RubyGems - google-cloud-kms-v1 - Versions diffs - 1.9.1 → 1.10.0 - Mend

google-cloud-kms-v1 1.9.1 → 1.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

checksums.yaml +4 -4
data/lib/google/cloud/kms/v1/hsm_management/client.rb +1477 -0
data/lib/google/cloud/kms/v1/hsm_management/credentials.rb +52 -0
data/lib/google/cloud/kms/v1/hsm_management/operations.rb +841 -0
data/lib/google/cloud/kms/v1/hsm_management/paths.rb +90 -0
data/lib/google/cloud/kms/v1/hsm_management/rest/client.rb +1380 -0
data/lib/google/cloud/kms/v1/hsm_management/rest/operations.rb +925 -0
data/lib/google/cloud/kms/v1/hsm_management/rest/service_stub.rb +634 -0
data/lib/google/cloud/kms/v1/hsm_management/rest.rb +60 -0
data/lib/google/cloud/kms/v1/hsm_management.rb +62 -0
data/lib/google/cloud/kms/v1/hsm_management_pb.rb +86 -0
data/lib/google/cloud/kms/v1/hsm_management_services_pb.rb +91 -0
data/lib/google/cloud/kms/v1/resources_pb.rb +1 -1
data/lib/google/cloud/kms/v1/rest.rb +1 -0
data/lib/google/cloud/kms/v1/service_pb.rb +1 -1
data/lib/google/cloud/kms/v1/version.rb +1 -1
data/lib/google/cloud/kms/v1.rb +1 -0
data/proto_docs/google/cloud/kms/v1/hsm_management.rb +877 -0
data/proto_docs/google/cloud/kms/v1/resources.rb +31 -1
data/proto_docs/google/cloud/kms/v1/service.rb +6 -0
metadata +13 -1

data/proto_docs/google/cloud/kms/v1/hsm_management.rb ADDED Viewed

@@ -0,0 +1,877 @@
+# frozen_string_literal: true
+# Copyright 2026 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+module Google
+  module Cloud
+    module Kms
+      module V1
+        # A {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}
+        # represents a single-tenant HSM instance. It can be used for creating
+        # {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with a
+        # {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} of
+        # [HSM_SINGLE_TENANT][CryptoKeyVersion.ProtectionLevel.HSM_SINGLE_TENANT], as
+        # well as performing cryptographic operations using keys created within the
+        # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Identifier. The resource name for this
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} in
+        #     the format `projects/*/locations/*/singleTenantHsmInstances/*`.
+        # @!attribute [r] create_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Output only. The time at which the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} was
+        #     created.
+        # @!attribute [r] state
+        #   @return [::Google::Cloud::Kms::V1::SingleTenantHsmInstance::State]
+        #     Output only. The state of the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}.
+        # @!attribute [rw] quorum_auth
+        #   @return [::Google::Cloud::Kms::V1::SingleTenantHsmInstance::QuorumAuth]
+        #     Required. The quorum auth configuration for the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}.
+        # @!attribute [r] delete_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Output only. The time at which the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} was
+        #     deleted.
+        # @!attribute [r] unrefreshed_duration_until_disable
+        #   @return [::Google::Protobuf::Duration]
+        #     Output only. The system-defined duration that an instance can remain
+        #     unrefreshed until it is automatically disabled. This will have a value of
+        #     120 days.
+        # @!attribute [r] disable_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Output only. The time at which the instance will be automatically disabled
+        #     if not refreshed. This field is updated upon creation and after each
+        #     successful refresh operation and enable. A
+        #     [RefreshSingleTenantHsmInstance][] operation must be made via a
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+        #     before this time otherwise the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} will
+        #     become disabled.
+        class SingleTenantHsmInstance
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+          # Configuration for M of N quorum auth.
+          # @!attribute [rw] total_approver_count
+          #   @return [::Integer]
+          #     Required. The total number of approvers. This is the N value used
+          #     for M of N quorum auth. Must be greater than or equal to 3 and less than
+          #     or equal to 16.
+          # @!attribute [r] required_approver_count
+          #   @return [::Integer]
+          #     Output only. The required numbers of approvers. The M value used for M of
+          #     N quorum auth. Must be greater than or equal to 2 and less than or equal
+          #     to
+          #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::QuorumAuth#total_approver_count total_approver_count}
+          #     - 1.
