google-cloud-kms 1.0.2 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/google/cloud/kms/v1/credentials.rb +2 -1
- data/lib/google/cloud/kms/v1/doc/google/cloud/kms/v1/resources.rb +258 -149
- data/lib/google/cloud/kms/v1/doc/google/cloud/kms/v1/service.rb +213 -157
- data/lib/google/cloud/kms/v1/helpers.rb +10 -0
- data/lib/google/cloud/kms/v1/key_management_service_client.rb +399 -143
- data/lib/google/cloud/kms/v1/key_management_service_client_config.json +20 -0
- data/lib/google/cloud/kms/v1/resources_pb.rb +38 -0
- data/lib/google/cloud/kms/v1/service_pb.rb +41 -2
- data/lib/google/cloud/kms/v1/service_services_pb.rb +49 -64
- data/lib/google/cloud/kms/version.rb +1 -1
- metadata +2 -2
|
@@ -47,6 +47,16 @@
|
|
|
47
47
|
self.class.crypto_key_version_path project, location, key_ring, crypto_key, crypto_key_version
|
|
48
48
|
end
|
|
49
49
|
|
|
50
|
+
# Alias for Google::Cloud::Kms::V1::KeyManagementServiceClient.import_job_path.
|
|
51
|
+
# @param project [String]
|
|
52
|
+
# @param location [String]
|
|
53
|
+
# @param key_ring [String]
|
|
54
|
+
# @param import_job [String]
|
|
55
|
+
# @return [String]
|
|
56
|
+
def import_job_path project, location, key_ring, import_job
|
|
57
|
+
self.class.import_job_path project, location, key_ring, import_job
|
|
58
|
+
end
|
|
59
|
+
|
|
50
60
|
# Alias for Google::Cloud::Kms::V1::KeyManagementServiceClient.key_ring_path.
|
|
51
61
|
# @param project [String]
|
|
52
62
|
# @param location [String]
|
|
@@ -70,6 +70,10 @@ module Google
|
|
|
70
70
|
"page_token",
|
|
71
71
|
"next_page_token",
|
|
72
72
|
"key_rings"),
|
|
73
|
+
"list_import_jobs" => Google::Gax::PageDescriptor.new(
|
|
74
|
+
"page_token",
|
|
75
|
+
"next_page_token",
|
|
76
|
+
"import_jobs"),
|
|
73
77
|
"list_crypto_keys" => Google::Gax::PageDescriptor.new(
|
|
74
78
|
"page_token",
|
|
75
79
|
"next_page_token",
|
|
@@ -85,7 +89,8 @@ module Google
|
|
|
85
89
|
# The scopes needed to make gRPC calls to all of the methods defined in
|
|
86
90
|
# this service.
|
|
87
91
|
ALL_SCOPES = [
|
|
88
|
-
"https://www.googleapis.com/auth/cloud-platform"
|
|
92
|
+
"https://www.googleapis.com/auth/cloud-platform",
|
|
93
|
+
"https://www.googleapis.com/auth/cloudkms"
|
|
89
94
|
].freeze
|
|
90
95
|
|
|
91
96
|
|
|
@@ -107,6 +112,12 @@ module Google
|
|
|
107
112
|
|
|
108
113
|
private_constant :CRYPTO_KEY_VERSION_PATH_TEMPLATE
|
|
109
114
|
|
|
115
|
+
IMPORT_JOB_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
|
|
116
|
+
"projects/{project}/locations/{location}/keyRings/{key_ring}/importJobs/{import_job}"
|
|
117
|
+
)
|
|
118
|
+
|
|
119
|
+
private_constant :IMPORT_JOB_PATH_TEMPLATE
|
|
120
|
+
|
|
110
121
|
KEY_RING_PATH_TEMPLATE = Google::Gax::PathTemplate.new(
|
|
111
122
|
"projects/{project}/locations/{location}/keyRings/{key_ring}"
|
|
112
123
|
)
|
|
@@ -166,6 +177,21 @@ module Google
|
|
|
166
177
|
)
|
|
167
178
|
end
|
|
168
179
|
|
|
180
|
+
# Returns a fully-qualified import_job resource name string.
|
|
181
|
+
# @param project [String]
|
|
182
|
+
# @param location [String]
|
|
183
|
+
# @param key_ring [String]
|
|
184
|
+
# @param import_job [String]
|
|
185
|
+
# @return [String]
|
|
186
|
+
def self.import_job_path project, location, key_ring, import_job
|
|
187
|
+
IMPORT_JOB_PATH_TEMPLATE.render(
|
|
188
|
+
:"project" => project,
|
|
189
|
+
:"location" => location,
|
|
190
|
+
:"key_ring" => key_ring,
|
|
191
|
+
:"import_job" => import_job
|
|
192
|
+
)
|
|
193
|
+
end
|
|
194
|
+
|
|
169
195
|
# Returns a fully-qualified key_ring resource name string.
|
|
170
196
|
# @param project [String]
|
|
171
197
|
# @param location [String]
|
|
@@ -312,6 +338,14 @@ module Google
|
|
|
312
338
|
{'parent' => request.parent}
|
|
313
339
|
end
|
|
314
340
|
)
|
|
341
|
+
@list_import_jobs = Google::Gax.create_api_call(
|
|
342
|
+
@key_management_service_stub.method(:list_import_jobs),
|
|
343
|
+
defaults["list_import_jobs"],
|
|
344
|
+
exception_transformer: exception_transformer,
|
|
345
|
+
params_extractor: proc do |request|
|
|
346
|
+
{'parent' => request.parent}
|
|
347
|
+
end
|
|
348
|
+
)
|
|
315
349
|
@list_crypto_keys = Google::Gax.create_api_call(
|
|
316
350
|
@key_management_service_stub.method(:list_crypto_keys),
|
|
317
351
|
defaults["list_crypto_keys"],
|
|
@@ -336,6 +370,14 @@ module Google
|
|
|
336
370
|
{'name' => request.name}
|
|
337
371
|
end
|
|
338
372
|
)
|
|
373
|
+
@get_import_job = Google::Gax.create_api_call(
|
|
374
|
+
@key_management_service_stub.method(:get_import_job),
|
|
375
|
+
defaults["get_import_job"],
|
|
376
|
+
exception_transformer: exception_transformer,
|
|
377
|
+
params_extractor: proc do |request|
|
|
378
|
+
{'name' => request.name}
|
|
379
|
+
end
|
|
380
|
+
)
|
|
339
381
|
@get_crypto_key = Google::Gax.create_api_call(
|
|
340
382
|
@key_management_service_stub.method(:get_crypto_key),
|
|
341
383
|
defaults["get_crypto_key"],
|
|
@@ -360,6 +402,14 @@ module Google
|
|
|
360
402
|
{'parent' => request.parent}
|
|
361
403
|
end
|
|
362
404
|
)
|
|
405
|
+
@create_import_job = Google::Gax.create_api_call(
|
|
406
|
+
@key_management_service_stub.method(:create_import_job),
|
|
407
|
+
defaults["create_import_job"],
|
|
408
|
+
exception_transformer: exception_transformer,
|
|
409
|
+
params_extractor: proc do |request|
|
|
410
|
+
{'parent' => request.parent}
|
|
411
|
+
end
|
|
412
|
+
)
|
|
363
413
|
@create_crypto_key = Google::Gax.create_api_call(
|
|
364
414
|
@key_management_service_stub.method(:create_crypto_key),
|
|
365
415
|
defaults["create_crypto_key"],
|
|
@@ -376,6 +426,14 @@ module Google
|
|
|
376
426
|
{'parent' => request.parent}
|
|
377
427
|
end
|
|
378
428
|
)
|
|
429
|
+
@import_crypto_key_version = Google::Gax.create_api_call(
|
|
430
|
+
@key_management_service_stub.method(:import_crypto_key_version),
|
|
431
|
+
defaults["import_crypto_key_version"],
|
|
432
|
+
exception_transformer: exception_transformer,
|
|
433
|
+
params_extractor: proc do |request|
|
|
434
|
+
{'parent' => request.parent}
|
|
435
|
+
end
|
|
436
|
+
)
