@maxim_mazurok/gapi.client.cloudkms-v1 0.1.20251201 → 0.1.20251231

package/index.d.ts

@@ -9,7 +9,7 @@
 // This file was generated by https://github.com/Maxim-Mazurok/google-api-typings-generator. Please do not edit it manually.
 // In case of any problems please post issue to https://github.com/Maxim-Mazurok/google-api-typings-generator
 // Generated from: https://cloudkms.googleapis.com/$discovery/rest?version=v1
-// Revision: 20251201
+// Revision: 20251231
 
 /// <reference types="gapi.client" />
 
@@ -24,6 +24,17 @@ declare namespace gapi.client {
   function load(name: 'cloudkms', version: 'v1', callback: () => any): void;
 
   namespace cloudkms {
+    interface AddQuorumMember {
+      /** Required. The public key associated with the 2FA key for the new quorum member to add. Public keys must be associated with RSA 2048 keys. */
+      twoFactorPublicKeyPem?: string;
+    }
+    interface ApproveSingleTenantHsmInstanceProposalRequest {
+      /** Required. The reply to QuorumParameters for approving the proposal. */
+      quorumReply?: QuorumReply;
+      /** Required. The reply to RequiredActionQuorumParameters for approving the proposal. */
+      requiredActionQuorumReply?: RequiredActionQuorumReply;
+    }
+    interface ApproveSingleTenantHsmInstanceProposalResponse {}
     interface AsymmetricDecryptRequest {
       /** Required. The data encrypted with the named CryptoKeyVersion's public key using OAEP. */
       ciphertext?: string;
@@ -122,6 +133,18 @@ declare namespace gapi.client {
       /** Google partition certificate chain corresponding to the attestation. */
       googlePartitionCerts?: string[];
     }
+    interface Challenge {
+      /** Output only. The challenge to be signed by the 2FA key indicated by the public key. */
+      challenge?: string;
+      /** Output only. The public key associated with the 2FA key that should sign the challenge. */
+      publicKeyPem?: string;
+    }
+    interface ChallengeReply {
+      /** Required. The public key associated with the 2FA key. */
+      publicKeyPem?: string;
+      /** Required. The signed challenge associated with the 2FA key. The signature must be RSASSA-PKCS1 v1.5 with a SHA256 digest. */
+      signedChallenge?: string;
+    }
     interface ChecksummedData {
       /** Integrity verification field. A CRC32C checksum of the returned ChecksummedData.data. An integrity check of ChecksummedData.data can be performed by computing the CRC32C checksum of ChecksummedData.data and comparing your results to this field. Discard the response in case of non-matching checksum values, and perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed `2^32-1`, and can be safely downconverted to uint32 in languages that support this type. */
       crc32cChecksum?: string;
@@ -232,6 +255,7 @@ declare namespace gapi.client {
       /** Whether the Decryption was performed using the primary key version. */
       usedPrimary?: boolean;
     }
+    interface DeleteSingleTenantHsmInstance {}
     interface DestroyCryptoKeyVersionRequest {}
     interface Digest {
       /** A message digest produced with the SHA-256 algorithm. */
@@ -241,6 +265,7 @@ declare namespace gapi.client {
       /** A message digest produced with the SHA-512 algorithm. */
       sha512?: string;
     }
+    interface DisableSingleTenantHsmInstance {}
     interface EkmConfig {
       /** Optional. Resource name of the default EkmConnection. Setting this field to the empty string removes the default. */
       defaultEkmConnection?: string;
@@ -261,6 +286,8 @@ declare namespace gapi.client {
       /** Optional. A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported. */
       serviceResolvers?: ServiceResolver[];
     }
+    interface Empty {}
+    interface EnableSingleTenantHsmInstance {}
     interface EncryptRequest {
       /** Optional. Optional data that, if specified, must also be provided during decryption through DecryptRequest.additional_authenticated_data. The maximum size depends on the key version's protection_level. For SOFTWARE, EXTERNAL, and EXTERNAL_VPC keys the AAD must be no larger than 64KiB. For HSM keys, the combined length of the plaintext and additional_authenticated_data fields must be no larger than 8KiB. */
       additionalAuthenticatedData?: string;
@@ -285,6 +312,7 @@ declare namespace gapi.client {
       /** Integrity verification field. A flag indicating whether EncryptRequest.plaintext_crc32c was received by KeyManagementService and used for the integrity verification of the plaintext. A false value of this field indicates either that EncryptRequest.plaintext_crc32c was left unset or that it was not delivered to KeyManagementService. If you've set EncryptRequest.plaintext_crc32c but this field is still false, discard the response and perform a limited number of retries. */
