google-cloud-kms 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.yardopts +8 -0
- data/LICENSE +201 -0
- data/README.md +69 -0
- data/lib/google/cloud/kms.rb +142 -0
- data/lib/google/cloud/kms/v1.rb +139 -0
- data/lib/google/cloud/kms/v1/credentials.rb +40 -0
- data/lib/google/cloud/kms/v1/doc/google/cloud/kms/v1/resources.rb +148 -0
- data/lib/google/cloud/kms/v1/doc/google/cloud/kms/v1/service.rb +268 -0
- data/lib/google/cloud/kms/v1/doc/google/iam/v1/iam_policy.rb +62 -0
- data/lib/google/cloud/kms/v1/doc/google/iam/v1/policy.rb +127 -0
- data/lib/google/cloud/kms/v1/doc/google/protobuf/duration.rb +90 -0
- data/lib/google/cloud/kms/v1/doc/google/protobuf/field_mask.rb +223 -0
- data/lib/google/cloud/kms/v1/doc/google/protobuf/timestamp.rb +106 -0
- data/lib/google/cloud/kms/v1/doc/overview.rb +80 -0
- data/lib/google/cloud/kms/v1/key_management_service_client.rb +1226 -0
- data/lib/google/cloud/kms/v1/key_management_service_client_config.json +121 -0
- data/lib/google/cloud/kms/v1/resources_pb.rb +57 -0
- data/lib/google/cloud/kms/v1/service_pb.rb +130 -0
- data/lib/google/cloud/kms/v1/service_services_pb.rb +112 -0
- metadata +133 -0
@@ -0,0 +1,106 @@
|
|
1
|
+
# Copyright 2018 Google LLC
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
# you may not use this file except in compliance with the License.
|
5
|
+
# You may obtain a copy of the License at
|
6
|
+
#
|
7
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
8
|
+
#
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
+
# See the License for the specific language governing permissions and
|
13
|
+
# limitations under the License.
|
14
|
+
|
15
|
+
module Google
|
16
|
+
module Protobuf
|
17
|
+
# A Timestamp represents a point in time independent of any time zone
|
18
|
+
# or calendar, represented as seconds and fractions of seconds at
|
19
|
+
# nanosecond resolution in UTC Epoch time. It is encoded using the
|
20
|
+
# Proleptic Gregorian Calendar which extends the Gregorian calendar
|
21
|
+
# backwards to year one. It is encoded assuming all minutes are 60
|
22
|
+
# seconds long, i.e. leap seconds are "smeared" so that no leap second
|
23
|
+
# table is needed for interpretation. Range is from
|
24
|
+
# 0001-01-01T00:00:00Z to 9999-12-31T23:59:59.999999999Z.
|
25
|
+
# By restricting to that range, we ensure that we can convert to
|
26
|
+
# and from RFC 3339 date strings.
|
27
|
+
# See [https://www.ietf.org/rfc/rfc3339.txt](https://www.ietf.org/rfc/rfc3339.txt).
|
28
|
+
#
|
29
|
+
# = Examples
|
30
|
+
#
|
31
|
+
# Example 1: Compute Timestamp from POSIX +time()+.
|
32
|
+
#
|
33
|
+
# Timestamp timestamp;
|
34
|
+
# timestamp.set_seconds(time(NULL));
|
35
|
+
# timestamp.set_nanos(0);
|
36
|
+
#
|
37
|
+
# Example 2: Compute Timestamp from POSIX +gettimeofday()+.
|
38
|
+
#
|
39
|
+
# struct timeval tv;
|
40
|
+
# gettimeofday(&tv, NULL);
|
41
|
+
#
|
42
|
+
# Timestamp timestamp;
|
43
|
+
# timestamp.set_seconds(tv.tv_sec);
|
44
|
+
# timestamp.set_nanos(tv.tv_usec * 1000);
|
45
|
+
#
|
46
|
+
# Example 3: Compute Timestamp from Win32 +GetSystemTimeAsFileTime()+.
|
47
|
+
#
|
48
|
+
# FILETIME ft;
|
49
|
+
# GetSystemTimeAsFileTime(&ft);
|
50
|
+
# UINT64 ticks = (((UINT64)ft.dwHighDateTime) << 32) | ft.dwLowDateTime;
|
51
|
+
#
|
52
|
+
# // A Windows tick is 100 nanoseconds. Windows epoch 1601-01-01T00:00:00Z
|
53
|
+
# // is 11644473600 seconds before Unix epoch 1970-01-01T00:00:00Z.
|
54
|
+
# Timestamp timestamp;
|
55
|
+
# timestamp.set_seconds((INT64) ((ticks / 10000000) - 11644473600LL));
|
56
|
+
# timestamp.set_nanos((INT32) ((ticks % 10000000) * 100));
|
57
|
+
#
|
58
|
+
# Example 4: Compute Timestamp from Java +System.currentTimeMillis()+.
|
59
|
+
#
|
60
|
+
# long millis = System.currentTimeMillis();
|
61
|
+
#
|
62
|
+
# Timestamp timestamp = Timestamp.newBuilder().setSeconds(millis / 1000)
|
63
|
+
# .setNanos((int) ((millis % 1000) * 1000000)).build();
|
64
|
+
#
|
65
|
+
#
|
66
|
+
# Example 5: Compute Timestamp from current time in Python.
|
67
|
+
#
|
68
|
+
# timestamp = Timestamp()
|
69
|
+
# timestamp.GetCurrentTime()
|
70
|
+
#
|
71
|
+
# = JSON Mapping
|
72
|
+
#
|
73
|
+
# In JSON format, the Timestamp type is encoded as a string in the
|
74
|
+
# [RFC 3339](https://www.ietf.org/rfc/rfc3339.txt) format. That is, the
|
75
|
+
# format is "{year}-{month}-{day}T{hour}:{min}:{sec}[.{frac_sec}]Z"
|
76
|
+
# where {year} is always expressed using four digits while {month}, {day},
|
77
|
+
# {hour}, {min}, and {sec} are zero-padded to two digits each. The fractional
|
78
|
+
# seconds, which can go up to 9 digits (i.e. up to 1 nanosecond resolution),
|
79
|
+
# are optional. The "Z" suffix indicates the timezone ("UTC"); the timezone
|
80
|
+
# is required, though only UTC (as indicated by "Z") is presently supported.
|
81
|
+
#
|
82
|
+
# For example, "2017-01-15T01:30:15.01Z" encodes 15.01 seconds past
|
83
|
+
# 01:30 UTC on January 15, 2017.
|
84
|
+
#
|
85
|
+
# In JavaScript, one can convert a Date object to this format using the
|
86
|
+
# standard [toISOString()](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Date/toISOString]
|
87
|
+
# method. In Python, a standard +datetime.datetime+ object can be converted
|
88
|
+
# to this format using [+strftime+](https://docs.python.org/2/library/time.html#time.strftime)
|
89
|
+
# with the time format spec '%Y-%m-%dT%H:%M:%S.%fZ'. Likewise, in Java, one
|
90
|
+
# can use the Joda Time's [+ISODateTimeFormat.dateTime()+](
|
91
|
+
# http://joda-time.sourceforge.net/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime())
|
92
|
+
# to obtain a formatter capable of generating timestamps in this format.
|
93
|
+
# @!attribute [rw] seconds
|
94
|
+
# @return [Integer]
|
95
|
+
# Represents seconds of UTC time since Unix epoch
|
96
|
+
# 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to
|
97
|
+
# 9999-12-31T23:59:59Z inclusive.
|
98
|
+
# @!attribute [rw] nanos
|
99
|
+
# @return [Integer]
|
100
|
+
# Non-negative fractions of a second at nanosecond resolution. Negative
|
101
|
+
# second values with fractions must still have non-negative nanos values
|
102
|
+
# that count forward in time. Must be from 0 to 999,999,999
|
103
|
+
# inclusive.
|
104
|
+
class Timestamp; end
|
105
|
+
end
|
106
|
+
end
|
@@ -0,0 +1,80 @@
|
|
1
|
+
# Copyright 2018 Google LLC
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
# you may not use this file except in compliance with the License.
|
5
|
+
# You may obtain a copy of the License at
|
6
|
+
#
|
7
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
8
|
+
#
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
+
# See the License for the specific language governing permissions and
|
13
|
+
# limitations under the License.
|
14
|
+
|
15
|
+
module Google
|
16
|
+
module Cloud
|
17
|
+
# rubocop:disable LineLength
|
18
|
+
|
19
|
+
##
|
20
|
+
# # Ruby Client for Google Cloud Key Management Service (KMS) API ([Alpha](https://github.com/GoogleCloudPlatform/google-cloud-ruby#versioning))
|
21
|
+
#
|
22
|
+
# [Google Cloud Key Management Service (KMS) API][Product Documentation]:
|
23
|
+
# Manages encryption for your cloud services the same way you do on-premises.
|
24
|
+
# You can generate, use, rotate, and destroy AES256 encryption keys.
|
25
|
+
# - [Product Documentation][]
|
26
|
+
#
|
27
|
+
# ## Quick Start
|
28
|
+
# In order to use this library, you first need to go through the following
|
29
|
+
# steps:
|
30
|
+
#
|
31
|
+
# 1. [Select or create a Cloud Platform project.](https://console.cloud.google.com/project)
|
32
|
+
# 2. [Enable billing for your project.](https://cloud.google.com/billing/docs/how-to/modify-project#enable_billing_for_a_project)
|
33
|
+
# 3. [Enable the Google Cloud Key Management Service (KMS) API.](https://console.cloud.google.com/apis/api/kms)
|
34
|
+
# 4. [Setup Authentication.](https://googlecloudplatform.github.io/google-cloud-ruby/#/docs/google-cloud/master/guides/authentication)
|
35
|
+
#
|
36
|
+
# ### Installation
|
37
|
+
# ```
|
38
|
+
# $ gem install google-cloud-kms
|
39
|
+
# ```
|
40
|
+
#
|
41
|
+
# ### Next Steps
|
42
|
+
# - Read the [Google Cloud Key Management Service (KMS) API Product documentation][Product Documentation]
|
43
|
+
# to learn more about the product and see How-to Guides.
|
44
|
+
# - View this [repository's main README](https://github.com/GoogleCloudPlatform/google-cloud-ruby/blob/master/README.md)
|
45
|
+
# to see the full list of Cloud APIs that we cover.
|
46
|
+
#
|
47
|
+
# [Product Documentation]: https://cloud.google.com/kms
|
48
|
+
#
|
49
|
+
# ## Enabling Logging
|
50
|
+
#
|
51
|
+
# To enable logging for this library, set the logger for the underlying [gRPC](https://github.com/grpc/grpc/tree/master/src/ruby) library.