+          # @!attribute [r] two_factor_public_key_pems
+          #   @return [::Array<::String>]
+          #     Output only. The public keys associated with the 2FA keys for M of N
+          #     quorum auth.
+          class QuorumAuth
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+          # The set of states of a
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}.
+          module State
+            # Not specified.
+            STATE_UNSPECIFIED = 0
+            # The
+            # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} is
+            # being created.
+            CREATING = 1
+            # The
+            # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} is
+            # waiting for 2FA keys to be registered. This can be done by calling
+            # {::Google::Cloud::Kms::V1::HsmManagement::Client#create_single_tenant_hsm_instance_proposal CreateSingleTenantHsmInstanceProposal}
+            # with the [RegisterTwoFactorAuthKeys][] operation.
+            PENDING_TWO_FACTOR_AUTH_REGISTRATION = 2
+            # The
+            # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} is
+            # ready to use. A
+            # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}
+            # must be in the
+            # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::State::ACTIVE ACTIVE} state
+            # for all {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} created within the
+            # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} to
+            # be usable.
+            ACTIVE = 3
+            # The
+            # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} is
+            # being disabled.
+            DISABLING = 4
+            # The
+            # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} is
+            # disabled.
+            DISABLED = 5
+            # The
+            # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} is
+            # being deleted. Requests to the instance will be rejected in this state.
+            DELETING = 6
+            # The
+            # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}
+            # has been deleted.
+            DELETED = 7
+            # The
+            # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}
+            # has failed and can not be recovered or used.
+            FAILED = 8
+          end
+        end
+        # A
+        # {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+        # represents a proposal to perform an operation on a
+        # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Identifier. The resource name for this
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} in
+        #     the format `projects/*/locations/*/singleTenantHsmInstances/*/proposals/*`.
+        # @!attribute [r] create_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Output only. The time at which the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+        #     was created.
+        # @!attribute [r] state
+        #   @return [::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal::State]
+        #     Output only. The state of the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}.
+        # @!attribute [r] failure_reason
+        #   @return [::String]
+        #     Output only. The root cause of the most recent failure. Only present if
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal#state state} is
+        #     [FAILED][SingleTenantHsmInstanceProposal.FAILED].
+        # @!attribute [r] quorum_parameters
+        #   @return [::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal::QuorumParameters]
+        #     Output only. The quorum approval parameters for the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}.
+        #
+        #     Note: The following fields are mutually exclusive: `quorum_parameters`, `required_action_quorum_parameters`. If a field in that set is populated, all other fields in the set will automatically be cleared.
+        # @!attribute [r] required_action_quorum_parameters
+        #   @return [::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal::RequiredActionQuorumParameters]
+        #     Output only. Parameters for an approval of a
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+        #     that has both required challenges and a quorum.
+        #
+        #     Note: The following fields are mutually exclusive: `required_action_quorum_parameters`, `quorum_parameters`. If a field in that set is populated, all other fields in the set will automatically be cleared.
+        # @!attribute [rw] expire_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     The time at which the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+        #     will expire if not approved and executed.
+        #
+        #     Note: The following fields are mutually exclusive: `expire_time`, `ttl`. If a field in that set is populated, all other fields in the set will automatically be cleared.
+        # @!attribute [rw] ttl
+        #   @return [::Google::Protobuf::Duration]
+        #     Input only. The TTL for the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}.
+        #     Proposals will expire after this duration.
+        #
+        #     Note: The following fields are mutually exclusive: `ttl`, `expire_time`. If a field in that set is populated, all other fields in the set will automatically be cleared.
+        # @!attribute [r] delete_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Output only. The time at which the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+        #     was deleted.
+        # @!attribute [r] purge_time
+        #   @return [::Google::Protobuf::Timestamp]
+        #     Output only. The time at which the soft-deleted
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+        #     will be permanently purged. This field is only populated
+        #     when the state is DELETED and will be set a time after expiration of the
+        #     proposal, i.e. >= expire_time or (create_time + ttl).
+        # @!attribute [rw] register_two_factor_auth_keys
+        #   @return [::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal::RegisterTwoFactorAuthKeys]
+        #     Register 2FA keys for the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}.
+        #     This operation requires all N Challenges to be signed by 2FA keys. The
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}
+        #     must be in the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::State::PENDING_TWO_FACTOR_AUTH_REGISTRATION PENDING_TWO_FACTOR_AUTH_REGISTRATION}
+        #     state to perform this operation.
