google-api-python-client 2.186.0__py3-none-any.whl → 2.188.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {google_api_python_client-2.186.0.dist-info → google_api_python_client-2.188.0.dist-info}/METADATA +1 -1
- {google_api_python_client-2.186.0.dist-info → google_api_python_client-2.188.0.dist-info}/RECORD +321 -319
- googleapiclient/discovery.py +13 -6
- googleapiclient/discovery_cache/documents/accessapproval.v1.json +9 -3
- googleapiclient/discovery_cache/documents/accesscontextmanager.v1.json +3 -3
- googleapiclient/discovery_cache/documents/adexchangebuyer2.v2beta1.json +2 -2
- googleapiclient/discovery_cache/documents/admin.directory_v1.json +75 -1
- googleapiclient/discovery_cache/documents/admin.directoryv1.json +75 -1
- googleapiclient/discovery_cache/documents/admin.reports_v1.json +37 -6
- googleapiclient/discovery_cache/documents/admin.reportsv1.json +37 -6
- googleapiclient/discovery_cache/documents/aiplatform.v1.json +20205 -8402
- googleapiclient/discovery_cache/documents/aiplatform.v1beta1.json +22191 -10441
- googleapiclient/discovery_cache/documents/alertcenter.v1beta1.json +6 -2
- googleapiclient/discovery_cache/documents/alloydb.v1.json +377 -22
- googleapiclient/discovery_cache/documents/alloydb.v1alpha.json +403 -36
- googleapiclient/discovery_cache/documents/alloydb.v1beta.json +403 -36
- googleapiclient/discovery_cache/documents/analyticshub.v1.json +40 -2
- googleapiclient/discovery_cache/documents/androidmanagement.v1.json +13 -11
- googleapiclient/discovery_cache/documents/androidpublisher.v3.json +314 -6
- googleapiclient/discovery_cache/documents/apigateway.v1.json +4 -4
- googleapiclient/discovery_cache/documents/apigateway.v1beta.json +4 -4
- googleapiclient/discovery_cache/documents/apigee.v1.json +1236 -52
- googleapiclient/discovery_cache/documents/apihub.v1.json +685 -7
- googleapiclient/discovery_cache/documents/apim.v1alpha.json +4 -4
- googleapiclient/discovery_cache/documents/appengine.v1.json +180 -11
- googleapiclient/discovery_cache/documents/appengine.v1alpha.json +71 -13
- googleapiclient/discovery_cache/documents/appengine.v1beta.json +225 -13
- googleapiclient/discovery_cache/documents/apphub.v1.json +331 -5
- googleapiclient/discovery_cache/documents/apphub.v1alpha.json +331 -5
- googleapiclient/discovery_cache/documents/appsmarket.v2.json +283 -0
- googleapiclient/discovery_cache/documents/artifactregistry.v1.json +150 -5
- googleapiclient/discovery_cache/documents/artifactregistry.v1beta1.json +2 -2
- googleapiclient/discovery_cache/documents/artifactregistry.v1beta2.json +2 -2
- googleapiclient/discovery_cache/documents/assuredworkloads.v1.json +3 -3
- googleapiclient/discovery_cache/documents/assuredworkloads.v1beta1.json +3 -3
- googleapiclient/discovery_cache/documents/authorizedbuyersmarketplace.v1.json +55 -4
- googleapiclient/discovery_cache/documents/authorizedbuyersmarketplace.v1alpha.json +883 -5
- googleapiclient/discovery_cache/documents/authorizedbuyersmarketplace.v1beta.json +914 -3
- googleapiclient/discovery_cache/documents/backupdr.v1.json +383 -34
- googleapiclient/discovery_cache/documents/batch.v1.json +14 -8
- googleapiclient/discovery_cache/documents/beyondcorp.v1.json +24 -24
- googleapiclient/discovery_cache/documents/beyondcorp.v1alpha.json +24 -24