       verifiedPlaintextCrc32c?: boolean;
     }
+    interface ExecuteSingleTenantHsmInstanceProposalRequest {}
     interface Expr {
       /** Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. */
       description?: string;
@@ -439,6 +467,22 @@ declare namespace gapi.client {
       /** The standard List next-page token. */
       nextPageToken?: string;
     }
+    interface ListSingleTenantHsmInstanceProposalsResponse {
+      /** A token to retrieve next page of results. Pass this value in ListSingleTenantHsmInstanceProposalsRequest.page_token to retrieve the next page of results. */
+      nextPageToken?: string;
+      /** The list of SingleTenantHsmInstanceProposals. */
+      singleTenantHsmInstanceProposals?: SingleTenantHsmInstanceProposal[];
+      /** The total number of SingleTenantHsmInstanceProposals that matched the query. This field is not populated if ListSingleTenantHsmInstanceProposalsRequest.filter is applied. */
+      totalSize?: number;
+    }
+    interface ListSingleTenantHsmInstancesResponse {
+      /** A token to retrieve next page of results. Pass this value in ListSingleTenantHsmInstancesRequest.page_token to retrieve the next page of results. */
+      nextPageToken?: string;
+      /** The list of SingleTenantHsmInstances. */
+      singleTenantHsmInstances?: SingleTenantHsmInstance[];
+      /** The total number of SingleTenantHsmInstances that matched the query. This field is not populated if ListSingleTenantHsmInstancesRequest.filter is applied. */
+      totalSize?: number;
+    }
     interface Location {
       /** The friendly name for this location, typically a nearby city name. For example, "Tokyo". */
       displayName?: string;
@@ -539,6 +583,26 @@ declare namespace gapi.client {
       /** The PublicKey format specified by the customer through the public_key_format field. */
       publicKeyFormat?: string;
     }
+    interface QuorumAuth {
+      /** Output only. The required numbers of approvers. The M value used for M of N quorum auth. Must be greater than or equal to 2 and less than or equal to total_approver_count - 1. */
+      requiredApproverCount?: number;
+      /** Required. The total number of approvers. This is the N value used for M of N quorum auth. Must be greater than or equal to 3 and less than or equal to 16. */
+      totalApproverCount?: number;
+      /** Output only. The public keys associated with the 2FA keys for M of N quorum auth. */
+      twoFactorPublicKeyPems?: string[];
+    }
+    interface QuorumParameters {
+      /** Output only. The public keys associated with the 2FA keys that have already approved the SingleTenantHsmInstanceProposal by signing the challenge. */
+      approvedTwoFactorPublicKeyPems?: string[];
+      /** Output only. The challenges to be signed by 2FA keys for quorum auth. M of N of these challenges are required to be signed to approve the operation. */
+      challenges?: Challenge[];
+      /** Output only. The required numbers of approvers. This is the M value used for M of N quorum auth. It is less than the number of public keys. */
+      requiredApproverCount?: number;
+    }
+    interface QuorumReply {
+      /** Required. The challenge replies to approve the proposal. Challenge replies can be sent across multiple requests. The proposal will be approved when required_approver_count challenge replies are provided. */
+      challengeReplies?: ChallengeReply[];
+    }
     interface RawDecryptRequest {
       /** Optional. Optional data that must match the data originally supplied in RawEncryptRequest.additional_authenticated_data. */
       additionalAuthenticatedData?: string;
@@ -605,6 +669,33 @@ declare namespace gapi.client {
       /** Integrity verification field. A flag indicating whether RawEncryptRequest.plaintext_crc32c was received by KeyManagementService and used for the integrity verification of the plaintext. A false value of this field indicates either that RawEncryptRequest.plaintext_crc32c was left unset or that it was not delivered to KeyManagementService. If you've set RawEncryptRequest.plaintext_crc32c but this field is still false, discard the response and perform a limited number of retries. */
       verifiedPlaintextCrc32c?: boolean;
     }
+    interface RefreshSingleTenantHsmInstance {}
+    interface RegisterTwoFactorAuthKeys {