+        #
+        #     Note: The following fields are mutually exclusive: `register_two_factor_auth_keys`, `disable_single_tenant_hsm_instance`, `enable_single_tenant_hsm_instance`, `delete_single_tenant_hsm_instance`, `add_quorum_member`, `remove_quorum_member`, `refresh_single_tenant_hsm_instance`. If a field in that set is populated, all other fields in the set will automatically be cleared.
+        # @!attribute [rw] disable_single_tenant_hsm_instance
+        #   @return [::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal::DisableSingleTenantHsmInstance]
+        #     Disable the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}.
+        #     The
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}
+        #     must be in the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::State::ACTIVE ACTIVE} state
+        #     to perform this operation.
+        #
+        #     Note: The following fields are mutually exclusive: `disable_single_tenant_hsm_instance`, `register_two_factor_auth_keys`, `enable_single_tenant_hsm_instance`, `delete_single_tenant_hsm_instance`, `add_quorum_member`, `remove_quorum_member`, `refresh_single_tenant_hsm_instance`. If a field in that set is populated, all other fields in the set will automatically be cleared.
+        # @!attribute [rw] enable_single_tenant_hsm_instance
+        #   @return [::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal::EnableSingleTenantHsmInstance]
+        #     Enable the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}.
+        #     The
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}
+        #     must be in the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::State::DISABLED DISABLED}
+        #     state to perform this operation.
+        #
+        #     Note: The following fields are mutually exclusive: `enable_single_tenant_hsm_instance`, `register_two_factor_auth_keys`, `disable_single_tenant_hsm_instance`, `delete_single_tenant_hsm_instance`, `add_quorum_member`, `remove_quorum_member`, `refresh_single_tenant_hsm_instance`. If a field in that set is populated, all other fields in the set will automatically be cleared.
+        # @!attribute [rw] delete_single_tenant_hsm_instance
+        #   @return [::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal::DeleteSingleTenantHsmInstance]
+        #     Delete the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}.
+        #     Deleting a
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}
+        #     will make all {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} attached to the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}
+        #     unusable. The
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}
+        #     must be in the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::State::DISABLED DISABLED} or
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::State::PENDING_TWO_FACTOR_AUTH_REGISTRATION PENDING_TWO_FACTOR_AUTH_REGISTRATION}
+        #     state to perform this operation.
+        #
+        #     Note: The following fields are mutually exclusive: `delete_single_tenant_hsm_instance`, `register_two_factor_auth_keys`, `disable_single_tenant_hsm_instance`, `enable_single_tenant_hsm_instance`, `add_quorum_member`, `remove_quorum_member`, `refresh_single_tenant_hsm_instance`. If a field in that set is populated, all other fields in the set will automatically be cleared.
+        # @!attribute [rw] add_quorum_member
+        #   @return [::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal::AddQuorumMember]
+        #     Add a quorum member to the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}.
+        #     This will increase the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::QuorumAuth#total_approver_count total_approver_count}
+        #     by 1. The
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}
+        #     must be in the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::State::ACTIVE ACTIVE} state
+        #     to perform this operation.
+        #
+        #     Note: The following fields are mutually exclusive: `add_quorum_member`, `register_two_factor_auth_keys`, `disable_single_tenant_hsm_instance`, `enable_single_tenant_hsm_instance`, `delete_single_tenant_hsm_instance`, `remove_quorum_member`, `refresh_single_tenant_hsm_instance`. If a field in that set is populated, all other fields in the set will automatically be cleared.
+        # @!attribute [rw] remove_quorum_member
+        #   @return [::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal::RemoveQuorumMember]
+        #     Remove a quorum member from the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}.
+        #     This will reduce
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::QuorumAuth#total_approver_count total_approver_count}
+        #     by 1. The
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}
+        #     must be in the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::State::ACTIVE ACTIVE} state
+        #     to perform this operation.
+        #
+        #     Note: The following fields are mutually exclusive: `remove_quorum_member`, `register_two_factor_auth_keys`, `disable_single_tenant_hsm_instance`, `enable_single_tenant_hsm_instance`, `delete_single_tenant_hsm_instance`, `add_quorum_member`, `refresh_single_tenant_hsm_instance`. If a field in that set is populated, all other fields in the set will automatically be cleared.