|
|
379
437
|
@update_crypto_key = Google::Gax.create_api_call(
|
|
380
438
|
@key_management_service_stub.method(:update_crypto_key),
|
|
381
439
|
defaults["update_crypto_key"],
|
|
@@ -488,14 +546,18 @@ module Google
|
|
|
488
546
|
#
|
|
489
547
|
# @param parent [String]
|
|
490
548
|
# Required. The resource name of the location associated with the
|
|
491
|
-
# {Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format
|
|
492
|
-
# `projects/*/locations/*`.
|
|
549
|
+
# {Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format `projects/*/locations/*`.
|
|
493
550
|
# @param page_size [Integer]
|
|
494
551
|
# The maximum number of resources contained in the underlying API
|
|
495
552
|
# response. If page streaming is performed per-resource, this
|
|
496
553
|
# parameter does not affect the return value. If page streaming is
|
|
497
554
|
# performed per-page, this determines the maximum number of
|
|
498
555
|
# resources in a page.
|
|
556
|
+
# @param filter [String]
|
|
557
|
+
# Optional. Only include resources that match the filter in the response.
|
|
558
|
+
# @param order_by [String]
|
|
559
|
+
# Optional. Specify how the results should be sorted. If not specified, the
|
|
560
|
+
# results will be sorted in the default order.
|
|
499
561
|
# @param options [Google::Gax::CallOptions]
|
|
500
562
|
# Overrides the default settings for this call, e.g, timeout,
|
|
501
563
|
# retries, etc.
|
|
@@ -530,21 +592,89 @@ module Google
|
|
|
530
592
|
def list_key_rings \
|
|
531
593
|
parent,
|
|
532
594
|
page_size: nil,
|
|
595
|
+
filter: nil,
|
|
596
|
+
order_by: nil,
|
|
533
597
|
options: nil,
|
|
534
598
|
&block
|
|
535
599
|
req = {
|
|
536
600
|
parent: parent,
|
|
537
|
-
page_size: page_size
|
|
601
|
+
page_size: page_size,
|
|
602
|
+
filter: filter,
|
|
603
|
+
order_by: order_by
|
|
538
604
|
}.delete_if { |_, v| v.nil? }
|
|
539
605
|
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::ListKeyRingsRequest)
|
|
540
606
|
@list_key_rings.call(req, options, &block)
|
|
541
607
|
end
|
|
542
608
|
|
|
609
|
+
# Lists {Google::Cloud::Kms::V1::ImportJob ImportJobs}.
|
|
610
|
+
#
|
|
611
|
+
# @param parent [String]
|
|
612
|
+
# Required. The resource name of the {Google::Cloud::Kms::V1::KeyRing KeyRing} to list, in the format
|
|
613
|
+
# `projects/*/locations/*/keyRings/*`.
|
|
614
|
+
# @param page_size [Integer]
|
|
615
|
+
# The maximum number of resources contained in the underlying API
|
|
616
|
+
# response. If page streaming is performed per-resource, this
|
|
617
|
+
# parameter does not affect the return value. If page streaming is
|
|
618
|
+
# performed per-page, this determines the maximum number of
|
|
619
|
+
# resources in a page.
|
|
620
|
+
# @param filter [String]
|
|
621
|
+
# Optional. Only include resources that match the filter in the response.
|
|
622
|
+
# @param order_by [String]
|
|
623
|
+
# Optional. Specify how the results should be sorted. If not specified, the
|
|
624
|
+
# results will be sorted in the default order.
|
|
625
|
+
# @param options [Google::Gax::CallOptions]
|
|
626
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
627
|
+
# retries, etc.
|
|
628
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
629
|
+
# @yieldparam result [Google::Gax::PagedEnumerable<Google::Cloud::Kms::V1::ImportJob>]
|
|
630
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
631
|
+
# @return [Google::Gax::PagedEnumerable<Google::Cloud::Kms::V1::ImportJob>]
|
|
632
|
+
# An enumerable of Google::Cloud::Kms::V1::ImportJob instances.
|
|
633
|
+
# See Google::Gax::PagedEnumerable documentation for other
|
|
634
|
+
# operations such as per-page iteration or access to the response
|
|
635
|
+
# object.
|
|
636
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
637
|
+
# @example
|
|
638
|
+
# require "google/cloud/kms"
|
|
639
|
+
#
|
|
640
|
+
# key_management_client = Google::Cloud::Kms.new(version: :v1)
|
|
641
|
+
# formatted_parent = Google::Cloud::Kms::V1::KeyManagementServiceClient.key_ring_path("[PROJECT]", "[LOCATION]", "[KEY_RING]")
|
|
642
|
+
#
|
|
643
|
+
# # Iterate over all results.
|
|
644
|
+
# key_management_client.list_import_jobs(formatted_parent).each do |element|
|
|
645
|
+
# # Process element.
|
|
646
|
+
# end
|
|
647
|
+
#
|
|
648
|
+
# # Or iterate over results one page at a time.
|
|
649
|
+
# key_management_client.list_import_jobs(formatted_parent).each_page do |page|
|
|
650
|
+
# # Process each page at a time.
|
|
651
|
+
# page.each do |element|
|
|
652
|
+
# # Process element.
|
|
653
|
+
# end
|
|
654
|
+
# end
|
|
655
|
+
|
|
656
|
+
def list_import_jobs \
|
|
657
|
+
parent,
|
|
658
|
+
page_size: nil,
|
|
659
|
+
filter: nil,
|
|
660
|
+
order_by: nil,
|
|
661
|
+
options: nil,
|
|
662
|
+
&block
|
|
663
|
+
req = {
|
|
664
|
+
parent: parent,
|
|
665
|
+
page_size: page_size,
|
|
666
|
+
filter: filter,
|
|
667
|
+
order_by: order_by
|
|
668
|
+
}.delete_if { |_, v| v.nil? }
|
|
669
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::ListImportJobsRequest)
|
|
670
|
+
@list_import_jobs.call(req, options, &block)
