google-cloud-kms-v1 0.6.0 → 0.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/AUTHENTICATION.md +8 -8
- data/README.md +1 -1
- data/lib/google/cloud/kms/v1/iam_policy/client.rb +39 -40
- data/lib/google/cloud/kms/v1/key_management_service/client.rb +528 -257
- data/lib/google/cloud/kms/v1/resources_pb.rb +6 -0
- data/lib/google/cloud/kms/v1/service_pb.rb +60 -12
- data/lib/google/cloud/kms/v1/service_services_pb.rb +37 -24
- data/lib/google/cloud/kms/v1/version.rb +1 -1
- data/proto_docs/google/api/field_behavior.rb +7 -1
- data/proto_docs/google/cloud/kms/v1/resources.rb +38 -4
- data/proto_docs/google/cloud/kms/v1/service.rb +259 -58
- data/proto_docs/google/type/expr.rb +35 -12
- metadata +4 -5
- data/lib/google/iam/v1/iam_policy_services_pb.rb +0 -81
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 366f739162ab5400a7d321c89b3283faa619b89e0ce78a22729aaec42cf319f2
|
4
|
+
data.tar.gz: 9b07da8889a3a6804331abc9f78882ee7cc89ae0f8d848cb8ce321a027d0ca98
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f46892858f2569b83d67dd04ae66ad59eabb7acc9b6b3a55d1661f35d0fcf060af22ee2dafe271059fa461aac233afa458bccbc800850363bc055c925cbb178e
|
7
|
+
data.tar.gz: c8babfa3af90696ca1223d8dc2461615289de042c0a7beda99da0b9e75c951372e58e077f162f68c5b8cf61f65c3501d3229406da434a80a6f31cd0f0494eb49
|
data/AUTHENTICATION.md
CHANGED
@@ -66,11 +66,11 @@ The environment variables that google-cloud-kms-v1
|
|
66
66
|
checks for credentials are configured on the service Credentials class (such as
|
67
67
|
{::Google::Cloud::Kms::V1::KeyManagementService::Credentials}):
|
68
68
|
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
69
|
+
* `KMS_CREDENTIALS` - Path to JSON file, or JSON contents
|
70
|
+
* `KMS_KEYFILE` - Path to JSON file, or JSON contents
|
71
|
+
* `GOOGLE_CLOUD_CREDENTIALS` - Path to JSON file, or JSON contents
|
72
|
+
* `GOOGLE_CLOUD_KEYFILE` - Path to JSON file, or JSON contents
|
73
|
+
* `GOOGLE_APPLICATION_CREDENTIALS` - Path to JSON file
|
74
74
|
|
75
75
|
```ruby
|
76
76
|
require "google/cloud/kms/v1"
|
@@ -82,8 +82,8 @@ client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new
|
|
82
82
|
|
83
83
|
### Configuration
|
84
84
|
|
85
|
-
The **Credentials JSON** can be configured instead of
|
86
|
-
environment
|
85
|
+
The path to the **Credentials JSON** file can be configured instead of storing
|
86
|
+
it in an environment variable. Either on an individual client initialization:
|
87
87
|
|
88
88
|
```ruby
|
89
89
|
require "google/cloud/kms/v1"
|
@@ -93,7 +93,7 @@ client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new do |config|
|
|
93
93
|
end
|
94
94
|
```
|
95
95
|
|
96
|
-
Or
|
96
|
+
Or globally for all clients:
|
97
97
|
|
98
98
|
```ruby
|
99
99
|
require "google/cloud/kms/v1"
|
data/README.md
CHANGED
@@ -33,7 +33,7 @@ In order to use this library, you first need to go through the following steps:
|
|
33
33
|
require "google/cloud/kms/v1"
|
34
34
|
|
35
35
|
client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new
|
36
|
-
request =
|
36
|
+
request = ::Google::Cloud::Kms::V1::ListKeyRingsRequest.new # (request fields as keyword arguments...)
|
37
37
|
response = client.list_key_rings request
|
38
38
|
```
|
39
39
|
|
@@ -63,13 +63,12 @@ module Google
|
|
63
63
|
# See {::Google::Cloud::Kms::V1::IAMPolicy::Client::Configuration}
|
64
64
|
# for a description of the configuration fields.
|
65
65
|
#
|
66
|
-
#
|
66
|
+
# @example
|
67
67
|
#
|
68
|
-
#
|
69
|
-
#
|
70
|
-
#
|
71
|
-
#
|
72
|
-
# end
|
68
|
+
# # Modify the configuration for all IAMPolicy clients
|
69
|
+
# ::Google::Cloud::Kms::V1::IAMPolicy::Client.configure do |config|
|
70
|
+
# config.timeout = 10.0
|
71
|
+
# end
|
73
72
|
#
|
74
73
|
# @yield [config] Configure the Client client.
|
75
74
|
# @yieldparam config [Client::Configuration]
|
@@ -116,19 +115,15 @@ module Google
|
|
116
115
|
##
|
117
116
|
# Create a new IAMPolicy client object.
|
118
117
|
#
|
119
|
-
#
|
120
|
-
#
|
121
|
-
# To create a new IAMPolicy client with the default
|
122
|
-
# configuration:
|
123
|
-
#
|
124
|
-
# client = ::Google::Cloud::Kms::V1::IAMPolicy::Client.new
|
118
|
+
# @example
|
125
119
|
#
|
126
|
-
#
|
127
|
-
#
|
120
|
+
# # Create a client using the default configuration
|
121
|
+
# client = ::Google::Cloud::Kms::V1::IAMPolicy::Client.new
|
128
122
|
#
|
129
|
-
#
|
130
|
-
#
|
131
|
-
#
|
123
|
+
# # Create a client using a custom configuration
|
124
|
+
# client = ::Google::Cloud::Kms::V1::IAMPolicy::Client.new do |config|
|
125
|
+
# config.timeout = 10.0
|
126
|
+
# end
|
132
127
|
#
|
133
128
|
# @yield [config] Configure the IAMPolicy client.
|
134
129
|
# @yieldparam config [Client::Configuration]
|
@@ -148,14 +143,13 @@ module Google
|
|
148
143
|
|
149
144
|
# Create credentials
|
150
145
|
credentials = @config.credentials
|
151
|
-
# Use self-signed JWT if the
|
146
|
+
# Use self-signed JWT if the endpoint is unchanged from default,
|
152
147
|
# but only if the default endpoint does not have a region prefix.
|
153
|
-
enable_self_signed_jwt = @config.
|
154
|
-
@config.endpoint == Client.configure.endpoint &&
|
148
|
+
enable_self_signed_jwt = @config.endpoint == Client.configure.endpoint &&
|
155
149
|
!@config.endpoint.split(".").first.include?("-")
|
156
150
|
credentials ||= Credentials.default scope: @config.scope,
|
157
151
|
enable_self_signed_jwt: enable_self_signed_jwt
|
158
|
-
if credentials.is_a?(String) || credentials.is_a?(Hash)
|
152
|
+
if credentials.is_a?(::String) || credentials.is_a?(::Hash)
|
159
153
|
credentials = Credentials.new credentials, scope: @config.scope
|
160
154
|
end
|
161
155
|
@quota_project_id = @config.quota_project
|
@@ -234,7 +228,9 @@ module Google
|
|
234
228
|
options.apply_defaults timeout: @config.rpcs.set_iam_policy.timeout,
|
235
229
|
metadata: metadata,
|
236
230
|
retry_policy: @config.rpcs.set_iam_policy.retry_policy
|
237
|
-
|
231
|
+
|
232
|
+
options.apply_defaults timeout: @config.timeout,
|
233
|
+
metadata: @config.metadata,
|
238
234
|
retry_policy: @config.retry_policy
|
239
235
|
|
240
236
|
@iam_policy_stub.call_rpc :set_iam_policy, request, options: options do |response, operation|
|
@@ -306,7 +302,9 @@ module Google
|
|
306
302
|
options.apply_defaults timeout: @config.rpcs.get_iam_policy.timeout,
|
307
303
|
metadata: metadata,
|
308
304
|
retry_policy: @config.rpcs.get_iam_policy.retry_policy
|
309
|
-
|
305
|
+
|
306
|
+
options.apply_defaults timeout: @config.timeout,
|
307
|
+
metadata: @config.metadata,
|
310
308
|
retry_policy: @config.retry_policy
|
311
309
|
|
312
310
|
@iam_policy_stub.call_rpc :get_iam_policy, request, options: options do |response, operation|
|
@@ -384,7 +382,9 @@ module Google
|
|
384
382
|
options.apply_defaults timeout: @config.rpcs.test_iam_permissions.timeout,
|
385
383
|
metadata: metadata,
|
386
384
|
retry_policy: @config.rpcs.test_iam_permissions.retry_policy
|
387
|
-
|
385
|
+
|
386
|
+
options.apply_defaults timeout: @config.timeout,
|
387
|
+
metadata: @config.metadata,
|
388
388
|
retry_policy: @config.retry_policy
|
389
389
|
|
390
390
|
@iam_policy_stub.call_rpc :test_iam_permissions, request, options: options do |response, operation|