+      /** Required. The required numbers of approvers to set for the SingleTenantHsmInstance. This is the M value used for M of N quorum auth. Must be greater than or equal to 2 and less than or equal to total_approver_count - 1. */
+      requiredApproverCount?: number;
+      /** Required. The public keys associated with the 2FA keys for M of N quorum auth. Public keys must be associated with RSA 2048 keys. */
+      twoFactorPublicKeyPems?: string[];
+    }
+    interface RemoveQuorumMember {
+      /** Required. The public key associated with the 2FA key for the quorum member to remove. Public keys must be associated with RSA 2048 keys. */
+      twoFactorPublicKeyPem?: string;
+    }
+    interface RequiredActionQuorumParameters {
+      /** Output only. The public keys associated with the 2FA keys that have already approved the SingleTenantHsmInstanceProposal by signing the challenge. */
+      approvedTwoFactorPublicKeyPems?: string[];
+      /** Output only. The challenges to be signed by 2FA keys for quorum auth. M of N of these challenges are required to be signed to approve the operation. */
+      quorumChallenges?: Challenge[];
+      /** Output only. The required number of quorum approvers. This is the M value used for M of N quorum auth. It is less than the number of public keys. */
+      requiredApproverCount?: number;
+      /** Output only. A list of specific challenges that must be signed. For some operations, this will contain a single challenge. */
+      requiredChallenges?: Challenge[];
+    }
+    interface RequiredActionQuorumReply {
+      /** Required. Quorum members' signed challenge replies. These can be provided across multiple requests. The proposal will be approved when required_approver_count quorum_challenge_replies are provided and when all required_challenge_replies are provided. */
+      quorumChallengeReplies?: ChallengeReply[];
+      /** Required. All required challenges must be signed for the proposal to be approved. These can be sent across multiple requests. */
+      requiredChallengeReplies?: ChallengeReply[];
+    }
     interface RestoreCryptoKeyVersionRequest {}
     interface ServiceResolver {
       /** Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest. */
@@ -638,6 +729,58 @@ declare namespace gapi.client {
       /** The effective KeyAccessJustificationsPolicyConfig. */
       effectiveKajPolicy?: KeyAccessJustificationsPolicyConfig;
     }
+    interface SingleTenantHsmInstance {
+      /** Output only. The time at which the SingleTenantHsmInstance was created. */
+      createTime?: string;
+      /** Output only. The time at which the SingleTenantHsmInstance was deleted. */
+      deleteTime?: string;
+      /** Output only. The time at which the instance will be automatically disabled if not refreshed. This field is updated upon creation and after each successful refresh operation and enable. A RefreshSingleTenantHsmInstance operation must be made via a SingleTenantHsmInstanceProposal before this time otherwise the SingleTenantHsmInstance will become disabled. */
+      disableTime?: string;
+      /** Identifier. The resource name for this SingleTenantHsmInstance in the format `projects/*‍/locations/*‍/singleTenantHsmInstances/*`. */
+      name?: string;
+      /** Required. The quorum auth configuration for the SingleTenantHsmInstance. */
+      quorumAuth?: QuorumAuth;
+      /** Output only. The state of the SingleTenantHsmInstance. */
+      state?: string;
+      /** Output only. The system-defined duration that an instance can remain unrefreshed until it is automatically disabled. This will have a value of 120 days. */
+      unrefreshedDurationUntilDisable?: string;
+    }
+    interface SingleTenantHsmInstanceProposal {
+      /** Add a quorum member to the SingleTenantHsmInstance. This will increase the total_approver_count by 1. The SingleTenantHsmInstance must be in the ACTIVE state to perform this operation. */
+      addQuorumMember?: AddQuorumMember;
+      /** Output only. The time at which the SingleTenantHsmInstanceProposal was created. */
+      createTime?: string;
+      /** Delete the SingleTenantHsmInstance. Deleting a SingleTenantHsmInstance will make all CryptoKeys attached to the SingleTenantHsmInstance unusable. The SingleTenantHsmInstance must be in the DISABLED or PENDING_TWO_FACTOR_AUTH_REGISTRATION state to perform this operation. */
+      deleteSingleTenantHsmInstance?: any;
+      /** Output only. The time at which the SingleTenantHsmInstanceProposal was deleted. */
+      deleteTime?: string;