|
|
671
|
+
end
|
|
672
|
+
|
|
543
673
|
# Lists {Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
|
|
544
674
|
#
|
|
545
675
|
# @param parent [String]
|
|
546
|
-
# Required. The resource name of the {Google::Cloud::Kms::V1::KeyRing KeyRing}
|
|
547
|
-
#
|
|
676
|
+
# Required. The resource name of the {Google::Cloud::Kms::V1::KeyRing KeyRing} to list, in the format
|
|
677
|
+
# `projects/*/locations/*/keyRings/*`.
|
|
548
678
|
# @param page_size [Integer]
|
|
549
679
|
# The maximum number of resources contained in the underlying API
|
|
550
680
|
# response. If page streaming is performed per-resource, this
|
|
@@ -553,6 +683,11 @@ module Google
|
|
|
553
683
|
# resources in a page.
|
|
554
684
|
# @param version_view [Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionView]
|
|
555
685
|
# The fields of the primary version to include in the response.
|
|
686
|
+
# @param filter [String]
|
|
687
|
+
# Optional. Only include resources that match the filter in the response.
|
|
688
|
+
# @param order_by [String]
|
|
689
|
+
# Optional. Specify how the results should be sorted. If not specified, the
|
|
690
|
+
# results will be sorted in the default order.
|
|
556
691
|
# @param options [Google::Gax::CallOptions]
|
|
557
692
|
# Overrides the default settings for this call, e.g, timeout,
|
|
558
693
|
# retries, etc.
|
|
@@ -588,12 +723,16 @@ module Google
|
|
|
588
723
|
parent,
|
|
589
724
|
page_size: nil,
|
|
590
725
|
version_view: nil,
|
|
726
|
+
filter: nil,
|
|
727
|
+
order_by: nil,
|
|
591
728
|
options: nil,
|
|
592
729
|
&block
|
|
593
730
|
req = {
|
|
594
731
|
parent: parent,
|
|
595
732
|
page_size: page_size,
|
|
596
|
-
version_view: version_view
|
|
733
|
+
version_view: version_view,
|
|
734
|
+
filter: filter,
|
|
735
|
+
order_by: order_by
|
|
597
736
|
}.delete_if { |_, v| v.nil? }
|
|
598
737
|
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::ListCryptoKeysRequest)
|
|
599
738
|
@list_crypto_keys.call(req, options, &block)
|
|
@@ -602,8 +741,7 @@ module Google
|
|
|
602
741
|
# Lists {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
|
|
603
742
|
#
|
|
604
743
|
# @param parent [String]
|
|
605
|
-
# Required. The resource name of the
|
|
606
|
-
# {Google::Cloud::Kms::V1::CryptoKey CryptoKey} to list, in the format
|
|
744
|
+
# Required. The resource name of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} to list, in the format
|
|
607
745
|
# `projects/*/locations/*/keyRings/*/cryptoKeys/*`.
|
|
608
746
|
# @param page_size [Integer]
|
|
609
747
|
# The maximum number of resources contained in the underlying API
|
|
@@ -613,6 +751,11 @@ module Google
|
|
|
613
751
|
# resources in a page.
|
|
614
752
|
# @param view [Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionView]
|
|
615
753
|
# The fields to include in the response.
|
|
754
|
+
# @param filter [String]
|
|
755
|
+
# Optional. Only include resources that match the filter in the response.
|
|
756
|
+
# @param order_by [String]
|
|
757
|
+
# Optional. Specify how the results should be sorted. If not specified, the
|
|
758
|
+
# results will be sorted in the default order.
|
|
616
759
|
# @param options [Google::Gax::CallOptions]
|
|
617
760
|
# Overrides the default settings for this call, e.g, timeout,
|
|
618
761
|
# retries, etc.
|
|
@@ -648,12 +791,16 @@ module Google
|
|
|
648
791
|
parent,
|
|
649
792
|
page_size: nil,
|
|
650
793
|
view: nil,
|
|
794
|
+
filter: nil,
|
|
795
|
+
order_by: nil,
|
|
651
796
|
options: nil,
|
|
652
797
|
&block
|
|
653
798
|
req = {
|
|
654
799
|
parent: parent,
|
|
655
800
|
page_size: page_size,
|
|
656
|
-
view: view
|
|
801
|
+
view: view,
|
|
802
|
+
filter: filter,
|
|
803
|
+
order_by: order_by
|
|
657
804
|
}.delete_if { |_, v| v.nil? }
|
|
658
805
|
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest)
|
|
659
806
|
@list_crypto_key_versions.call(req, options, &block)
|
|
@@ -662,8 +809,7 @@ module Google
|
|
|
662
809
|
# Returns metadata for a given {Google::Cloud::Kms::V1::KeyRing KeyRing}.
|
|
663
810
|
#
|
|
664
811
|
# @param name [String]
|
|
665
|
-
# The {Google::Cloud::Kms::V1::KeyRing#name name} of the
|
|
666
|
-
# {Google::Cloud::Kms::V1::KeyRing KeyRing} to get.
|
|
812
|
+
# The {Google::Cloud::Kms::V1::KeyRing#name name} of the {Google::Cloud::Kms::V1::KeyRing KeyRing} to get.
|
|
667
813
|
# @param options [Google::Gax::CallOptions]
|
|
668
814
|
# Overrides the default settings for this call, e.g, timeout,
|
|
669
815
|
# retries, etc.
|
|
@@ -690,13 +836,41 @@ module Google
|
|
|
690
836
|
@get_key_ring.call(req, options, &block)
|
|
691
837
|
end
|
|
692
838
|
|
|
693
|
-
# Returns metadata for a given {Google::Cloud::Kms::V1::
|
|
694
|
-
#
|
|
695
|
-
#
|
|
839
|
+
# Returns metadata for a given {Google::Cloud::Kms::V1::ImportJob ImportJob}.
|
|
840
|
+
#
|
|
841
|
+
# @param name [String]
|
|
842
|
+
# The {Google::Cloud::Kms::V1::ImportJob#name name} of the {Google::Cloud::Kms::V1::ImportJob ImportJob} to get.
|
|
843
|
+
# @param options [Google::Gax::CallOptions]
|
|
844
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
845
|
+
# retries, etc.
|
|
846
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
847
|
+
# @yieldparam result [Google::Cloud::Kms::V1::ImportJob]
|
|
848
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
849
|
+
# @return [Google::Cloud::Kms::V1::ImportJob]
|
|
850
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
851
|
+
# @example
|
|
852
|
+
# require "google/cloud/kms"
|
|
853
|
+
#
|
|
854
|
+
# key_management_client = Google::Cloud::Kms.new(version: :v1)
|
|
855
|
+
# formatted_name = Google::Cloud::Kms::V1::KeyManagementServiceClient.import_job_path("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[IMPORT_JOB]")
|
|
856
|
+
# response = key_management_client.get_import_job(formatted_name)
|
|
857
|
+
|
|
858
|
+
def get_import_job \
|
|
859
|
+
name,
|
|
860
|
+
options: nil,
|
|
861
|
+
&block
|
|
862
|
+
req = {
|
|
863
|
+
name: name
|
|
864
|
+
}.delete_if { |_, v| v.nil? }
|
|
865
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::GetImportJobRequest)
|
|
866
|
+
@get_import_job.call(req, options, &block)
