key_version(name: nil)
1647
+ # Pass arguments to `destroy_crypto_key_version` via keyword arguments. Note that at
1648
+ # least one keyword argument is required. To specify no parameters, or to keep all
1649
+ # the default parameter values, pass an empty Hash as a request object (see above).
1650
+ #
1651
+ # @param name [::String]
1652
+ # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to destroy.
1653
+ #
1654
+ # @yield [response, operation] Access the result along with the RPC operation
1655
+ # @yieldparam response [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1656
+ # @yieldparam operation [::GRPC::ActiveCall::Operation]
1657
+ #
1658
+ # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1659
+ #
1660
+ # @raise [::Google::Cloud::Error] if the RPC is aborted.
1661
+ #
1662
+ def destroy_crypto_key_version request, options = nil
1663
+ raise ::ArgumentError, "request must be provided" if request.nil?
1664
+
1665
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest
1666
+
1667
+ # Converts hash and nil to an options object
1668
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1669
+
1670
+ # Customize the options with defaults
1671
+ metadata = @config.rpcs.destroy_crypto_key_version.metadata.to_h
1672
+
1673
+ # Set x-goog-api-client and x-goog-user-project headers
1674
+ metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1675
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1676
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION
1677
+ metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1678
+
1679
+ header_params = {
1680
+ "name" => request.name
1681
+ }
1682
+ request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
1683
+ metadata[:"x-goog-request-params"] ||= request_params_header
1684
+
1685
+ options.apply_defaults timeout: @config.rpcs.destroy_crypto_key_version.timeout,
1686
+ metadata: metadata,
1687
+ retry_policy: @config.rpcs.destroy_crypto_key_version.retry_policy
1688
+
1689
+ options.apply_defaults timeout: @config.timeout,
1690
+ metadata: @config.metadata,
1691
+ retry_policy: @config.retry_policy
1692
+
1693
+ @key_management_service_stub.call_rpc :destroy_crypto_key_version, request, options: options do |response, operation|
1694
+ yield response, operation if block_given?
1695
+ return response
1696
+ end
1697
+ rescue ::GRPC::BadStatus => e
1698
+ raise ::Google::Cloud::Error.from_error(e)
1699
+ end
1700
+
1701
+ ##
1702
+ # Restore a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} in the
1703
+ # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROY_SCHEDULED DESTROY_SCHEDULED}
1704
+ # state.
1705
+ #
1706
+ # Upon restoration of the CryptoKeyVersion, {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state}
1707
+ # will be set to {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DISABLED DISABLED},
1708
+ # and {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will be cleared.
1709
+ #
1710
+ # @overload restore_crypto_key_version(request, options = nil)
1711
+ # Pass arguments to `restore_crypto_key_version` via a request object, either of type
1712
+ # {::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest} or an equivalent Hash.
1713
+ #
1714
+ # @param request [::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest, ::Hash]
1715
+ # A request object representing the call parameters. Required. To specify no
1716
+ # parameters, or to keep all the default parameter values, pass an empty Hash.
1717
+ # @param options [::Gapic::CallOptions, ::Hash]
1718
+ # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
1719
+ #
1720
+ # @overload restore_crypto_key_version(name: nil)
1721
+ # Pass arguments to `restore_crypto_key_version` via keyword arguments. Note that at
1722
+ # least one keyword argument is required. To specify no parameters, or to keep all
1723
+ # the default parameter values, pass an empty Hash as a request object (see above).
1724
+ #
1725
+ # @param name [::String]
1726
+ # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to restore.
1727
+ #
1728
+ # @yield [response, operation] Access the result along with the RPC operation
1729
+ # @yieldparam response [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1730
+ # @yieldparam operation [::GRPC::ActiveCall::Operation]
1731
+ #
1732
+ # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
1733
+ #
1734
+ # @raise [::Google::Cloud::Error] if the RPC is aborted.
1735
+ #
1736
+ def restore_crypto_key_version request, options = nil
1737
+ raise ::ArgumentError, "request must be provided" if request.nil?
1738
+
1739
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest
1740
+
1741
+ # Converts hash and nil to an options object
1742
+ options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
1743
+
1744
+ # Customize the options with defaults
1745
+ metadata = @config.rpcs.restore_crypto_key_version.metadata.to_h
1746
+
1747
+ # Set x-goog-api-client and x-goog-user-project headers
1748
+ metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
1749
+ lib_name: @config.lib_name, lib_version: @config.lib_version,
1750
+ gapic_version: ::Google::Cloud::Kms::V1::VERSION
1751
+ metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
1752
+
1753
+ header_params = {
1754
+ "name" => request.name
1755
+ }
1756
+ request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
1757
+ metadata[:"x-goog-request-params"] ||= request_params_header
1758
+
1759
+ options.apply_defaults timeout: @config.rpcs.restore_crypto_key_version.timeout,
1760
+ metadata: metadata,
1761
+ retry_policy: @config.rpcs.restore_crypto_key_version.retry_policy
1762
+
1763
+ options.apply_defaults timeout: @config.timeout,
1764
+ metadata: @config.metadata,
1765
+ retry_policy: @config.retry_policy
1766
+
1767
+ @key_management_service_stub.call_rpc :restore_crypto_key_version, request, options: options do |response, operation|
1768
+ yield response, operation if block_given?
1769
+ return response
1770
+ end
1771
+ rescue ::GRPC::BadStatus => e
1772
+ raise ::Google::Cloud::Error.from_error(e)
1773
+ end
1774
+
1566
1775
  ##
1567
1776
  # Encrypts data, so that it can only be recovered by a call to {::Google::Cloud::Kms::V1::KeyManagementService::Client#decrypt Decrypt}.
1568
1777
  # The {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} must be
@@ -1622,8 +1831,6 @@ module Google
1622
1831
  # different languages. However, it is a non-negative integer, which will
1623
1832
  # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
1624
1833
  # that support this type.
1625
- #
1626
- # NOTE: This field is in Beta.
1627
1834
  # @param additional_authenticated_data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
1628
1835
  # Optional. An optional CRC32C checksum of the
1629
1836
  # {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}. If specified,
@@ -1640,8 +1847,6 @@ module Google
1640
1847
  # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
1641
1848
  # that support this type.
1642
1849
  #
1643
- # NOTE: This field is in Beta.
1644
- #
1645
1850
  # @yield [response, operation] Access the result along with the RPC operation
1646
1851
  # @yieldparam response [::Google::Cloud::Kms::V1::EncryptResponse]
1647
1852
  # @yieldparam operation [::GRPC::ActiveCall::Operation]
@@ -1676,7 +1881,9 @@ module Google
1676
1881
  options.apply_defaults timeout: @config.rpcs.encrypt.timeout,
1677
1882
  metadata: metadata,
1678
1883
  retry_policy: @config.rpcs.encrypt.retry_policy
1679
- options.apply_defaults metadata: @config.metadata,
1884
+
1885
+ options.apply_defaults timeout: @config.timeout,
1886
+ metadata: @config.metadata,
1680
1887
  retry_policy: @config.retry_policy
1681
1888
 