+        # @!attribute [rw] refresh_single_tenant_hsm_instance
+        #   @return [::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal::RefreshSingleTenantHsmInstance]
+        #     Refreshes the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}.
+        #     This operation must be performed periodically to keep the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}
+        #     active. This operation must be performed before
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance#unrefreshed_duration_until_disable unrefreshed_duration_until_disable}
+        #     has passed. The
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}
+        #     must be in the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::State::ACTIVE ACTIVE} state
+        #     to perform this operation.
+        #
+        #     Note: The following fields are mutually exclusive: `refresh_single_tenant_hsm_instance`, `register_two_factor_auth_keys`, `disable_single_tenant_hsm_instance`, `enable_single_tenant_hsm_instance`, `delete_single_tenant_hsm_instance`, `add_quorum_member`, `remove_quorum_member`. If a field in that set is populated, all other fields in the set will automatically be cleared.
+        class SingleTenantHsmInstanceProposal
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+          # Parameters of quorum approval for the
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}.
+          # @!attribute [r] required_approver_count
+          #   @return [::Integer]
+          #     Output only. The required numbers of approvers. This is the M value used
+          #     for M of N quorum auth. It is less than the number of public keys.
+          # @!attribute [r] challenges
+          #   @return [::Array<::Google::Cloud::Kms::V1::Challenge>]
+          #     Output only. The challenges to be signed by 2FA keys for quorum auth. M
+          #     of N of these challenges are required to be signed to approve the
+          #     operation.
+          # @!attribute [r] approved_two_factor_public_key_pems
+          #   @return [::Array<::String>]
+          #     Output only. The public keys associated with the 2FA keys that have
+          #     already approved the
+          #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+          #     by signing the challenge.
+          class QuorumParameters
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+          # Parameters for an approval that has both required challenges and a
+          # quorum.
+          # @!attribute [r] required_challenges
+          #   @return [::Array<::Google::Cloud::Kms::V1::Challenge>]
+          #     Output only. A list of specific challenges that must be signed.
+          #     For some operations, this will contain a single challenge.
+          # @!attribute [r] required_approver_count
+          #   @return [::Integer]
+          #     Output only. The required number of quorum approvers. This is the M value
+          #     used for M of N quorum auth. It is less than the number of public keys.
+          # @!attribute [r] quorum_challenges
+          #   @return [::Array<::Google::Cloud::Kms::V1::Challenge>]
+          #     Output only. The challenges to be signed by 2FA keys for quorum auth. M
+          #     of N of these challenges are required to be signed to approve the
+          #     operation.
+          # @!attribute [r] approved_two_factor_public_key_pems
+          #   @return [::Array<::String>]
+          #     Output only. The public keys associated with the 2FA keys that have
+          #     already approved the
+          #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+          #     by signing the challenge.
+          class RequiredActionQuorumParameters
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+          # Register 2FA keys for the
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}.
+          # This operation requires all Challenges to be signed by 2FA keys. The
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} must
+          # be in the
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::State::PENDING_TWO_FACTOR_AUTH_REGISTRATION PENDING_TWO_FACTOR_AUTH_REGISTRATION}
+          # state to perform this operation.
+          # @!attribute [rw] required_approver_count
+          #   @return [::Integer]
+          #     Required. The required numbers of approvers to set for the
+          #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}.
+          #     This is the M value used for M of N quorum auth. Must be greater than or
+          #     equal to 2 and less than or equal to
+          #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::QuorumAuth#total_approver_count total_approver_count}
+          #     - 1.
+          # @!attribute [rw] two_factor_public_key_pems
+          #   @return [::Array<::String>]
+          #     Required. The public keys associated with the 2FA keys for M of N quorum
+          #     auth. Public keys must be associated with RSA 2048 keys.
+          class RegisterTwoFactorAuthKeys
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+          # Disable the
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}. The
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} must
+          # be in the
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::State::ACTIVE ACTIVE} state to
+          # perform this operation.
+          class DisableSingleTenantHsmInstance
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+          # Enable the
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}. The
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} must
+          # be in the
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::State::DISABLED DISABLED}
+          # state to perform this operation.
+          class EnableSingleTenantHsmInstance
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+          # Delete the
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}.
+          # Deleting a
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} will
+          # make all {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} attached to the
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}
+          # unusable. The
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} must
+          # not be in the
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::State::DELETING DELETING} or
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::State::DELETED DELETED} state
+          # to perform this operation.