|
@@ -408,22 +408,21 @@ module Google
|
|
408
408
|
# Configuration can be applied globally to all clients, or to a single client
|
409
409
|
# on construction.
|
410
410
|
#
|
411
|
-
#
|
412
|
-
#
|
413
|
-
#
|
414
|
-
# to 20 seconds,
|
415
|
-
#
|
416
|
-
#
|
417
|
-
#
|
418
|
-
#
|
419
|
-
#
|
420
|
-
#
|
421
|
-
#
|
422
|
-
#
|
423
|
-
#
|
424
|
-
#
|
425
|
-
#
|
426
|
-
# end
|
411
|
+
# @example
|
412
|
+
#
|
413
|
+
# # Modify the global config, setting the timeout for
|
414
|
+
# # set_iam_policy to 20 seconds,
|
415
|
+
# # and all remaining timeouts to 10 seconds.
|
416
|
+
# ::Google::Cloud::Kms::V1::IAMPolicy::Client.configure do |config|
|
417
|
+
# config.timeout = 10.0
|
418
|
+
# config.rpcs.set_iam_policy.timeout = 20.0
|
419
|
+
# end
|
420
|
+
#
|
421
|
+
# # Apply the above configuration only to a new client.
|
422
|
+
# client = ::Google::Cloud::Kms::V1::IAMPolicy::Client.new do |config|
|
423
|
+
# config.timeout = 10.0
|
424
|
+
# config.rpcs.set_iam_policy.timeout = 20.0
|
425
|
+
# end
|
427
426
|
#
|
428
427
|
# @!attribute [rw] endpoint
|
429
428
|
# The hostname or hostname:port of the service endpoint.
|
@@ -52,13 +52,12 @@ module Google
|
|
52
52
|
# See {::Google::Cloud::Kms::V1::KeyManagementService::Client::Configuration}
|
53
53
|
# for a description of the configuration fields.
|
54
54
|
#
|
55
|
-
#
|
55
|
+
# @example
|
56
56
|
#
|
57
|
-
#
|
58
|
-
#
|
59
|
-
#
|
60
|
-
#
|
61
|
-
# end
|
57
|
+
# # Modify the configuration for all KeyManagementService clients
|
58
|
+
# ::Google::Cloud::Kms::V1::KeyManagementService::Client.configure do |config|
|
59
|
+
# config.timeout = 10.0
|
60
|
+
# end
|
62
61
|
#
|
63
62
|
# @yield [config] Configure the Client client.
|
64
63
|
# @yieldparam config [Client::Configuration]
|
@@ -78,90 +77,57 @@ module Google
|
|
78
77
|
|
79
78
|
default_config.rpcs.list_key_rings.timeout = 60.0
|
80
79
|
default_config.rpcs.list_key_rings.retry_policy = {
|
81
|
-
initial_delay: 0.1,
|
82
|
-
max_delay: 60.0,
|
83
|
-
multiplier: 1.3,
|
84
|
-
retry_codes: [14, 4]
|
80
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
85
81
|
}
|
86
82
|
|
87
83
|
default_config.rpcs.list_crypto_keys.timeout = 60.0
|
88
84
|
default_config.rpcs.list_crypto_keys.retry_policy = {
|
89
|
-
initial_delay: 0.1,
|
90
|
-
max_delay: 60.0,
|
91
|
-
multiplier: 1.3,
|
92
|
-
retry_codes: [14, 4]
|
85
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
93
86
|
}
|
94
87
|
|
95
88
|
default_config.rpcs.list_crypto_key_versions.timeout = 60.0
|
96
89
|
default_config.rpcs.list_crypto_key_versions.retry_policy = {
|
97
|
-
initial_delay: 0.1,
|
98
|
-
max_delay: 60.0,
|
99
|
-
multiplier: 1.3,
|
100
|
-
retry_codes: [14, 4]
|
90
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
101
91
|
}
|
102
92
|
|
103
93
|
default_config.rpcs.list_import_jobs.timeout = 60.0
|
104
94
|
default_config.rpcs.list_import_jobs.retry_policy = {
|
105
|
-
initial_delay: 0.1,
|
106
|
-
max_delay: 60.0,
|
107
|
-
multiplier: 1.3,
|
108
|
-
retry_codes: [14, 4]
|
95
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
109
96
|
}
|
110
97
|
|
111
98
|
default_config.rpcs.get_key_ring.timeout = 60.0
|
112
99
|
default_config.rpcs.get_key_ring.retry_policy = {
|
113
|
-
initial_delay: 0.1,
|
114
|
-
max_delay: 60.0,
|
115
|
-
multiplier: 1.3,
|
116
|
-
retry_codes: [14, 4]
|
100
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
117
101
|
}
|
118
102
|
|
119
103
|
default_config.rpcs.get_crypto_key.timeout = 60.0
|
120
104
|
default_config.rpcs.get_crypto_key.retry_policy = {
|
121
|
-
initial_delay: 0.1,
|
122
|
-
max_delay: 60.0,
|
123
|
-
multiplier: 1.3,
|
124
|
-
retry_codes: [14, 4]
|
105
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
125
106
|
}
|
126
107
|
|
127
108
|
default_config.rpcs.get_crypto_key_version.timeout = 60.0
|
128
109
|
default_config.rpcs.get_crypto_key_version.retry_policy = {
|
129
|
-
initial_delay: 0.1,
|
130
|
-
max_delay: 60.0,
|
131
|
-
multiplier: 1.3,
|
132
|
-
retry_codes: [14, 4]
|
110
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
133
111
|
}
|
134
112
|
|
135
113
|
default_config.rpcs.get_public_key.timeout = 60.0
|
136
114
|
default_config.rpcs.get_public_key.retry_policy = {
|
137
|
-
initial_delay: 0.1,
|
138
|
-
max_delay: 60.0,
|
139
|
-
multiplier: 1.3,
|
140
|
-
retry_codes: [14, 4]
|
115
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
141
116
|
}
|
142
117
|
|
143
118
|
default_config.rpcs.get_import_job.timeout = 60.0
|
144
119
|
default_config.rpcs.get_import_job.retry_policy = {
|
145
|
-
initial_delay: 0.1,
|
146
|
-
max_delay: 60.0,
|
147
|
-
multiplier: 1.3,
|
148
|
-
retry_codes: [14, 4]
|
120
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
149
121
|
}
|
150
122
|
|
151
123
|
default_config.rpcs.create_key_ring.timeout = 60.0
|
152
124
|
default_config.rpcs.create_key_ring.retry_policy = {
|
153
|
-
initial_delay: 0.1,
|
154
|
-
max_delay: 60.0,
|
155
|
-
multiplier: 1.3,
|
156
|
-
retry_codes: [14, 4]
|
125
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
157
126
|
}
|
158
127
|
|
159
128
|
default_config.rpcs.create_crypto_key.timeout = 60.0
|
160
129
|
default_config.rpcs.create_crypto_key.retry_policy = {
|
161
|
-
initial_delay: 0.1,
|
162
|
-
max_delay: 60.0,
|
163
|
-
multiplier: 1.3,
|
164
|
-
retry_codes: [14, 4]
|
130
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
165
131
|
}
|
166
132
|
|
167
133
|
default_config.rpcs.create_crypto_key_version.timeout = 60.0
|
@@ -170,82 +136,52 @@ module Google
|
|
170
136
|
|
171
137
|
default_config.rpcs.create_import_job.timeout = 60.0
|
172
138
|
default_config.rpcs.create_import_job.retry_policy = {
|
173
|
-
initial_delay: 0.1,
|
174
|
-
max_delay: 60.0,
|
175
|
-
multiplier: 1.3,
|
176
|
-
retry_codes: [14, 4]
|
139
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
177
140
|
}
|
178
141
|
|
179
142
|
default_config.rpcs.update_crypto_key.timeout = 60.0
|
180
143
|
default_config.rpcs.update_crypto_key.retry_policy = {
|
181
|
-
initial_delay: 0.1,
|
182
|
-
max_delay: 60.0,
|
183
|
-
multiplier: 1.3,
|
184
|
-
retry_codes: [14, 4]
|
144
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
185
145
|
}
|
186
146
|
|
187
147
|
default_config.rpcs.update_crypto_key_version.timeout = 60.0
|
188
148
|
default_config.rpcs.update_crypto_key_version.retry_policy = {
|
189
|
-
initial_delay: 0.1,
|
190
|
-
|
191
|
-
|
192
|
-
|
149
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
150
|
+
}
|
151
|
+
|
152
|
+
default_config.rpcs.update_crypto_key_primary_version.timeout = 60.0
|
153
|
+
default_config.rpcs.update_crypto_key_primary_version.retry_policy = {
|
154
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
155
|
+
}
|
156
|
+
|
157
|
+
default_config.rpcs.destroy_crypto_key_version.timeout = 60.0
|
158
|
+
default_config.rpcs.destroy_crypto_key_version.retry_policy = {
|
159
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
160
|
+
}
|
161
|
+
|
162
|
+
default_config.rpcs.restore_crypto_key_version.timeout = 60.0
|
163
|
+
default_config.rpcs.restore_crypto_key_version.retry_policy = {
|
164
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
193
165
|
}
|
194
166
|
|
195
167
|
default_config.rpcs.encrypt.timeout = 60.0
|
196
168
|
default_config.rpcs.encrypt.retry_policy = {
|
197
|
-
initial_delay: 0.1,
|
198
|
-
max_delay: 60.0,
|
199
|
-
multiplier: 1.3,
|
200
|
-
retry_codes: [14, 4]
|
169
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
201
170
|
}
|
202
171
|
|
203
172
|
default_config.rpcs.decrypt.timeout = 60.0
|
204
173
|
default_config.rpcs.decrypt.retry_policy = {
|
205
|
-
initial_delay: 0.1,
|
206
|
-
max_delay: 60.0,
|
207
|
-
multiplier: 1.3,
|
208
|
-
retry_codes: [14, 4]
|
174
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
209
175
|
}
|
210
176
|
|
211
177
|
default_config.rpcs.asymmetric_sign.timeout = 60.0
|
212
178
|
default_config.rpcs.asymmetric_sign.retry_policy = {
|
213
|
-
initial_delay: 0.1,
|
214
|
-
max_delay: 60.0,
|
215
|
-
multiplier: 1.3,
|
216
|
-
retry_codes: [14, 4]
|
179
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
217
180
|
}
|
218
181
|
|
219
182
|
default_config.rpcs.asymmetric_decrypt.timeout = 60.0
|
220
183
|
default_config.rpcs.asymmetric_decrypt.retry_policy = {
|
221
|
-
initial_delay: 0.1,
|
222
|
-
max_delay: 60.0,
|
223
|
-
multiplier: 1.3,
|
224
|
-
retry_codes: [14, 4]
|
225
|
-
}
|
226
|
-
|
227
|
-
default_config.rpcs.update_crypto_key_primary_version.timeout = 60.0
|
228
|
-
default_config.rpcs.update_crypto_key_primary_version.retry_policy = {
|
229
|
-
initial_delay: 0.1,
|
230
|
-
max_delay: 60.0,
|
231
|
-
multiplier: 1.3,
|
232
|
-
retry_codes: [14, 4]
|
233
|
-
}
|
234
|
-
|
235
|
-
default_config.rpcs.destroy_crypto_key_version.timeout = 60.0
|
236
|
-
default_config.rpcs.destroy_crypto_key_version.retry_policy = {
|
237
|
-
initial_delay: 0.1,
|
238
|
-
max_delay: 60.0,
|
239
|
-
multiplier: 1.3,
|
240
|
-
retry_codes: [14, 4]
|
241
|
-
}
|
242
|
-
|
243
|
-
default_config.rpcs.restore_crypto_key_version.timeout = 60.0
|
244
|
-
default_config.rpcs.restore_crypto_key_version.retry_policy = {
|
245
|
-
initial_delay: 0.1,
|
246
|
-
max_delay: 60.0,
|
247
|
-
multiplier: 1.3,
|
248
|
-
retry_codes: [14, 4]