|
52
|
+
# The logger that you set may be a Ruby stdlib [`Logger`](https://ruby-doc.org/stdlib-2.5.0/libdoc/logger/rdoc/Logger.html) as shown below,
|
53
|
+
# or a [`Google::Cloud::Logging::Logger`](https://googlecloudplatform.github.io/google-cloud-ruby/#/docs/google-cloud-logging/latest/google/cloud/logging/logger)
|
54
|
+
# that will write logs to [Stackdriver Logging](https://cloud.google.com/logging/). See [grpc/logconfig.rb](https://github.com/grpc/grpc/blob/master/src/ruby/lib/grpc/logconfig.rb)
|
55
|
+
# and the gRPC [spec_helper.rb](https://github.com/grpc/grpc/blob/master/src/ruby/spec/spec_helper.rb) for additional information.
|
56
|
+
#
|
57
|
+
# Configuring a Ruby stdlib logger:
|
58
|
+
#
|
59
|
+
# ```ruby
|
60
|
+
# require "logger"
|
61
|
+
#
|
62
|
+
# module MyLogger
|
63
|
+
# LOGGER = Logger.new $stderr, level: Logger::WARN
|
64
|
+
# def logger
|
65
|
+
# LOGGER
|
66
|
+
# end
|
67
|
+
# end
|
68
|
+
#
|
69
|
+
# # Define a gRPC module-level logger method before grpc/logconfig.rb loads.
|
70
|
+
# module GRPC
|
71
|
+
# extend MyLogger
|
72
|
+
# end
|
73
|
+
# ```
|
74
|
+
#
|
75
|
+
module Kms
|
76
|
+
module V1
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
@@ -0,0 +1,1226 @@
|
|
1
|
+
# Copyright 2018 Google LLC
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
# you may not use this file except in compliance with the License.
|
5
|
+
# You may obtain a copy of the License at
|
6
|
+
#
|
7
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
8
|
+
#
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
+
# See the License for the specific language governing permissions and
|
13
|
+
# limitations under the License.
|
14
|
+
#
|
15
|
+
# EDITING INSTRUCTIONS
|
16
|
+
# This file was generated from the file
|
17
|
+
# https://github.com/googleapis/googleapis/blob/master/google/cloud/kms/v1/service.proto,
|
18
|
+
# and updates to that file get reflected here through a refresh process.
|
19
|
+
# For the short term, the refresh process will only be runnable by Google
|
20
|
+
# engineers.
|
21
|
+
|
22
|
+
require "json"
|
23
|
+
require "pathname"
|
24
|
+
|
25
|
+
require "google/gax"
|
26
|
+
|
27
|
+
require "google/cloud/kms/v1/service_pb"
|
28
|
+
require "google/iam/v1/iam_policy_pb"
|
29
|
+
require "google/cloud/kms/v1/credentials"
|
30
|
+
|
31
|
+
module Google
|
32
|
+
module Cloud
|
33
|
+
module Kms
|
34
|
+
module V1
|
35
|
+
# Google Cloud Key Management Service
|
36
|
+
#
|
37
|
+
# Manages cryptographic keys and operations using those keys. Implements a REST
|
38
|
+
# model with the following objects:
|
39
|
+
#
|
40
|
+
# * {Google::Cloud::Kms::V1::KeyRing KeyRing}
|
41
|
+
# * {Google::Cloud::Kms::V1::CryptoKey CryptoKey}
|
42
|
+
# * {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}
|
43
|
+
#
|
44
|
+
# @!attribute [r] key_management_service_stub
|
45
|
+
# @return [Google::Cloud::Kms::V1::KeyManagementService::Stub]
|
46
|
+
# @!attribute [r] iam_policy_stub
|
47
|
+
# @return [Google::Iam::V1::IAMPolicy::Stub]
|
48
|
+
class KeyManagementServiceClient
|
49
|
+
attr_reader :key_management_service_stub, :iam_policy_stub
|
50
|
+
|
51
|
+
# The default address of the service.
|
52
|
+
SERVICE_ADDRESS = "cloudkms.googleapis.com".freeze
|
53
|
+
|
54
|
+
# The default port of the service.
|
55
|
+
DEFAULT_SERVICE_PORT = 443
|
56
|
+
|
57
|
+
# The default set of gRPC interceptors.
|
58
|
+
GRPC_INTERCEPTORS = []
|
59
|
+
|
60
|
+
DEFAULT_TIMEOUT = 30
|
61
|
+
|
62
|
+
PAGE_DESCRIPTORS = {
|
63
|
+
"list_key_rings" => Google::Gax::PageDescriptor.new(
|
64
|
+
"page_token",
|
65
|
+
"next_page_token",
|
66
|
+
"key_rings"),
|
67
|
+
"list_crypto_keys" => Google::Gax::PageDescriptor.new(
|
68
|
+
"page_token",
|
69
|
+
"next_page_token",
|
70
|
+
"crypto_keys"),
|
71
|
+
"list_crypto_key_versions" => Google::Gax::PageDescriptor.new(
|
72
|
+
"page_token",
|
73
|
+
"next_page_token",
|
74
|
+
"crypto_key_versions")
|
75
|
+
}.freeze
|
76
|
+
|
77
|
+
private_constant :PAGE_DESCRIPTORS
|
78
|
+
|
79
|
+
# The scopes needed to make gRPC calls to all of the methods defined in
|
80
|
+
# this service.
|
81
|
+
ALL_SCOPES = [
|
82
|
+
"https://www.googleapis.com/auth/cloud-platform"
|
83
|
+
].freeze
|
84
|
+
|
85
|
+
|
86
|
+
KEY_RING_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
|
87
|
+
"projects/{project}/locations/{location}/keyRings/{key_ring}"
|
88
|
+
)
|
89
|
+
|
90
|
+
private_constant :KEY_RING_PATH_TEMPLATE
|
91
|
+
|
92
|
+
CRYPTO_KEY_PATH_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
|
93
|
+
"projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key_path=**}"
|
94
|
+
)
|
95
|
+
|
96
|
+
private_constant :CRYPTO_KEY_PATH_PATH_TEMPLATE
|
97
|
+
|
98
|
+
LOCATION_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
|
99
|
+
"projects/{project}/locations/{location}"
|
100
|
+
)
|
101
|
+
|
102
|
+
private_constant :LOCATION_PATH_TEMPLATE
|
103
|
+
|
104
|
+
CRYPTO_KEY_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
|
105
|
+
"projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}"
|
106
|
+
)
|
107
|
+
|
108
|
+
private_constant :CRYPTO_KEY_PATH_TEMPLATE
|
109
|
+
|
110
|
+
CRYPTO_KEY_VERSION_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
|
111
|
+
"projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{crypto_key}/cryptoKeyVersions/{crypto_key_version}"
|
112
|
+
)
|
113
|
+
|
114
|
+
private_constant :CRYPTO_KEY_VERSION_PATH_TEMPLATE
|
115
|
+
|
116
|
+
# Returns a fully-qualified key_ring resource name string.
|
117
|
+
# @param project [String]
|
118
|
+
# @param location [String]
|
119
|
+
# @param key_ring [String]
|
120
|
+
# @return [String]
|
121
|
+
def self.key_ring_path project, location, key_ring
|
122
|
+
KEY_RING_PATH_TEMPLATE.render(
|
123
|
+
:"project" => project,
|
124
|
+
:"location" => location,
|
125
|
+
:"key_ring" => key_ring
|
126
|
+
)
|
127
|
+
end
|
128
|
+
|
129
|
+
# Returns a fully-qualified crypto_key_path resource name string.
|
130
|
+
# @param project [String]
|
131
|
+
# @param location [String]
|
132
|
+
# @param key_ring [String]
|
133
|
+
# @param crypto_key_path [String]
|
134
|
+
# @return [String]
|
135
|
+
def self.crypto_key_path_path project, location, key_ring, crypto_key_path
|
136
|
+
CRYPTO_KEY_PATH_PATH_TEMPLATE.render(
|
137
|
+
:"project" => project,
|
138
|
+
:"location" => location,
|
139
|
+
:"key_ring" => key_ring,
|
140
|
+
:"crypto_key_path" => crypto_key_path
|
141
|
+
)