+          class DeleteSingleTenantHsmInstance
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+          # Add a quorum member to the
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}.
+          # This will increase the
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::QuorumAuth#total_approver_count total_approver_count}
+          # by 1. The
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} must
+          # be in the
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::State::ACTIVE ACTIVE} state to
+          # perform this operation.
+          # @!attribute [rw] two_factor_public_key_pem
+          #   @return [::String]
+          #     Required. The public key associated with the 2FA key for the new quorum
+          #     member to add. Public keys must be associated with RSA 2048 keys.
+          class AddQuorumMember
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+          # Remove a quorum member from the
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}.
+          # This will reduce
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::QuorumAuth#total_approver_count total_approver_count}
+          # by 1. The
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} must
+          # be in the
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::State::ACTIVE ACTIVE} state to
+          # perform this operation.
+          # @!attribute [rw] two_factor_public_key_pem
+          #   @return [::String]
+          #     Required. The public key associated with the 2FA key for the quorum
+          #     member to remove. Public keys must be associated with RSA 2048 keys.
+          class RemoveQuorumMember
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+          # Refreshes the
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}.
+          # This operation must be performed periodically to keep the
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}
+          # active. This operation must be performed before
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance#unrefreshed_duration_until_disable unrefreshed_duration_until_disable}
+          # has passed. The
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} must
+          # be in the
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstance::State::ACTIVE ACTIVE} state to
+          # perform this operation.
+          class RefreshSingleTenantHsmInstance
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+          # The set of states of a
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}.
+          module State
+            # Not specified.
+            STATE_UNSPECIFIED = 0
+            # The
+            # {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+            # is being created.
+            CREATING = 1
+            # The
+            # {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+            # is pending approval.
+            PENDING = 2
+            # The
+            # {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+            # has been approved.
+            APPROVED = 3
+            # The
+            # {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+            # is being executed.
+            RUNNING = 4
+            # The
+            # {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+            # has been executed successfully.
+            SUCCEEDED = 5
+            # The
+            # {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+            # has failed.
+            FAILED = 6
+            # The
+            # {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+            # has been deleted and will be purged after the purge_time.
+            DELETED = 7
+          end
+        end
+        # A challenge to be signed by a 2FA key.
+        # @!attribute [r] challenge
+        #   @return [::String]
+        #     Output only. The challenge to be signed by the 2FA key indicated by the
+        #     public key.
+        # @!attribute [r] public_key_pem
+        #   @return [::String]
+        #     Output only. The public key associated with the 2FA key that should sign
+        #     the challenge.
+        class Challenge
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+        # A reply to a challenge signed by a 2FA key.
+        # @!attribute [rw] signed_challenge
+        #   @return [::String]
+        #     Required. The signed challenge associated with the 2FA key.
+        #     The signature must be RSASSA-PKCS1 v1.5 with a SHA256 digest.
+        # @!attribute [rw] public_key_pem
+        #   @return [::String]
+        #     Required. The public key associated with the 2FA key.
+        class ChallengeReply
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+        # Request message for
+        # {::Google::Cloud::Kms::V1::HsmManagement::Client#list_single_tenant_hsm_instances HsmManagement.ListSingleTenantHsmInstances}.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. The resource name of the location associated with the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstances} to
+        #     list, in the format `projects/*/locations/*`.
+        # @!attribute [rw] page_size
+        #   @return [::Integer]
+        #     Optional. Optional limit on the number of
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstances} to
+        #     include in the response. Further
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstances} can
+        #     subsequently be
+        #     obtained by including the
+        #     {::Google::Cloud::Kms::V1::ListSingleTenantHsmInstancesResponse#next_page_token ListSingleTenantHsmInstancesResponse.next_page_token}
+        #     in a subsequent request. If unspecified, the server will pick an
+        #     appropriate default.
+        # @!attribute [rw] page_token
+        #   @return [::String]
+        #     Optional. Optional pagination token, returned earlier via
+        #     {::Google::Cloud::Kms::V1::ListSingleTenantHsmInstancesResponse#next_page_token ListSingleTenantHsmInstancesResponse.next_page_token}.
+        # @!attribute [rw] filter
+        #   @return [::String]
+        #     Optional. Only include resources that match the filter in the response. For
+        #     more information, see
+        #     [Sorting and filtering list
+        #     results](https://cloud.google.com/kms/docs/sorting-and-filtering).