1682
1889
  @key_management_service_stub.call_rpc :encrypt, request, options: options do |response, operation|
@@ -1729,8 +1936,6 @@ module Google
1729
1936
  # different languages. However, it is a non-negative integer, which will
1730
1937
  # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
1731
1938
  # that support this type.
1732
- #
1733
- # NOTE: This field is in Beta.
1734
1939
  # @param additional_authenticated_data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
1735
1940
  # Optional. An optional CRC32C checksum of the
1736
1941
  # {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}. If specified,
@@ -1747,8 +1952,6 @@ module Google
1747
1952
  # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
1748
1953
  # that support this type.
1749
1954
  #
1750
- # NOTE: This field is in Beta.
1751
- #
1752
1955
  # @yield [response, operation] Access the result along with the RPC operation
1753
1956
  # @yieldparam response [::Google::Cloud::Kms::V1::DecryptResponse]
1754
1957
  # @yieldparam operation [::GRPC::ActiveCall::Operation]
@@ -1783,7 +1986,9 @@ module Google
1783
1986
  options.apply_defaults timeout: @config.rpcs.decrypt.timeout,
1784
1987
  metadata: metadata,
1785
1988
  retry_policy: @config.rpcs.decrypt.retry_policy
1786
- options.apply_defaults metadata: @config.metadata,
1989
+
1990
+ options.apply_defaults timeout: @config.timeout,
1991
+ metadata: @config.metadata,
1787
1992
  retry_policy: @config.retry_policy
1788
1993
 