|
142
|
+
end
|
143
|
+
|
144
|
+
# Returns a fully-qualified location resource name string.
|
145
|
+
# @param project [String]
|
146
|
+
# @param location [String]
|
147
|
+
# @return [String]
|
148
|
+
def self.location_path project, location
|
149
|
+
LOCATION_PATH_TEMPLATE.render(
|
150
|
+
:"project" => project,
|
151
|
+
:"location" => location
|
152
|
+
)
|
153
|
+
end
|
154
|
+
|
155
|
+
# Returns a fully-qualified crypto_key resource name string.
|
156
|
+
# @param project [String]
|
157
|
+
# @param location [String]
|
158
|
+
# @param key_ring [String]
|
159
|
+
# @param crypto_key [String]
|
160
|
+
# @return [String]
|
161
|
+
def self.crypto_key_path project, location, key_ring, crypto_key
|
162
|
+
CRYPTO_KEY_PATH_TEMPLATE.render(
|
163
|
+
:"project" => project,
|
164
|
+
:"location" => location,
|
165
|
+
:"key_ring" => key_ring,
|
166
|
+
:"crypto_key" => crypto_key
|
167
|
+
)
|
168
|
+
end
|
169
|
+
|
170
|
+
# Returns a fully-qualified crypto_key_version resource name string.
|
171
|
+
# @param project [String]
|
172
|
+
# @param location [String]
|
173
|
+
# @param key_ring [String]
|
174
|
+
# @param crypto_key [String]
|
175
|
+
# @param crypto_key_version [String]
|
176
|
+
# @return [String]
|
177
|
+
def self.crypto_key_version_path project, location, key_ring, crypto_key, crypto_key_version
|
178
|
+
CRYPTO_KEY_VERSION_PATH_TEMPLATE.render(
|
179
|
+
:"project" => project,
|
180
|
+
:"location" => location,
|
181
|
+
:"key_ring" => key_ring,
|
182
|
+
:"crypto_key" => crypto_key,
|
183
|
+
:"crypto_key_version" => crypto_key_version
|
184
|
+
)
|
185
|
+
end
|
186
|
+
|
187
|
+
# @param credentials [Google::Auth::Credentials, String, Hash, GRPC::Core::Channel, GRPC::Core::ChannelCredentials, Proc]
|
188
|
+
# Provides the means for authenticating requests made by the client. This parameter can
|
189
|
+
# be many types.
|
190
|
+
# A `Google::Auth::Credentials` uses a the properties of its represented keyfile for
|
191
|
+
# authenticating requests made by this client.
|
192
|
+
# A `String` will be treated as the path to the keyfile to be used for the construction of
|
193
|
+
# credentials for this client.
|
194
|
+
# A `Hash` will be treated as the contents of a keyfile to be used for the construction of
|
195
|
+
# credentials for this client.
|
196
|
+
# A `GRPC::Core::Channel` will be used to make calls through.
|
197
|
+
# A `GRPC::Core::ChannelCredentials` for the setting up the RPC client. The channel credentials
|
198
|
+
# should already be composed with a `GRPC::Core::CallCredentials` object.
|
199
|
+
# A `Proc` will be used as an updater_proc for the Grpc channel. The proc transforms the
|
200
|
+
# metadata for requests, generally, to give OAuth credentials.
|
201
|
+
# @param scopes [Array<String>]
|
202
|
+
# The OAuth scopes for this service. This parameter is ignored if
|
203
|
+
# an updater_proc is supplied.
|
204
|
+
# @param client_config [Hash]
|
205
|
+
# A Hash for call options for each method. See
|
206
|
+
# Google::Gax#construct_settings for the structure of
|
207
|
+
# this data. Falls back to the default config if not specified
|
208
|
+
# or the specified config is missing data points.
|
209
|
+
# @param timeout [Numeric]
|
210
|
+
# The default timeout, in seconds, for calls made through this client.
|
211
|
+
# @param metadata [Hash]
|
212
|
+
# Default metadata to be sent with each request. This can be overridden on a per call basis.
|
213
|
+
# @param exception_transformer [Proc]
|
214
|
+
# An optional proc that intercepts any exceptions raised during an API call to inject
|
215
|
+
# custom error handling.
|
216
|
+
def initialize \
|
217
|
+
credentials: nil,
|
218
|
+
scopes: ALL_SCOPES,
|
219
|
+
client_config: {},
|
220
|
+
timeout: DEFAULT_TIMEOUT,
|
221
|
+
metadata: nil,
|
222
|
+
exception_transformer: nil,
|
223
|
+
lib_name: nil,
|
224
|
+
lib_version: ""
|
225
|
+
# These require statements are intentionally placed here to initialize
|
226
|
+
# the gRPC module only when it's required.
|
227
|
+
# See https://github.com/googleapis/toolkit/issues/446
|
228
|
+
require "google/gax/grpc"
|
229
|
+
require "google/cloud/kms/v1/service_services_pb"
|
230
|
+
require "google/iam/v1/iam_policy_services_pb"
|
231
|
+
|
232
|
+
credentials ||= Google::Cloud::Kms::V1::Credentials.default
|
233
|
+
|
234
|
+
if credentials.is_a?(String) || credentials.is_a?(Hash)
|
235
|
+
updater_proc = Google::Cloud::Kms::V1::Credentials.new(credentials).updater_proc
|
236
|
+
end
|
237
|
+
if credentials.is_a?(GRPC::Core::Channel)
|
238
|
+
channel = credentials
|
239
|
+
end
|
240
|
+
if credentials.is_a?(GRPC::Core::ChannelCredentials)
|
241
|
+
chan_creds = credentials
|
242
|
+
end
|
243
|
+
if credentials.is_a?(Proc)
|
244
|
+
updater_proc = credentials
|
245
|
+
end
|
246
|
+
if credentials.is_a?(Google::Auth::Credentials)
|
247
|
+
updater_proc = credentials.updater_proc
|
248
|
+
end
|
249
|
+
|
250
|
+
package_version = Gem.loaded_specs['google-cloud-kms'].version.version
|
251
|
+
|
252
|
+
google_api_client = "gl-ruby/#{RUBY_VERSION}"
|
253
|
+
google_api_client << " #{lib_name}/#{lib_version}" if lib_name
|
254
|
+
google_api_client << " gapic/#{package_version} gax/#{Google::Gax::VERSION}"
|
255
|
+
google_api_client << " grpc/#{GRPC::VERSION}"
|
256
|
+
google_api_client.freeze
|
257
|
+
|
258
|
+
headers = { :"x-goog-api-client" => google_api_client }
|
259
|
+
headers.merge!(metadata) unless metadata.nil?
|
260
|
+
client_config_file = Pathname.new(__dir__).join(
|
261
|
+
"key_management_service_client_config.json"
|
262
|
+
)
|
263
|
+
defaults = client_config_file.open do |f|
|
264
|
+
Google::Gax.construct_settings(
|
265
|
+
"google.cloud.kms.v1.KeyManagementService",
|
266
|
+
JSON.parse(f.read),
|
267
|
+
client_config,
|
268
|
+
Google::Gax::Grpc::STATUS_CODE_NAMES,
|
269
|
+
timeout,
|
270
|
+
page_descriptors: PAGE_DESCRIPTORS,
|
271
|
+
errors: Google::Gax::Grpc::API_ERRORS,
|
272
|
+
metadata: headers
|
273
|
+
)