|
184
|
+
initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
|
249
185
|
}
|
250
186
|
|
251
187
|
default_config
|
@@ -277,19 +213,15 @@ module Google
|
|
277
213
|
##
|
278
214
|
# Create a new KeyManagementService client object.
|
279
215
|
#
|
280
|
-
#
|
281
|
-
#
|
282
|
-
# To create a new KeyManagementService client with the default
|
283
|
-
# configuration:
|
216
|
+
# @example
|
284
217
|
#
|
285
|
-
#
|
218
|
+
# # Create a client using the default configuration
|
219
|
+
# client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new
|
286
220
|
#
|
287
|
-
#
|
288
|
-
#
|
289
|
-
#
|
290
|
-
#
|
291
|
-
# config.timeout = 10.0
|
292
|
-
# end
|
221
|
+
# # Create a client using a custom configuration
|
222
|
+
# client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new do |config|
|
223
|
+
# config.timeout = 10.0
|
224
|
+
# end
|
293
225
|
#
|
294
226
|
# @yield [config] Configure the KeyManagementService client.
|
295
227
|
# @yieldparam config [Client::Configuration]
|
@@ -309,14 +241,13 @@ module Google
|
|
309
241
|
|
310
242
|
# Create credentials
|
311
243
|
credentials = @config.credentials
|
312
|
-
# Use self-signed JWT if the
|
244
|
+
# Use self-signed JWT if the endpoint is unchanged from default,
|
313
245
|
# but only if the default endpoint does not have a region prefix.
|
314
|
-
enable_self_signed_jwt = @config.
|
315
|
-
@config.endpoint == Client.configure.endpoint &&
|
246
|
+
enable_self_signed_jwt = @config.endpoint == Client.configure.endpoint &&
|
316
247
|
!@config.endpoint.split(".").first.include?("-")
|
317
248
|
credentials ||= Credentials.default scope: @config.scope,
|
318
249
|
enable_self_signed_jwt: enable_self_signed_jwt
|
319
|
-
if credentials.is_a?(String) || credentials.is_a?(Hash)
|
250
|
+
if credentials.is_a?(::String) || credentials.is_a?(::Hash)
|
320
251
|
credentials = Credentials.new credentials, scope: @config.scope
|
321
252
|
end
|
322
253
|
@quota_project_id = @config.quota_project
|
@@ -407,7 +338,9 @@ module Google
|
|
407
338
|
options.apply_defaults timeout: @config.rpcs.list_key_rings.timeout,
|
408
339
|
metadata: metadata,
|
409
340
|
retry_policy: @config.rpcs.list_key_rings.retry_policy
|
410
|
-
|
341
|
+
|
342
|
+
options.apply_defaults timeout: @config.timeout,
|
343
|
+
metadata: @config.metadata,
|
411
344
|
retry_policy: @config.retry_policy
|
412
345
|
|
413
346
|
@key_management_service_stub.call_rpc :list_key_rings, request, options: options do |response, operation|
|
@@ -495,7 +428,9 @@ module Google
|
|
495
428
|
options.apply_defaults timeout: @config.rpcs.list_crypto_keys.timeout,
|
496
429
|
metadata: metadata,
|
497
430
|
retry_policy: @config.rpcs.list_crypto_keys.retry_policy
|
498
|
-
|
431
|
+
|
432
|
+
options.apply_defaults timeout: @config.timeout,
|
433
|
+
metadata: @config.metadata,
|
499
434
|
retry_policy: @config.retry_policy
|
500
435
|
|
501
436
|
@key_management_service_stub.call_rpc :list_crypto_keys, request, options: options do |response, operation|
|
@@ -584,7 +519,9 @@ module Google
|
|
584
519
|
options.apply_defaults timeout: @config.rpcs.list_crypto_key_versions.timeout,
|
585
520
|
metadata: metadata,
|
586
521
|
retry_policy: @config.rpcs.list_crypto_key_versions.retry_policy
|
587
|
-
|
522
|
+
|
523
|
+
options.apply_defaults timeout: @config.timeout,
|
524
|
+
metadata: @config.metadata,
|
588
525
|
retry_policy: @config.retry_policy
|
589
526
|
|
590
527
|
@key_management_service_stub.call_rpc :list_crypto_key_versions, request, options: options do |response, operation|
|
@@ -670,7 +607,9 @@ module Google
|
|
670
607
|
options.apply_defaults timeout: @config.rpcs.list_import_jobs.timeout,
|
671
608
|
metadata: metadata,
|
672
609
|
retry_policy: @config.rpcs.list_import_jobs.retry_policy
|
673
|
-
|
610
|
+
|
611
|
+
options.apply_defaults timeout: @config.timeout,
|
612
|
+
metadata: @config.metadata,
|
674
613
|
retry_policy: @config.retry_policy
|
675
614
|
|
676
615
|
@key_management_service_stub.call_rpc :list_import_jobs, request, options: options do |response, operation|
|
@@ -737,7 +676,9 @@ module Google
|
|
737
676
|
options.apply_defaults timeout: @config.rpcs.get_key_ring.timeout,
|
738
677
|
metadata: metadata,
|
739
678
|
retry_policy: @config.rpcs.get_key_ring.retry_policy
|
740
|
-
|
679
|
+
|
680
|
+
options.apply_defaults timeout: @config.timeout,
|
681
|
+
metadata: @config.metadata,
|
741
682
|
retry_policy: @config.retry_policy
|
742
683
|
|
743
684
|
@key_management_service_stub.call_rpc :get_key_ring, request, options: options do |response, operation|
|
@@ -804,7 +745,9 @@ module Google
|
|
804
745
|
options.apply_defaults timeout: @config.rpcs.get_crypto_key.timeout,
|
805
746
|
metadata: metadata,
|
806
747
|
retry_policy: @config.rpcs.get_crypto_key.retry_policy
|
807
|
-
|
748
|
+
|
749
|
+
options.apply_defaults timeout: @config.timeout,
|
750
|
+
metadata: @config.metadata,
|
808
751
|
retry_policy: @config.retry_policy
|
809
752
|
|
810
753
|
@key_management_service_stub.call_rpc :get_crypto_key, request, options: options do |response, operation|
|
@@ -870,7 +813,9 @@ module Google
|
|
870
813
|
options.apply_defaults timeout: @config.rpcs.get_crypto_key_version.timeout,
|
871
814
|
metadata: metadata,
|
872
815
|
retry_policy: @config.rpcs.get_crypto_key_version.retry_policy
|
873
|
-
|
816
|
+
|
817
|
+
options.apply_defaults timeout: @config.timeout,
|
818
|
+
metadata: @config.metadata,
|
874
819
|
retry_policy: @config.retry_policy
|
875
820
|
|
876
821
|
@key_management_service_stub.call_rpc :get_crypto_key_version, request, options: options do |response, operation|
|
@@ -940,7 +885,9 @@ module Google
|
|
940
885
|
options.apply_defaults timeout: @config.rpcs.get_public_key.timeout,
|
941
886
|
metadata: metadata,
|
942
887
|
retry_policy: @config.rpcs.get_public_key.retry_policy
|
943
|
-
|
888
|
+
|
889
|
+
options.apply_defaults timeout: @config.timeout,
|
890
|
+
metadata: @config.metadata,
|
944
891
|
retry_policy: @config.retry_policy
|
945
892
|
|
946
893
|
@key_management_service_stub.call_rpc :get_public_key, request, options: options do |response, operation|
|
@@ -1006,7 +953,9 @@ module Google
|
|
1006
953
|
options.apply_defaults timeout: @config.rpcs.get_import_job.timeout,
|
1007
954
|
metadata: metadata,
|
1008
955
|
retry_policy: @config.rpcs.get_import_job.retry_policy
|
1009
|
-
|
956
|
+
|
957
|
+
options.apply_defaults timeout: @config.timeout,
|
958
|
+
metadata: @config.metadata,
|
1010
959
|
retry_policy: @config.retry_policy
|
1011
960
|
|
1012
961
|
@key_management_service_stub.call_rpc :get_import_job, request, options: options do |response, operation|
|
@@ -1078,7 +1027,9 @@ module Google
|
|
1078
1027
|
options.apply_defaults timeout: @config.rpcs.create_key_ring.timeout,
|
1079
1028
|
metadata: metadata,
|
1080
1029
|
retry_policy: @config.rpcs.create_key_ring.retry_policy
|
1081
|
-
|
1030
|
+
|
1031
|
+
options.apply_defaults timeout: @config.timeout,
|
1032
|
+
metadata: @config.metadata,
|
1082
1033
|
retry_policy: @config.retry_policy
|
1083
1034
|
|
1084
1035
|
@key_management_service_stub.call_rpc :create_key_ring, request, options: options do |response, operation|
|
@@ -1160,7 +1111,9 @@ module Google
|
|
1160
1111
|
options.apply_defaults timeout: @config.rpcs.create_crypto_key.timeout,
|
1161
1112
|
metadata: metadata,
|
1162
1113
|
retry_policy: @config.rpcs.create_crypto_key.retry_policy
|
1163
|
-
|
1114
|
+
|
1115
|
+
options.apply_defaults timeout: @config.timeout,
|
1116
|
+
metadata: @config.metadata,
|
1164
1117
|
retry_policy: @config.retry_policy
|
1165
1118
|
|
1166
1119
|
@key_management_service_stub.call_rpc :create_crypto_key, request, options: options do |response, operation|
|
@@ -1233,7 +1186,9 @@ module Google
|
|
1233
1186
|
options.apply_defaults timeout: @config.rpcs.create_crypto_key_version.timeout,
|
1234
1187
|
metadata: metadata,
|
1235
1188
|
retry_policy: @config.rpcs.create_crypto_key_version.retry_policy
|
1236
|
-
|
1189
|
+
|
1190
|
+
options.apply_defaults timeout: @config.timeout,
|
1191
|
+
metadata: @config.metadata,
|
1237
1192
|
retry_policy: @config.retry_policy
|
1238
1193
|
|
1239
1194
|
@key_management_service_stub.call_rpc :create_crypto_key_version, request, options: options do |response, operation|