1789
1994
  @key_management_service_stub.call_rpc :decrypt, request, options: options do |response, operation|
@@ -1835,8 +2040,6 @@ module Google
1835
2040
  # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
1836
2041
  # that support this type.
1837
2042
  #
1838
- # NOTE: This field is in Beta.
1839
- #
1840
2043
  # @yield [response, operation] Access the result along with the RPC operation
1841
2044
  # @yieldparam response [::Google::Cloud::Kms::V1::AsymmetricSignResponse]
1842
2045
  # @yieldparam operation [::GRPC::ActiveCall::Operation]
@@ -1871,7 +2074,9 @@ module Google
1871
2074
  options.apply_defaults timeout: @config.rpcs.asymmetric_sign.timeout,
1872
2075
  metadata: metadata,
1873
2076
  retry_policy: @config.rpcs.asymmetric_sign.retry_policy
1874
- options.apply_defaults metadata: @config.metadata,
2077
+
2078
+ options.apply_defaults timeout: @config.timeout,
2079
+ metadata: @config.metadata,
1875
2080
  retry_policy: @config.retry_policy
1876
2081
 
1877
2082
  @key_management_service_stub.call_rpc :asymmetric_sign, request, options: options do |response, operation|
@@ -1923,8 +2128,6 @@ module Google
1923
2128
  # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
1924
2129
  # that support this type.
1925
2130
  #
1926
- # NOTE: This field is in Beta.
1927
- #
1928
2131
  # @yield [response, operation] Access the result along with the RPC operation
1929
2132
  # @yieldparam response [::Google::Cloud::Kms::V1::AsymmetricDecryptResponse]
1930
2133
  # @yieldparam operation [::GRPC::ActiveCall::Operation]
@@ -1959,7 +2162,9 @@ module Google
1959
2162
  options.apply_defaults timeout: @config.rpcs.asymmetric_decrypt.timeout,
1960
2163
  metadata: metadata,
1961
2164
  retry_policy: @config.rpcs.asymmetric_decrypt.retry_policy
1962
- options.apply_defaults metadata: @config.metadata,
2165
+
2166
+ options.apply_defaults timeout: @config.timeout,
2167
+ metadata: @config.metadata,
1963
2168
  retry_policy: @config.retry_policy
1964
2169
 
1965
2170
  @key_management_service_stub.call_rpc :asymmetric_decrypt, request, options: options do |response, operation|
@@ -1971,49 +2176,63 @@ module Google
1971
2176
  end
1972
2177
 
1973
2178
  ##
1974
- # Update the version of a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} that will be used in {::Google::Cloud::Kms::V1::KeyManagementService::Client#encrypt Encrypt}.
1975
- #
1976
- # Returns an error if called on a key whose purpose is not
1977
- # {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ENCRYPT_DECRYPT ENCRYPT_DECRYPT}.
2179
+ # Signs data using a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose}
2180
+ # MAC, producing a tag that can be verified by another source with the
2181
+ # same key.
1978
2182
  #
1979
- # @overload update_crypto_key_primary_version(request, options = nil)
1980
- # Pass arguments to `update_crypto_key_primary_version` via a request object, either of type
1981
- # {::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest} or an equivalent Hash.
2183
+ # @overload mac_sign(request, options = nil)
2184
+ # Pass arguments to `mac_sign` via a request object, either of type
2185
+ # {::Google::Cloud::Kms::V1::MacSignRequest} or an equivalent Hash.
1982
2186
  #
1983
- # @param request [::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest, ::Hash]
2187
+ # @param request [::Google::Cloud::Kms::V1::MacSignRequest, ::Hash]
1984
2188
  # A request object representing the call parameters. Required. To specify no
1985
2189
  # parameters, or to keep all the default parameter values, pass an empty Hash.
1986
2190
  # @param options [::Gapic::CallOptions, ::Hash]
1987
2191
  # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
1988
2192
  #
1989
- # @overload update_crypto_key_primary_version(name: nil, crypto_key_version_id: nil)
1990
- # Pass arguments to `update_crypto_key_primary_version` via keyword arguments. Note that at
2193
+ # @overload mac_sign(name: nil, data: nil, data_crc32c: nil)
2194
+ # Pass arguments to `mac_sign` via keyword arguments. Note that at
1991
2195
  # least one keyword argument is required. To specify no parameters, or to keep all
1992
2196
  # the default parameter values, pass an empty Hash as a request object (see above).
1993
2197
  #
1994
2198
  # @param name [::String]
1995
- # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to update.
1996
- # @param crypto_key_version_id [::String]
1997
- # Required. The id of the child {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use as primary.
2199
+ # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for signing.
2200
+ # @param data [::String]
2201
+ # Required. The data to sign. The MAC tag is computed over this data field based on
2202
+ # the specific algorithm.
2203
+ # @param data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
2204
+ # Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}. If
2205
+ # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
2206
+ # received {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} using this checksum.
2207
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
2208
+ # fails. If you receive a checksum error, your client should verify that
2209
+ # CRC32C({::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}) is equal to
2210
+ # {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c}, and if so, perform a limited
2211
+ # number of retries. A persistent mismatch may indicate an issue in your
2212
+ # computation of the CRC32C checksum.
2213
+ # Note: This field is defined as int64 for reasons of compatibility across
2214
+ # different languages. However, it is a non-negative integer, which will
2215
+ # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
2216
+ # that support this type.
1998
2217
  #
1999
2218
  # @yield [response, operation] Access the result along with the RPC operation
2000
- # @yieldparam response [::Google::Cloud::Kms::V1::CryptoKey]
2219
+ # @yieldparam response [::Google::Cloud::Kms::V1::MacSignResponse]
2001
2220
  # @yieldparam operation [::GRPC::ActiveCall::Operation]
2002
2221
  #
2003
- # @return [::Google::Cloud::Kms::V1::CryptoKey]
2222
+ # @return [::Google::Cloud::Kms::V1::MacSignResponse]
2004
2223
  #
2005
2224
  # @raise [::Google::Cloud::Error] if the RPC is aborted.
2006
2225
  #
2007
- def update_crypto_key_primary_version request, options = nil
2226
+ def mac_sign request, options = nil
2008
2227
  raise ::ArgumentError, "request must be provided" if request.nil?
2009
2228
 