|
274
|
+
end
|
275
|
+
|
276
|
+
# Allow overriding the service path/port in subclasses.
|
277
|
+
service_path = self.class::SERVICE_ADDRESS
|
278
|
+
port = self.class::DEFAULT_SERVICE_PORT
|
279
|
+
interceptors = self.class::GRPC_INTERCEPTORS
|
280
|
+
@key_management_service_stub = Google::Gax::Grpc.create_stub(
|
281
|
+
service_path,
|
282
|
+
port,
|
283
|
+
chan_creds: chan_creds,
|
284
|
+
channel: channel,
|
285
|
+
updater_proc: updater_proc,
|
286
|
+
scopes: scopes,
|
287
|
+
interceptors: interceptors,
|
288
|
+
&Google::Cloud::Kms::V1::KeyManagementService::Stub.method(:new)
|
289
|
+
)
|
290
|
+
@iam_policy_stub = Google::Gax::Grpc.create_stub(
|
291
|
+
service_path,
|
292
|
+
port,
|
293
|
+
chan_creds: chan_creds,
|
294
|
+
channel: channel,
|
295
|
+
updater_proc: updater_proc,
|
296
|
+
scopes: scopes,
|
297
|
+
interceptors: interceptors,
|
298
|
+
&Google::Iam::V1::IAMPolicy::Stub.method(:new)
|
299
|
+
)
|
300
|
+
|
301
|
+
@list_key_rings = Google::Gax.create_api_call(
|
302
|
+
@key_management_service_stub.method(:list_key_rings),
|
303
|
+
defaults["list_key_rings"],
|
304
|
+
exception_transformer: exception_transformer
|
305
|
+
)
|
306
|
+
@list_crypto_keys = Google::Gax.create_api_call(
|
307
|
+
@key_management_service_stub.method(:list_crypto_keys),
|
308
|
+
defaults["list_crypto_keys"],
|
309
|
+
exception_transformer: exception_transformer
|
310
|
+
)
|
311
|
+
@list_crypto_key_versions = Google::Gax.create_api_call(
|
312
|
+
@key_management_service_stub.method(:list_crypto_key_versions),
|
313
|
+
defaults["list_crypto_key_versions"],
|
314
|
+
exception_transformer: exception_transformer
|
315
|
+
)
|
316
|
+
@get_key_ring = Google::Gax.create_api_call(
|
317
|
+
@key_management_service_stub.method(:get_key_ring),
|
318
|
+
defaults["get_key_ring"],
|
319
|
+
exception_transformer: exception_transformer
|
320
|
+
)
|
321
|
+
@get_crypto_key = Google::Gax.create_api_call(
|
322
|
+
@key_management_service_stub.method(:get_crypto_key),
|
323
|
+
defaults["get_crypto_key"],
|
324
|
+
exception_transformer: exception_transformer
|
325
|
+
)
|
326
|
+
@get_crypto_key_version = Google::Gax.create_api_call(
|
327
|
+
@key_management_service_stub.method(:get_crypto_key_version),
|
328
|
+
defaults["get_crypto_key_version"],
|
329
|
+
exception_transformer: exception_transformer
|
330
|
+
)
|
331
|
+
@create_key_ring = Google::Gax.create_api_call(
|
332
|
+
@key_management_service_stub.method(:create_key_ring),
|
333
|
+
defaults["create_key_ring"],
|
334
|
+
exception_transformer: exception_transformer
|
335
|
+
)
|
336
|
+
@create_crypto_key = Google::Gax.create_api_call(
|
337
|
+
@key_management_service_stub.method(:create_crypto_key),
|
338
|
+
defaults["create_crypto_key"],
|
339
|
+
exception_transformer: exception_transformer
|
340
|
+
)
|
341
|
+
@create_crypto_key_version = Google::Gax.create_api_call(
|
342
|
+
@key_management_service_stub.method(:create_crypto_key_version),
|
343
|
+
defaults["create_crypto_key_version"],
|
344
|
+
exception_transformer: exception_transformer
|
345
|
+
)
|
346
|
+
@update_crypto_key = Google::Gax.create_api_call(
|
347
|
+
@key_management_service_stub.method(:update_crypto_key),
|
348
|
+
defaults["update_crypto_key"],
|
349
|
+
exception_transformer: exception_transformer
|
350
|
+
)
|
351
|
+
@update_crypto_key_version = Google::Gax.create_api_call(
|
352
|
+
@key_management_service_stub.method(:update_crypto_key_version),
|
353
|
+
defaults["update_crypto_key_version"],
|
354
|
+
exception_transformer: exception_transformer
|
355
|
+
)
|
356
|
+
@encrypt = Google::Gax.create_api_call(
|
357
|
+
@key_management_service_stub.method(:encrypt),
|
358
|
+
defaults["encrypt"],
|
359
|
+
exception_transformer: exception_transformer
|
360
|
+
)
|
361
|
+
@decrypt = Google::Gax.create_api_call(
|
362
|
+
@key_management_service_stub.method(:decrypt),
|
363
|
+
defaults["decrypt"],
|
364
|
+
exception_transformer: exception_transformer
|
365
|
+
)
|
366
|
+
@update_crypto_key_primary_version = Google::Gax.create_api_call(
|
367
|
+
@key_management_service_stub.method(:update_crypto_key_primary_version),
|
368
|
+
defaults["update_crypto_key_primary_version"],
|
369
|
+
exception_transformer: exception_transformer
|
370
|
+
)
|
371
|
+
@destroy_crypto_key_version = Google::Gax.create_api_call(
|
372
|
+
@key_management_service_stub.method(:destroy_crypto_key_version),
|
373
|
+
defaults["destroy_crypto_key_version"],
|
374
|
+
exception_transformer: exception_transformer
|
375
|
+
)
|
376
|
+
@restore_crypto_key_version = Google::Gax.create_api_call(
|
377
|
+
@key_management_service_stub.method(:restore_crypto_key_version),
|
378
|
+
defaults["restore_crypto_key_version"],
|
379
|
+
exception_transformer: exception_transformer
|
380
|
+
)
|
381
|
+
@set_iam_policy = Google::Gax.create_api_call(
|
382
|
+
@iam_policy_stub.method(:set_iam_policy),
|
383
|
+
defaults["set_iam_policy"],
|
384
|
+
exception_transformer: exception_transformer
|
385
|
+
)
|
386
|
+
@get_iam_policy = Google::Gax.create_api_call(
|
387
|
+
@iam_policy_stub.method(:get_iam_policy),
|
388
|
+
defaults["get_iam_policy"],
|
389
|
+
exception_transformer: exception_transformer
|
390
|
+
)
|
391
|
+
@test_iam_permissions = Google::Gax.create_api_call(
|
392
|
+
@iam_policy_stub.method(:test_iam_permissions),
|
393
|
+
defaults["test_iam_permissions"],
|
394
|
+
exception_transformer: exception_transformer
|
395
|
+
)
|
396
|
+
end
|
397
|
+
|
398
|
+
# Service calls
|
399
|
+
|
400
|
+
# Lists {Google::Cloud::Kms::V1::KeyRing KeyRings}.
|
401
|
+
#
|
402
|
+
# @param parent [String]
|
403
|
+
# Required. The resource name of the location associated with the
|
404
|
+
# {Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format +projects/*/locations/*+.
|
405
|
+
# @param page_size [Integer]
|
406
|
+
# The maximum number of resources contained in the underlying API
|
407
|
+
# response. If page streaming is performed per-resource, this
|
408
|
+
# parameter does not affect the return value. If page streaming is
|
409
|
+
# performed per-page, this determines the maximum number of
|
410
|
+
# resources in a page.
|
411
|
+
# @param options [Google::Gax::CallOptions]
|
412
|
+
# Overrides the default settings for this call, e.g, timeout,
|
413
|
+
# retries, etc.
|
414
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
415
|
+
# @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::Kms::V1::KeyRing>]
|
416
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
417
|
+
# @return [Google::Gax::PagedEnumerable<Google::Cloud::Kms::V1::KeyRing>]
|
418
|
+
# An enumerable of Google::Cloud::Kms::V1::KeyRing instances.
|
419
|
+
# See Google::Gax::PagedEnumerable documentation for other
|
420
|
+
# operations such as per-page iteration or access to the response
|
421
|
+
# object.
|
422
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
423
|
+
# @example
|
424
|
+
# require "google/cloud/kms"
|
425
|
+
#
|
426
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
427
|
+
# formatted_parent = Google::Cloud::Kms::V1::KeyManagementServiceClient.location_path("[PROJECT]", "[LOCATION]")
|
428
|
+
#
|
429
|
+
# # Iterate over all results.
|
430
|
+
# key_management_service_client.list_key_rings(formatted_parent).each do |element|
|
431
|
+
# # Process element.
|
432
|
+
# end
|
433
|
+
#
|
434
|
+
# # Or iterate over results one page at a time.
|
435
|
+
# key_management_service_client.list_key_rings(formatted_parent).each_page do |page|
|
436
|
+
# # Process each page at a time.
|
437
|
+
# page.each do |element|
|
438
|
+
# # Process element.
|
439
|
+
# end
|
440
|
+
# end
|
441
|
+
|
442
|
+
def list_key_rings \
|
443
|
+
parent,
|
444
|
+
page_size: nil,
|
445
|
+
options: nil,
|
446
|
+
&block
|
447
|
+
req = {
|
448
|
+
parent: parent,
|
449
|
+
page_size: page_size
|
450
|
+
}.delete_if { |_, v| v.nil? }
|
451
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::ListKeyRingsRequest)
|
452
|
+
@list_key_rings.call(req, options, &block)
|
453
|
+
end
|
454
|
+
|
455
|
+
# Lists {Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
|
456
|
+
#
|
457
|
+
# @param parent [String]
|
458
|
+
# Required. The resource name of the {Google::Cloud::Kms::V1::KeyRing KeyRing} to list, in the format
|
459
|
+
# +projects/*/locations/*/keyRings/*+.
|
460
|
+
# @param page_size [Integer]
|
461
|
+
# The maximum number of resources contained in the underlying API
|
462
|
+
# response. If page streaming is performed per-resource, this
|
463
|
+
# parameter does not affect the return value. If page streaming is
|
464
|
+
# performed per-page, this determines the maximum number of
|
465
|
+
# resources in a page.
|
466
|
+
# @param options [Google::Gax::CallOptions]
|
467
|
+
# Overrides the default settings for this call, e.g, timeout,
|
468
|
+
# retries, etc.
|
469
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
470
|
+
# @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::Kms::V1::CryptoKey>]
|
471
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
472
|
+
# @return [Google::Gax::PagedEnumerable<Google::Cloud::Kms::V1::CryptoKey>]
|
473
|
+
# An enumerable of Google::Cloud::Kms::V1::CryptoKey instances.
|
474
|
+
# See Google::Gax::PagedEnumerable documentation for other
|
475
|
+
# operations such as per-page iteration or access to the response
|
476
|
+
# object.
|
477
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
478
|
+
# @example
|
479
|
+
# require "google/cloud/kms"
|
480
|
+
#
|
481
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
482
|
+
# formatted_parent = Google::Cloud::Kms::V1::KeyManagementServiceClient.key_ring_path("[PROJECT]", "[LOCATION]", "[KEY_RING]")
