google-cloud-kms 0.1.0

data/lib/google/cloud/kms/v1/credentials.rb

@@ -0,0 +1,40 @@
+# Copyright 2018 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require "googleauth"
+
+module Google
+  module Cloud
+    module Kms
+      module V1
+        class Credentials < Google::Auth::Credentials
+          SCOPE = [
+            "https://www.googleapis.com/auth/cloud-platform"
+          ].freeze
+          PATH_ENV_VARS = %w(KMS_KEYFILE
+                             KMS_CREDENTIALS
+                             GOOGLE_CLOUD_CREDENTIALS
+                             GOOGLE_CLOUD_KEYFILE
+                             GCLOUD_KEYFILE)
+          JSON_ENV_VARS = %w(KMS_KEYFILE_JSON
+                             KMS_CREDENTIALS_JSON
+                             GOOGLE_CLOUD_CREDENTIALS_JSON
+                             GOOGLE_CLOUD_KEYFILE_JSON
+                             GCLOUD_KEYFILE_JSON)
+          DEFAULT_PATHS = ["~/.config/gcloud/application_default_credentials.json"]
+        end
+      end
+    end
+  end
+end

data/lib/google/cloud/kms/v1/doc/google/cloud/kms/v1/resources.rb

@@ -0,0 +1,148 @@
+# Copyright 2018 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module Google
+  module Cloud
+    module Kms
+      module V1
+        # A {Google::Cloud::Kms::V1::KeyRing KeyRing} is a toplevel logical grouping of {Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     Output only. The resource name for the {Google::Cloud::Kms::V1::KeyRing KeyRing} in the format
+        #     +projects/*/locations/*/keyRings/*+.
+        # @!attribute [rw] create_time
+        #   @return [Google::Protobuf::Timestamp]
+        #     Output only. The time at which this {Google::Cloud::Kms::V1::KeyRing KeyRing} was created.
+        class KeyRing; end
+
+        # A {Google::Cloud::Kms::V1::CryptoKey CryptoKey} represents a logical key that can be used for cryptographic
+        # operations.
+        #
+        # A {Google::Cloud::Kms::V1::CryptoKey CryptoKey} is made up of one or more {Google::Cloud::Kms::V1::CryptoKeyVersion versions}, which
+        # represent the actual key material used in cryptographic operations.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     Output only. The resource name for this {Google::Cloud::Kms::V1::CryptoKey CryptoKey} in the format
+        #     +projects/*/locations/*/keyRings/*/cryptoKeys/*+.
+        # @!attribute [rw] primary
+        #   @return [Google::Cloud::Kms::V1::CryptoKeyVersion]
+        #     Output only. A copy of the "primary" {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} that will be used
+        #     by {Google::Cloud::Kms::V1::KeyManagementService::Encrypt Encrypt} when this {Google::Cloud::Kms::V1::CryptoKey CryptoKey} is given
+        #     in {Google::Cloud::Kms::V1::EncryptRequest#name EncryptRequest#name}.
+        #
+        #     The {Google::Cloud::Kms::V1::CryptoKey CryptoKey}'s primary version can be updated via
+        #     {Google::Cloud::Kms::V1::KeyManagementService::UpdateCryptoKeyPrimaryVersion UpdateCryptoKeyPrimaryVersion}.
+        # @!attribute [rw] purpose
+        #   @return [Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose]
+        #     The immutable purpose of this {Google::Cloud::Kms::V1::CryptoKey CryptoKey}. Currently, the only acceptable
+        #     purpose is {Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ENCRYPT_DECRYPT ENCRYPT_DECRYPT}.
+        # @!attribute [rw] create_time
+        #   @return [Google::Protobuf::Timestamp]
+        #     Output only. The time at which this {Google::Cloud::Kms::V1::CryptoKey CryptoKey} was created.
+        # @!attribute [rw] next_rotation_time
+        #   @return [Google::Protobuf::Timestamp]
+        #     At {Google::Cloud::Kms::V1::CryptoKey#next_rotation_time next_rotation_time}, the Key Management Service will automatically:
+        #
+        #     1. Create a new version of this {Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
+        #     2. Mark the new version as primary.
+        #
+        #     Key rotations performed manually via
+        #     {Google::Cloud::Kms::V1::KeyManagementService::CreateCryptoKeyVersion CreateCryptoKeyVersion} and
+        #     {Google::Cloud::Kms::V1::KeyManagementService::UpdateCryptoKeyPrimaryVersion UpdateCryptoKeyPrimaryVersion}
+        #     do not affect {Google::Cloud::Kms::V1::CryptoKey#next_rotation_time next_rotation_time}.