2010
- request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest
2229
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::MacSignRequest
2011
2230
 
2012
2231
  # Converts hash and nil to an options object
2013
2232
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
2014
2233
 
2015
2234
  # Customize the options with defaults
2016
- metadata = @config.rpcs.update_crypto_key_primary_version.metadata.to_h
2235
+ metadata = @config.rpcs.mac_sign.metadata.to_h
2017
2236
 
2018
2237
  # Set x-goog-api-client and x-goog-user-project headers
2019
2238
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
@@ -2027,13 +2246,15 @@ module Google
2027
2246
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
2028
2247
  metadata[:"x-goog-request-params"] ||= request_params_header
2029
2248
 
2030
- options.apply_defaults timeout: @config.rpcs.update_crypto_key_primary_version.timeout,
2249
+ options.apply_defaults timeout: @config.rpcs.mac_sign.timeout,
2031
2250
  metadata: metadata,
2032
- retry_policy: @config.rpcs.update_crypto_key_primary_version.retry_policy
2033
- options.apply_defaults metadata: @config.metadata,
2251
+ retry_policy: @config.rpcs.mac_sign.retry_policy
2252
+
2253
+ options.apply_defaults timeout: @config.timeout,
2254
+ metadata: @config.metadata,
2034
2255
  retry_policy: @config.retry_policy
2035
2256
 
2036
- @key_management_service_stub.call_rpc :update_crypto_key_primary_version, request, options: options do |response, operation|
2257
+ @key_management_service_stub.call_rpc :mac_sign, request, options: options do |response, operation|
2037
2258
  yield response, operation if block_given?
2038
2259
  return response
2039
2260
  end
@@ -2042,55 +2263,79 @@ module Google
2042
2263
  end
2043
2264
 