|
483
|
+
#
|
484
|
+
# # Iterate over all results.
|
485
|
+
# key_management_service_client.list_crypto_keys(formatted_parent).each do |element|
|
486
|
+
# # Process element.
|
487
|
+
# end
|
488
|
+
#
|
489
|
+
# # Or iterate over results one page at a time.
|
490
|
+
# key_management_service_client.list_crypto_keys(formatted_parent).each_page do |page|
|
491
|
+
# # Process each page at a time.
|
492
|
+
# page.each do |element|
|
493
|
+
# # Process element.
|
494
|
+
# end
|
495
|
+
# end
|
496
|
+
|
497
|
+
def list_crypto_keys \
|
498
|
+
parent,
|
499
|
+
page_size: nil,
|
500
|
+
options: nil,
|
501
|
+
&block
|
502
|
+
req = {
|
503
|
+
parent: parent,
|
504
|
+
page_size: page_size
|
505
|
+
}.delete_if { |_, v| v.nil? }
|
506
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::ListCryptoKeysRequest)
|
507
|
+
@list_crypto_keys.call(req, options, &block)
|
508
|
+
end
|
509
|
+
|
510
|
+
# Lists {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
|
511
|
+
#
|
512
|
+
# @param parent [String]
|
513
|
+
# Required. The resource name of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} to list, in the format
|
514
|
+
# +projects/*/locations/*/keyRings/*/cryptoKeys/*+.
|
515
|
+
# @param page_size [Integer]
|
516
|
+
# The maximum number of resources contained in the underlying API
|
517
|
+
# response. If page streaming is performed per-resource, this
|
518
|
+
# parameter does not affect the return value. If page streaming is
|
519
|
+
# performed per-page, this determines the maximum number of
|
520
|
+
# resources in a page.
|
521
|
+
# @param options [Google::Gax::CallOptions]
|
522
|
+
# Overrides the default settings for this call, e.g, timeout,
|
523
|
+
# retries, etc.
|
524
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
525
|
+
# @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::Kms::V1::CryptoKeyVersion>]
|
526
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
527
|
+
# @return [Google::Gax::PagedEnumerable<Google::Cloud::Kms::V1::CryptoKeyVersion>]
|
528
|
+
# An enumerable of Google::Cloud::Kms::V1::CryptoKeyVersion instances.
|
529
|
+
# See Google::Gax::PagedEnumerable documentation for other
|
530
|
+
# operations such as per-page iteration or access to the response
|
531
|
+
# object.
|
532
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
533
|
+
# @example
|
534
|
+
# require "google/cloud/kms"
|
535
|
+
#
|
536
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
537
|
+
# formatted_parent = Google::Cloud::Kms::V1::KeyManagementServiceClient.crypto_key_path("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
|
538
|
+
#
|
539
|
+
# # Iterate over all results.
|
540
|
+
# key_management_service_client.list_crypto_key_versions(formatted_parent).each do |element|
|
541
|
+
# # Process element.
|
542
|
+
# end
|
543
|
+
#
|
544
|
+
# # Or iterate over results one page at a time.
|
545
|
+
# key_management_service_client.list_crypto_key_versions(formatted_parent).each_page do |page|
|
546
|
+
# # Process each page at a time.
|
547
|
+
# page.each do |element|
|
548
|
+
# # Process element.
|
549
|
+
# end
|
550
|
+
# end
|
551
|
+
|
552
|
+
def list_crypto_key_versions \
|
553
|
+
parent,
|
554
|
+
page_size: nil,
|
555
|
+
options: nil,
|
556
|
+
&block
|
557
|
+
req = {
|
558
|
+
parent: parent,
|
559
|
+
page_size: page_size
|
560
|
+
}.delete_if { |_, v| v.nil? }
|
561
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest)
|
562
|
+
@list_crypto_key_versions.call(req, options, &block)
|
563
|
+
end
|
564
|
+
|
565
|
+
# Returns metadata for a given {Google::Cloud::Kms::V1::KeyRing KeyRing}.
|
566
|
+
#
|
567
|
+
# @param name [String]
|
568
|
+
# The {Google::Cloud::Kms::V1::KeyRing#name name} of the {Google::Cloud::Kms::V1::KeyRing KeyRing} to get.
|
569
|
+
# @param options [Google::Gax::CallOptions]
|
570
|
+
# Overrides the default settings for this call, e.g, timeout,
|
571
|
+
# retries, etc.
|
572
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
573
|
+
# @yieldparam result [Google::Cloud::Kms::V1::KeyRing]
|
574
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
575
|
+
# @return [Google::Cloud::Kms::V1::KeyRing]
|
576
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
577
|
+
# @example
|
578
|
+
# require "google/cloud/kms"
|
579
|
+
#
|
580
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
581
|
+
# formatted_name = Google::Cloud::Kms::V1::KeyManagementServiceClient.key_ring_path("[PROJECT]", "[LOCATION]", "[KEY_RING]")
|
582
|
+
# response = key_management_service_client.get_key_ring(formatted_name)
|
583
|
+
|
584
|
+
def get_key_ring \
|
585
|
+
name,
|
586
|
+
options: nil,
|
587
|
+
&block
|
588
|
+
req = {
|
589
|
+
name: name
|
590
|
+
}.delete_if { |_, v| v.nil? }
|
591
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::GetKeyRingRequest)
|
592
|
+
@get_key_ring.call(req, options, &block)
|
593
|
+
end
|
594
|
+
|
595
|
+
# Returns metadata for a given {Google::Cloud::Kms::V1::CryptoKey CryptoKey}, as well as its
|
596
|
+
# {Google::Cloud::Kms::V1::CryptoKey#primary primary} {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
|
597
|
+
#
|
598
|
+
# @param name [String]
|
599
|
+
# The {Google::Cloud::Kms::V1::CryptoKey#name name} of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} to get.
|
600
|
+
# @param options [Google::Gax::CallOptions]
|
601
|
+
# Overrides the default settings for this call, e.g, timeout,
|
602
|
+
# retries, etc.
|
603
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
604
|
+
# @yieldparam result [Google::Cloud::Kms::V1::CryptoKey]
|
605
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
606
|
+
# @return [Google::Cloud::Kms::V1::CryptoKey]
|
607
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
608
|
+
# @example
|
609
|
+
# require "google/cloud/kms"
|
610
|
+
#
|
611
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
612
|
+
# formatted_name = Google::Cloud::Kms::V1::KeyManagementServiceClient.crypto_key_path("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
|
613
|
+
# response = key_management_service_client.get_crypto_key(formatted_name)
|
614
|
+
|
615
|
+
def get_crypto_key \
|
616
|
+
name,
|
617
|
+
options: nil,
|
618
|
+
&block
|
619
|
+
req = {
|
620
|
+
name: name
|
621
|
+
}.delete_if { |_, v| v.nil? }
|
622
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::GetCryptoKeyRequest)
|
623
|
+
@get_crypto_key.call(req, options, &block)
|
624
|
+
end
|
625
|
+
|
626
|
+
# Returns metadata for a given {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
|
627
|
+
#
|
628
|
+
# @param name [String]
|
629
|
+
# The {Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to get.
|
630
|
+
# @param options [Google::Gax::CallOptions]
|
631
|
+
# Overrides the default settings for this call, e.g, timeout,
|
632
|
+
# retries, etc.
|
633
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
634
|
+
# @yieldparam result [Google::Cloud::Kms::V1::CryptoKeyVersion]
|
635
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
636
|
+
# @return [Google::Cloud::Kms::V1::CryptoKeyVersion]
|
637
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
638
|
+
# @example
|
639
|
+
# require "google/cloud/kms"
|
640
|
+
#
|
641
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
642
|
+
# formatted_name = Google::Cloud::Kms::V1::KeyManagementServiceClient.crypto_key_version_path("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
|
643
|
+
# response = key_management_service_client.get_crypto_key_version(formatted_name)
|
644
|
+
|
645
|
+
def get_crypto_key_version \
|
646
|
+
name,
|
647
|
+
options: nil,
|
648
|
+
&block
|
649
|
+
req = {
|
650
|
+
name: name
|
651
|
+
}.delete_if { |_, v| v.nil? }
|
652
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::GetCryptoKeyVersionRequest)
|
653
|
+
@get_crypto_key_version.call(req, options, &block)