|
|
867
|
+
end
|
|
868
|
+
|
|
869
|
+
# Returns metadata for a given {Google::Cloud::Kms::V1::CryptoKey CryptoKey}, as well as its
|
|
870
|
+
# {Google::Cloud::Kms::V1::CryptoKey#primary primary} {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
|
|
696
871
|
#
|
|
697
872
|
# @param name [String]
|
|
698
|
-
# The {Google::Cloud::Kms::V1::CryptoKey#name name} of the
|
|
699
|
-
# {Google::Cloud::Kms::V1::CryptoKey CryptoKey} to get.
|
|
873
|
+
# The {Google::Cloud::Kms::V1::CryptoKey#name name} of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} to get.
|
|
700
874
|
# @param options [Google::Gax::CallOptions]
|
|
701
875
|
# Overrides the default settings for this call, e.g, timeout,
|
|
702
876
|
# retries, etc.
|
|
@@ -723,12 +897,10 @@ module Google
|
|
|
723
897
|
@get_crypto_key.call(req, options, &block)
|
|
724
898
|
end
|
|
725
899
|
|
|
726
|
-
# Returns metadata for a given
|
|
727
|
-
# {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
|
|
900
|
+
# Returns metadata for a given {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
|
|
728
901
|
#
|
|
729
902
|
# @param name [String]
|
|
730
|
-
# The {Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the
|
|
731
|
-
# {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to get.
|
|
903
|
+
# The {Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to get.
|
|
732
904
|
# @param options [Google::Gax::CallOptions]
|
|
733
905
|
# Overrides the default settings for this call, e.g, timeout,
|
|
734
906
|
# retries, etc.
|
|
@@ -755,13 +927,11 @@ module Google
|
|
|
755
927
|
@get_crypto_key_version.call(req, options, &block)
|
|
756
928
|
end
|
|
757
929
|
|
|
758
|
-
# Create a new {Google::Cloud::Kms::V1::KeyRing KeyRing} in a given Project and
|
|
759
|
-
# Location.
|
|
930
|
+
# Create a new {Google::Cloud::Kms::V1::KeyRing KeyRing} in a given Project and Location.
|
|
760
931
|
#
|
|
761
932
|
# @param parent [String]
|
|
762
933
|
# Required. The resource name of the location associated with the
|
|
763
|
-
# {Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format
|
|
764
|
-
# `projects/*/locations/*`.
|
|
934
|
+
# {Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format `projects/*/locations/*`.
|
|
765
935
|
# @param key_ring_id [String]
|
|
766
936
|
# Required. It must be unique within a location and match the regular
|
|
767
937
|
# expression `[a-zA-Z0-9_-]{1,63}`
|
|
@@ -805,16 +975,63 @@ module Google
|
|
|
805
975
|
@create_key_ring.call(req, options, &block)
|
|
806
976
|
end
|
|
807
977
|
|
|
808
|
-
# Create a new {Google::Cloud::Kms::V1::
|
|
809
|
-
#
|
|
978
|
+
# Create a new {Google::Cloud::Kms::V1::ImportJob ImportJob} within a {Google::Cloud::Kms::V1::KeyRing KeyRing}.
|
|
979
|
+
#
|
|
980
|
+
# {Google::Cloud::Kms::V1::ImportJob#import_method ImportJob#import_method} is required.
|
|
981
|
+
#
|
|
982
|
+
# @param parent [String]
|
|
983
|
+
# Required. The {Google::Cloud::Kms::V1::KeyRing#name name} of the {Google::Cloud::Kms::V1::KeyRing KeyRing} associated with the
|
|
984
|
+
# {Google::Cloud::Kms::V1::ImportJob ImportJobs}.
|
|
985
|
+
# @param import_job_id [String]
|
|
986
|
+
# Required. It must be unique within a KeyRing and match the regular
|
|
987
|
+
# expression `[a-zA-Z0-9_-]{1,63}`
|
|
988
|
+
# @param import_job [Google::Cloud::Kms::V1::ImportJob | Hash]
|
|
989
|
+
# Required. An {Google::Cloud::Kms::V1::ImportJob ImportJob} with initial field values.
|
|
990
|
+
# A hash of the same form as `Google::Cloud::Kms::V1::ImportJob`
|
|
991
|
+
# can also be provided.
|
|
992
|
+
# @param options [Google::Gax::CallOptions]
|
|
993
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
994
|
+
# retries, etc.
|
|
995
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
996
|
+
# @yieldparam result [Google::Cloud::Kms::V1::ImportJob]
|
|
997
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
998
|
+
# @return [Google::Cloud::Kms::V1::ImportJob]
|
|
999
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
1000
|
+
# @example
|
|
1001
|
+
# require "google/cloud/kms"
|
|
1002
|
+
#
|
|
1003
|
+
# key_management_client = Google::Cloud::Kms.new(version: :v1)
|
|
1004
|
+
# formatted_parent = Google::Cloud::Kms::V1::KeyManagementServiceClient.key_ring_path("[PROJECT]", "[LOCATION]", "[KEY_RING]")
|
|
1005
|
+
# import_job_id = "my-import-job"
|
|
1006
|
+
# import_method = :RSA_OAEP_3072_SHA1_AES_256
|
|
1007
|
+
# protection_level = :HSM
|
|
1008
|
+
# import_job = { import_method: import_method, protection_level: protection_level }
|
|
1009
|
+
# response = key_management_client.create_import_job(formatted_parent, import_job_id, import_job)
|
|
1010
|
+
|
|
1011
|
+
def create_import_job \
|
|
1012
|
+
parent,
|
|
1013
|
+
import_job_id,
|
|
1014
|
+
import_job,
|
|
1015
|
+
options: nil,
|
|
1016
|
+
&block
|
|
1017
|
+
req = {
|
|
1018
|
+
parent: parent,
|
|
1019
|
+
import_job_id: import_job_id,
|
|
1020
|
+
import_job: import_job
|
|
1021
|
+
}.delete_if { |_, v| v.nil? }
|
|
1022
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::CreateImportJobRequest)
|
|
1023
|
+
@create_import_job.call(req, options, &block)