+        # @!attribute [rw] rotation_period
+        #   @return [Google::Protobuf::Duration]
+        #     {Google::Cloud::Kms::V1::CryptoKey#next_rotation_time next_rotation_time} will be advanced by this period when the service
+        #     automatically rotates a key. Must be at least one day.
+        #
+        #     If {Google::Cloud::Kms::V1::CryptoKey#rotation_period rotation_period} is set, {Google::Cloud::Kms::V1::CryptoKey#next_rotation_time next_rotation_time} must also be set.
+        # @!attribute [rw] labels
+        #   @return [Hash{String => String}]
+        #     Labels with user-defined metadata. For more information, see
+        #     [Labeling Keys](https://cloud.google.com/kms/docs/labeling-keys).
+        class CryptoKey
+          # {Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose CryptoKeyPurpose} describes the capabilities of a {Google::Cloud::Kms::V1::CryptoKey CryptoKey}. Two
+          # keys with the same purpose may use different underlying algorithms, but
+          # must support the same set of operations.
+          module CryptoKeyPurpose
+            # Not specified.
+            CRYPTO_KEY_PURPOSE_UNSPECIFIED = 0
+
+            # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
+            # {Google::Cloud::Kms::V1::KeyManagementService::Encrypt Encrypt} and
+            # {Google::Cloud::Kms::V1::KeyManagementService::Decrypt Decrypt}.
+            ENCRYPT_DECRYPT = 1
+          end
+        end
+
+        # A {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} represents an individual cryptographic key, and the
+        # associated key material.
+        #
+        # It can be used for cryptographic operations either directly, or via its
+        # parent {Google::Cloud::Kms::V1::CryptoKey CryptoKey}, in which case the server will choose the appropriate
+        # version for the operation.
+        #
+        # For security reasons, the raw cryptographic key material represented by a
+        # {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} can never be viewed or exported. It can only be used to
+        # encrypt or decrypt data when an authorized user or application invokes Cloud
+        # KMS.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     Output only. The resource name for this {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} in the format
+        #     +projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*+.
+        # @!attribute [rw] state
+        #   @return [Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState]
+        #     The current state of the {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
+        # @!attribute [rw] create_time
+        #   @return [Google::Protobuf::Timestamp]
+        #     Output only. The time at which this {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} was created.
+        # @!attribute [rw] destroy_time
+        #   @return [Google::Protobuf::Timestamp]
+        #     Output only. The time this {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s key material is scheduled
+        #     for destruction. Only present if {Google::Cloud::Kms::V1::CryptoKeyVersion#state state} is
+        #     {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROY_SCHEDULED DESTROY_SCHEDULED}.
+        # @!attribute [rw] destroy_event_time
+        #   @return [Google::Protobuf::Timestamp]
+        #     Output only. The time this CryptoKeyVersion's key material was
+        #     destroyed. Only present if {Google::Cloud::Kms::V1::CryptoKeyVersion#state state} is
+        #     {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED}.
+        class CryptoKeyVersion
+          # The state of a {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}, indicating if it can be used.
+          module CryptoKeyVersionState
+            # Not specified.
+            CRYPTO_KEY_VERSION_STATE_UNSPECIFIED = 0
+
+            # This version may be used in {Google::Cloud::Kms::V1::KeyManagementService::Encrypt Encrypt} and
+            # {Google::Cloud::Kms::V1::KeyManagementService::Decrypt Decrypt} requests.
+            ENABLED = 1
+
+            # This version may not be used, but the key material is still available,
+            # and the version can be placed back into the {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::ENABLED ENABLED} state.
+            DISABLED = 2
+
+            # This version is destroyed, and the key material is no longer stored.
+            # A version may not leave this state once entered.
+            DESTROYED = 3
+
+            # This version is scheduled for destruction, and will be destroyed soon.
+            # Call
+            # {Google::Cloud::Kms::V1::KeyManagementService::RestoreCryptoKeyVersion RestoreCryptoKeyVersion}
+            # to put it back into the {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DISABLED DISABLED} state.