+      /** Disable the SingleTenantHsmInstance. The SingleTenantHsmInstance must be in the ACTIVE state to perform this operation. */
+      disableSingleTenantHsmInstance?: any;
+      /** Enable the SingleTenantHsmInstance. The SingleTenantHsmInstance must be in the DISABLED state to perform this operation. */
+      enableSingleTenantHsmInstance?: any;
+      /** The time at which the SingleTenantHsmInstanceProposal will expire if not approved and executed. */
+      expireTime?: string;
+      /** Output only. The root cause of the most recent failure. Only present if state is FAILED. */
+      failureReason?: string;
+      /** Identifier. The resource name for this SingleTenantHsmInstance in the format `projects/*‍/locations/*‍/singleTenantHsmInstances/*‍/proposals/*`. */
+      name?: string;
+      /** Output only. The time at which the soft-deleted SingleTenantHsmInstanceProposal will be permanently purged. This field is only populated when the state is DELETED and will be set a time after expiration of the proposal, i.e. >= expire_time or (create_time + ttl). */
+      purgeTime?: string;
+      /** Output only. The quorum approval parameters for the SingleTenantHsmInstanceProposal. */
+      quorumParameters?: QuorumParameters;
+      /** Refreshes the SingleTenantHsmInstance. This operation must be performed periodically to keep the SingleTenantHsmInstance active. This operation must be performed before unrefreshed_duration_until_disable has passed. The SingleTenantHsmInstance must be in the ACTIVE state to perform this operation. */
+      refreshSingleTenantHsmInstance?: any;
+      /** Register 2FA keys for the SingleTenantHsmInstance. This operation requires all N Challenges to be signed by 2FA keys. The SingleTenantHsmInstance must be in the PENDING_TWO_FACTOR_AUTH_REGISTRATION state to perform this operation. */
+      registerTwoFactorAuthKeys?: RegisterTwoFactorAuthKeys;
+      /** Remove a quorum member from the SingleTenantHsmInstance. This will reduce total_approver_count by 1. The SingleTenantHsmInstance must be in the ACTIVE state to perform this operation. */
+      removeQuorumMember?: RemoveQuorumMember;
+      /** Output only. Parameters for an approval of a SingleTenantHsmInstanceProposal that has both required challenges and a quorum. */
+      requiredActionQuorumParameters?: RequiredActionQuorumParameters;
+      /** Output only. The state of the SingleTenantHsmInstanceProposal. */
+      state?: string;
+      /** Input only. The TTL for the SingleTenantHsmInstanceProposal. Proposals will expire after this duration. */
+      ttl?: string;
+    }
     interface Status {
       /** The status code, which should be an enum value of google.rpc.Code. */
       code?: number;
@@ -3167,6 +3310,406 @@ declare namespace gapi.client {
         uploadType?: string;
       }): Request<Operation>;
     }
+    interface ProposalsResource {
+      /** Approves a SingleTenantHsmInstanceProposal for a given SingleTenantHsmInstance. The proposal must be in the PENDING state. */
+      approve(request: {
+        /** V1 error format. */
+        '$.xgafv'?: string;
+        /** OAuth access token. */
+        access_token?: string;
+        /** Data format for response. */
+        alt?: string;
+        /** JSONP */
+        callback?: string;
+        /** Selector specifying which fields to include in a partial response. */
+        fields?: string;
+        /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
+        key?: string;
+        /** Required. The name of the SingleTenantHsmInstanceProposal to approve. */
+        name: string;
+        /** OAuth 2.0 token for the current user. */
+        oauth_token?: string;
+        /** Returns response with indentations and line breaks. */
+        prettyPrint?: boolean;
+        /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
+        quotaUser?: string;
+        /** Upload protocol for media (e.g. "raw", "multipart"). */
+        upload_protocol?: string;
+        /** Legacy upload protocol for media (e.g. "media", "multipart"). */
+        uploadType?: string;
+        /** Request body */
+        resource: ApproveSingleTenantHsmInstanceProposalRequest;
+      }): Request<{}>;
+      approve(
+        request: {
+          /** V1 error format. */
+          '$.xgafv'?: string;
+          /** OAuth access token. */
+          access_token?: string;
+          /** Data format for response. */
+          alt?: string;
+          /** JSONP */
+          callback?: string;
+          /** Selector specifying which fields to include in a partial response. */
+          fields?: string;