+        # @!attribute [rw] order_by
+        #   @return [::String]
+        #     Optional. Specify how the results should be sorted. If not specified, the
+        #     results will be sorted in the default order.  For more information, see
+        #     [Sorting and filtering list
+        #     results](https://cloud.google.com/kms/docs/sorting-and-filtering).
+        # @!attribute [rw] show_deleted
+        #   @return [::Boolean]
+        #     Optional. If set to true,
+        #     {::Google::Cloud::Kms::V1::HsmManagement::Client#list_single_tenant_hsm_instances HsmManagement.ListSingleTenantHsmInstances}
+        #     will also return
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstances} in
+        #     DELETED state.
+        class ListSingleTenantHsmInstancesRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+        # Response message for
+        # {::Google::Cloud::Kms::V1::HsmManagement::Client#list_single_tenant_hsm_instances HsmManagement.ListSingleTenantHsmInstances}.
+        # @!attribute [rw] single_tenant_hsm_instances
+        #   @return [::Array<::Google::Cloud::Kms::V1::SingleTenantHsmInstance>]
+        #     The list of
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstances}.
+        # @!attribute [rw] next_page_token
+        #   @return [::String]
+        #     A token to retrieve next page of results. Pass this value in
+        #     {::Google::Cloud::Kms::V1::ListSingleTenantHsmInstancesRequest#page_token ListSingleTenantHsmInstancesRequest.page_token}
+        #     to retrieve the next page of results.
+        # @!attribute [rw] total_size
+        #   @return [::Integer]
+        #     The total number of
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstances}
+        #     that matched the query.
+        #
+        #     This field is not populated if
+        #     {::Google::Cloud::Kms::V1::ListSingleTenantHsmInstancesRequest#filter ListSingleTenantHsmInstancesRequest.filter}
+        #     is applied.
+        class ListSingleTenantHsmInstancesResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+        # Request message for
+        # {::Google::Cloud::Kms::V1::HsmManagement::Client#get_single_tenant_hsm_instance HsmManagement.GetSingleTenantHsmInstance}.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The {::Google::Cloud::Kms::V1::SingleTenantHsmInstance#name name} of
+        #     the {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}
+        #     to get.
+        class GetSingleTenantHsmInstanceRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+        # Request message for
+        # {::Google::Cloud::Kms::V1::HsmManagement::Client#create_single_tenant_hsm_instance HsmManagement.CreateSingleTenantHsmInstance}.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. The resource name of the location associated with the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}, in
+        #     the format `projects/*/locations/*`.
+        # @!attribute [rw] single_tenant_hsm_instance_id
+        #   @return [::String]
+        #     Optional. It must be unique within a location and match the regular
+        #     expression `[a-zA-Z0-9_-]{1,63}`.
+        # @!attribute [rw] single_tenant_hsm_instance
+        #   @return [::Google::Cloud::Kms::V1::SingleTenantHsmInstance]
+        #     Required. An
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance} with
+        #     initial field values.
+        class CreateSingleTenantHsmInstanceRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+        # Metadata message for
+        # {::Google::Cloud::Kms::V1::HsmManagement::Client#create_single_tenant_hsm_instance CreateSingleTenantHsmInstance}
+        # long-running operation response.
+        class CreateSingleTenantHsmInstanceMetadata
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+        # Request message for
+        # {::Google::Cloud::Kms::V1::HsmManagement::Client#create_single_tenant_hsm_instance_proposal HsmManagement.CreateSingleTenantHsmInstanceProposal}.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. The {::Google::Cloud::Kms::V1::SingleTenantHsmInstance#name name} of
+        #     the {::Google::Cloud::Kms::V1::SingleTenantHsmInstance SingleTenantHsmInstance}
+        #     associated with the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposals}.
+        # @!attribute [rw] single_tenant_hsm_instance_proposal_id
+        #   @return [::String]
+        #     Optional. It must be unique within a location and match the regular
+        #     expression `[a-zA-Z0-9_-]{1,63}`.
+        # @!attribute [rw] single_tenant_hsm_instance_proposal
+        #   @return [::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal]
+        #     Required. The
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+        #     to create.