- googleapiclient/discovery_cache/documents/biglake.v1.json +273 -1
- googleapiclient/discovery_cache/documents/bigquery.v2.json +45 -3
- googleapiclient/discovery_cache/documents/bigquerydatatransfer.v1.json +16 -2
- googleapiclient/discovery_cache/documents/bigqueryreservation.v1.json +16 -1
- googleapiclient/discovery_cache/documents/bigtableadmin.v2.json +5 -5
- googleapiclient/discovery_cache/documents/businessprofileperformance.v1.json +43 -1
- googleapiclient/discovery_cache/documents/calendar.v3.json +21 -5
- googleapiclient/discovery_cache/documents/certificatemanager.v1.json +48 -4
- googleapiclient/discovery_cache/documents/chat.v1.json +38 -30
- googleapiclient/discovery_cache/documents/checks.v1alpha.json +3 -3
- googleapiclient/discovery_cache/documents/chromemanagement.v1.json +224 -6
- googleapiclient/discovery_cache/documents/chromewebstore.v2.json +550 -0
- googleapiclient/discovery_cache/documents/classroom.v1.json +10 -6
- googleapiclient/discovery_cache/documents/cloudasset.v1.json +11 -4
- googleapiclient/discovery_cache/documents/cloudbuild.v1.json +41 -2
- googleapiclient/discovery_cache/documents/cloudbuild.v2.json +12 -2
- googleapiclient/discovery_cache/documents/cloudchannel.v1.json +4 -4
- googleapiclient/discovery_cache/documents/clouddeploy.v1.json +115 -4
- googleapiclient/discovery_cache/documents/cloudfunctions.v1.json +4 -4
- googleapiclient/discovery_cache/documents/cloudfunctions.v2.json +81 -8
- googleapiclient/discovery_cache/documents/cloudfunctions.v2alpha.json +124 -8
- googleapiclient/discovery_cache/documents/cloudfunctions.v2beta.json +124 -8
- googleapiclient/discovery_cache/documents/cloudidentity.v1.json +6 -5
- googleapiclient/discovery_cache/documents/cloudidentity.v1beta1.json +79 -6
- googleapiclient/discovery_cache/documents/cloudkms.v1.json +1056 -245
- googleapiclient/discovery_cache/documents/cloudlocationfinder.v1.json +2 -2
- googleapiclient/discovery_cache/documents/cloudlocationfinder.v1alpha.json +2 -2
- googleapiclient/discovery_cache/documents/cloudresourcemanager.v1.json +5 -3
- googleapiclient/discovery_cache/documents/cloudresourcemanager.v1beta1.json +5 -3
- googleapiclient/discovery_cache/documents/cloudresourcemanager.v2.json +5 -3
- googleapiclient/discovery_cache/documents/cloudresourcemanager.v2beta1.json +5 -3
- googleapiclient/discovery_cache/documents/cloudresourcemanager.v3.json +20 -8
- googleapiclient/discovery_cache/documents/cloudscheduler.v1.json +83 -9
- googleapiclient/discovery_cache/documents/cloudscheduler.v1beta1.json +201 -7
- googleapiclient/discovery_cache/documents/cloudshell.v1.json +51 -3
- googleapiclient/discovery_cache/documents/cloudsupport.v2.json +6 -1
- googleapiclient/discovery_cache/documents/cloudsupport.v2beta.json +6 -1
- googleapiclient/discovery_cache/documents/cloudtasks.v2.json +2 -2
- googleapiclient/discovery_cache/documents/cloudtasks.v2beta2.json +2 -2
- googleapiclient/discovery_cache/documents/cloudtasks.v2beta3.json +2 -2
- googleapiclient/discovery_cache/documents/composer.v1.json +7 -5
- googleapiclient/discovery_cache/documents/composer.v1beta1.json +7 -5
- googleapiclient/discovery_cache/documents/compute.alpha.json +6736 -1882
- googleapiclient/discovery_cache/documents/compute.beta.json +7349 -2205