+          /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
+          key?: string;
+          /** Required. The name of the SingleTenantHsmInstanceProposal to approve. */
+          name: string;
+          /** OAuth 2.0 token for the current user. */
+          oauth_token?: string;
+          /** Returns response with indentations and line breaks. */
+          prettyPrint?: boolean;
+          /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
+          quotaUser?: string;
+          /** Upload protocol for media (e.g. "raw", "multipart"). */
+          upload_protocol?: string;
+          /** Legacy upload protocol for media (e.g. "media", "multipart"). */
+          uploadType?: string;
+        },
+        body: ApproveSingleTenantHsmInstanceProposalRequest,
+      ): Request<{}>;
+      /** Creates a new SingleTenantHsmInstanceProposal for a given SingleTenantHsmInstance. */
+      create(request: {
+        /** V1 error format. */
+        '$.xgafv'?: string;
+        /** OAuth access token. */
+        access_token?: string;
+        /** Data format for response. */
+        alt?: string;
+        /** JSONP */
+        callback?: string;
+        /** Selector specifying which fields to include in a partial response. */
+        fields?: string;
+        /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
+        key?: string;
+        /** OAuth 2.0 token for the current user. */
+        oauth_token?: string;
+        /** Required. The name of the SingleTenantHsmInstance associated with the SingleTenantHsmInstanceProposals. */
+        parent: string;
+        /** Returns response with indentations and line breaks. */
+        prettyPrint?: boolean;
+        /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
+        quotaUser?: string;
+        /** Optional. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`. */
+        singleTenantHsmInstanceProposalId?: string;
+        /** Upload protocol for media (e.g. "raw", "multipart"). */
+        upload_protocol?: string;
+        /** Legacy upload protocol for media (e.g. "media", "multipart"). */
+        uploadType?: string;
+        /** Request body */
+        resource: SingleTenantHsmInstanceProposal;
+      }): Request<Operation>;
+      create(
+        request: {
+          /** V1 error format. */
+          '$.xgafv'?: string;
+          /** OAuth access token. */
+          access_token?: string;
+          /** Data format for response. */
+          alt?: string;
+          /** JSONP */
+          callback?: string;
+          /** Selector specifying which fields to include in a partial response. */
+          fields?: string;
+          /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
+          key?: string;
+          /** OAuth 2.0 token for the current user. */
+          oauth_token?: string;
+          /** Required. The name of the SingleTenantHsmInstance associated with the SingleTenantHsmInstanceProposals. */
+          parent: string;
+          /** Returns response with indentations and line breaks. */
+          prettyPrint?: boolean;
+          /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
+          quotaUser?: string;
+          /** Optional. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`. */
+          singleTenantHsmInstanceProposalId?: string;
+          /** Upload protocol for media (e.g. "raw", "multipart"). */
+          upload_protocol?: string;
+          /** Legacy upload protocol for media (e.g. "media", "multipart"). */
+          uploadType?: string;
+        },
+        body: SingleTenantHsmInstanceProposal,
+      ): Request<Operation>;
+      /** Deletes a SingleTenantHsmInstanceProposal. */
+      delete(request?: {
+        /** V1 error format. */
+        '$.xgafv'?: string;
+        /** OAuth access token. */
+        access_token?: string;
+        /** Data format for response. */
+        alt?: string;
+        /** JSONP */
+        callback?: string;
+        /** Selector specifying which fields to include in a partial response. */
+        fields?: string;
+        /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
+        key?: string;
+        /** Required. The name of the SingleTenantHsmInstanceProposal to delete. */
+        name: string;
+        /** OAuth 2.0 token for the current user. */
+        oauth_token?: string;
+        /** Returns response with indentations and line breaks. */
+        prettyPrint?: boolean;
+        /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
+        quotaUser?: string;
+        /** Upload protocol for media (e.g. "raw", "multipart"). */