|
|
1024
|
+
end
|
|
1025
|
+
|
|
1026
|
+
# Create a new {Google::Cloud::Kms::V1::CryptoKey CryptoKey} within a {Google::Cloud::Kms::V1::KeyRing KeyRing}.
|
|
810
1027
|
#
|
|
811
1028
|
# {Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey#purpose} and
|
|
812
1029
|
# {Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#algorithm CryptoKey#version_template#algorithm}
|
|
813
1030
|
# are required.
|
|
814
1031
|
#
|
|
815
1032
|
# @param parent [String]
|
|
816
|
-
# Required. The {Google::Cloud::Kms::V1::KeyRing#name name} of the KeyRing
|
|
817
|
-
#
|
|
1033
|
+
# Required. The {Google::Cloud::Kms::V1::KeyRing#name name} of the KeyRing associated with the
|
|
1034
|
+
# {Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
|
|
818
1035
|
# @param crypto_key_id [String]
|
|
819
1036
|
# Required. It must be unique within a KeyRing and match the regular
|
|
820
1037
|
# expression `[a-zA-Z0-9_-]{1,63}`
|
|
@@ -822,6 +1039,12 @@ module Google
|
|
|
822
1039
|
# A {Google::Cloud::Kms::V1::CryptoKey CryptoKey} with initial field values.
|
|
823
1040
|
# A hash of the same form as `Google::Cloud::Kms::V1::CryptoKey`
|
|
824
1041
|
# can also be provided.
|
|
1042
|
+
# @param skip_initial_version_creation [true, false]
|
|
1043
|
+
# If set to true, the request will create a {Google::Cloud::Kms::V1::CryptoKey CryptoKey} without any
|
|
1044
|
+
# {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}. You must manually call
|
|
1045
|
+
# {Google::Cloud::Kms::V1::KeyManagementService::CreateCryptoKeyVersion CreateCryptoKeyVersion} or
|
|
1046
|
+
# {Google::Cloud::Kms::V1::KeyManagementService::ImportCryptoKeyVersion ImportCryptoKeyVersion}
|
|
1047
|
+
# before you can use this {Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
|
|
825
1048
|
# @param options [Google::Gax::CallOptions]
|
|
826
1049
|
# Overrides the default settings for this call, e.g, timeout,
|
|
827
1050
|
# retries, etc.
|
|
@@ -852,31 +1075,30 @@ module Google
|
|
|
852
1075
|
parent,
|
|
853
1076
|
crypto_key_id,
|
|
854
1077
|
crypto_key,
|
|
1078
|
+
skip_initial_version_creation: nil,
|
|
855
1079
|
options: nil,
|
|
856
1080
|
&block
|
|
857
1081
|
req = {
|
|
858
1082
|
parent: parent,
|
|
859
1083
|
crypto_key_id: crypto_key_id,
|
|
860
|
-
crypto_key: crypto_key
|
|
1084
|
+
crypto_key: crypto_key,
|
|
1085
|
+
skip_initial_version_creation: skip_initial_version_creation
|
|
861
1086
|
}.delete_if { |_, v| v.nil? }
|
|
862
1087
|
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::CreateCryptoKeyRequest)
|
|
863
1088
|
@create_crypto_key.call(req, options, &block)
|
|
864
1089
|
end
|
|
865
1090
|
|
|
866
|
-
# Create a new {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} in a
|
|
867
|
-
# {Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
|
|
1091
|
+
# Create a new {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} in a {Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
|
|
868
1092
|
#
|
|
869
1093
|
# The server will assign the next sequential id. If unset,
|
|
870
1094
|
# {Google::Cloud::Kms::V1::CryptoKeyVersion#state state} will be set to
|
|
871
1095
|
# {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::ENABLED ENABLED}.
|
|
872
1096
|
#
|
|
873
1097
|
# @param parent [String]
|
|
874
|
-
# Required. The {Google::Cloud::Kms::V1::CryptoKey#name name} of the
|
|
875
|
-
# {Google::Cloud::Kms::V1::
|
|
876
|
-
# {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
|
|
1098
|
+
# Required. The {Google::Cloud::Kms::V1::CryptoKey#name name} of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} associated with
|
|
1099
|
+
# the {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
|
|
877
1100
|
# @param crypto_key_version [Google::Cloud::Kms::V1::CryptoKeyVersion | Hash]
|
|
878
|
-
# A {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with initial
|
|
879
|
-
# field values.
|
|
1101
|
+
# A {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with initial field values.
|
|
880
1102
|
# A hash of the same form as `Google::Cloud::Kms::V1::CryptoKeyVersion`
|
|
881
1103
|
# can also be provided.
|
|
882
1104
|
# @param options [Google::Gax::CallOptions]
|
|
@@ -910,6 +1132,80 @@ module Google
|
|
|
910
1132
|
@create_crypto_key_version.call(req, options, &block)
|
|
911
1133
|
end
|
|
912
1134
|
|
|
1135
|
+
# Imports a new {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} into an existing {Google::Cloud::Kms::V1::CryptoKey CryptoKey} using the
|
|
1136
|
+
# wrapped key material provided in the request.
|
|
1137
|
+
#
|
|
1138
|
+
# The version ID will be assigned the next sequential id within the
|
|
1139
|
+
# {Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
|
|
1140
|
+
#
|
|
1141
|
+
# @param parent [String]
|
|
1142
|
+
# Required. The {Google::Cloud::Kms::V1::CryptoKey#name name} of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} to
|
|
1143
|
+
# be imported into.
|
|
1144
|
+
# @param algorithm [Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm]
|
|
1145
|
+
# Required. The {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm algorithm} of
|
|
1146
|
+
# the key being imported. This does not need to match the
|
|
1147
|
+
# {Google::Cloud::Kms::V1::CryptoKey#version_template version_template} of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} this
|
|
1148
|
+
# version imports into.
|
|
1149
|
+
# @param import_job [String]
|
|
1150
|
+
# Required. The {Google::Cloud::Kms::V1::ImportJob#name name} of the {Google::Cloud::Kms::V1::ImportJob ImportJob} that was used to