- googleapiclient/discovery_cache/documents/compute.v1.json +4065 -1275
- googleapiclient/discovery_cache/documents/config.v1.json +96 -10
- googleapiclient/discovery_cache/documents/connectors.v1.json +62 -6
- googleapiclient/discovery_cache/documents/connectors.v2.json +252 -1
- googleapiclient/discovery_cache/documents/contactcenteraiplatform.v1alpha1.json +376 -4
- googleapiclient/discovery_cache/documents/contactcenterinsights.v1.json +4224 -326
- googleapiclient/discovery_cache/documents/container.v1.json +473 -190
- googleapiclient/discovery_cache/documents/container.v1beta1.json +756 -190
- googleapiclient/discovery_cache/documents/containeranalysis.v1.json +30 -1
- googleapiclient/discovery_cache/documents/containeranalysis.v1alpha1.json +34 -3
- googleapiclient/discovery_cache/documents/containeranalysis.v1beta1.json +34 -3
- googleapiclient/discovery_cache/documents/content.v2.1.json +12 -645
- googleapiclient/discovery_cache/documents/datacatalog.v1.json +249 -5
- googleapiclient/discovery_cache/documents/datacatalog.v1beta1.json +247 -3
- googleapiclient/discovery_cache/documents/dataflow.v1b3.json +121 -1
- googleapiclient/discovery_cache/documents/dataform.v1.json +63 -4
- googleapiclient/discovery_cache/documents/dataform.v1beta1.json +834 -41
- googleapiclient/discovery_cache/documents/datafusion.v1.json +221 -2
- googleapiclient/discovery_cache/documents/datafusion.v1beta1.json +221 -2
- googleapiclient/discovery_cache/documents/datalineage.v1.json +3 -3
- googleapiclient/discovery_cache/documents/datamanager.v1.json +156 -6
- googleapiclient/discovery_cache/documents/datamigration.v1.json +121 -33
- googleapiclient/discovery_cache/documents/datamigration.v1beta1.json +13 -1
- googleapiclient/discovery_cache/documents/dataplex.v1.json +654 -36
- googleapiclient/discovery_cache/documents/dataportability.v1.json +55 -1
- googleapiclient/discovery_cache/documents/dataportability.v1beta.json +55 -1
- googleapiclient/discovery_cache/documents/dataproc.v1.json +24 -2
- googleapiclient/discovery_cache/documents/datastore.v1.json +3 -23
- googleapiclient/discovery_cache/documents/datastore.v1beta1.json +1 -21
- googleapiclient/discovery_cache/documents/datastore.v1beta3.json +1 -21
- googleapiclient/discovery_cache/documents/datastream.v1.json +259 -33
- googleapiclient/discovery_cache/documents/datastream.v1alpha1.json +13 -1
- googleapiclient/discovery_cache/documents/deploymentmanager.alpha.json +46 -15
- googleapiclient/discovery_cache/documents/deploymentmanager.v2.json +46 -15
- googleapiclient/discovery_cache/documents/deploymentmanager.v2beta.json +46 -15
- googleapiclient/discovery_cache/documents/developerconnect.v1.json +461 -21
- googleapiclient/discovery_cache/documents/dfareporting.v4.json +47 -6
- googleapiclient/discovery_cache/documents/dfareporting.v5.json +47 -6
- googleapiclient/discovery_cache/documents/dialogflow.v2.json +60 -11
- googleapiclient/discovery_cache/documents/dialogflow.v2beta1.json +59 -10
- googleapiclient/discovery_cache/documents/dialogflow.v3.json +154 -7
- googleapiclient/discovery_cache/documents/dialogflow.v3beta1.json +154 -7
- googleapiclient/discovery_cache/documents/discoveryengine.v1.json +2695 -794
- googleapiclient/discovery_cache/documents/discoveryengine.v1alpha.json +3488 -872