+        upload_protocol?: string;
+        /** Legacy upload protocol for media (e.g. "media", "multipart"). */
+        uploadType?: string;
+      }): Request<{}>;
+      /** Executes a SingleTenantHsmInstanceProposal for a given SingleTenantHsmInstance. The proposal must be in the APPROVED state. */
+      execute(request: {
+        /** V1 error format. */
+        '$.xgafv'?: string;
+        /** OAuth access token. */
+        access_token?: string;
+        /** Data format for response. */
+        alt?: string;
+        /** JSONP */
+        callback?: string;
+        /** Selector specifying which fields to include in a partial response. */
+        fields?: string;
+        /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
+        key?: string;
+        /** Required. The name of the SingleTenantHsmInstanceProposal to execute. */
+        name: string;
+        /** OAuth 2.0 token for the current user. */
+        oauth_token?: string;
+        /** Returns response with indentations and line breaks. */
+        prettyPrint?: boolean;
+        /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
+        quotaUser?: string;
+        /** Upload protocol for media (e.g. "raw", "multipart"). */
+        upload_protocol?: string;
+        /** Legacy upload protocol for media (e.g. "media", "multipart"). */
+        uploadType?: string;
+        /** Request body */
+        resource: ExecuteSingleTenantHsmInstanceProposalRequest;
+      }): Request<Operation>;
+      execute(
+        request: {
+          /** V1 error format. */
+          '$.xgafv'?: string;
+          /** OAuth access token. */
+          access_token?: string;
+          /** Data format for response. */
+          alt?: string;
+          /** JSONP */
+          callback?: string;
+          /** Selector specifying which fields to include in a partial response. */
+          fields?: string;
+          /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
+          key?: string;
+          /** Required. The name of the SingleTenantHsmInstanceProposal to execute. */
+          name: string;
+          /** OAuth 2.0 token for the current user. */
+          oauth_token?: string;
+          /** Returns response with indentations and line breaks. */
+          prettyPrint?: boolean;
+          /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
+          quotaUser?: string;
+          /** Upload protocol for media (e.g. "raw", "multipart"). */
+          upload_protocol?: string;
+          /** Legacy upload protocol for media (e.g. "media", "multipart"). */
+          uploadType?: string;
+        },
+        body: ExecuteSingleTenantHsmInstanceProposalRequest,
+      ): Request<Operation>;
+      /** Returns metadata for a given SingleTenantHsmInstanceProposal. */
+      get(request?: {
+        /** V1 error format. */
+        '$.xgafv'?: string;
+        /** OAuth access token. */
+        access_token?: string;
+        /** Data format for response. */
+        alt?: string;
+        /** JSONP */
+        callback?: string;
+        /** Selector specifying which fields to include in a partial response. */
+        fields?: string;
+        /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
+        key?: string;
+        /** Required. The name of the SingleTenantHsmInstanceProposal to get. */
+        name: string;
+        /** OAuth 2.0 token for the current user. */
+        oauth_token?: string;
+        /** Returns response with indentations and line breaks. */
+        prettyPrint?: boolean;
+        /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
+        quotaUser?: string;
+        /** Upload protocol for media (e.g. "raw", "multipart"). */
+        upload_protocol?: string;
+        /** Legacy upload protocol for media (e.g. "media", "multipart"). */
+        uploadType?: string;
+      }): Request<SingleTenantHsmInstanceProposal>;
+      /** Lists SingleTenantHsmInstanceProposals. */
+      list(request?: {
+        /** V1 error format. */
+        '$.xgafv'?: string;
+        /** OAuth access token. */
+        access_token?: string;
+        /** Data format for response. */
+        alt?: string;
+        /** JSONP */
+        callback?: string;
+        /** Selector specifying which fields to include in a partial response. */
+        fields?: string;
+        /** Optional. Only include resources that match the filter in the response. For more information, see [Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting-and-filtering). */
+        filter?: string;
+        /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