|
@@ -1245,11 +1200,12 @@ module Google
|
|
1245
1200
|
end
|
1246
1201
|
|
1247
1202
|
##
|
1248
|
-
#
|
1249
|
-
# wrapped key material provided in the request.
|
1203
|
+
# Import wrapped key material into a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
|
1250
1204
|
#
|
1251
|
-
#
|
1252
|
-
#
|
1205
|
+
# All requests must specify a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}. If a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} is
|
1206
|
+
# additionally specified in the request, key material will be reimported into
|
1207
|
+
# that version. Otherwise, a new version will be created, and will be
|
1208
|
+
# assigned the next sequential id within the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
|
1253
1209
|
#
|
1254
1210
|
# @overload import_crypto_key_version(request, options = nil)
|
1255
1211
|
# Pass arguments to `import_crypto_key_version` via a request object, either of type
|
@@ -1261,14 +1217,32 @@ module Google
|
|
1261
1217
|
# @param options [::Gapic::CallOptions, ::Hash]
|
1262
1218
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
1263
1219
|
#
|
1264
|
-
# @overload import_crypto_key_version(parent: nil, algorithm: nil, import_job: nil, rsa_aes_wrapped_key: nil)
|
1220
|
+
# @overload import_crypto_key_version(parent: nil, crypto_key_version: nil, algorithm: nil, import_job: nil, rsa_aes_wrapped_key: nil)
|
1265
1221
|
# Pass arguments to `import_crypto_key_version` via keyword arguments. Note that at
|
1266
1222
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
1267
1223
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
1268
1224
|
#
|
1269
1225
|
# @param parent [::String]
|
1270
|
-
# Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to
|
1271
|
-
#
|
1226
|
+
# Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to be imported into.
|
1227
|
+
#
|
1228
|
+
# The create permission is only required on this key when creating a new
|
1229
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
|
1230
|
+
# @param crypto_key_version [::String]
|
1231
|
+
# Optional. The optional {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of an existing
|
1232
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to target for an import operation.
|
1233
|
+
# If this field is not present, a new {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} containing the
|
1234
|
+
# supplied key material is created.
|
1235
|
+
#
|
1236
|
+
# If this field is present, the supplied key material is imported into
|
1237
|
+
# the existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. To import into an existing
|
1238
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}, the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} must be a child of
|
1239
|
+
# {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest#parent ImportCryptoKeyVersionRequest.parent}, have been previously created via
|
1240
|
+
# [ImportCryptoKeyVersion][], and be in
|
1241
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED} or
|
1242
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::IMPORT_FAILED IMPORT_FAILED}
|
1243
|
+
# state. The key material and algorithm must match the previous
|
1244
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} exactly if the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} has ever contained
|
1245
|
+
# key material.
|
1272
1246
|
# @param algorithm [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm]
|
1273
1247
|
# Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm algorithm} of
|
1274
1248
|
# the key being imported. This does not need to match the
|
@@ -1336,7 +1310,9 @@ module Google
|
|
1336
1310
|
options.apply_defaults timeout: @config.rpcs.import_crypto_key_version.timeout,
|
1337
1311
|
metadata: metadata,
|
1338
1312
|
retry_policy: @config.rpcs.import_crypto_key_version.retry_policy
|
1339
|
-
|
1313
|
+
|
1314
|
+
options.apply_defaults timeout: @config.timeout,
|
1315
|
+
metadata: @config.metadata,
|
1340
1316
|
retry_policy: @config.retry_policy
|
1341
1317
|
|
1342
1318
|
@key_management_service_stub.call_rpc :import_crypto_key_version, request, options: options do |response, operation|
|
@@ -1410,7 +1386,9 @@ module Google
|
|
1410
1386
|
options.apply_defaults timeout: @config.rpcs.create_import_job.timeout,
|
1411
1387
|
metadata: metadata,
|
1412
1388
|
retry_policy: @config.rpcs.create_import_job.retry_policy
|
1413
|
-
|
1389
|
+
|
1390
|
+
options.apply_defaults timeout: @config.timeout,
|
1391
|
+
metadata: @config.metadata,
|
1414
1392
|
retry_policy: @config.retry_policy
|
1415
1393
|
|
1416
1394
|
@key_management_service_stub.call_rpc :create_import_job, request, options: options do |response, operation|
|
@@ -1478,7 +1456,9 @@ module Google
|
|
1478
1456
|
options.apply_defaults timeout: @config.rpcs.update_crypto_key.timeout,
|
1479
1457
|
metadata: metadata,
|
1480
1458
|
retry_policy: @config.rpcs.update_crypto_key.retry_policy
|
1481
|
-
|
1459
|
+
|
1460
|
+
options.apply_defaults timeout: @config.timeout,
|
1461
|
+
metadata: @config.metadata,
|
1482
1462
|
retry_policy: @config.retry_policy
|
1483
1463
|
|
1484
1464
|
@key_management_service_stub.call_rpc :update_crypto_key, request, options: options do |response, operation|
|
@@ -1552,7 +1532,9 @@ module Google
|
|
1552
1532
|
options.apply_defaults timeout: @config.rpcs.update_crypto_key_version.timeout,
|
1553
1533
|
metadata: metadata,
|
1554
1534
|
retry_policy: @config.rpcs.update_crypto_key_version.retry_policy
|
1555
|
-
|
1535
|
+
|
1536
|
+
options.apply_defaults timeout: @config.timeout,
|
1537
|
+
metadata: @config.metadata,
|
1556
1538
|
retry_policy: @config.retry_policy
|
1557
1539
|
|
1558
1540
|
@key_management_service_stub.call_rpc :update_crypto_key_version, request, options: options do |response, operation|
|
@@ -1563,6 +1545,233 @@ module Google
|
|
1563
1545
|
raise ::Google::Cloud::Error.from_error(e)
|
1564
1546
|
end
|
1565
1547
|
|
1548
|
+
##
|
1549
|
+
# Update the version of a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} that will be used in {::Google::Cloud::Kms::V1::KeyManagementService::Client#encrypt Encrypt}.
|
1550
|
+
#
|
1551
|
+
# Returns an error if called on a key whose purpose is not
|
1552
|
+
# {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ENCRYPT_DECRYPT ENCRYPT_DECRYPT}.
|
1553
|
+
#
|
1554
|
+
# @overload update_crypto_key_primary_version(request, options = nil)
|
1555
|
+
# Pass arguments to `update_crypto_key_primary_version` via a request object, either of type
|
1556
|
+
# {::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest} or an equivalent Hash.
|
1557
|
+
#
|
1558
|
+
# @param request [::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest, ::Hash]
|
1559
|
+
# A request object representing the call parameters. Required. To specify no
|
1560
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
1561
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
1562
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
1563
|
+
#
|
1564
|
+
# @overload update_crypto_key_primary_version(name: nil, crypto_key_version_id: nil)
|
1565
|
+
# Pass arguments to `update_crypto_key_primary_version` via keyword arguments. Note that at
|
1566
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
1567
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
1568
|
+
#
|
1569
|
+
# @param name [::String]
|
1570
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to update.