2044
2265
  ##
2045
- # Schedule a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} for destruction.
2046
- #
2047
- # Upon calling this method, {::Google::Cloud::Kms::V1::CryptoKeyVersion#state CryptoKeyVersion.state} will be set to
2048
- # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROY_SCHEDULED DESTROY_SCHEDULED}
2049
- # and {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will be set to a time 24
2050
- # hours in the future, at which point the {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state}
2051
- # will be changed to
2052
- # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED}, and the key
2053
- # material will be irrevocably destroyed.
2266
+ # Verifies MAC tag using a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose}
2267
+ # MAC, and returns a response that indicates whether or not the verification
2268
+ # was successful.
2054
2269
  #
2055
- # Before the {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} is reached,
2056
- # {::Google::Cloud::Kms::V1::KeyManagementService::Client#restore_crypto_key_version RestoreCryptoKeyVersion} may be called to reverse the process.
2270
+ # @overload mac_verify(request, options = nil)
2271
+ # Pass arguments to `mac_verify` via a request object, either of type
2272
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest} or an equivalent Hash.
2057
2273
  #
2058
- # @overload destroy_crypto_key_version(request, options = nil)
2059
- # Pass arguments to `destroy_crypto_key_version` via a request object, either of type
2060
- # {::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest} or an equivalent Hash.
2061
- #
2062
- # @param request [::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest, ::Hash]
2274
+ # @param request [::Google::Cloud::Kms::V1::MacVerifyRequest, ::Hash]
2063
2275
  # A request object representing the call parameters. Required. To specify no
2064
2276
  # parameters, or to keep all the default parameter values, pass an empty Hash.
2065
2277
  # @param options [::Gapic::CallOptions, ::Hash]
2066
2278
  # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
2067
2279
  #
2068
- # @overload destroy_crypto_key_version(name: nil)
2069
- # Pass arguments to `destroy_crypto_key_version` via keyword arguments. Note that at
2280
+ # @overload mac_verify(name: nil, data: nil, data_crc32c: nil, mac: nil, mac_crc32c: nil)
2281
+ # Pass arguments to `mac_verify` via keyword arguments. Note that at
2070
2282
  # least one keyword argument is required. To specify no parameters, or to keep all
2071
2283
  # the default parameter values, pass an empty Hash as a request object (see above).
2072
2284
  #
2073
2285
  # @param name [::String]
2074
- # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to destroy.
2286
+ # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for verification.
2287
+ # @param data [::String]
2288
+ # Required. The data used previously as a {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} to generate the MAC
2289
+ # tag.
2290
+ # @param data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
2291
+ # Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}. If
2292
+ # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
2293
+ # received {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} using this checksum.
2294
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
2295
+ # fails. If you receive a checksum error, your client should verify that
2296
+ # CRC32C({::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}) is equal to
2297
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c}, and if so, perform a limited
2298
+ # number of retries. A persistent mismatch may indicate an issue in your
2299
+ # computation of the CRC32C checksum.
2300
+ # Note: This field is defined as int64 for reasons of compatibility across
2301
+ # different languages. However, it is a non-negative integer, which will
2302
+ # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
2303
+ # that support this type.
2304
+ # @param mac [::String]
2305
+ # Required. The signature to verify.
2306
+ # @param mac_crc32c [::Google::Protobuf::Int64Value, ::Hash]
2307
+ # Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac}. If
2308
+ # specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
2309
+ # received {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} using this checksum.
2310
+ # {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
2311
+ # fails. If you receive a checksum error, your client should verify that
2312
+ # CRC32C([MacVerifyRequest.tag][]) is equal to
2313
+ # {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c}, and if so, perform a limited
2314
+ # number of retries. A persistent mismatch may indicate an issue in your
2315
+ # computation of the CRC32C checksum.
2316
+ # Note: This field is defined as int64 for reasons of compatibility across
2317
+ # different languages. However, it is a non-negative integer, which will
2318
+ # never exceed 2^32-1, and can be safely downconverted to uint32 in languages
2319
+ # that support this type.
2075
2320
  #
2076
2321
  # @yield [response, operation] Access the result along with the RPC operation
2077
- # @yieldparam response [::Google::Cloud::Kms::V1::CryptoKeyVersion]
2322
+ # @yieldparam response [::Google::Cloud::Kms::V1::MacVerifyResponse]
2078
2323
  # @yieldparam operation [::GRPC::ActiveCall::Operation]
2079
2324
  #
2080
- # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
2325
+ # @return [::Google::Cloud::Kms::V1::MacVerifyResponse]
2081
2326
  #
2082
2327
  # @raise [::Google::Cloud::Error] if the RPC is aborted.
2083
2328
  #
2084
- def destroy_crypto_key_version request, options = nil
2329
+ def mac_verify request, options = nil
2085
2330
  raise ::ArgumentError, "request must be provided" if request.nil?
2086
2331
 
2087
- request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest
2332
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::MacVerifyRequest
2088
2333
 
2089
2334
  # Converts hash and nil to an options object
2090
2335
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
2091
2336
 
2092
2337
  # Customize the options with defaults
2093
- metadata = @config.rpcs.destroy_crypto_key_version.metadata.to_h
2338
+ metadata = @config.rpcs.mac_verify.metadata.to_h
2094
2339
 
2095
2340
  # Set x-goog-api-client and x-goog-user-project headers
2096
2341
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
@@ -2104,13 +2349,15 @@ module Google
2104
2349
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
2105
2350
  metadata[:"x-goog-request-params"] ||= request_params_header
2106
2351
 