|
|
1151
|
+
# wrap this key material.
|
|
1152
|
+
# @param rsa_aes_wrapped_key [String]
|
|
1153
|
+
# Wrapped key material produced with
|
|
1154
|
+
# {Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_3072_SHA1_AES_256 RSA_OAEP_3072_SHA1_AES_256}
|
|
1155
|
+
# or
|
|
1156
|
+
# {Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_4096_SHA1_AES_256 RSA_OAEP_4096_SHA1_AES_256}.
|
|
1157
|
+
#
|
|
1158
|
+
# This field contains the concatenation of two wrapped keys:
|
|
1159
|
+
# <ol>
|
|
1160
|
+
# <li>An ephemeral AES-256 wrapping key wrapped with the
|
|
1161
|
+
# {Google::Cloud::Kms::V1::ImportJob#public_key public_key} using RSAES-OAEP with SHA-1,
|
|
1162
|
+
# MGF1 with SHA-1, and an empty label.
|
|
1163
|
+
# </li>
|
|
1164
|
+
# <li>The key to be imported, wrapped with the ephemeral AES-256 key
|
|
1165
|
+
# using AES-KWP (RFC 5649).
|
|
1166
|
+
# </li>
|
|
1167
|
+
# </ol>
|
|
1168
|
+
#
|
|
1169
|
+
# This format is the same as the format produced by PKCS#11 mechanism
|
|
1170
|
+
# CKM_RSA_AES_KEY_WRAP.
|
|
1171
|
+
# @param options [Google::Gax::CallOptions]
|
|
1172
|
+
# Overrides the default settings for this call, e.g, timeout,
|
|
1173
|
+
# retries, etc.
|
|
1174
|
+
# @yield [result, operation] Access the result along with the RPC operation
|
|
1175
|
+
# @yieldparam result [Google::Cloud::Kms::V1::CryptoKeyVersion]
|
|
1176
|
+
# @yieldparam operation [GRPC::ActiveCall::Operation]
|
|
1177
|
+
# @return [Google::Cloud::Kms::V1::CryptoKeyVersion]
|
|
1178
|
+
# @raise [Google::Gax::GaxError] if the RPC is aborted.
|
|
1179
|
+
# @example
|
|
1180
|
+
# require "google/cloud/kms"
|
|
1181
|
+
#
|
|
1182
|
+
# key_management_client = Google::Cloud::Kms.new(version: :v1)
|
|
1183
|
+
# formatted_parent = Google::Cloud::Kms::V1::KeyManagementServiceClient.crypto_key_path("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
|
|
1184
|
+
#
|
|
1185
|
+
# # TODO: Initialize `algorithm`:
|
|
1186
|
+
# algorithm = :CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED
|
|
1187
|
+
#
|
|
1188
|
+
# # TODO: Initialize `import_job`:
|
|
1189
|
+
# import_job = ''
|
|
1190
|
+
# response = key_management_client.import_crypto_key_version(formatted_parent, algorithm, import_job)
|
|
1191
|
+
|
|
1192
|
+
def import_crypto_key_version \
|
|
1193
|
+
parent,
|
|
1194
|
+
algorithm,
|
|
1195
|
+
import_job,
|
|
1196
|
+
rsa_aes_wrapped_key: nil,
|
|
1197
|
+
options: nil,
|
|
1198
|
+
&block
|
|
1199
|
+
req = {
|
|
1200
|
+
parent: parent,
|
|
1201
|
+
algorithm: algorithm,
|
|
1202
|
+
import_job: import_job,
|
|
1203
|
+
rsa_aes_wrapped_key: rsa_aes_wrapped_key
|
|
1204
|
+
}.delete_if { |_, v| v.nil? }
|
|
1205
|
+
req = Google::Gax::to_proto(req, Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest)
|
|
1206
|
+
@import_crypto_key_version.call(req, options, &block)
|
|
1207
|
+
end
|
|
1208
|
+
|
|
913
1209
|
# Update a {Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
|
|
914
1210
|
#
|
|
915
1211
|
# @param crypto_key [Google::Cloud::Kms::V1::CryptoKey | Hash]
|
|
@@ -953,22 +1249,16 @@ module Google
|
|
|
953
1249
|
@update_crypto_key.call(req, options, &block)
|
|
954
1250
|
end
|
|
955
1251
|
|
|
956
|
-
# Update a {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s
|
|
957
|
-
# metadata.
|
|
1252
|
+
# Update a {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s metadata.
|
|
958
1253
|
#
|
|
959
1254
|
# {Google::Cloud::Kms::V1::CryptoKeyVersion#state state} may be changed between
|
|
960
|
-
# {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::ENABLED ENABLED}
|
|
961
|
-
#
|
|
962
|
-
# {Google::Cloud::Kms::V1::
|
|
963
|
-
#
|
|
964
|
-
# {Google::Cloud::Kms::V1::KeyManagementService::DestroyCryptoKeyVersion DestroyCryptoKeyVersion}
|
|
965
|
-
# and
|
|
966
|
-
# {Google::Cloud::Kms::V1::KeyManagementService::RestoreCryptoKeyVersion RestoreCryptoKeyVersion}
|
|
967
|
-
# to move between other states.
|
|
1255
|
+
# {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::ENABLED ENABLED} and
|
|
1256
|
+
# {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DISABLED DISABLED} using this
|
|
1257
|
+
# method. See {Google::Cloud::Kms::V1::KeyManagementService::DestroyCryptoKeyVersion DestroyCryptoKeyVersion} and {Google::Cloud::Kms::V1::KeyManagementService::RestoreCryptoKeyVersion RestoreCryptoKeyVersion} to
|
|
1258
|
+
# move between other states.
|
|
968
1259
|
#
|
|
969
1260
|
# @param crypto_key_version [Google::Cloud::Kms::V1::CryptoKeyVersion | Hash]
|
|
970
|
-
# {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with updated
|
|
971
|
-
# values.
|
|
1261
|
+
# {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with updated values.
|
|
972
1262
|
# A hash of the same form as `Google::Cloud::Kms::V1::CryptoKeyVersion`
|
|
973
1263
|
# can also be provided.
|
|
974
1264
|
# @param update_mask [Google::Protobuf::FieldMask | Hash]
|
|
@@ -1008,41 +1298,35 @@ module Google
|
|
|
1008
1298
|
@update_crypto_key_version.call(req, options, &block)
|
|
1009
1299
|
end
|
|
1010
1300
|
|
|
1011
|
-
# Encrypts data, so that it can only be recovered by a call to
|
|
1012
|
-
# {Google::Cloud::Kms::V1::
|
|
1013
|
-
# {Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey#purpose} must be
|
|
1301
|
+
# Encrypts data, so that it can only be recovered by a call to {Google::Cloud::Kms::V1::KeyManagementService::Decrypt Decrypt}.
|
|
1302
|
+
# The {Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey#purpose} must be
|
|
1014
1303
|
# {Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ENCRYPT_DECRYPT ENCRYPT_DECRYPT}.
|
|
1015
1304
|
#
|
|
1016
1305
|
# @param name [String]
|
|
1017
|
-
# Required. The resource name of the
|
|
1018
|
-
#
|
|
1019
|
-
# {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
|
|
1020
|
-
# encryption.
|
|
1306
|
+
# Required. The resource name of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} or {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}