|
1571
|
+
# @param crypto_key_version_id [::String]
|
1572
|
+
# Required. The id of the child {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use as primary.
|
1573
|
+
#
|
1574
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
1575
|
+
# @yieldparam response [::Google::Cloud::Kms::V1::CryptoKey]
|
1576
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
1577
|
+
#
|
1578
|
+
# @return [::Google::Cloud::Kms::V1::CryptoKey]
|
1579
|
+
#
|
1580
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
1581
|
+
#
|
1582
|
+
def update_crypto_key_primary_version request, options = nil
|
1583
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
1584
|
+
|
1585
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest
|
1586
|
+
|
1587
|
+
# Converts hash and nil to an options object
|
1588
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
1589
|
+
|
1590
|
+
# Customize the options with defaults
|
1591
|
+
metadata = @config.rpcs.update_crypto_key_primary_version.metadata.to_h
|
1592
|
+
|
1593
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
1594
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
1595
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
1596
|
+
gapic_version: ::Google::Cloud::Kms::V1::VERSION
|
1597
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
1598
|
+
|
1599
|
+
header_params = {
|
1600
|
+
"name" => request.name
|
1601
|
+
}
|
1602
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
1603
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
1604
|
+
|
1605
|
+
options.apply_defaults timeout: @config.rpcs.update_crypto_key_primary_version.timeout,
|
1606
|
+
metadata: metadata,
|
1607
|
+
retry_policy: @config.rpcs.update_crypto_key_primary_version.retry_policy
|
1608
|
+
|
1609
|
+
options.apply_defaults timeout: @config.timeout,
|
1610
|
+
metadata: @config.metadata,
|
1611
|
+
retry_policy: @config.retry_policy
|
1612
|
+
|
1613
|
+
@key_management_service_stub.call_rpc :update_crypto_key_primary_version, request, options: options do |response, operation|
|
1614
|
+
yield response, operation if block_given?
|
1615
|
+
return response
|
1616
|
+
end
|
1617
|
+
rescue ::GRPC::BadStatus => e
|
1618
|
+
raise ::Google::Cloud::Error.from_error(e)
|
1619
|
+
end
|
1620
|
+
|
1621
|
+
##
|
1622
|
+
# Schedule a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} for destruction.
|
1623
|
+
#
|
1624
|
+
# Upon calling this method, {::Google::Cloud::Kms::V1::CryptoKeyVersion#state CryptoKeyVersion.state} will be set to
|
1625
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROY_SCHEDULED DESTROY_SCHEDULED},
|
1626
|
+
# and {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will be set to the time
|
1627
|
+
# {::Google::Cloud::Kms::V1::CryptoKey#destroy_scheduled_duration destroy_scheduled_duration} in the
|
1628
|
+
# future. At that time, the {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} will
|
1629
|
+
# automatically change to
|
1630
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED}, and the key
|
1631
|
+
# material will be irrevocably destroyed.
|
1632
|
+
#
|
1633
|
+
# Before the {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} is reached,
|
1634
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client#restore_crypto_key_version RestoreCryptoKeyVersion} may be called to reverse the process.
|
1635
|
+
#
|
1636
|
+
# @overload destroy_crypto_key_version(request, options = nil)
|
1637
|
+
# Pass arguments to `destroy_crypto_key_version` via a request object, either of type
|
1638
|
+
# {::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest} or an equivalent Hash.
|
1639
|
+
#
|
1640
|
+
# @param request [::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest, ::Hash]
|
1641
|
+
# A request object representing the call parameters. Required. To specify no
|
1642
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
1643
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
1644
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
1645
|
+
#
|
1646
|
+
# @overload destroy_crypto_key_version(name: nil)
|
1647
|
+
# Pass arguments to `destroy_crypto_key_version` via keyword arguments. Note that at
|
1648
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
1649
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
1650
|
+
#
|
1651
|
+
# @param name [::String]
|
1652
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to destroy.
|
1653
|
+
#
|
1654
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
1655
|
+
# @yieldparam response [::Google::Cloud::Kms::V1::CryptoKeyVersion]
|
1656
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
1657
|
+
#
|
1658
|
+
# @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
|
1659
|
+
#
|
1660
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
1661
|
+
#
|
1662
|
+
def destroy_crypto_key_version request, options = nil
|
1663
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
1664
|
+
|
1665
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest
|
1666
|
+
|
1667
|
+
# Converts hash and nil to an options object
|
1668
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
1669
|
+
|
1670
|
+
# Customize the options with defaults
|
1671
|
+
metadata = @config.rpcs.destroy_crypto_key_version.metadata.to_h
|
1672
|
+
|
1673
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
1674
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
1675
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
1676
|
+
gapic_version: ::Google::Cloud::Kms::V1::VERSION
|
1677
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
1678
|
+
|
1679
|
+
header_params = {
|
1680
|
+
"name" => request.name
|
1681
|
+
}
|
1682
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
1683
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
1684
|
+
|
1685
|
+
options.apply_defaults timeout: @config.rpcs.destroy_crypto_key_version.timeout,
|
1686
|
+
metadata: metadata,
|
1687
|
+
retry_policy: @config.rpcs.destroy_crypto_key_version.retry_policy
|
1688
|
+
|
1689
|
+
options.apply_defaults timeout: @config.timeout,
|
1690
|
+
metadata: @config.metadata,
|
1691
|
+
retry_policy: @config.retry_policy
|
1692
|
+
|
1693
|
+
@key_management_service_stub.call_rpc :destroy_crypto_key_version, request, options: options do |response, operation|
|
1694
|
+
yield response, operation if block_given?
|
1695
|
+
return response
|
1696
|
+
end
|
1697
|
+
rescue ::GRPC::BadStatus => e
|
1698
|
+
raise ::Google::Cloud::Error.from_error(e)
|
1699
|
+
end
|
1700
|
+
|
1701
|
+
##
|
1702
|
+
# Restore a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} in the
|
1703
|
+
# {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROY_SCHEDULED DESTROY_SCHEDULED}
|
1704
|
+
# state.
|
1705
|
+
#
|
1706
|
+
# Upon restoration of the CryptoKeyVersion, {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state}
|
1707
|
+
# will be set to {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DISABLED DISABLED},
|
1708
|
+
# and {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will be cleared.
|
1709
|
+
#
|
1710
|
+
# @overload restore_crypto_key_version(request, options = nil)
|
1711
|
+
# Pass arguments to `restore_crypto_key_version` via a request object, either of type
|
1712
|
+
# {::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest} or an equivalent Hash.
|
1713
|
+
#
|
1714
|
+
# @param request [::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest, ::Hash]
|
1715
|
+
# A request object representing the call parameters. Required. To specify no
|
1716
|
+
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
1717
|
+
# @param options [::Gapic::CallOptions, ::Hash]
|
1718
|
+
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
1719
|
+
#
|
1720
|
+
# @overload restore_crypto_key_version(name: nil)
|
1721
|
+
# Pass arguments to `restore_crypto_key_version` via keyword arguments. Note that at
|
1722
|
+
# least one keyword argument is required. To specify no parameters, or to keep all
|
1723
|
+
# the default parameter values, pass an empty Hash as a request object (see above).
|
1724
|
+
#
|
1725
|
+
# @param name [::String]
|
1726
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to restore.
|
1727
|
+
#
|
1728
|
+
# @yield [response, operation] Access the result along with the RPC operation
|
1729
|
+
# @yieldparam response [::Google::Cloud::Kms::V1::CryptoKeyVersion]
|
1730
|
+
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
1731
|
+
#
|
1732
|
+
# @return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
|
1733
|
+
#
|
1734
|
+
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
1735
|
+
#
|
1736
|
+
def restore_crypto_key_version request, options = nil
|
1737
|
+
raise ::ArgumentError, "request must be provided" if request.nil?
|
1738
|
+
|
1739
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest
|
1740
|
+
|
1741
|
+
# Converts hash and nil to an options object
|
1742
|
+
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
1743
|
+
|
1744
|
+
# Customize the options with defaults
|
1745
|
+
metadata = @config.rpcs.restore_crypto_key_version.metadata.to_h
|
1746
|
+
|
1747
|
+
# Set x-goog-api-client and x-goog-user-project headers
|
1748
|
+
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
1749
|
+
lib_name: @config.lib_name, lib_version: @config.lib_version,
|
1750
|
+
gapic_version: ::Google::Cloud::Kms::V1::VERSION
|
1751
|
+
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
1752
|
+
|
1753
|
+
header_params = {
|
1754
|
+
"name" => request.name
|
1755
|
+
}
|
1756
|
+
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
1757
|
+
metadata[:"x-goog-request-params"] ||= request_params_header
|
1758
|
+
|
1759
|
+
options.apply_defaults timeout: @config.rpcs.restore_crypto_key_version.timeout,
|
1760
|
+
metadata: metadata,
|
1761
|
+
retry_policy: @config.rpcs.restore_crypto_key_version.retry_policy
|
1762
|
+
|
1763
|
+
options.apply_defaults timeout: @config.timeout,
|
1764
|
+
metadata: @config.metadata,
|
1765
|
+
retry_policy: @config.retry_policy
|
1766
|
+
|
1767
|
+
@key_management_service_stub.call_rpc :restore_crypto_key_version, request, options: options do |response, operation|
|
1768
|
+
yield response, operation if block_given?
|
1769
|
+
return response
|
1770
|
+
end
|
1771
|
+
rescue ::GRPC::BadStatus => e
|
1772
|
+
raise ::Google::Cloud::Error.from_error(e)
|
1773
|
+
end
|
1774
|
+
|
1566
1775
|
##
|
1567
1776
|
# Encrypts data, so that it can only be recovered by a call to {::Google::Cloud::Kms::V1::KeyManagementService::Client#decrypt Decrypt}.