2107
- options.apply_defaults timeout: @config.rpcs.destroy_crypto_key_version.timeout,
2352
+ options.apply_defaults timeout: @config.rpcs.mac_verify.timeout,
2108
2353
  metadata: metadata,
2109
- retry_policy: @config.rpcs.destroy_crypto_key_version.retry_policy
2110
- options.apply_defaults metadata: @config.metadata,
2354
+ retry_policy: @config.rpcs.mac_verify.retry_policy
2355
+
2356
+ options.apply_defaults timeout: @config.timeout,
2357
+ metadata: @config.metadata,
2111
2358
  retry_policy: @config.retry_policy
2112
2359
 
2113
- @key_management_service_stub.call_rpc :destroy_crypto_key_version, request, options: options do |response, operation|
2360
+ @key_management_service_stub.call_rpc :mac_verify, request, options: options do |response, operation|
2114
2361
  yield response, operation if block_given?
2115
2362
  return response
2116
2363
  end
@@ -2119,50 +2366,52 @@ module Google
2119
2366
  end
2120
2367
 
2121
2368
  ##
2122
- # Restore a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} in the
2123
- # {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROY_SCHEDULED DESTROY_SCHEDULED}
2124
- # state.
2125
- #
2126
- # Upon restoration of the CryptoKeyVersion, {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state}
2127
- # will be set to {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DISABLED DISABLED},
2128
- # and {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will be cleared.
2369
+ # Generate random bytes using the Cloud KMS randomness source in the provided
2370
+ # location.
2129
2371
  #
2130
- # @overload restore_crypto_key_version(request, options = nil)
2131
- # Pass arguments to `restore_crypto_key_version` via a request object, either of type
2132
- # {::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest} or an equivalent Hash.
2372
+ # @overload generate_random_bytes(request, options = nil)
2373
+ # Pass arguments to `generate_random_bytes` via a request object, either of type
2374
+ # {::Google::Cloud::Kms::V1::GenerateRandomBytesRequest} or an equivalent Hash.
2133
2375
  #
2134
- # @param request [::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest, ::Hash]
2376
+ # @param request [::Google::Cloud::Kms::V1::GenerateRandomBytesRequest, ::Hash]
2135
2377
  # A request object representing the call parameters. Required. To specify no
2136
2378
  # parameters, or to keep all the default parameter values, pass an empty Hash.
2137
2379
  # @param options [::Gapic::CallOptions, ::Hash]
2138
2380
  # Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
2139
2381
  #
2140
- # @overload restore_crypto_key_version(name: nil)
2141
- # Pass arguments to `restore_crypto_key_version` via keyword arguments. Note that at
2382
+ # @overload generate_random_bytes(location: nil, length_bytes: nil, protection_level: nil)
2383
+ # Pass arguments to `generate_random_bytes` via keyword arguments. Note that at
2142
2384
  # least one keyword argument is required. To specify no parameters, or to keep all
2143
2385
  # the default parameter values, pass an empty Hash as a request object (see above).
2144
2386
  #
2145
- # @param name [::String]
2146
- # Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to restore.
2387
+ # @param location [::String]
2388
+ # The project-specific location in which to generate random bytes.
2389
+ # For example, "projects/my-project/locations/us-central1".
2390
+ # @param length_bytes [::Integer]
2391
+ # The length in bytes of the amount of randomness to retrieve. Minimum 8
2392
+ # bytes, maximum 1024 bytes.
2393
+ # @param protection_level [::Google::Cloud::Kms::V1::ProtectionLevel]
2394
+ # The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} to use when generating the random data. Defaults to
2395
+ # {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE}.
2147
2396
  #
2148
2397
  # @yield [response, operation] Access the result along with the RPC operation
2149
- # @yieldparam response [::Google::Cloud::Kms::V1::CryptoKeyVersion]
2398
+ # @yieldparam response [::Google::Cloud::Kms::V1::GenerateRandomBytesResponse]
2150
2399
  # @yieldparam operation [::GRPC::ActiveCall::Operation]
2151
2400
  #
2152
- # @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
2401
+ # @return [::Google::Cloud::Kms::V1::GenerateRandomBytesResponse]
2153
2402
  #
2154
2403
  # @raise [::Google::Cloud::Error] if the RPC is aborted.
2155
2404
  #
2156
- def restore_crypto_key_version request, options = nil
2405
+ def generate_random_bytes request, options = nil
2157
2406
  raise ::ArgumentError, "request must be provided" if request.nil?
2158
2407
 
2159
- request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest
2408
+ request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GenerateRandomBytesRequest
2160
2409
 
2161
2410
  # Converts hash and nil to an options object
2162
2411
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
2163
2412
 
2164
2413
  # Customize the options with defaults
2165
- metadata = @config.rpcs.restore_crypto_key_version.metadata.to_h
2414
+ metadata = @config.rpcs.generate_random_bytes.metadata.to_h
2166
2415
 