|
654
|
+
end
|
655
|
+
|
656
|
+
# Create a new {Google::Cloud::Kms::V1::KeyRing KeyRing} in a given Project and Location.
|
657
|
+
#
|
658
|
+
# @param parent [String]
|
659
|
+
# Required. The resource name of the location associated with the
|
660
|
+
# {Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format +projects/*/locations/*+.
|
661
|
+
# @param key_ring_id [String]
|
662
|
+
# Required. It must be unique within a location and match the regular
|
663
|
+
# expression +[a-zA-Z0-9_-]{1,63}+
|
664
|
+
# @param key_ring [Google::Cloud::Kms::V1::KeyRing | Hash]
|
665
|
+
# A {Google::Cloud::Kms::V1::KeyRing KeyRing} with initial field values.
|
666
|
+
# A hash of the same form as `Google::Cloud::Kms::V1::KeyRing`
|
667
|
+
# can also be provided.
|
668
|
+
# @param options [Google::Gax::CallOptions]
|
669
|
+
# Overrides the default settings for this call, e.g, timeout,
|
670
|
+
# retries, etc.
|
671
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
672
|
+
# @yieldparam result [Google::Cloud::Kms::V1::KeyRing]
|
673
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
674
|
+
# @return [Google::Cloud::Kms::V1::KeyRing]
|
675
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
676
|
+
# @example
|
677
|
+
# require "google/cloud/kms"
|
678
|
+
#
|
679
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
680
|
+
# formatted_parent = Google::Cloud::Kms::V1::KeyManagementServiceClient.location_path("[PROJECT]", "[LOCATION]")
|
681
|
+
#
|
682
|
+
# # TODO: Initialize +key_ring_id+:
|
683
|
+
# key_ring_id = ''
|
684
|
+
#
|
685
|
+
# # TODO: Initialize +key_ring+:
|
686
|
+
# key_ring = {}
|
687
|
+
# response = key_management_service_client.create_key_ring(formatted_parent, key_ring_id, key_ring)
|
688
|
+
|
689
|
+
def create_key_ring \
|
690
|
+
parent,
|
691
|
+
key_ring_id,
|
692
|
+
key_ring,
|
693
|
+
options: nil,
|
694
|
+
&block
|
695
|
+
req = {
|
696
|
+
parent: parent,
|
697
|
+
key_ring_id: key_ring_id,
|
698
|
+
key_ring: key_ring
|
699
|
+
}.delete_if { |_, v| v.nil? }
|
700
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::CreateKeyRingRequest)
|
701
|
+
@create_key_ring.call(req, options, &block)
|
702
|
+
end
|
703
|
+
|
704
|
+
# Create a new {Google::Cloud::Kms::V1::CryptoKey CryptoKey} within a {Google::Cloud::Kms::V1::KeyRing KeyRing}.
|
705
|
+
#
|
706
|
+
# {Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey#purpose} is required.
|
707
|
+
#
|
708
|
+
# @param parent [String]
|
709
|
+
# Required. The {Google::Cloud::Kms::V1::KeyRing#name name} of the KeyRing associated with the
|
710
|
+
# {Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
|
711
|
+
# @param crypto_key_id [String]
|
712
|
+
# Required. It must be unique within a KeyRing and match the regular
|
713
|
+
# expression +[a-zA-Z0-9_-]{1,63}+
|
714
|
+
# @param crypto_key [Google::Cloud::Kms::V1::CryptoKey | Hash]
|
715
|
+
# A {Google::Cloud::Kms::V1::CryptoKey CryptoKey} with initial field values.
|
716
|
+
# A hash of the same form as `Google::Cloud::Kms::V1::CryptoKey`
|
717
|
+
# can also be provided.
|
718
|
+
# @param options [Google::Gax::CallOptions]
|
719
|
+
# Overrides the default settings for this call, e.g, timeout,
|
720
|
+
# retries, etc.
|
721
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
722
|
+
# @yieldparam result [Google::Cloud::Kms::V1::CryptoKey]
|
723
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
724
|
+
# @return [Google::Cloud::Kms::V1::CryptoKey]
|
725
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
726
|
+
# @example
|
727
|
+
# require "google/cloud/kms"
|
728
|
+
#
|
729
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
730
|
+
# formatted_parent = Google::Cloud::Kms::V1::KeyManagementServiceClient.key_ring_path("[PROJECT]", "[LOCATION]", "[KEY_RING]")
|
731
|
+
# crypto_key_id = "my-app-key"
|
732
|
+
# purpose = :ENCRYPT_DECRYPT
|
733
|
+
# seconds = 2147483647
|
734
|
+
# next_rotation_time = { seconds: seconds }
|
735
|
+
# seconds_2 = 604800
|
736
|
+
# rotation_period = { seconds: seconds_2 }
|
737
|
+
# crypto_key = {
|
738
|
+
# purpose: purpose,
|
739
|
+
# next_rotation_time: next_rotation_time,
|
740
|
+
# rotation_period: rotation_period
|
741
|
+
# }
|
742
|
+
# response = key_management_service_client.create_crypto_key(formatted_parent, crypto_key_id, crypto_key)
|
743
|
+
|
744
|
+
def create_crypto_key \
|
745
|
+
parent,
|
746
|
+
crypto_key_id,
|
747
|
+
crypto_key,
|
748
|
+
options: nil,
|
749
|
+
&block
|
750
|
+
req = {
|
751
|
+
parent: parent,
|
752
|
+
crypto_key_id: crypto_key_id,
|
753
|
+
crypto_key: crypto_key
|
754
|
+
}.delete_if { |_, v| v.nil? }
|
755
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::CreateCryptoKeyRequest)
|
756
|
+
@create_crypto_key.call(req, options, &block)
|
757
|
+
end
|
758
|
+
|
759
|
+
# Create a new {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} in a {Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
|
760
|
+
#
|
761
|
+
# The server will assign the next sequential id. If unset,
|
762
|
+
# {Google::Cloud::Kms::V1::CryptoKeyVersion#state state} will be set to
|
763
|
+
# {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::ENABLED ENABLED}.
|
764
|
+
#
|
765
|
+
# @param parent [String]
|
766
|
+
# Required. The {Google::Cloud::Kms::V1::CryptoKey#name name} of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} associated with
|
767
|
+
# the {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
|
768
|
+
# @param crypto_key_version [Google::Cloud::Kms::V1::CryptoKeyVersion | Hash]
|
769
|
+
# A {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with initial field values.
|
770
|
+
# A hash of the same form as `Google::Cloud::Kms::V1::CryptoKeyVersion`
|
771
|
+
# can also be provided.
|
772
|
+
# @param options [Google::Gax::CallOptions]
|
773
|
+
# Overrides the default settings for this call, e.g, timeout,
|
774
|
+
# retries, etc.
|
775
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
776
|
+
# @yieldparam result [Google::Cloud::Kms::V1::CryptoKeyVersion]
|
777
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
778
|
+
# @return [Google::Cloud::Kms::V1::CryptoKeyVersion]
|
779
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
780
|
+
# @example
|
781
|
+
# require "google/cloud/kms"
|
782
|
+
#
|
783
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
784
|
+
# formatted_parent = Google::Cloud::Kms::V1::KeyManagementServiceClient.crypto_key_path("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
|
785
|
+
#
|
786
|
+
# # TODO: Initialize +crypto_key_version+:
|
787
|
+
# crypto_key_version = {}
|
788
|
+
# response = key_management_service_client.create_crypto_key_version(formatted_parent, crypto_key_version)
|
789
|
+
|
790
|
+
def create_crypto_key_version \
|
791
|
+
parent,
|
792
|
+
crypto_key_version,
|
793
|
+
options: nil,
|
794
|
+
&block
|
795
|
+
req = {
|
796
|
+
parent: parent,
|
797
|
+
crypto_key_version: crypto_key_version
|
798
|
+
}.delete_if { |_, v| v.nil? }
|
799
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::CreateCryptoKeyVersionRequest)
|
800
|
+
@create_crypto_key_version.call(req, options, &block)
|
801
|
+
end
|
802
|
+
|
803
|
+
# Update a {Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
|
804
|
+
#
|
805
|
+
# @param crypto_key [Google::Cloud::Kms::V1::CryptoKey | Hash]
|
806
|
+
# {Google::Cloud::Kms::V1::CryptoKey CryptoKey} with updated values.
|
807
|
+
# A hash of the same form as `Google::Cloud::Kms::V1::CryptoKey`
|
808
|
+
# can also be provided.
|
809
|
+
# @param update_mask [Google::Protobuf::FieldMask | Hash]
|
810
|
+
# Required list of fields to be updated in this request.
|
811
|
+
# A hash of the same form as `Google::Protobuf::FieldMask`
|
812
|
+
# can also be provided.
|
813
|
+
# @param options [Google::Gax::CallOptions]
|
814
|
+
# Overrides the default settings for this call, e.g, timeout,
|
815
|
+
# retries, etc.
|
816
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
817
|
+
# @yieldparam result [Google::Cloud::Kms::V1::CryptoKey]
|
818
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
819
|
+
# @return [Google::Cloud::Kms::V1::CryptoKey]
|
820
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
821
|
+
# @example
|
822
|
+
# require "google/cloud/kms"
|
823
|
+
#
|
824
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
825
|
+
#
|
826
|
+
# # TODO: Initialize +crypto_key+:
|
827
|
+
# crypto_key = {}
|
828
|
+
#
|
829
|
+
# # TODO: Initialize +update_mask+:
|
830
|
+
# update_mask = {}
|
831
|
+
# response = key_management_service_client.update_crypto_key(crypto_key, update_mask)
|
832
|
+
|
833
|
+
def update_crypto_key \
|
834
|
+
crypto_key,
|
835
|
+
update_mask,
|
836
|
+
options: nil,
|
837
|
+
&block
|
838
|
+
req = {
|
839
|
+
crypto_key: crypto_key,
|
840
|
+
update_mask: update_mask
|
841
|
+
}.delete_if { |_, v| v.nil? }
|
842
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::UpdateCryptoKeyRequest)
|
843
|
+
@update_crypto_key.call(req, options, &block)
|
844
|
+
end
|
845
|
+
|
846
|
+
# Update a {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s metadata.
|
847
|
+
#
|
848
|
+
# {Google::Cloud::Kms::V1::CryptoKeyVersion#state state} may be changed between
|
849
|
+
# {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::ENABLED ENABLED} and
|
850
|
+
# {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DISABLED DISABLED} using this
|
851
|
+
# method. See {Google::Cloud::Kms::V1::KeyManagementService::DestroyCryptoKeyVersion DestroyCryptoKeyVersion} and {Google::Cloud::Kms::V1::KeyManagementService::RestoreCryptoKeyVersion RestoreCryptoKeyVersion} to