|
|
1307
|
+
# to use for encryption.
|
|
1021
1308
|
#
|
|
1022
|
-
# If a {Google::Cloud::Kms::V1::CryptoKey CryptoKey} is specified, the server
|
|
1023
|
-
#
|
|
1309
|
+
# If a {Google::Cloud::Kms::V1::CryptoKey CryptoKey} is specified, the server will use its
|
|
1310
|
+
# {Google::Cloud::Kms::V1::CryptoKey#primary primary version}.
|
|
1024
1311
|
# @param plaintext [String]
|
|
1025
1312
|
# Required. The data to encrypt. Must be no larger than 64KiB.
|
|
1026
1313
|
#
|
|
1027
1314
|
# The maximum size depends on the key version's
|
|
1028
|
-
# {Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
|
|
1029
|
-
#
|
|
1030
|
-
#
|
|
1031
|
-
#
|
|
1032
|
-
#
|
|
1033
|
-
# than 8KiB.
|
|
1315
|
+
# {Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}. For
|
|
1316
|
+
# {Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE} keys, the plaintext must be no larger
|
|
1317
|
+
# than 64KiB. For {Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of the
|
|
1318
|
+
# plaintext and additional_authenticated_data fields must be no larger than
|
|
1319
|
+
# 8KiB.
|
|
1034
1320
|
# @param additional_authenticated_data [String]
|
|
1035
1321
|
# Optional data that, if specified, must also be provided during decryption
|
|
1036
|
-
# through
|
|
1037
|
-
# {Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest#additional_authenticated_data}.
|
|
1322
|
+
# through {Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest#additional_authenticated_data}.
|
|
1038
1323
|
#
|
|
1039
1324
|
# The maximum size depends on the key version's
|
|
1040
|
-
# {Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}.
|
|
1041
|
-
#
|
|
1042
|
-
#
|
|
1043
|
-
#
|
|
1044
|
-
#
|
|
1045
|
-
# than 8KiB.
|
|
1325
|
+
# {Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}. For
|
|
1326
|
+
# {Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE} keys, the AAD must be no larger than
|
|
1327
|
+
# 64KiB. For {Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of the
|
|
1328
|
+
# plaintext and additional_authenticated_data fields must be no larger than
|
|
1329
|
+
# 8KiB.
|
|
1046
1330
|
# @param options [Google::Gax::CallOptions]
|
|
1047
1331
|
# Overrides the default settings for this call, e.g, timeout,
|
|
1048
1332
|
# retries, etc.
|
|
@@ -1076,15 +1360,12 @@ module Google
|
|
|
1076
1360
|
@encrypt.call(req, options, &block)
|
|
1077
1361
|
end
|
|
1078
1362
|
|
|
1079
|
-
# Decrypts data that was protected by
|
|
1080
|
-
# {Google::Cloud::Kms::V1::
|
|
1081
|
-
# {Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey#purpose} must be
|
|
1082
|
-
# {Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ENCRYPT_DECRYPT ENCRYPT_DECRYPT}.
|
|
1363
|
+
# Decrypts data that was protected by {Google::Cloud::Kms::V1::KeyManagementService::Encrypt Encrypt}. The {Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey#purpose}
|
|
1364
|
+
# must be {Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ENCRYPT_DECRYPT ENCRYPT_DECRYPT}.
|
|
1083
1365
|
#
|
|
1084
1366
|
# @param name [String]
|
|
1085
|
-
# Required. The resource name of the
|
|
1086
|
-
#
|
|
1087
|
-
# server will choose the appropriate version.
|
|
1367
|
+
# Required. The resource name of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} to use for decryption.
|
|
1368
|
+
# The server will choose the appropriate version.
|
|
1088
1369
|
# @param ciphertext [String]
|
|
1089
1370
|
# Required. The encrypted data originally returned in
|
|
1090
1371
|
# {Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse#ciphertext}.
|
|
@@ -1124,18 +1405,14 @@ module Google
|
|
|
1124
1405
|
@decrypt.call(req, options, &block)
|
|
1125
1406
|
end
|
|
1126
1407
|
|
|
1127
|
-
# Update the version of a {Google::Cloud::Kms::V1::CryptoKey CryptoKey} that
|
|
1128
|
-
# will be used in
|
|
1129
|
-
# {Google::Cloud::Kms::V1::KeyManagementService::Encrypt Encrypt}.
|
|
1408
|
+
# Update the version of a {Google::Cloud::Kms::V1::CryptoKey CryptoKey} that will be used in {Google::Cloud::Kms::V1::KeyManagementService::Encrypt Encrypt}.
|
|
1130
1409
|
#
|
|
1131
1410
|
# Returns an error if called on an asymmetric key.
|
|
1132
1411
|
#
|
|
1133
1412
|
# @param name [String]
|
|
1134
|
-
# The resource name of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} to
|
|
1135
|
-
# update.
|
|
1413
|
+
# The resource name of the {Google::Cloud::Kms::V1::CryptoKey CryptoKey} to update.
|
|
1136
1414
|
# @param crypto_key_version_id [String]
|
|
1137
|
-
# The id of the child
|
|
1138
|
-
# {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use as primary.
|
|
1415
|
+
# The id of the child {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use as primary.
|
|
1139
1416
|
# @param options [Google::Gax::CallOptions]
|
|
1140
1417
|
# Overrides the default settings for this call, e.g, timeout,
|
|
1141
1418
|
# retries, etc.
|
|
@@ -1167,28 +1444,21 @@ module Google
|
|
|
1167
1444
|
@update_crypto_key_primary_version.call(req, options, &block)
|
|
1168
1445
|
end
|
|
1169
1446
|
|
|
1170
|
-
# Schedule a {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} for
|
|
1171
|
-
# destruction.
|
|
1447
|
+
# Schedule a {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} for destruction.
|
|
1172
1448
|
#
|
|
1173
|
-
# Upon calling this method,
|
|
1174
|
-
# {Google::Cloud::Kms::V1::CryptoKeyVersion#state CryptoKeyVersion#state} will
|
|
1175
|
-
# be set to
|
|
1449
|
+
# Upon calling this method, {Google::Cloud::Kms::V1::CryptoKeyVersion#state CryptoKeyVersion#state} will be set to
|
|
1176
1450
|
# {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROY_SCHEDULED DESTROY_SCHEDULED}
|
|
1177
|
-
# and {Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will
|
|
1178
|
-
#
|
|
1179
|
-
#
|
|
1180
|
-
# {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED},
|
|
1181
|
-
#
|
|
1182
|
-
#
|
|
1183
|
-
# Before the
|
|
1184
|
-
# {Google::Cloud::Kms::V1::
|
|
1185
|
-
# reached,
|
|
1186
|
-
# {Google::Cloud::Kms::V1::KeyManagementService::RestoreCryptoKeyVersion RestoreCryptoKeyVersion}
|
|
1187
|
-
# may be called to reverse the process.
|
|
1451
|
+
# and {Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will be set to a time 24
|
|
1452
|
+
# hours in the future, at which point the {Google::Cloud::Kms::V1::CryptoKeyVersion#state state}
|
|
1453
|
+
# will be changed to
|
|
1454
|
+
# {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED}, and the key
|
|
1455
|
+
# material will be irrevocably destroyed.
|
|
1456
|
+
#
|
|
1457
|
+
# Before the {Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} is reached,
|
|
1458
|
+
# {Google::Cloud::Kms::V1::KeyManagementService::RestoreCryptoKeyVersion RestoreCryptoKeyVersion} may be called to reverse the process.