+            DESTROY_SCHEDULED = 4
+          end
+        end
+      end
+    end
+  end
+end

data/lib/google/cloud/kms/v1/doc/google/cloud/kms/v1/service.rb

@@ -0,0 +1,268 @@
+# Copyright 2018 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module Google
+  module Cloud
+    module Kms
+      ##
+      # # Google Cloud Key Management Service (KMS) API Contents
+      #
+      # | Class | Description |
+      # | ----- | ----------- |
+      # | [KeyManagementServiceClient][] | Google Cloud Key Management Service |
+      # | [Data Types][] | Data types for Google::Cloud::Kms::V1 |
+      #
+      # [KeyManagementServiceClient]: https://googlecloudplatform.github.io/google-cloud-ruby/#/docs/google-cloud-kms/latest/google/cloud/kms/v1/keymanagementserviceclient
+      # [Data Types]: https://googlecloudplatform.github.io/google-cloud-ruby/#/docs/google-cloud-kms/latest/google/cloud/kms/v1/datatypes
+      #
+      module V1
+        # Request message for {Google::Cloud::Kms::V1::KeyManagementService::ListKeyRings KeyManagementService::ListKeyRings}.
+        # @!attribute [rw] parent
+        #   @return [String]
+        #     Required. The resource name of the location associated with the
+        #     {Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format +projects/*/locations/*+.
+        # @!attribute [rw] page_size
+        #   @return [Integer]
+        #     Optional limit on the number of {Google::Cloud::Kms::V1::KeyRing KeyRings} to include in the
+        #     response.  Further {Google::Cloud::Kms::V1::KeyRing KeyRings} can subsequently be obtained by
+        #     including the {Google::Cloud::Kms::V1::ListKeyRingsResponse#next_page_token ListKeyRingsResponse#next_page_token} in a subsequent
+        #     request.  If unspecified, the server will pick an appropriate default.
+        # @!attribute [rw] page_token
+        #   @return [String]
+        #     Optional pagination token, returned earlier via
+        #     {Google::Cloud::Kms::V1::ListKeyRingsResponse#next_page_token ListKeyRingsResponse#next_page_token}.
+        class ListKeyRingsRequest; end
+
+        # Request message for {Google::Cloud::Kms::V1::KeyManagementService::ListCryptoKeys KeyManagementService::ListCryptoKeys}.
+        # @!attribute [rw] parent
+        #   @return [String]
+        #     Required. The resource name of the {Google::Cloud::Kms::V1::KeyRing KeyRing} to list, in the format
+        #     +projects/*/locations/*/keyRings/*+.
+        # @!attribute [rw] page_size
+        #   @return [Integer]
+        #     Optional limit on the number of {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} to include in the
+        #     response.  Further {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} can subsequently be obtained by
+        #     including the {Google::Cloud::Kms::V1::ListCryptoKeysResponse#next_page_token ListCryptoKeysResponse#next_page_token} in a subsequent
+        #     request.  If unspecified, the server will pick an appropriate default.
+        # @!attribute [rw] page_token
+        #   @return [String]
+        #     Optional pagination token, returned earlier via
+        #     {Google::Cloud::Kms::V1::ListCryptoKeysResponse#next_page_token ListCryptoKeysResponse#next_page_token}.
+        class ListCryptoKeysRequest; end
+
+        # Request message for {Google::Cloud::Kms::V1::KeyManagementService::ListCryptoKeyVersions KeyManagementService::ListCryptoKeyVersions}.
+        # @!attribute [rw] parent
+        #   @return [String]
+        #     Required. The resource name of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} to list, in the format
+        #     +projects/*/locations/*/keyRings/*/cryptoKeys/*+.
+        # @!attribute [rw] page_size
+        #   @return [Integer]
+        #     Optional limit on the number of {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions} to
+        #     include in the response. Further {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions} can
+        #     subsequently be obtained by including the
+        #     {Google::Cloud::Kms::V1::ListCryptoKeyVersionsResponse#next_page_token ListCryptoKeyVersionsResponse#next_page_token} in a subsequent request.
+        #     If unspecified, the server will pick an appropriate default.
+        # @!attribute [rw] page_token
+        #   @return [String]
+        #     Optional pagination token, returned earlier via
+        #     {Google::Cloud::Kms::V1::ListCryptoKeyVersionsResponse#next_page_token ListCryptoKeyVersionsResponse#next_page_token}.
+        class ListCryptoKeyVersionsRequest; end
+
+        # Response message for {Google::Cloud::Kms::V1::KeyManagementService::ListKeyRings KeyManagementService::ListKeyRings}.
+        # @!attribute [rw] key_rings
+        #   @return [Array<Google::Cloud::Kms::V1::KeyRing>]
+        #     The list of {Google::Cloud::Kms::V1::KeyRing KeyRings}.
+        # @!attribute [rw] next_page_token
+        #   @return [String]
+        #     A token to retrieve next page of results. Pass this value in
+        #     {Google::Cloud::Kms::V1::ListKeyRingsRequest#page_token ListKeyRingsRequest#page_token} to retrieve the next page of results.