- googleapiclient/discovery_cache/documents/discoveryengine.v1beta.json +1261 -546
- googleapiclient/discovery_cache/documents/displayvideo.v2.json +196 -1426
- googleapiclient/discovery_cache/documents/displayvideo.v3.json +2356 -3035
- googleapiclient/discovery_cache/documents/displayvideo.v4.json +1779 -208
- googleapiclient/discovery_cache/documents/dlp.v2.json +26 -10
- googleapiclient/discovery_cache/documents/docs.v1.json +282 -43
- googleapiclient/discovery_cache/documents/documentai.v1.json +2476 -420
- googleapiclient/discovery_cache/documents/documentai.v1beta3.json +1701 -248
- googleapiclient/discovery_cache/documents/doubleclickbidmanager.v2.json +3 -3
- googleapiclient/discovery_cache/documents/drive.v2.json +2 -2
- googleapiclient/discovery_cache/documents/drive.v3.json +245 -14
- googleapiclient/discovery_cache/documents/eventarc.v1.json +20 -95
- googleapiclient/discovery_cache/documents/file.v1.json +134 -13
- googleapiclient/discovery_cache/documents/file.v1beta1.json +26 -14
- googleapiclient/discovery_cache/documents/firebaseappdistribution.v1.json +17 -12
- googleapiclient/discovery_cache/documents/firebaseappdistribution.v1alpha.json +101 -20
- googleapiclient/discovery_cache/documents/firebaseapphosting.v1.json +15 -3
- googleapiclient/discovery_cache/documents/firebaseapphosting.v1beta.json +15 -3
- googleapiclient/discovery_cache/documents/firebasedataconnect.v1.json +59 -7
- googleapiclient/discovery_cache/documents/firebasedataconnect.v1beta.json +59 -7
- googleapiclient/discovery_cache/documents/firebasehosting.v1.json +3 -3
- googleapiclient/discovery_cache/documents/firebasehosting.v1beta1.json +3 -3
- googleapiclient/discovery_cache/documents/firebaseml.v1.json +3 -3
- googleapiclient/discovery_cache/documents/firebaseml.v2beta.json +408 -261
- googleapiclient/discovery_cache/documents/firebasestorage.v1beta.json +2 -2
- googleapiclient/discovery_cache/documents/firestore.v1.json +202 -31
- googleapiclient/discovery_cache/documents/firestore.v1beta1.json +192 -21
- googleapiclient/discovery_cache/documents/firestore.v1beta2.json +1 -21
- googleapiclient/discovery_cache/documents/gkebackup.v1.json +4 -4
- googleapiclient/discovery_cache/documents/gkehub.v1.json +4 -4
- googleapiclient/discovery_cache/documents/gkehub.v1alpha.json +727 -4
- googleapiclient/discovery_cache/documents/gkehub.v1beta.json +727 -4
- googleapiclient/discovery_cache/documents/gkehub.v1beta1.json +4 -4
- googleapiclient/discovery_cache/documents/gkehub.v2.json +4 -4
- googleapiclient/discovery_cache/documents/gkehub.v2alpha.json +4 -4
- googleapiclient/discovery_cache/documents/gkehub.v2beta.json +4 -4
- googleapiclient/discovery_cache/documents/gkeonprem.v1.json +180 -2
- googleapiclient/discovery_cache/documents/gmail.v1.json +42 -2
- googleapiclient/discovery_cache/documents/healthcare.v1.json +58 -21
- googleapiclient/discovery_cache/documents/healthcare.v1beta1.json +58 -21
- googleapiclient/discovery_cache/documents/iam.v1.json +73 -73
- googleapiclient/discovery_cache/documents/iamcredentials.v1.json +1 -1
- googleapiclient/discovery_cache/documents/identitytoolkit.v1.json +5 -5
- googleapiclient/discovery_cache/documents/ids.v1.json +14 -2
- googleapiclient/discovery_cache/documents/kmsinventory.v1.json +26 -10