|
852
|
+
# move between other states.
|
853
|
+
#
|
854
|
+
# @param crypto_key_version [Google::Cloud::Kms::V1::CryptoKeyVersion | Hash]
|
855
|
+
# {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with updated values.
|
856
|
+
# A hash of the same form as `Google::Cloud::Kms::V1::CryptoKeyVersion`
|
857
|
+
# can also be provided.
|
858
|
+
# @param update_mask [Google::Protobuf::FieldMask | Hash]
|
859
|
+
# Required list of fields to be updated in this request.
|
860
|
+
# A hash of the same form as `Google::Protobuf::FieldMask`
|
861
|
+
# can also be provided.
|
862
|
+
# @param options [Google::Gax::CallOptions]
|
863
|
+
# Overrides the default settings for this call, e.g, timeout,
|
864
|
+
# retries, etc.
|
865
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
866
|
+
# @yieldparam result [Google::Cloud::Kms::V1::CryptoKeyVersion]
|
867
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
868
|
+
# @return [Google::Cloud::Kms::V1::CryptoKeyVersion]
|
869
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
870
|
+
# @example
|
871
|
+
# require "google/cloud/kms"
|
872
|
+
#
|
873
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
874
|
+
#
|
875
|
+
# # TODO: Initialize +crypto_key_version+:
|
876
|
+
# crypto_key_version = {}
|
877
|
+
#
|
878
|
+
# # TODO: Initialize +update_mask+:
|
879
|
+
# update_mask = {}
|
880
|
+
# response = key_management_service_client.update_crypto_key_version(crypto_key_version, update_mask)
|
881
|
+
|
882
|
+
def update_crypto_key_version \
|
883
|
+
crypto_key_version,
|
884
|
+
update_mask,
|
885
|
+
options: nil,
|
886
|
+
&block
|
887
|
+
req = {
|
888
|
+
crypto_key_version: crypto_key_version,
|
889
|
+
update_mask: update_mask
|
890
|
+
}.delete_if { |_, v| v.nil? }
|
891
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::UpdateCryptoKeyVersionRequest)
|
892
|
+
@update_crypto_key_version.call(req, options, &block)
|
893
|
+
end
|
894
|
+
|
895
|
+
# Encrypts data, so that it can only be recovered by a call to {Google::Cloud::Kms::V1::KeyManagementService::Decrypt Decrypt}.
|
896
|
+
#
|
897
|
+
# @param name [String]
|
898
|
+
# Required. The resource name of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} or {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}
|
899
|
+
# to use for encryption.
|
900
|
+
#
|
901
|
+
# If a {Google::Cloud::Kms::V1::CryptoKey CryptoKey} is specified, the server will use its
|
902
|
+
# {Google::Cloud::Kms::V1::CryptoKey#primary primary version}.
|
903
|
+
# @param plaintext [String]
|
904
|
+
# Required. The data to encrypt. Must be no larger than 64KiB.
|
905
|
+
# @param additional_authenticated_data [String]
|
906
|
+
# Optional data that, if specified, must also be provided during decryption
|
907
|
+
# through {Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest#additional_authenticated_data}. Must be no
|
908
|
+
# larger than 64KiB.
|
909
|
+
# @param options [Google::Gax::CallOptions]
|
910
|
+
# Overrides the default settings for this call, e.g, timeout,
|
911
|
+
# retries, etc.
|
912
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
913
|
+
# @yieldparam result [Google::Cloud::Kms::V1::EncryptResponse]
|
914
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
915
|
+
# @return [Google::Cloud::Kms::V1::EncryptResponse]
|
916
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
917
|
+
# @example
|
918
|
+
# require "google/cloud/kms"
|
919
|
+
#
|
920
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
921
|
+
# formatted_name = Google::Cloud::Kms::V1::KeyManagementServiceClient.crypto_key_path_path("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY_PATH]")
|
922
|
+
#
|
923
|
+
# # TODO: Initialize +plaintext+:
|
924
|
+
# plaintext = ''
|
925
|
+
# response = key_management_service_client.encrypt(formatted_name, plaintext)
|
926
|
+
|
927
|
+
def encrypt \
|
928
|
+
name,
|
929
|
+
plaintext,
|
930
|
+
additional_authenticated_data: nil,
|
931
|
+
options: nil,
|
932
|
+
&block
|
933
|
+
req = {
|
934
|
+
name: name,
|
935
|
+
plaintext: plaintext,
|
936
|
+
additional_authenticated_data: additional_authenticated_data
|
937
|
+
}.delete_if { |_, v| v.nil? }
|
938
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::EncryptRequest)
|
939
|
+
@encrypt.call(req, options, &block)
|
940
|
+
end
|
941
|
+
|
942
|
+
# Decrypts data that was protected by {Google::Cloud::Kms::V1::KeyManagementService::Encrypt Encrypt}.
|
943
|
+
#
|
944
|
+
# @param name [String]
|
945
|
+
# Required. The resource name of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} to use for decryption.
|
946
|
+
# The server will choose the appropriate version.
|
947
|
+
# @param ciphertext [String]
|
948
|
+
# Required. The encrypted data originally returned in
|
949
|
+
# {Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse#ciphertext}.
|
950
|
+
# @param additional_authenticated_data [String]
|
951
|
+
# Optional data that must match the data originally supplied in
|
952
|
+
# {Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest#additional_authenticated_data}.
|
953
|
+
# @param options [Google::Gax::CallOptions]
|
954
|
+
# Overrides the default settings for this call, e.g, timeout,
|
955
|
+
# retries, etc.
|
956
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
957
|
+
# @yieldparam result [Google::Cloud::Kms::V1::DecryptResponse]
|
958
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
959
|
+
# @return [Google::Cloud::Kms::V1::DecryptResponse]
|
960
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
961
|
+
# @example
|
962
|
+
# require "google/cloud/kms"
|
963
|
+
#
|
964
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
965
|
+
# formatted_name = Google::Cloud::Kms::V1::KeyManagementServiceClient.crypto_key_path("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
|
966
|
+
#
|
967
|
+
# # TODO: Initialize +ciphertext+:
|
968
|
+
# ciphertext = ''
|
969
|
+
# response = key_management_service_client.decrypt(formatted_name, ciphertext)
|
970
|
+
|
971
|
+
def decrypt \
|
972
|
+
name,
|
973
|
+
ciphertext,
|
974
|
+
additional_authenticated_data: nil,
|
975
|
+
options: nil,
|
976
|
+
&block
|
977
|
+
req = {
|
978
|
+
name: name,
|
979
|
+
ciphertext: ciphertext,
|
980
|
+
additional_authenticated_data: additional_authenticated_data
|
981
|
+
}.delete_if { |_, v| v.nil? }
|
982
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::DecryptRequest)
|
983
|
+
@decrypt.call(req, options, &block)
|
984
|
+
end
|
985
|
+
|
986
|
+
# Update the version of a {Google::Cloud::Kms::V1::CryptoKey CryptoKey} that will be used in {Google::Cloud::Kms::V1::KeyManagementService::Encrypt Encrypt}
|
987
|
+
#
|
988
|
+
# @param name [String]
|
989
|
+
# The resource name of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} to update.
|
990
|
+
# @param crypto_key_version_id [String]
|
991
|
+
# The id of the child {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use as primary.
|
992
|
+
# @param options [Google::Gax::CallOptions]
|
993
|
+
# Overrides the default settings for this call, e.g, timeout,
|
994
|
+
# retries, etc.
|
995
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
996
|
+
# @yieldparam result [Google::Cloud::Kms::V1::CryptoKey]
|
997
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
998
|
+
# @return [Google::Cloud::Kms::V1::CryptoKey]
|
999
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
1000
|
+
# @example
|
1001
|
+
# require "google/cloud/kms"
|
1002
|
+
#
|
1003
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
1004
|
+
# formatted_name = Google::Cloud::Kms::V1::KeyManagementServiceClient.crypto_key_path("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
|
1005
|
+
#
|
1006
|
+
# # TODO: Initialize +crypto_key_version_id+:
|
1007
|
+
# crypto_key_version_id = ''
|
1008
|
+
# response = key_management_service_client.update_crypto_key_primary_version(formatted_name, crypto_key_version_id)
|
1009
|
+
|
1010
|
+
def update_crypto_key_primary_version \
|
1011
|
+
name,
|
1012
|
+
crypto_key_version_id,
|
1013
|
+
options: nil,
|
1014
|
+
&block
|
1015
|
+
req = {
|
1016
|
+
name: name,
|
1017
|
+
crypto_key_version_id: crypto_key_version_id
|
1018
|
+
}.delete_if { |_, v| v.nil? }
|
1019
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest)
|
1020
|
+
@update_crypto_key_primary_version.call(req, options, &block)
|
1021
|
+
end
|
1022
|
+
|
1023
|
+
# Schedule a {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} for destruction.
|
1024
|
+
#
|
1025
|
+
# Upon calling this method, {Google::Cloud::Kms::V1::CryptoKeyVersion#state CryptoKeyVersion#state} will be set to
|
1026
|
+
# {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROY_SCHEDULED DESTROY_SCHEDULED}
|
1027
|
+
# and {Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will be set to a time 24
|
1028
|
+
# hours in the future, at which point the {Google::Cloud::Kms::V1::CryptoKeyVersion#state state}
|
1029
|
+
# will be changed to
|
1030
|
+
# {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED}, and the key
|
1031
|
+
# material will be irrevocably destroyed.
|
1032
|
+
#
|
1033
|
+
# Before the {Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} is reached,
|
1034
|
+
# {Google::Cloud::Kms::V1::KeyManagementService::RestoreCryptoKeyVersion RestoreCryptoKeyVersion} may be called to reverse the process.