+        key?: string;
+        /** OAuth 2.0 token for the current user. */
+        oauth_token?: string;
+        /** Optional. Specify how the results should be sorted. If not specified, the results will be sorted in the default order. For more information, see [Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting-and-filtering). */
+        orderBy?: string;
+        /** Optional. Optional limit on the number of SingleTenantHsmInstanceProposals to include in the response. Further SingleTenantHsmInstanceProposals can subsequently be obtained by including the ListSingleTenantHsmInstanceProposalsResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default. */
+        pageSize?: number;
+        /** Optional. Optional pagination token, returned earlier via ListSingleTenantHsmInstanceProposalsResponse.next_page_token. */
+        pageToken?: string;
+        /** Required. The resource name of the location associated with the SingleTenantHsmInstanceProposals to list, in the format `projects/*‍/locations/*‍/singleTenantHsmInstances/*`. */
+        parent: string;
+        /** Returns response with indentations and line breaks. */
+        prettyPrint?: boolean;
+        /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
+        quotaUser?: string;
+        /** Optional. If set to true, HsmManagement.ListSingleTenantHsmInstanceProposals will also return SingleTenantHsmInstanceProposals in DELETED state. */
+        showDeleted?: boolean;
+        /** Upload protocol for media (e.g. "raw", "multipart"). */
+        upload_protocol?: string;
+        /** Legacy upload protocol for media (e.g. "media", "multipart"). */
+        uploadType?: string;
+      }): Request<ListSingleTenantHsmInstanceProposalsResponse>;
+    }
+    interface SingleTenantHsmInstancesResource {
+      /** Creates a new SingleTenantHsmInstance in a given Project and Location. User must create a RegisterTwoFactorAuthKeys proposal with this single-tenant HSM instance to finish setup of the instance. */
+      create(request: {
+        /** V1 error format. */
+        '$.xgafv'?: string;
+        /** OAuth access token. */
+        access_token?: string;
+        /** Data format for response. */
+        alt?: string;
+        /** JSONP */
+        callback?: string;
+        /** Selector specifying which fields to include in a partial response. */
+        fields?: string;
+        /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
+        key?: string;
+        /** OAuth 2.0 token for the current user. */
+        oauth_token?: string;
+        /** Required. The resource name of the location associated with the SingleTenantHsmInstance, in the format `projects/*‍/locations/*`. */
+        parent: string;
+        /** Returns response with indentations and line breaks. */
+        prettyPrint?: boolean;
+        /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
+        quotaUser?: string;
+        /** Optional. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`. */
+        singleTenantHsmInstanceId?: string;
+        /** Upload protocol for media (e.g. "raw", "multipart"). */
+        upload_protocol?: string;
+        /** Legacy upload protocol for media (e.g. "media", "multipart"). */
+        uploadType?: string;
+        /** Request body */
+        resource: SingleTenantHsmInstance;
+      }): Request<Operation>;
+      create(
+        request: {
+          /** V1 error format. */
+          '$.xgafv'?: string;
+          /** OAuth access token. */
+          access_token?: string;
+          /** Data format for response. */
+          alt?: string;
+          /** JSONP */
+          callback?: string;
+          /** Selector specifying which fields to include in a partial response. */
+          fields?: string;
+          /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
+          key?: string;
+          /** OAuth 2.0 token for the current user. */
+          oauth_token?: string;
+          /** Required. The resource name of the location associated with the SingleTenantHsmInstance, in the format `projects/*‍/locations/*`. */
+          parent: string;
+          /** Returns response with indentations and line breaks. */
+          prettyPrint?: boolean;
+          /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
+          quotaUser?: string;
+          /** Optional. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`. */
+          singleTenantHsmInstanceId?: string;
+          /** Upload protocol for media (e.g. "raw", "multipart"). */
+          upload_protocol?: string;