- googleapiclient/discovery_cache/documents/language.v1.json +170 -4
- googleapiclient/discovery_cache/documents/language.v1beta2.json +170 -4
- googleapiclient/discovery_cache/documents/language.v2.json +170 -4
- googleapiclient/discovery_cache/documents/licensing.v1.json +2 -2
- googleapiclient/discovery_cache/documents/logging.v2.json +46 -9
- googleapiclient/discovery_cache/documents/looker.v1.json +61 -4
- googleapiclient/discovery_cache/documents/managedkafka.v1.json +290 -8
- googleapiclient/discovery_cache/documents/marketingplatformadmin.v1alpha.json +304 -1
- googleapiclient/discovery_cache/documents/merchantapi.accounts_v1.json +189 -17
- googleapiclient/discovery_cache/documents/merchantapi.accounts_v1beta.json +189 -17
- googleapiclient/discovery_cache/documents/merchantapi.datasources_v1.json +2 -2
- googleapiclient/discovery_cache/documents/merchantapi.datasources_v1beta.json +2 -2
- googleapiclient/discovery_cache/documents/merchantapi.inventories_v1.json +9 -9
- googleapiclient/discovery_cache/documents/merchantapi.inventories_v1beta.json +9 -9
- googleapiclient/discovery_cache/documents/merchantapi.issueresolution_v1.json +2 -2
- googleapiclient/discovery_cache/documents/merchantapi.issueresolution_v1beta.json +2 -2
- googleapiclient/discovery_cache/documents/merchantapi.products_v1.json +42 -11
- googleapiclient/discovery_cache/documents/merchantapi.products_v1beta.json +13 -11
- googleapiclient/discovery_cache/documents/merchantapi.quota_v1.json +130 -1
- googleapiclient/discovery_cache/documents/merchantapi.reports_v1.json +2 -2
- googleapiclient/discovery_cache/documents/merchantapi.reports_v1beta.json +2 -2
- googleapiclient/discovery_cache/documents/metastore.v1.json +4 -4
- googleapiclient/discovery_cache/documents/metastore.v1alpha.json +4 -4
- googleapiclient/discovery_cache/documents/metastore.v1beta.json +4 -4
- googleapiclient/discovery_cache/documents/migrationcenter.v1.json +15 -6
- googleapiclient/discovery_cache/documents/migrationcenter.v1alpha1.json +348 -11
- googleapiclient/discovery_cache/documents/ml.v1.json +13 -1
- googleapiclient/discovery_cache/documents/mybusinessplaceactions.v1.json +9 -5
- googleapiclient/discovery_cache/documents/netapp.v1.json +453 -18
- googleapiclient/discovery_cache/documents/netapp.v1beta1.json +453 -18
- googleapiclient/discovery_cache/documents/networkconnectivity.v1.json +6 -7
- googleapiclient/discovery_cache/documents/networkconnectivity.v1alpha1.json +4 -4
- googleapiclient/discovery_cache/documents/networkmanagement.v1.json +123 -16
- googleapiclient/discovery_cache/documents/networkmanagement.v1beta1.json +119 -16
- googleapiclient/discovery_cache/documents/networksecurity.v1.json +419 -6
- googleapiclient/discovery_cache/documents/networksecurity.v1beta1.json +189 -7
- googleapiclient/discovery_cache/documents/networkservices.v1.json +366 -53
- googleapiclient/discovery_cache/documents/networkservices.v1beta1.json +80 -55
- googleapiclient/discovery_cache/documents/notebooks.v1.json +4 -4
- googleapiclient/discovery_cache/documents/notebooks.v2.json +23 -10
- googleapiclient/discovery_cache/documents/observability.v1.json +5 -5
- googleapiclient/discovery_cache/documents/ondemandscanning.v1.json +3 -3
- googleapiclient/discovery_cache/documents/ondemandscanning.v1beta1.json +3 -3