|
|
1188
1459
|
#
|
|
1189
1460
|
# @param name [String]
|
|
1190
|
-
# The resource name of the
|
|
1191
|
-
# {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to destroy.
|
|
1461
|
+
# The resource name of the {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to destroy.
|
|
1192
1462
|
# @param options [Google::Gax::CallOptions]
|
|
1193
1463
|
# Overrides the default settings for this call, e.g, timeout,
|
|
1194
1464
|
# retries, etc.
|
|
@@ -1219,15 +1489,12 @@ module Google
|
|
|
1219
1489
|
# {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROY_SCHEDULED DESTROY_SCHEDULED}
|
|
1220
1490
|
# state.
|
|
1221
1491
|
#
|
|
1222
|
-
# Upon restoration of the CryptoKeyVersion,
|
|
1223
|
-
# {Google::Cloud::Kms::V1::CryptoKeyVersion
|
|
1224
|
-
# {Google::Cloud::Kms::V1::CryptoKeyVersion
|
|
1225
|
-
# and {Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will
|
|
1226
|
-
# be cleared.
|
|
1492
|
+
# Upon restoration of the CryptoKeyVersion, {Google::Cloud::Kms::V1::CryptoKeyVersion#state state}
|
|
1493
|
+
# will be set to {Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DISABLED DISABLED},
|
|
1494
|
+
# and {Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will be cleared.
|
|
1227
1495
|
#
|
|
1228
1496
|
# @param name [String]
|
|
1229
|
-
# The resource name of the
|
|
1230
|
-
# {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to restore.
|
|
1497
|
+
# The resource name of the {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to restore.
|
|
1231
1498
|
# @param options [Google::Gax::CallOptions]
|
|
1232
1499
|
# Overrides the default settings for this call, e.g, timeout,
|
|
1233
1500
|
# retries, etc.
|
|
@@ -1254,16 +1521,14 @@ module Google
|
|
|
1254
1521
|
@restore_crypto_key_version.call(req, options, &block)
|
|
1255
1522
|
end
|
|
1256
1523
|
|
|
1257
|
-
# Returns the public key for the given
|
|
1258
|
-
# {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. The
|
|
1524
|
+
# Returns the public key for the given {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. The
|
|
1259
1525
|
# {Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey#purpose} must be
|
|
1260
|
-
# {Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ASYMMETRIC_SIGN ASYMMETRIC_SIGN}
|
|
1261
|
-
# or
|
|
1526
|
+
# {Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ASYMMETRIC_SIGN ASYMMETRIC_SIGN} or
|
|
1262
1527
|
# {Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ASYMMETRIC_DECRYPT ASYMMETRIC_DECRYPT}.
|
|
1263
1528
|
#
|
|
1264
1529
|
# @param name [String]
|
|
1265
|
-
# The {Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the
|
|
1266
|
-
#
|
|
1530
|
+
# The {Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} public key to
|
|
1531
|
+
# get.
|
|
1267
1532
|
# @param options [Google::Gax::CallOptions]
|
|
1268
1533
|
# Overrides the default settings for this call, e.g, timeout,
|
|
1269
1534
|
# retries, etc.
|
|
@@ -1291,19 +1556,15 @@ module Google
|
|
|
1291
1556
|
end
|
|
1292
1557
|
|
|
1293
1558
|
# Decrypts data that was encrypted with a public key retrieved from
|
|
1294
|
-
# {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}
|
|
1295
|
-
#
|
|
1296
|
-
# with {Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey#purpose}
|
|
1297
|
-
# ASYMMETRIC_DECRYPT.
|
|
1559
|
+
# {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey} corresponding to a {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with
|
|
1560
|
+
# {Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey#purpose} ASYMMETRIC_DECRYPT.
|
|
1298
1561
|
#
|
|
1299
1562
|
# @param name [String]
|
|
1300
|
-
# Required. The resource name of the
|
|
1301
|
-
# {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
|
|
1563
|
+
# Required. The resource name of the {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
|
|
1302
1564
|
# decryption.
|
|
1303
1565
|
# @param ciphertext [String]
|
|
1304
|
-
# Required. The data encrypted with the named
|
|
1305
|
-
#
|
|
1306
|
-
# OAEP.
|
|
1566
|
+
# Required. The data encrypted with the named {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s public
|
|
1567
|
+
# key using OAEP.
|
|
1307
1568
|
# @param options [Google::Gax::CallOptions]
|
|
1308
1569
|
# Overrides the default settings for this call, e.g, timeout,
|
|
1309
1570
|
# retries, etc.
|
|
@@ -1335,16 +1596,12 @@ module Google
|
|
|
1335
1596
|
@asymmetric_decrypt.call(req, options, &block)
|
|
1336
1597
|
end
|
|
1337
1598
|
|
|
1338
|
-
# Signs data using a {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}
|
|
1339
|
-
# with {Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey#purpose}
|
|
1599
|
+
# Signs data using a {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with {Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey#purpose}
|
|
1340
1600
|
# ASYMMETRIC_SIGN, producing a signature that can be verified with the public
|
|
1341
|
-
# key retrieved from
|
|
1342
|
-
# {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}.
|
|
1601
|
+
# key retrieved from {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}.
|
|
1343
1602
|
#
|
|
1344
1603
|
# @param name [String]
|
|
1345
|
-
# Required. The resource name of the
|
|
1346
|
-
# {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for
|
|
1347
|
-
# signing.
|
|
1604
|
+
# Required. The resource name of the {Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for signing.
|
|
1348
1605
|
# @param digest [Google::Cloud::Kms::V1::Digest | Hash]
|
|
1349
1606
|
# Required. The digest of the data to sign. The digest must be produced with
|
|
1350
1607
|
# the same digest algorithm as specified by the key version's
|
|
@@ -1382,8 +1639,8 @@ module Google
|
|
|
1382
1639
|
@asymmetric_sign.call(req, options, &block)
|
|
1383
1640
|
end
|
|
1384
1641
|
|
|
1385
|
-
# Sets the access control policy on the specified resource. Replaces
|
|
1386
|
-
# existing policy.
|
|
1642
|
+
# Sets the access control policy on the specified resource. Replaces
|
|
1643
|
+
# any existing policy.
|
|
1387
1644
|
#
|
|
1388
1645
|
# @param resource [String]
|
|
1389
1646
|
# REQUIRED: The resource for which the policy is being specified.
|
|
@@ -1426,9 +1683,8 @@ module Google
|
|
|
1426
1683
|
@set_iam_policy.call(req, options, &block)
|
|
1427
1684
|
end
|
|
1428
1685
|
|
|
1429
|
-
# Gets the access control policy for a resource.
|
|
1430
|
-
#
|
|
1431
|
-
# set.
|
|
1686
|
+
# Gets the access control policy for a resource. Returns an empty policy
|
|
1687
|
+
# if the resource exists and does not have a policy set.
|
|
1432
1688
|
#
|
|
1433
1689
|
# @param resource [String]
|
|
1434
1690
|
# REQUIRED: The resource for which the policy is being requested.
|
|
@@ -1459,13 +1715,13 @@ module Google
|
|
|
1459
1715
|
@get_iam_policy.call(req, options, &block)
|
|
1460
1716
|
end
|
|
1461
1717
|
|
|
1462
|
-
# Returns permissions that a caller has on the specified resource.
|
|
1463
|
-
#
|
|
1718
|
+
# Returns permissions that a caller has on the specified resource. If the
|
|
1719
|
+
# resource does not exist, this will return an empty set of
|
|
1464
1720
|
# permissions, not a NOT_FOUND error.
|
|
1465
1721
|
#
|
|
1466
|
-
# Note: This operation is designed to be used for building
|
|
1467
|
-
# UIs and command-line tools, not for authorization
|
|
1468
|
-
# may "fail open" without warning.
|
|
1722
|
+
# Note: This operation is designed to be used for building
|
|
1723
|
+
# permission-aware UIs and command-line tools, not for authorization
|
|
1724
|
+
# checking. This operation may "fail open" without warning.
|
|
1469
1725
|
#
|
|
1470
1726
|
# @param resource [String]
|
|
1471
1727
|
# REQUIRED: The resource for which the policy detail is being requested.
|