|
1035
|
+
#
|
1036
|
+
# @param name [String]
|
1037
|
+
# The resource name of the {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to destroy.
|
1038
|
+
# @param options [Google::Gax::CallOptions]
|
1039
|
+
# Overrides the default settings for this call, e.g, timeout,
|
1040
|
+
# retries, etc.
|
1041
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
1042
|
+
# @yieldparam result [Google::Cloud::Kms::V1::CryptoKeyVersion]
|
1043
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
1044
|
+
# @return [Google::Cloud::Kms::V1::CryptoKeyVersion]
|
1045
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
1046
|
+
# @example
|
1047
|
+
# require "google/cloud/kms"
|
1048
|
+
#
|
1049
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
1050
|
+
# formatted_name = Google::Cloud::Kms::V1::KeyManagementServiceClient.crypto_key_version_path("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
|
1051
|
+
# response = key_management_service_client.destroy_crypto_key_version(formatted_name)
|
1052
|
+
|
1053
|
+
def destroy_crypto_key_version \
|
1054
|
+
name,
|
1055
|
+
options: nil,
|
1056
|
+
&block
|
1057
|
+
req = {
|
1058
|
+
name: name
|
1059
|
+
}.delete_if { |_, v| v.nil? }
|
1060
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest)
|
1061
|
+
@destroy_crypto_key_version.call(req, options, &block)
|
1062
|
+
end
|
1063
|
+
|
1064
|
+
# Restore a {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} in the
|
1065
|
+
# {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROY_SCHEDULED DESTROY_SCHEDULED},
|
1066
|
+
# state.
|
1067
|
+
#
|
1068
|
+
# Upon restoration of the CryptoKeyVersion, {Google::Cloud::Kms::V1::CryptoKeyVersion#state state}
|
1069
|
+
# will be set to {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DISABLED DISABLED},
|
1070
|
+
# and {Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will be cleared.
|
1071
|
+
#
|
1072
|
+
# @param name [String]
|
1073
|
+
# The resource name of the {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to restore.
|
1074
|
+
# @param options [Google::Gax::CallOptions]
|
1075
|
+
# Overrides the default settings for this call, e.g, timeout,
|
1076
|
+
# retries, etc.
|
1077
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
1078
|
+
# @yieldparam result [Google::Cloud::Kms::V1::CryptoKeyVersion]
|
1079
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
1080
|
+
# @return [Google::Cloud::Kms::V1::CryptoKeyVersion]
|
1081
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
1082
|
+
# @example
|
1083
|
+
# require "google/cloud/kms"
|
1084
|
+
#
|
1085
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
1086
|
+
# formatted_name = Google::Cloud::Kms::V1::KeyManagementServiceClient.crypto_key_version_path("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
|
1087
|
+
# response = key_management_service_client.restore_crypto_key_version(formatted_name)
|
1088
|
+
|
1089
|
+
def restore_crypto_key_version \
|
1090
|
+
name,
|
1091
|
+
options: nil,
|
1092
|
+
&block
|
1093
|
+
req = {
|
1094
|
+
name: name
|
1095
|
+
}.delete_if { |_, v| v.nil? }
|
1096
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest)
|
1097
|
+
@restore_crypto_key_version.call(req, options, &block)
|
1098
|
+
end
|
1099
|
+
|
1100
|
+
# Sets the access control policy on the specified resource. Replaces any
|
1101
|
+
# existing policy.
|
1102
|
+
#
|
1103
|
+
# @param resource [String]
|
1104
|
+
# REQUIRED: The resource for which the policy is being specified.
|
1105
|
+
# +resource+ is usually specified as a path. For example, a Project
|
1106
|
+
# resource is specified as +projects/{project}+.
|
1107
|
+
# @param policy [Google::Iam::V1::Policy | Hash]
|
1108
|
+
# REQUIRED: The complete policy to be applied to the +resource+. The size of
|
1109
|
+
# the policy is limited to a few 10s of KB. An empty policy is a
|
1110
|
+
# valid policy but certain Cloud Platform services (such as Projects)
|
1111
|
+
# might reject them.
|
1112
|
+
# A hash of the same form as `Google::Iam::V1::Policy`
|
1113
|
+
# can also be provided.
|
1114
|
+
# @param options [Google::Gax::CallOptions]
|
1115
|
+
# Overrides the default settings for this call, e.g, timeout,
|
1116
|
+
# retries, etc.
|
1117
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
1118
|
+
# @yieldparam result [Google::Iam::V1::Policy]
|
1119
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
1120
|
+
# @return [Google::Iam::V1::Policy]
|
1121
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
1122
|
+
# @example
|
1123
|
+
# require "google/cloud/kms"
|
1124
|
+
#
|
1125
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
1126
|
+
# formatted_resource = Google::Cloud::Kms::V1::KeyManagementServiceClient.key_ring_path("[PROJECT]", "[LOCATION]", "[KEY_RING]")
|
1127
|
+
#
|
1128
|
+
# # TODO: Initialize +policy+:
|
1129
|
+
# policy = {}
|
1130
|
+
# response = key_management_service_client.set_iam_policy(formatted_resource, policy)
|
1131
|
+
|
1132
|
+
def set_iam_policy \
|
1133
|
+
resource,
|
1134
|
+
policy,
|
1135
|
+
options: nil,
|
1136
|
+
&block
|
1137
|
+
req = {
|
1138
|
+
resource: resource,
|
1139
|
+
policy: policy
|
1140
|
+
}.delete_if { |_, v| v.nil? }
|
1141
|
+
req = Google::Gax::to_proto(req, Google::Iam::V1::SetIamPolicyRequest)
|
1142
|
+
@set_iam_policy.call(req, options, &block)
|
1143
|
+
end
|
1144
|
+
|
1145
|
+
# Gets the access control policy for a resource.
|
1146
|
+
# Returns an empty policy if the resource exists and does not have a policy
|
1147
|
+
# set.
|
1148
|
+
#
|
1149
|
+
# @param resource [String]
|
1150
|
+
# REQUIRED: The resource for which the policy is being requested.
|
1151
|
+
# +resource+ is usually specified as a path. For example, a Project
|
1152
|
+
# resource is specified as +projects/{project}+.
|
1153
|
+
# @param options [Google::Gax::CallOptions]
|
1154
|
+
# Overrides the default settings for this call, e.g, timeout,
|
1155
|
+
# retries, etc.
|
1156
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
1157
|
+
# @yieldparam result [Google::Iam::V1::Policy]
|
1158
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
1159
|
+
# @return [Google::Iam::V1::Policy]
|
1160
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
1161
|
+
# @example
|
1162
|
+
# require "google/cloud/kms"
|
1163
|
+
#
|
1164
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
1165
|
+
# formatted_resource = Google::Cloud::Kms::V1::KeyManagementServiceClient.key_ring_path("[PROJECT]", "[LOCATION]", "[KEY_RING]")
|
1166
|
+
# response = key_management_service_client.get_iam_policy(formatted_resource)
|
1167
|
+
|
1168
|
+
def get_iam_policy \
|
1169
|
+
resource,
|
1170
|
+
options: nil,
|
1171
|
+
&block
|
1172
|
+
req = {
|
1173
|
+
resource: resource
|
1174
|
+
}.delete_if { |_, v| v.nil? }
|
1175
|
+
req = Google::Gax::to_proto(req, Google::Iam::V1::GetIamPolicyRequest)
|
1176
|
+
@get_iam_policy.call(req, options, &block)
|
1177
|
+
end
|
1178
|
+
|
1179
|
+
# Returns permissions that a caller has on the specified resource.
|
1180
|
+
# If the resource does not exist, this will return an empty set of
|
1181
|
+
# permissions, not a NOT_FOUND error.
|
1182
|
+
#
|
1183
|
+
# @param resource [String]
|
1184
|
+
# REQUIRED: The resource for which the policy detail is being requested.
|
1185
|
+
# +resource+ is usually specified as a path. For example, a Project
|
1186
|
+
# resource is specified as +projects/{project}+.
|
1187
|
+
# @param permissions [Array<String>]
|
1188
|
+
# The set of permissions to check for the +resource+. Permissions with
|
1189
|
+
# wildcards (such as '*' or 'storage.*') are not allowed. For more
|
1190
|
+
# information see
|
1191
|
+
# [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).
|
1192
|
+
# @param options [Google::Gax::CallOptions]
|
1193
|
+
# Overrides the default settings for this call, e.g, timeout,
|
1194
|
+
# retries, etc.
|
1195
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
1196
|
+
# @yieldparam result [Google::Iam::V1::TestIamPermissionsResponse]
|
1197
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
1198
|
+
# @return [Google::Iam::V1::TestIamPermissionsResponse]
|
1199
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
1200
|
+
# @example
|
1201
|
+
# require "google/cloud/kms"
|
1202
|
+
#
|
1203
|
+
# key_management_service_client = Google::Cloud::Kms.new(version: :V1)
|
1204
|
+
# formatted_resource = Google::Cloud::Kms::V1::KeyManagementServiceClient.key_ring_path("[PROJECT]", "[LOCATION]", "[KEY_RING]")
|
1205
|
+
#
|
1206
|
+
# # TODO: Initialize +permissions+:
|
1207
|
+
# permissions = []
|
1208
|
+
# response = key_management_service_client.test_iam_permissions(formatted_resource, permissions)
|
1209
|
+
|
1210
|
+
def test_iam_permissions \
|
1211
|
+
resource,
|
1212
|
+
permissions,
|
1213
|
+
options: nil,
|
1214
|
+
&block
|
1215
|
+
req = {
|
1216
|
+
resource: resource,
|
1217
|
+
permissions: permissions
|
1218
|
+
}.delete_if { |_, v| v.nil? }
|
1219
|
+
req = Google::Gax::to_proto(req, Google::Iam::V1::TestIamPermissionsRequest)
|
1220
|
+
@test_iam_permissions.call(req, options, &block)
|
1221
|
+
end
|
1222
|
+
end
|
1223
|
+
end
|
1224
|
+
end
|
1225
|
+
end
|
1226
|
+
end
|