|
1568
1777
|
# The {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} must be
|
@@ -1622,8 +1831,6 @@ module Google
|
|
1622
1831
|
# different languages. However, it is a non-negative integer, which will
|
1623
1832
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1624
1833
|
# that support this type.
|
1625
|
-
#
|
1626
|
-
# NOTE: This field is in Beta.
|
1627
1834
|
# @param additional_authenticated_data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
|
1628
1835
|
# Optional. An optional CRC32C checksum of the
|
1629
1836
|
# {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}. If specified,
|
@@ -1640,8 +1847,6 @@ module Google
|
|
1640
1847
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1641
1848
|
# that support this type.
|
1642
1849
|
#
|
1643
|
-
# NOTE: This field is in Beta.
|
1644
|
-
#
|
1645
1850
|
# @yield [response, operation] Access the result along with the RPC operation
|
1646
1851
|
# @yieldparam response [::Google::Cloud::Kms::V1::EncryptResponse]
|
1647
1852
|
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
@@ -1676,7 +1881,9 @@ module Google
|
|
1676
1881
|
options.apply_defaults timeout: @config.rpcs.encrypt.timeout,
|
1677
1882
|
metadata: metadata,
|
1678
1883
|
retry_policy: @config.rpcs.encrypt.retry_policy
|
1679
|
-
|
1884
|
+
|
1885
|
+
options.apply_defaults timeout: @config.timeout,
|
1886
|
+
metadata: @config.metadata,
|
1680
1887
|
retry_policy: @config.retry_policy
|
1681
1888
|
|
1682
1889
|
@key_management_service_stub.call_rpc :encrypt, request, options: options do |response, operation|
|
@@ -1729,8 +1936,6 @@ module Google
|
|
1729
1936
|
# different languages. However, it is a non-negative integer, which will
|
1730
1937
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1731
1938
|
# that support this type.
|
1732
|
-
#
|
1733
|
-
# NOTE: This field is in Beta.
|
1734
1939
|
# @param additional_authenticated_data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
|
1735
1940
|
# Optional. An optional CRC32C checksum of the
|
1736
1941
|
# {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}. If specified,
|
@@ -1747,8 +1952,6 @@ module Google
|
|
1747
1952
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1748
1953
|
# that support this type.
|
1749
1954
|
#
|
1750
|
-
# NOTE: This field is in Beta.
|
1751
|
-
#
|
1752
1955
|
# @yield [response, operation] Access the result along with the RPC operation
|
1753
1956
|
# @yieldparam response [::Google::Cloud::Kms::V1::DecryptResponse]
|
1754
1957
|
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
@@ -1783,7 +1986,9 @@ module Google
|
|
1783
1986
|
options.apply_defaults timeout: @config.rpcs.decrypt.timeout,
|
1784
1987
|
metadata: metadata,
|
1785
1988
|
retry_policy: @config.rpcs.decrypt.retry_policy
|
1786
|
-
|
1989
|
+
|
1990
|
+
options.apply_defaults timeout: @config.timeout,
|
1991
|
+
metadata: @config.metadata,
|
1787
1992
|
retry_policy: @config.retry_policy
|
1788
1993
|
|
1789
1994
|
@key_management_service_stub.call_rpc :decrypt, request, options: options do |response, operation|
|
@@ -1835,8 +2040,6 @@ module Google
|
|
1835
2040
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1836
2041
|
# that support this type.
|
1837
2042
|
#
|
1838
|
-
# NOTE: This field is in Beta.
|
1839
|
-
#
|
1840
2043
|
# @yield [response, operation] Access the result along with the RPC operation
|
1841
2044
|
# @yieldparam response [::Google::Cloud::Kms::V1::AsymmetricSignResponse]
|
1842
2045
|
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
@@ -1871,7 +2074,9 @@ module Google
|
|
1871
2074
|
options.apply_defaults timeout: @config.rpcs.asymmetric_sign.timeout,
|
1872
2075
|
metadata: metadata,
|
1873
2076
|
retry_policy: @config.rpcs.asymmetric_sign.retry_policy
|
1874
|
-
|
2077
|
+
|
2078
|
+
options.apply_defaults timeout: @config.timeout,
|
2079
|
+
metadata: @config.metadata,
|
1875
2080
|
retry_policy: @config.retry_policy
|
1876
2081
|
|
1877
2082
|
@key_management_service_stub.call_rpc :asymmetric_sign, request, options: options do |response, operation|
|
@@ -1923,8 +2128,6 @@ module Google
|
|
1923
2128
|
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
1924
2129
|
# that support this type.
|
1925
2130
|
#
|
1926
|
-
# NOTE: This field is in Beta.
|
1927
|
-
#
|
1928
2131
|
# @yield [response, operation] Access the result along with the RPC operation
|
1929
2132
|
# @yieldparam response [::Google::Cloud::Kms::V1::AsymmetricDecryptResponse]
|
1930
2133
|
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
@@ -1959,7 +2162,9 @@ module Google
|
|
1959
2162
|
options.apply_defaults timeout: @config.rpcs.asymmetric_decrypt.timeout,
|
1960
2163
|
metadata: metadata,
|
1961
2164
|
retry_policy: @config.rpcs.asymmetric_decrypt.retry_policy
|
1962
|
-
|
2165
|
+
|
2166
|
+
options.apply_defaults timeout: @config.timeout,
|
2167
|
+
metadata: @config.metadata,
|
1963
2168
|
retry_policy: @config.retry_policy
|
1964
2169
|
|
1965
2170
|
@key_management_service_stub.call_rpc :asymmetric_decrypt, request, options: options do |response, operation|
|
@@ -1971,49 +2176,63 @@ module Google
|
|
1971
2176
|
end
|
1972
2177
|
|
1973
2178
|
##
|
1974
|
-
#
|
1975
|
-
#
|
1976
|
-
#
|
1977
|
-
# {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ENCRYPT_DECRYPT ENCRYPT_DECRYPT}.
|
2179
|
+
# Signs data using a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose}
|
2180
|
+
# MAC, producing a tag that can be verified by another source with the
|
2181
|
+
# same key.
|
1978
2182
|
#
|
1979
|
-
# @overload
|
1980
|
-
# Pass arguments to `
|
1981
|
-
# {::Google::Cloud::Kms::V1::
|
2183
|
+
# @overload mac_sign(request, options = nil)
|
2184
|
+
# Pass arguments to `mac_sign` via a request object, either of type
|
2185
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest} or an equivalent Hash.
|
1982
2186
|
#
|
1983
|
-
# @param request [::Google::Cloud::Kms::V1::
|
2187
|
+
# @param request [::Google::Cloud::Kms::V1::MacSignRequest, ::Hash]
|
1984
2188
|
# A request object representing the call parameters. Required. To specify no
|
1985
2189
|
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
1986
2190
|
# @param options [::Gapic::CallOptions, ::Hash]
|
1987
2191
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
1988
2192
|
#
|
1989
|
-
# @overload
|
1990
|
-
# Pass arguments to `
|
2193
|
+
# @overload mac_sign(name: nil, data: nil, data_crc32c: nil)
|
2194
|
+
# Pass arguments to `mac_sign` via keyword arguments. Note that at
|
1991
2195
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
1992
2196
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
1993
2197
|
#
|
1994
2198
|
# @param name [::String]
|
1995
|
-
# Required. The resource name of the {::Google::Cloud::Kms::V1::
|
1996
|
-
# @param
|
1997
|
-
# Required. The
|
2199
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for signing.
|
2200
|
+
# @param data [::String]
|
2201
|
+
# Required. The data to sign. The MAC tag is computed over this data field based on
|
2202
|
+
# the specific algorithm.
|
2203
|
+
# @param data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
|
2204
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}. If
|
2205
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
2206
|
+
# received {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} using this checksum.
|
2207
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
2208
|
+
# fails. If you receive a checksum error, your client should verify that
|
2209
|
+
# CRC32C({::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}) is equal to
|
2210
|
+
# {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c}, and if so, perform a limited
|
2211
|
+
# number of retries. A persistent mismatch may indicate an issue in your
|
2212
|
+
# computation of the CRC32C checksum.
|
2213
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
2214
|
+
# different languages. However, it is a non-negative integer, which will
|
2215
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
2216
|
+
# that support this type.
|
1998
2217
|
#
|
1999
2218
|
# @yield [response, operation] Access the result along with the RPC operation
|
2000
|
-
# @yieldparam response [::Google::Cloud::Kms::V1::
|
2219
|
+
# @yieldparam response [::Google::Cloud::Kms::V1::MacSignResponse]
|
2001
2220
|
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
2002
2221
|
#
|
2003
|
-
# @return [::Google::Cloud::Kms::V1::
|
2222
|
+
# @return [::Google::Cloud::Kms::V1::MacSignResponse]
|
2004
2223
|
#
|
2005
2224
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
2006
2225
|
#
|
2007
|
-
def
|
2226
|
+
def mac_sign request, options = nil
|
2008
2227
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
2009
2228
|
|
2010
|
-
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::
|
2229
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::MacSignRequest
|
2011
2230
|
|
2012
2231
|
# Converts hash and nil to an options object
|
2013
2232
|
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
2014
2233
|
|
2015
2234
|
# Customize the options with defaults
|
2016
|
-
metadata = @config.rpcs.
|
2235
|
+
metadata = @config.rpcs.mac_sign.metadata.to_h
|
2017
2236
|
|
2018
2237
|
# Set x-goog-api-client and x-goog-user-project headers
|
2019
2238
|
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
@@ -2027,13 +2246,15 @@ module Google
|
|
2027
2246
|
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
2028
2247
|
metadata[:"x-goog-request-params"] ||= request_params_header
|
2029
2248
|
|
2030
|
-
options.apply_defaults timeout: @config.rpcs.
|
2249
|
+
options.apply_defaults timeout: @config.rpcs.mac_sign.timeout,
|
2031
2250
|
metadata: metadata,
|
2032
|
-
retry_policy: @config.rpcs.
|
2033
|
-
|
2251
|
+
retry_policy: @config.rpcs.mac_sign.retry_policy
|
2252
|
+
|
2253
|
+
options.apply_defaults timeout: @config.timeout,
|
2254
|
+
metadata: @config.metadata,
|
2034
2255
|
retry_policy: @config.retry_policy
|
2035
2256
|
|
2036
|
-
@key_management_service_stub.call_rpc :
|
2257
|
+
@key_management_service_stub.call_rpc :mac_sign, request, options: options do |response, operation|
|
2037
2258
|
yield response, operation if block_given?