+        # @!attribute [rw] total_size
+        #   @return [Integer]
+        #     The total number of {Google::Cloud::Kms::V1::KeyRing KeyRings} that matched the query.
+        class ListKeyRingsResponse; end
+
+        # Response message for {Google::Cloud::Kms::V1::KeyManagementService::ListCryptoKeys KeyManagementService::ListCryptoKeys}.
+        # @!attribute [rw] crypto_keys
+        #   @return [Array<Google::Cloud::Kms::V1::CryptoKey>]
+        #     The list of {Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
+        # @!attribute [rw] next_page_token
+        #   @return [String]
+        #     A token to retrieve next page of results. Pass this value in
+        #     {Google::Cloud::Kms::V1::ListCryptoKeysRequest#page_token ListCryptoKeysRequest#page_token} to retrieve the next page of results.
+        # @!attribute [rw] total_size
+        #   @return [Integer]
+        #     The total number of {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} that matched the query.
+        class ListCryptoKeysResponse; end
+
+        # Response message for {Google::Cloud::Kms::V1::KeyManagementService::ListCryptoKeyVersions KeyManagementService::ListCryptoKeyVersions}.
+        # @!attribute [rw] crypto_key_versions
+        #   @return [Array<Google::Cloud::Kms::V1::CryptoKeyVersion>]
+        #     The list of {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
+        # @!attribute [rw] next_page_token
+        #   @return [String]
+        #     A token to retrieve next page of results. Pass this value in
+        #     {Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest#page_token ListCryptoKeyVersionsRequest#page_token} to retrieve the next page of
+        #     results.
+        # @!attribute [rw] total_size
+        #   @return [Integer]
+        #     The total number of {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions} that matched the
+        #     query.
+        class ListCryptoKeyVersionsResponse; end
+
+        # Request message for {Google::Cloud::Kms::V1::KeyManagementService::GetKeyRing KeyManagementService::GetKeyRing}.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     The {Google::Cloud::Kms::V1::KeyRing#name name} of the {Google::Cloud::Kms::V1::KeyRing KeyRing} to get.
+        class GetKeyRingRequest; end
+
+        # Request message for {Google::Cloud::Kms::V1::KeyManagementService::GetCryptoKey KeyManagementService::GetCryptoKey}.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     The {Google::Cloud::Kms::V1::CryptoKey#name name} of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} to get.
+        class GetCryptoKeyRequest; end
+
+        # Request message for {Google::Cloud::Kms::V1::KeyManagementService::GetCryptoKeyVersion KeyManagementService::GetCryptoKeyVersion}.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     The {Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to get.
+        class GetCryptoKeyVersionRequest; end
+
+        # Request message for {Google::Cloud::Kms::V1::KeyManagementService::CreateKeyRing KeyManagementService::CreateKeyRing}.
+        # @!attribute [rw] parent
+        #   @return [String]
+        #     Required. The resource name of the location associated with the
+        #     {Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format +projects/*/locations/*+.
+        # @!attribute [rw] key_ring_id
+        #   @return [String]
+        #     Required. It must be unique within a location and match the regular
+        #     expression +[a-zA-Z0-9_-]{1,63}+
+        # @!attribute [rw] key_ring
+        #   @return [Google::Cloud::Kms::V1::KeyRing]
+        #     A {Google::Cloud::Kms::V1::KeyRing KeyRing} with initial field values.
+        class CreateKeyRingRequest; end
+
+        # Request message for {Google::Cloud::Kms::V1::KeyManagementService::CreateCryptoKey KeyManagementService::CreateCryptoKey}.
+        # @!attribute [rw] parent
+        #   @return [String]
+        #     Required. The {Google::Cloud::Kms::V1::KeyRing#name name} of the KeyRing associated with the
+        #     {Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
+        # @!attribute [rw] crypto_key_id
+        #   @return [String]
+        #     Required. It must be unique within a KeyRing and match the regular
+        #     expression +[a-zA-Z0-9_-]{1,63}+
+        # @!attribute [rw] crypto_key
+        #   @return [Google::Cloud::Kms::V1::CryptoKey]
+        #     A {Google::Cloud::Kms::V1::CryptoKey CryptoKey} with initial field values.
+        class CreateCryptoKeyRequest; end
+
+        # Request message for {Google::Cloud::Kms::V1::KeyManagementService::CreateCryptoKeyVersion KeyManagementService::CreateCryptoKeyVersion}.