+          /** Legacy upload protocol for media (e.g. "media", "multipart"). */
+          uploadType?: string;
+        },
+        body: SingleTenantHsmInstance,
+      ): Request<Operation>;
+      /** Returns metadata for a given SingleTenantHsmInstance. */
+      get(request?: {
+        /** V1 error format. */
+        '$.xgafv'?: string;
+        /** OAuth access token. */
+        access_token?: string;
+        /** Data format for response. */
+        alt?: string;
+        /** JSONP */
+        callback?: string;
+        /** Selector specifying which fields to include in a partial response. */
+        fields?: string;
+        /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
+        key?: string;
+        /** Required. The name of the SingleTenantHsmInstance to get. */
+        name: string;
+        /** OAuth 2.0 token for the current user. */
+        oauth_token?: string;
+        /** Returns response with indentations and line breaks. */
+        prettyPrint?: boolean;
+        /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
+        quotaUser?: string;
+        /** Upload protocol for media (e.g. "raw", "multipart"). */
+        upload_protocol?: string;
+        /** Legacy upload protocol for media (e.g. "media", "multipart"). */
+        uploadType?: string;
+      }): Request<SingleTenantHsmInstance>;
+      /** Lists SingleTenantHsmInstances. */
+      list(request?: {
+        /** V1 error format. */
+        '$.xgafv'?: string;
+        /** OAuth access token. */
+        access_token?: string;
+        /** Data format for response. */
+        alt?: string;
+        /** JSONP */
+        callback?: string;
+        /** Selector specifying which fields to include in a partial response. */
+        fields?: string;
+        /** Optional. Only include resources that match the filter in the response. For more information, see [Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting-and-filtering). */
+        filter?: string;
+        /** API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token. */
+        key?: string;
+        /** OAuth 2.0 token for the current user. */
+        oauth_token?: string;
+        /** Optional. Specify how the results should be sorted. If not specified, the results will be sorted in the default order. For more information, see [Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting-and-filtering). */
+        orderBy?: string;
+        /** Optional. Optional limit on the number of SingleTenantHsmInstances to include in the response. Further SingleTenantHsmInstances can subsequently be obtained by including the ListSingleTenantHsmInstancesResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default. */
+        pageSize?: number;
+        /** Optional. Optional pagination token, returned earlier via ListSingleTenantHsmInstancesResponse.next_page_token. */
+        pageToken?: string;
+        /** Required. The resource name of the location associated with the SingleTenantHsmInstances to list, in the format `projects/*‍/locations/*`. */
+        parent: string;
+        /** Returns response with indentations and line breaks. */
+        prettyPrint?: boolean;
+        /** Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters. */
+        quotaUser?: string;
+        /** Optional. If set to true, HsmManagement.ListSingleTenantHsmInstances will also return SingleTenantHsmInstances in DELETED state. */
+        showDeleted?: boolean;
+        /** Upload protocol for media (e.g. "raw", "multipart"). */
+        upload_protocol?: string;
+        /** Legacy upload protocol for media (e.g. "media", "multipart"). */
+        uploadType?: string;
+      }): Request<ListSingleTenantHsmInstancesResponse>;
+      proposals: ProposalsResource;
+    }
     interface LocationsResource {
       /** Generate random bytes using the Cloud KMS randomness source in the provided location. */
       generateRandomBytes(request: {
@@ -3382,6 +3925,7 @@ declare namespace gapi.client {
       keyHandles: KeyHandlesResource;
       keyRings: KeyRingsResource;
       operations: OperationsResource;
+      singleTenantHsmInstances: SingleTenantHsmInstancesResource;
     }
     interface ProjectsResource {
       /** Gets the KeyAccessJustificationsPolicyConfig for a given organization, folder, or project. */

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@maxim_mazurok/gapi.client.cloudkms-v1",
-  "version": "0.1.20251201",
+  "version": "0.1.20251231",
   "description": "TypeScript typings for Cloud Key Management Service (KMS) API v1",
   "repository": {
     "type": "git",