|
2038
2259
|
return response
|
2039
2260
|
end
|
@@ -2042,55 +2263,79 @@ module Google
|
|
2042
2263
|
end
|
2043
2264
|
|
2044
2265
|
##
|
2045
|
-
#
|
2046
|
-
#
|
2047
|
-
#
|
2048
|
-
# {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROY_SCHEDULED DESTROY_SCHEDULED}
|
2049
|
-
# and {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will be set to a time 24
|
2050
|
-
# hours in the future, at which point the {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state}
|
2051
|
-
# will be changed to
|
2052
|
-
# {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED}, and the key
|
2053
|
-
# material will be irrevocably destroyed.
|
2266
|
+
# Verifies MAC tag using a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose}
|
2267
|
+
# MAC, and returns a response that indicates whether or not the verification
|
2268
|
+
# was successful.
|
2054
2269
|
#
|
2055
|
-
#
|
2056
|
-
#
|
2270
|
+
# @overload mac_verify(request, options = nil)
|
2271
|
+
# Pass arguments to `mac_verify` via a request object, either of type
|
2272
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest} or an equivalent Hash.
|
2057
2273
|
#
|
2058
|
-
#
|
2059
|
-
# Pass arguments to `destroy_crypto_key_version` via a request object, either of type
|
2060
|
-
# {::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest} or an equivalent Hash.
|
2061
|
-
#
|
2062
|
-
# @param request [::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest, ::Hash]
|
2274
|
+
# @param request [::Google::Cloud::Kms::V1::MacVerifyRequest, ::Hash]
|
2063
2275
|
# A request object representing the call parameters. Required. To specify no
|
2064
2276
|
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
2065
2277
|
# @param options [::Gapic::CallOptions, ::Hash]
|
2066
2278
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
2067
2279
|
#
|
2068
|
-
# @overload
|
2069
|
-
# Pass arguments to `
|
2280
|
+
# @overload mac_verify(name: nil, data: nil, data_crc32c: nil, mac: nil, mac_crc32c: nil)
|
2281
|
+
# Pass arguments to `mac_verify` via keyword arguments. Note that at
|
2070
2282
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
2071
2283
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
2072
2284
|
#
|
2073
2285
|
# @param name [::String]
|
2074
|
-
# Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to
|
2286
|
+
# Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for verification.
|
2287
|
+
# @param data [::String]
|
2288
|
+
# Required. The data used previously as a {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} to generate the MAC
|
2289
|
+
# tag.
|
2290
|
+
# @param data_crc32c [::Google::Protobuf::Int64Value, ::Hash]
|
2291
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}. If
|
2292
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
2293
|
+
# received {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} using this checksum.
|
2294
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
2295
|
+
# fails. If you receive a checksum error, your client should verify that
|
2296
|
+
# CRC32C({::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}) is equal to
|
2297
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c}, and if so, perform a limited
|
2298
|
+
# number of retries. A persistent mismatch may indicate an issue in your
|
2299
|
+
# computation of the CRC32C checksum.
|
2300
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
2301
|
+
# different languages. However, it is a non-negative integer, which will
|
2302
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
2303
|
+
# that support this type.
|
2304
|
+
# @param mac [::String]
|
2305
|
+
# Required. The signature to verify.
|
2306
|
+
# @param mac_crc32c [::Google::Protobuf::Int64Value, ::Hash]
|
2307
|
+
# Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac}. If
|
2308
|
+
# specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the
|
2309
|
+
# received {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} using this checksum.
|
2310
|
+
# {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification
|
2311
|
+
# fails. If you receive a checksum error, your client should verify that
|
2312
|
+
# CRC32C([MacVerifyRequest.tag][]) is equal to
|
2313
|
+
# {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c}, and if so, perform a limited
|
2314
|
+
# number of retries. A persistent mismatch may indicate an issue in your
|
2315
|
+
# computation of the CRC32C checksum.
|
2316
|
+
# Note: This field is defined as int64 for reasons of compatibility across
|
2317
|
+
# different languages. However, it is a non-negative integer, which will
|
2318
|
+
# never exceed 2^32-1, and can be safely downconverted to uint32 in languages
|
2319
|
+
# that support this type.
|
2075
2320
|
#
|
2076
2321
|
# @yield [response, operation] Access the result along with the RPC operation
|
2077
|
-
# @yieldparam response [::Google::Cloud::Kms::V1::
|
2322
|
+
# @yieldparam response [::Google::Cloud::Kms::V1::MacVerifyResponse]
|
2078
2323
|
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
2079
2324
|
#
|
2080
|
-
# @return [::Google::Cloud::Kms::V1::
|
2325
|
+
# @return [::Google::Cloud::Kms::V1::MacVerifyResponse]
|
2081
2326
|
#
|
2082
2327
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
2083
2328
|
#
|
2084
|
-
def
|
2329
|
+
def mac_verify request, options = nil
|
2085
2330
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
2086
2331
|
|
2087
|
-
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::
|
2332
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::MacVerifyRequest
|
2088
2333
|
|
2089
2334
|
# Converts hash and nil to an options object
|
2090
2335
|
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
2091
2336
|
|
2092
2337
|
# Customize the options with defaults
|
2093
|
-
metadata = @config.rpcs.
|
2338
|
+
metadata = @config.rpcs.mac_verify.metadata.to_h
|
2094
2339
|
|
2095
2340
|
# Set x-goog-api-client and x-goog-user-project headers
|
2096
2341
|
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
@@ -2104,13 +2349,15 @@ module Google
|
|
2104
2349
|
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
2105
2350
|
metadata[:"x-goog-request-params"] ||= request_params_header
|
2106
2351
|
|
2107
|
-
options.apply_defaults timeout: @config.rpcs.
|
2352
|
+
options.apply_defaults timeout: @config.rpcs.mac_verify.timeout,
|
2108
2353
|
metadata: metadata,
|
2109
|
-
retry_policy: @config.rpcs.
|
2110
|
-
|
2354
|
+
retry_policy: @config.rpcs.mac_verify.retry_policy
|
2355
|
+
|
2356
|
+
options.apply_defaults timeout: @config.timeout,
|
2357
|
+
metadata: @config.metadata,
|
2111
2358
|
retry_policy: @config.retry_policy
|
2112
2359
|
|
2113
|
-
@key_management_service_stub.call_rpc :
|
2360
|
+
@key_management_service_stub.call_rpc :mac_verify, request, options: options do |response, operation|
|
2114
2361
|
yield response, operation if block_given?
|
2115
2362
|
return response
|
2116
2363
|
end
|
@@ -2119,50 +2366,52 @@ module Google
|
|
2119
2366
|
end
|
2120
2367
|
|
2121
2368
|
##
|
2122
|
-
#
|
2123
|
-
#
|
2124
|
-
# state.
|
2125
|
-
#
|
2126
|
-
# Upon restoration of the CryptoKeyVersion, {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state}
|
2127
|
-
# will be set to {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DISABLED DISABLED},
|
2128
|
-
# and {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will be cleared.
|
2369
|
+
# Generate random bytes using the Cloud KMS randomness source in the provided
|
2370
|
+
# location.
|
2129
2371
|
#
|
2130
|
-
# @overload
|
2131
|
-
# Pass arguments to `
|
2132
|
-
# {::Google::Cloud::Kms::V1::
|
2372
|
+
# @overload generate_random_bytes(request, options = nil)
|
2373
|
+
# Pass arguments to `generate_random_bytes` via a request object, either of type
|
2374
|
+
# {::Google::Cloud::Kms::V1::GenerateRandomBytesRequest} or an equivalent Hash.
|
2133
2375
|
#
|
2134
|
-
# @param request [::Google::Cloud::Kms::V1::
|
2376
|
+
# @param request [::Google::Cloud::Kms::V1::GenerateRandomBytesRequest, ::Hash]
|
2135
2377
|
# A request object representing the call parameters. Required. To specify no
|
2136
2378
|
# parameters, or to keep all the default parameter values, pass an empty Hash.
|
2137
2379
|
# @param options [::Gapic::CallOptions, ::Hash]
|
2138
2380
|
# Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
|
2139
2381
|
#
|
2140
|
-
# @overload
|
2141
|
-
# Pass arguments to `
|
2382
|
+
# @overload generate_random_bytes(location: nil, length_bytes: nil, protection_level: nil)
|
2383
|
+
# Pass arguments to `generate_random_bytes` via keyword arguments. Note that at
|
2142
2384
|
# least one keyword argument is required. To specify no parameters, or to keep all
|
2143
2385
|
# the default parameter values, pass an empty Hash as a request object (see above).
|
2144
2386
|
#
|
2145
|
-
# @param
|
2146
|
-
#
|
2387
|
+
# @param location [::String]
|
2388
|
+
# The project-specific location in which to generate random bytes.
|
2389
|
+
# For example, "projects/my-project/locations/us-central1".
|
2390
|
+
# @param length_bytes [::Integer]
|
2391
|
+
# The length in bytes of the amount of randomness to retrieve. Minimum 8
|
2392
|
+
# bytes, maximum 1024 bytes.
|
2393
|
+
# @param protection_level [::Google::Cloud::Kms::V1::ProtectionLevel]
|
2394
|
+
# The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} to use when generating the random data. Defaults to
|
2395
|
+
# {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE}.
|
2147
2396
|
#
|
2148
2397
|
# @yield [response, operation] Access the result along with the RPC operation
|
2149
|
-
# @yieldparam response [::Google::Cloud::Kms::V1::
|
2398
|
+
# @yieldparam response [::Google::Cloud::Kms::V1::GenerateRandomBytesResponse]
|
2150
2399
|
# @yieldparam operation [::GRPC::ActiveCall::Operation]
|
2151
2400
|
#
|
2152
|
-
# @return [::Google::Cloud::Kms::V1::
|
2401
|
+
# @return [::Google::Cloud::Kms::V1::GenerateRandomBytesResponse]
|
2153
2402
|
#
|
2154
2403
|
# @raise [::Google::Cloud::Error] if the RPC is aborted.
|
2155
2404
|
#
|
2156
|
-
def
|
2405
|
+
def generate_random_bytes request, options = nil
|
2157
2406
|
raise ::ArgumentError, "request must be provided" if request.nil?