+        class CreateSingleTenantHsmInstanceProposalRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+        # Metadata message for
+        # {::Google::Cloud::Kms::V1::HsmManagement::Client#create_single_tenant_hsm_instance_proposal CreateSingleTenantHsmInstanceProposal}
+        # long-running operation response.
+        class CreateSingleTenantHsmInstanceProposalMetadata
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+        # Request message for
+        # {::Google::Cloud::Kms::V1::HsmManagement::Client#get_single_tenant_hsm_instance_proposal HsmManagement.GetSingleTenantHsmInstanceProposal}.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal#name name} of the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+        #     to get.
+        class GetSingleTenantHsmInstanceProposalRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+        # Request message for
+        # {::Google::Cloud::Kms::V1::HsmManagement::Client#approve_single_tenant_hsm_instance_proposal HsmManagement.ApproveSingleTenantHsmInstanceProposal}.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal#name name} of the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+        #     to approve.
+        # @!attribute [rw] quorum_reply
+        #   @return [::Google::Cloud::Kms::V1::ApproveSingleTenantHsmInstanceProposalRequest::QuorumReply]
+        #     Required. The reply to
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal::QuorumParameters QuorumParameters}
+        #     for approving the proposal.
+        #
+        #     Note: The following fields are mutually exclusive: `quorum_reply`, `required_action_quorum_reply`. If a field in that set is populated, all other fields in the set will automatically be cleared.
+        # @!attribute [rw] required_action_quorum_reply
+        #   @return [::Google::Cloud::Kms::V1::ApproveSingleTenantHsmInstanceProposalRequest::RequiredActionQuorumReply]
+        #     Required. The reply to
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal::RequiredActionQuorumParameters RequiredActionQuorumParameters}
+        #     for approving the proposal.
+        #
+        #     Note: The following fields are mutually exclusive: `required_action_quorum_reply`, `quorum_reply`. If a field in that set is populated, all other fields in the set will automatically be cleared.
+        class ApproveSingleTenantHsmInstanceProposalRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+          # The reply to
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal::QuorumParameters QuorumParameters}
+          # for approving the proposal.
+          # @!attribute [rw] challenge_replies
+          #   @return [::Array<::Google::Cloud::Kms::V1::ChallengeReply>]
+          #     Required. The challenge replies to approve the proposal. Challenge
+          #     replies can be sent across multiple requests. The proposal will be
+          #     approved when
+          #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal::QuorumParameters#required_approver_count required_approver_count}
+          #     challenge replies are provided.
+          class QuorumReply
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+          # The reply to
+          # {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal::RequiredActionQuorumParameters RequiredActionQuorumParameters}
+          # for approving the proposal.
+          # @!attribute [rw] required_challenge_replies
+          #   @return [::Array<::Google::Cloud::Kms::V1::ChallengeReply>]
+          #     Required. All required challenges must be signed for the proposal to be
+          #     approved. These can be sent across multiple requests.
+          # @!attribute [rw] quorum_challenge_replies
+          #   @return [::Array<::Google::Cloud::Kms::V1::ChallengeReply>]
+          #     Required. Quorum members' signed challenge replies. These can be provided
+          #     across multiple requests. The proposal will be approved when
+          #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal::RequiredActionQuorumParameters#required_approver_count required_approver_count}
+          #     quorum_challenge_replies are provided and when all
+          #     required_challenge_replies are provided.
+          class RequiredActionQuorumReply
+            include ::Google::Protobuf::MessageExts
+            extend ::Google::Protobuf::MessageExts::ClassMethods
+          end
+        end
+        # Response message for
+        # {::Google::Cloud::Kms::V1::HsmManagement::Client#approve_single_tenant_hsm_instance_proposal HsmManagement.ApproveSingleTenantHsmInstanceProposal}.
+        class ApproveSingleTenantHsmInstanceProposalResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+        # Request message for
+        # {::Google::Cloud::Kms::V1::HsmManagement::Client#execute_single_tenant_hsm_instance_proposal HsmManagement.ExecuteSingleTenantHsmInstanceProposal}.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal#name name} of the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+        #     to execute.
+        class ExecuteSingleTenantHsmInstanceProposalRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+        # Response message for
+        # {::Google::Cloud::Kms::V1::HsmManagement::Client#execute_single_tenant_hsm_instance_proposal HsmManagement.ExecuteSingleTenantHsmInstanceProposal}.