2167
2416
  # Set x-goog-api-client and x-goog-user-project headers
2168
2417
  metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
@@ -2171,18 +2420,20 @@ module Google
2171
2420
  metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
2172
2421
 
2173
2422
  header_params = {
2174
- "name" => request.name
2423
+ "location" => request.location
2175
2424
  }
2176
2425
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
2177
2426
  metadata[:"x-goog-request-params"] ||= request_params_header
2178
2427
 
2179
- options.apply_defaults timeout: @config.rpcs.restore_crypto_key_version.timeout,
2428
+ options.apply_defaults timeout: @config.rpcs.generate_random_bytes.timeout,
2180
2429
  metadata: metadata,
2181
- retry_policy: @config.rpcs.restore_crypto_key_version.retry_policy
2182
- options.apply_defaults metadata: @config.metadata,
2430
+ retry_policy: @config.rpcs.generate_random_bytes.retry_policy
2431
+
2432
+ options.apply_defaults timeout: @config.timeout,
2433
+ metadata: @config.metadata,
2183
2434
  retry_policy: @config.retry_policy
2184
2435
 
2185
- @key_management_service_stub.call_rpc :restore_crypto_key_version, request, options: options do |response, operation|
2436
+ @key_management_service_stub.call_rpc :generate_random_bytes, request, options: options do |response, operation|
2186
2437
  yield response, operation if block_given?
2187
2438
  return response
2188
2439
  end
@@ -2203,22 +2454,21 @@ module Google
2203
2454
  # Configuration can be applied globally to all clients, or to a single client
2204
2455
  # on construction.
2205
2456
  #
2206
- # # Examples
2207
- #
2208
- # To modify the global config, setting the timeout for list_key_rings
2209
- # to 20 seconds, and all remaining timeouts to 10 seconds:
2457
+ # @example
2210
2458
  #
2211
- # ::Google::Cloud::Kms::V1::KeyManagementService::Client.configure do |config|
2212
- # config.timeout = 10.0
2213
- # config.rpcs.list_key_rings.timeout = 20.0
2214
- # end
2459
+ # # Modify the global config, setting the timeout for
2460
+ # # list_key_rings to 20 seconds,
2461
+ # # and all remaining timeouts to 10 seconds.
2462
+ # ::Google::Cloud::Kms::V1::KeyManagementService::Client.configure do |config|
2463
+ # config.timeout = 10.0
2464
+ # config.rpcs.list_key_rings.timeout = 20.0
2465
+ # end
2215
2466
  #
2216
- # To apply the above configuration only to a new client:
2217
- #
2218
- # client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new do |config|
2219
- # config.timeout = 10.0
2220
- # config.rpcs.list_key_rings.timeout = 20.0
2221
- # end
2467
+ # # Apply the above configuration only to a new client.
2468
+ # client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new do |config|
2469
+ # config.timeout = 10.0
2470
+ # config.rpcs.list_key_rings.timeout = 20.0
2471
+ # end
2222
2472
  #
2223
2473
  # @!attribute [rw] endpoint
2224
2474
  # The hostname or hostname:port of the service endpoint.
@@ -2407,6 +2657,21 @@ module Google
2407
2657
  #
2408
2658
  attr_reader :update_crypto_key_version
2409
2659
  ##
2660
+ # RPC-specific configuration for `update_crypto_key_primary_version`
2661
+ # @return [::Gapic::Config::Method]
2662
+ #
2663
+ attr_reader :update_crypto_key_primary_version
2664
+ ##
2665
+ # RPC-specific configuration for `destroy_crypto_key_version`
2666
+ # @return [::Gapic::Config::Method]
2667
+ #
2668
+ attr_reader :destroy_crypto_key_version
2669
+ ##
2670
+ # RPC-specific configuration for `restore_crypto_key_version`
2671
+ # @return [::Gapic::Config::Method]
2672
+ #
2673
+ attr_reader :restore_crypto_key_version
2674
+ ##
2410
2675
  # RPC-specific configuration for `encrypt`
2411
2676
  # @return [::Gapic::Config::Method]
2412
2677
  #
@@ -2427,20 +2692,20 @@ module Google
2427
2692
  #
2428
2693
  attr_reader :asymmetric_decrypt
2429
2694
  ##
2430
- # RPC-specific configuration for `update_crypto_key_primary_version`
2695
+ # RPC-specific configuration for `mac_sign`
2431
2696
  # @return [::Gapic::Config::Method]
2432
2697
  #
2433
- attr_reader :update_crypto_key_primary_version
2698
+ attr_reader :mac_sign
2434
2699
  ##
2435
- # RPC-specific configuration for `destroy_crypto_key_version`
2700
+ # RPC-specific configuration for `mac_verify`
2436
2701
  # @return [::Gapic::Config::Method]
2437
2702
  #
2438
- attr_reader :destroy_crypto_key_version
2703
+ attr_reader :mac_verify
2439
2704
  ##
2440
- # RPC-specific configuration for `restore_crypto_key_version`
2705
+ # RPC-specific configuration for `generate_random_bytes`
2441
2706
  # @return [::Gapic::Config::Method]
2442
2707
  #
2443
- attr_reader :restore_crypto_key_version
2708
+ attr_reader :generate_random_bytes
2444
2709
 