|
2158
2407
|
|
2159
|
-
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::
|
2408
|
+
request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GenerateRandomBytesRequest
|
2160
2409
|
|
2161
2410
|
# Converts hash and nil to an options object
|
2162
2411
|
options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h
|
2163
2412
|
|
2164
2413
|
# Customize the options with defaults
|
2165
|
-
metadata = @config.rpcs.
|
2414
|
+
metadata = @config.rpcs.generate_random_bytes.metadata.to_h
|
2166
2415
|
|
2167
2416
|
# Set x-goog-api-client and x-goog-user-project headers
|
2168
2417
|
metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
|
@@ -2171,18 +2420,20 @@ module Google
|
|
2171
2420
|
metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id
|
2172
2421
|
|
2173
2422
|
header_params = {
|
2174
|
-
"
|
2423
|
+
"location" => request.location
|
2175
2424
|
}
|
2176
2425
|
request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
|
2177
2426
|
metadata[:"x-goog-request-params"] ||= request_params_header
|
2178
2427
|
|
2179
|
-
options.apply_defaults timeout: @config.rpcs.
|
2428
|
+
options.apply_defaults timeout: @config.rpcs.generate_random_bytes.timeout,
|
2180
2429
|
metadata: metadata,
|
2181
|
-
retry_policy: @config.rpcs.
|
2182
|
-
|
2430
|
+
retry_policy: @config.rpcs.generate_random_bytes.retry_policy
|
2431
|
+
|
2432
|
+
options.apply_defaults timeout: @config.timeout,
|
2433
|
+
metadata: @config.metadata,
|
2183
2434
|
retry_policy: @config.retry_policy
|
2184
2435
|
|
2185
|
-
@key_management_service_stub.call_rpc :
|
2436
|
+
@key_management_service_stub.call_rpc :generate_random_bytes, request, options: options do |response, operation|
|
2186
2437
|
yield response, operation if block_given?
|
2187
2438
|
return response
|
2188
2439
|
end
|
@@ -2203,22 +2454,21 @@ module Google
|
|
2203
2454
|
# Configuration can be applied globally to all clients, or to a single client
|
2204
2455
|
# on construction.
|
2205
2456
|
#
|
2206
|
-
#
|
2207
|
-
#
|
2208
|
-
# To modify the global config, setting the timeout for list_key_rings
|
2209
|
-
# to 20 seconds, and all remaining timeouts to 10 seconds:
|
2457
|
+
# @example
|
2210
2458
|
#
|
2211
|
-
#
|
2212
|
-
#
|
2213
|
-
#
|
2214
|
-
#
|
2459
|
+
# # Modify the global config, setting the timeout for
|
2460
|
+
# # list_key_rings to 20 seconds,
|
2461
|
+
# # and all remaining timeouts to 10 seconds.
|
2462
|
+
# ::Google::Cloud::Kms::V1::KeyManagementService::Client.configure do |config|
|
2463
|
+
# config.timeout = 10.0
|
2464
|
+
# config.rpcs.list_key_rings.timeout = 20.0
|
2465
|
+
# end
|
2215
2466
|
#
|
2216
|
-
#
|
2217
|
-
#
|
2218
|
-
#
|
2219
|
-
#
|
2220
|
-
#
|
2221
|
-
# end
|
2467
|
+
# # Apply the above configuration only to a new client.
|
2468
|
+
# client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new do |config|
|
2469
|
+
# config.timeout = 10.0
|
2470
|
+
# config.rpcs.list_key_rings.timeout = 20.0
|
2471
|
+
# end
|
2222
2472
|
#
|
2223
2473
|
# @!attribute [rw] endpoint
|
2224
2474
|
# The hostname or hostname:port of the service endpoint.
|
@@ -2407,6 +2657,21 @@ module Google
|
|
2407
2657
|
#
|
2408
2658
|
attr_reader :update_crypto_key_version
|
2409
2659
|
##
|
2660
|
+
# RPC-specific configuration for `update_crypto_key_primary_version`
|
2661
|
+
# @return [::Gapic::Config::Method]
|
2662
|
+
#
|
2663
|
+
attr_reader :update_crypto_key_primary_version
|
2664
|
+
##
|
2665
|
+
# RPC-specific configuration for `destroy_crypto_key_version`
|
2666
|
+
# @return [::Gapic::Config::Method]
|
2667
|
+
#
|
2668
|
+
attr_reader :destroy_crypto_key_version
|
2669
|
+
##
|
2670
|
+
# RPC-specific configuration for `restore_crypto_key_version`
|
2671
|
+
# @return [::Gapic::Config::Method]
|
2672
|
+
#
|
2673
|
+
attr_reader :restore_crypto_key_version
|
2674
|
+
##
|
2410
2675
|
# RPC-specific configuration for `encrypt`
|
2411
2676
|
# @return [::Gapic::Config::Method]
|
2412
2677
|
#
|
@@ -2427,20 +2692,20 @@ module Google
|
|
2427
2692
|
#
|
2428
2693
|
attr_reader :asymmetric_decrypt
|
2429
2694
|
##
|
2430
|
-
# RPC-specific configuration for `
|
2695
|
+
# RPC-specific configuration for `mac_sign`
|
2431
2696
|
# @return [::Gapic::Config::Method]
|
2432
2697
|
#
|
2433
|
-
attr_reader :
|
2698
|
+
attr_reader :mac_sign
|
2434
2699
|
##
|
2435
|
-
# RPC-specific configuration for `
|
2700
|
+
# RPC-specific configuration for `mac_verify`
|
2436
2701
|
# @return [::Gapic::Config::Method]
|
2437
2702
|
#
|
2438
|
-
attr_reader :
|
2703
|
+
attr_reader :mac_verify
|
2439
2704
|
##
|
2440
|
-
# RPC-specific configuration for `
|
2705
|
+
# RPC-specific configuration for `generate_random_bytes`
|
2441
2706
|
# @return [::Gapic::Config::Method]
|
2442
2707
|
#
|
2443
|
-
attr_reader :
|
2708
|
+
attr_reader :generate_random_bytes
|
2444
2709
|
|
2445
2710
|
# @private
|
2446
2711
|
def initialize parent_rpcs = nil
|
@@ -2476,6 +2741,12 @@ module Google
|
|
2476
2741
|
@update_crypto_key = ::Gapic::Config::Method.new update_crypto_key_config
|
2477
2742
|
update_crypto_key_version_config = parent_rpcs.update_crypto_key_version if parent_rpcs.respond_to? :update_crypto_key_version
|
2478
2743
|
@update_crypto_key_version = ::Gapic::Config::Method.new update_crypto_key_version_config
|
2744
|
+
update_crypto_key_primary_version_config = parent_rpcs.update_crypto_key_primary_version if parent_rpcs.respond_to? :update_crypto_key_primary_version
|
2745
|
+
@update_crypto_key_primary_version = ::Gapic::Config::Method.new update_crypto_key_primary_version_config
|
2746
|
+
destroy_crypto_key_version_config = parent_rpcs.destroy_crypto_key_version if parent_rpcs.respond_to? :destroy_crypto_key_version
|
2747
|
+
@destroy_crypto_key_version = ::Gapic::Config::Method.new destroy_crypto_key_version_config
|
2748
|
+
restore_crypto_key_version_config = parent_rpcs.restore_crypto_key_version if parent_rpcs.respond_to? :restore_crypto_key_version
|
2749
|
+
@restore_crypto_key_version = ::Gapic::Config::Method.new restore_crypto_key_version_config
|
2479
2750
|
encrypt_config = parent_rpcs.encrypt if parent_rpcs.respond_to? :encrypt
|
2480
2751
|
@encrypt = ::Gapic::Config::Method.new encrypt_config
|
2481
2752
|
decrypt_config = parent_rpcs.decrypt if parent_rpcs.respond_to? :decrypt
|
@@ -2484,12 +2755,12 @@ module Google
|
|
2484
2755
|
@asymmetric_sign = ::Gapic::Config::Method.new asymmetric_sign_config
|
2485
2756
|
asymmetric_decrypt_config = parent_rpcs.asymmetric_decrypt if parent_rpcs.respond_to? :asymmetric_decrypt
|
2486
2757
|
@asymmetric_decrypt = ::Gapic::Config::Method.new asymmetric_decrypt_config
|
2487
|
-
|
2488
|
-
@
|
2489
|
-
|
2490
|
-
@
|
2491
|
-
|
2492
|
-
@
|
2758
|
+
mac_sign_config = parent_rpcs.mac_sign if parent_rpcs.respond_to? :mac_sign
|
2759
|
+
@mac_sign = ::Gapic::Config::Method.new mac_sign_config
|
2760
|
+
mac_verify_config = parent_rpcs.mac_verify if parent_rpcs.respond_to? :mac_verify
|
2761
|
+
@mac_verify = ::Gapic::Config::Method.new mac_verify_config
|
2762
|
+
generate_random_bytes_config = parent_rpcs.generate_random_bytes if parent_rpcs.respond_to? :generate_random_bytes
|
2763
|
+
@generate_random_bytes = ::Gapic::Config::Method.new generate_random_bytes_config
|
2493
2764
|
|
2494
2765
|
yield self if block_given?
|
2495
2766
|
end
|