+        # @!attribute [rw] parent
+        #   @return [String]
+        #     Required. The {Google::Cloud::Kms::V1::CryptoKey#name name} of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} associated with
+        #     the {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
+        # @!attribute [rw] crypto_key_version
+        #   @return [Google::Cloud::Kms::V1::CryptoKeyVersion]
+        #     A {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with initial field values.
+        class CreateCryptoKeyVersionRequest; end
+
+        # Request message for {Google::Cloud::Kms::V1::KeyManagementService::UpdateCryptoKey KeyManagementService::UpdateCryptoKey}.
+        # @!attribute [rw] crypto_key
+        #   @return [Google::Cloud::Kms::V1::CryptoKey]
+        #     {Google::Cloud::Kms::V1::CryptoKey CryptoKey} with updated values.
+        # @!attribute [rw] update_mask
+        #   @return [Google::Protobuf::FieldMask]
+        #     Required list of fields to be updated in this request.
+        class UpdateCryptoKeyRequest; end
+
+        # Request message for {Google::Cloud::Kms::V1::KeyManagementService::UpdateCryptoKeyVersion KeyManagementService::UpdateCryptoKeyVersion}.
+        # @!attribute [rw] crypto_key_version
+        #   @return [Google::Cloud::Kms::V1::CryptoKeyVersion]
+        #     {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with updated values.
+        # @!attribute [rw] update_mask
+        #   @return [Google::Protobuf::FieldMask]
+        #     Required list of fields to be updated in this request.
+        class UpdateCryptoKeyVersionRequest; end
+
+        # Request message for {Google::Cloud::Kms::V1::KeyManagementService::Encrypt KeyManagementService::Encrypt}.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     Required. The resource name of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} or {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}
+        #     to use for encryption.
+        #
+        #     If a {Google::Cloud::Kms::V1::CryptoKey CryptoKey} is specified, the server will use its
+        #     {Google::Cloud::Kms::V1::CryptoKey#primary primary version}.
+        # @!attribute [rw] plaintext
+        #   @return [String]
+        #     Required. The data to encrypt. Must be no larger than 64KiB.
+        # @!attribute [rw] additional_authenticated_data
+        #   @return [String]
+        #     Optional data that, if specified, must also be provided during decryption
+        #     through {Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest#additional_authenticated_data}.  Must be no
+        #     larger than 64KiB.
+        class EncryptRequest; end
+
+        # Request message for {Google::Cloud::Kms::V1::KeyManagementService::Decrypt KeyManagementService::Decrypt}.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     Required. The resource name of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} to use for decryption.
+        #     The server will choose the appropriate version.
+        # @!attribute [rw] ciphertext
+        #   @return [String]
+        #     Required. The encrypted data originally returned in
+        #     {Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse#ciphertext}.
+        # @!attribute [rw] additional_authenticated_data
+        #   @return [String]
+        #     Optional data that must match the data originally supplied in
+        #     {Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest#additional_authenticated_data}.
+        class DecryptRequest; end
+
+        # Response message for {Google::Cloud::Kms::V1::KeyManagementService::Decrypt KeyManagementService::Decrypt}.
+        # @!attribute [rw] plaintext
+        #   @return [String]
+        #     The decrypted data originally supplied in {Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest#plaintext}.
+        class DecryptResponse; end
+
+        # Response message for {Google::Cloud::Kms::V1::KeyManagementService::Encrypt KeyManagementService::Encrypt}.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     The resource name of the {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} used in encryption.
+        # @!attribute [rw] ciphertext
+        #   @return [String]
+        #     The encrypted data.
+        class EncryptResponse; end
+
+        # Request message for {Google::Cloud::Kms::V1::KeyManagementService::UpdateCryptoKeyPrimaryVersion KeyManagementService::UpdateCryptoKeyPrimaryVersion}.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     The resource name of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} to update.
+        # @!attribute [rw] crypto_key_version_id
+        #   @return [String]
+        #     The id of the child {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use as primary.
+        class UpdateCryptoKeyPrimaryVersionRequest; end
+
+        # Request message for {Google::Cloud::Kms::V1::KeyManagementService::DestroyCryptoKeyVersion KeyManagementService::DestroyCryptoKeyVersion}.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     The resource name of the {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to destroy.
+        class DestroyCryptoKeyVersionRequest; end
+
+        # Request message for {Google::Cloud::Kms::V1::KeyManagementService::RestoreCryptoKeyVersion KeyManagementService::RestoreCryptoKeyVersion}.
+        # @!attribute [rw] name
+        #   @return [String]
+        #     The resource name of the {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to restore.
+        class RestoreCryptoKeyVersionRequest; end
+      end
+    end
+  end
+end