2445
2710
  # @private
2446
2711
  def initialize parent_rpcs = nil
@@ -2476,6 +2741,12 @@ module Google
2476
2741
  @update_crypto_key = ::Gapic::Config::Method.new update_crypto_key_config
2477
2742
  update_crypto_key_version_config = parent_rpcs.update_crypto_key_version if parent_rpcs.respond_to? :update_crypto_key_version
2478
2743
  @update_crypto_key_version = ::Gapic::Config::Method.new update_crypto_key_version_config
2744
+ update_crypto_key_primary_version_config = parent_rpcs.update_crypto_key_primary_version if parent_rpcs.respond_to? :update_crypto_key_primary_version
2745
+ @update_crypto_key_primary_version = ::Gapic::Config::Method.new update_crypto_key_primary_version_config
2746
+ destroy_crypto_key_version_config = parent_rpcs.destroy_crypto_key_version if parent_rpcs.respond_to? :destroy_crypto_key_version
2747
+ @destroy_crypto_key_version = ::Gapic::Config::Method.new destroy_crypto_key_version_config
2748
+ restore_crypto_key_version_config = parent_rpcs.restore_crypto_key_version if parent_rpcs.respond_to? :restore_crypto_key_version
2749
+ @restore_crypto_key_version = ::Gapic::Config::Method.new restore_crypto_key_version_config
2479
2750
  encrypt_config = parent_rpcs.encrypt if parent_rpcs.respond_to? :encrypt
2480
2751
  @encrypt = ::Gapic::Config::Method.new encrypt_config
2481
2752
  decrypt_config = parent_rpcs.decrypt if parent_rpcs.respond_to? :decrypt
@@ -2484,12 +2755,12 @@ module Google
2484
2755
  @asymmetric_sign = ::Gapic::Config::Method.new asymmetric_sign_config
2485
2756
  asymmetric_decrypt_config = parent_rpcs.asymmetric_decrypt if parent_rpcs.respond_to? :asymmetric_decrypt
2486
2757
  @asymmetric_decrypt = ::Gapic::Config::Method.new asymmetric_decrypt_config
2487
- update_crypto_key_primary_version_config = parent_rpcs.update_crypto_key_primary_version if parent_rpcs.respond_to? :update_crypto_key_primary_version
2488
- @update_crypto_key_primary_version = ::Gapic::Config::Method.new update_crypto_key_primary_version_config
2489
- destroy_crypto_key_version_config = parent_rpcs.destroy_crypto_key_version if parent_rpcs.respond_to? :destroy_crypto_key_version
2490
- @destroy_crypto_key_version = ::Gapic::Config::Method.new destroy_crypto_key_version_config
2491
- restore_crypto_key_version_config = parent_rpcs.restore_crypto_key_version if parent_rpcs.respond_to? :restore_crypto_key_version
2492
- @restore_crypto_key_version = ::Gapic::Config::Method.new restore_crypto_key_version_config
2758
+ mac_sign_config = parent_rpcs.mac_sign if parent_rpcs.respond_to? :mac_sign
2759
+ @mac_sign = ::Gapic::Config::Method.new mac_sign_config
2760
+ mac_verify_config = parent_rpcs.mac_verify if parent_rpcs.respond_to? :mac_verify
2761
+ @mac_verify = ::Gapic::Config::Method.new mac_verify_config
2762
+ generate_random_bytes_config = parent_rpcs.generate_random_bytes if parent_rpcs.respond_to? :generate_random_bytes
2763
+ @generate_random_bytes = ::Gapic::Config::Method.new generate_random_bytes_config
2493
2764
 
2494
2765
  yield self if block_given?
2495
2766
  end