+        class ExecuteSingleTenantHsmInstanceProposalResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+        # Metadata message for
+        # {::Google::Cloud::Kms::V1::HsmManagement::Client#execute_single_tenant_hsm_instance_proposal ExecuteSingleTenantHsmInstanceProposal}
+        # long-running operation response.
+        class ExecuteSingleTenantHsmInstanceProposalMetadata
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+        # Request message for
+        # {::Google::Cloud::Kms::V1::HsmManagement::Client#list_single_tenant_hsm_instance_proposals HsmManagement.ListSingleTenantHsmInstanceProposals}.
+        # @!attribute [rw] parent
+        #   @return [::String]
+        #     Required. The resource name of the single tenant HSM instance associated
+        #     with the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposals}
+        #     to list, in the format `projects/*/locations/*/singleTenantHsmInstances/*`.
+        # @!attribute [rw] page_size
+        #   @return [::Integer]
+        #     Optional. Optional limit on the number of
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposals}
+        #     to include in the response. Further
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposals}
+        #     can subsequently be obtained by including the
+        #     {::Google::Cloud::Kms::V1::ListSingleTenantHsmInstanceProposalsResponse#next_page_token ListSingleTenantHsmInstanceProposalsResponse.next_page_token}
+        #     in a subsequent request. If unspecified, the server will pick an
+        #     appropriate default.
+        # @!attribute [rw] page_token
+        #   @return [::String]
+        #     Optional. Optional pagination token, returned earlier via
+        #     {::Google::Cloud::Kms::V1::ListSingleTenantHsmInstanceProposalsResponse#next_page_token ListSingleTenantHsmInstanceProposalsResponse.next_page_token}.
+        # @!attribute [rw] filter
+        #   @return [::String]
+        #     Optional. Only include resources that match the filter in the response. For
+        #     more information, see
+        #     [Sorting and filtering list
+        #     results](https://cloud.google.com/kms/docs/sorting-and-filtering).
+        # @!attribute [rw] order_by
+        #   @return [::String]
+        #     Optional. Specify how the results should be sorted. If not specified, the
+        #     results will be sorted in the default order.  For more information, see
+        #     [Sorting and filtering list
+        #     results](https://cloud.google.com/kms/docs/sorting-and-filtering).
+        # @!attribute [rw] show_deleted
+        #   @return [::Boolean]
+        #     Optional. If set to true,
+        #     {::Google::Cloud::Kms::V1::HsmManagement::Client#list_single_tenant_hsm_instance_proposals HsmManagement.ListSingleTenantHsmInstanceProposals}
+        #     will also return
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposals}
+        #     in DELETED state.
+        class ListSingleTenantHsmInstanceProposalsRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+        # Response message for
+        # {::Google::Cloud::Kms::V1::HsmManagement::Client#list_single_tenant_hsm_instance_proposals HsmManagement.ListSingleTenantHsmInstanceProposals}.
+        # @!attribute [rw] single_tenant_hsm_instance_proposals
+        #   @return [::Array<::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal>]
+        #     The list of
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposals}.
+        # @!attribute [rw] next_page_token
+        #   @return [::String]
+        #     A token to retrieve next page of results. Pass this value in
+        #     {::Google::Cloud::Kms::V1::ListSingleTenantHsmInstanceProposalsRequest#page_token ListSingleTenantHsmInstanceProposalsRequest.page_token}
+        #     to retrieve the next page of results.
+        # @!attribute [rw] total_size
+        #   @return [::Integer]
+        #     The total number of
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposals}
+        #     that matched the query.
+        #
+        #     This field is not populated if
+        #     {::Google::Cloud::Kms::V1::ListSingleTenantHsmInstanceProposalsRequest#filter ListSingleTenantHsmInstanceProposalsRequest.filter}
+        #     is applied.
+        class ListSingleTenantHsmInstanceProposalsResponse
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+        # Request message for
+        # {::Google::Cloud::Kms::V1::HsmManagement::Client#delete_single_tenant_hsm_instance_proposal HsmManagement.DeleteSingleTenantHsmInstanceProposal}.
+        # @!attribute [rw] name
+        #   @return [::String]
+        #     Required. The
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal#name name} of the
+        #     {::Google::Cloud::Kms::V1::SingleTenantHsmInstanceProposal SingleTenantHsmInstanceProposal}
+        #     to delete.
+        class DeleteSingleTenantHsmInstanceProposalRequest
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end