- googleapiclient/discovery_cache/documents/oracledatabase.v1.json +4 -4
- googleapiclient/discovery_cache/documents/orgpolicy.v2.json +4 -4
- googleapiclient/discovery_cache/documents/osconfig.v1.json +16 -3
- googleapiclient/discovery_cache/documents/osconfig.v1beta.json +16 -3
- googleapiclient/discovery_cache/documents/osconfig.v2.json +5 -5
- googleapiclient/discovery_cache/documents/osconfig.v2beta.json +5 -5
- googleapiclient/discovery_cache/documents/oslogin.v1.json +44 -1
- googleapiclient/discovery_cache/documents/parallelstore.v1.json +2 -2
- googleapiclient/discovery_cache/documents/parallelstore.v1beta.json +2 -2
- googleapiclient/discovery_cache/documents/parametermanager.v1.json +22 -2
- googleapiclient/discovery_cache/documents/paymentsresellersubscription.v1.json +34 -1
- googleapiclient/discovery_cache/documents/people.v1.json +2 -2
- googleapiclient/discovery_cache/documents/places.v1.json +13 -5
- googleapiclient/discovery_cache/documents/policysimulator.v1.json +8 -8
- googleapiclient/discovery_cache/documents/policysimulator.v1alpha.json +8 -8
- googleapiclient/discovery_cache/documents/policysimulator.v1beta.json +8 -8
- googleapiclient/discovery_cache/documents/privateca.v1.json +5 -5
- googleapiclient/discovery_cache/documents/privateca.v1beta1.json +4 -4
- googleapiclient/discovery_cache/documents/pubsub.v1.json +202 -27
- googleapiclient/discovery_cache/documents/pubsub.v1beta1a.json +153 -3
- googleapiclient/discovery_cache/documents/pubsub.v1beta2.json +153 -3
- googleapiclient/discovery_cache/documents/pubsublite.v1.json +3 -3
- googleapiclient/discovery_cache/documents/recaptchaenterprise.v1.json +10 -8
- googleapiclient/discovery_cache/documents/recommendationengine.v1beta1.json +4 -4
- googleapiclient/discovery_cache/documents/recommender.v1beta1.json +5 -5
- googleapiclient/discovery_cache/documents/redis.v1.json +51 -36
- googleapiclient/discovery_cache/documents/redis.v1beta1.json +51 -36
- googleapiclient/discovery_cache/documents/retail.v2.json +5 -5
- googleapiclient/discovery_cache/documents/retail.v2alpha.json +9 -7
- googleapiclient/discovery_cache/documents/retail.v2beta.json +9 -7
- googleapiclient/discovery_cache/documents/run.v1.json +269 -5
- googleapiclient/discovery_cache/documents/run.v2.json +320 -6
- googleapiclient/discovery_cache/documents/runtimeconfig.v1.json +13 -1
- googleapiclient/discovery_cache/documents/saasservicemgmt.v1beta1.json +23 -398
- googleapiclient/discovery_cache/documents/safebrowsing.v5.json +79 -5
- googleapiclient/discovery_cache/documents/searchads360.v0.json +228 -21
- googleapiclient/discovery_cache/documents/secretmanager.v1.json +47 -2
- googleapiclient/discovery_cache/documents/secretmanager.v1beta1.json +47 -2
- googleapiclient/discovery_cache/documents/secretmanager.v1beta2.json +47 -2
- googleapiclient/discovery_cache/documents/securitycenter.v1.json +641 -7
- googleapiclient/discovery_cache/documents/securitycenter.v1beta1.json +637 -7
- googleapiclient/discovery_cache/documents/securitycenter.v1beta2.json +634 -5
- googleapiclient/discovery_cache/documents/securityposture.v1.json +13 -1
- googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1.json +17 -1
- googleapiclient/discovery_cache/documents/serviceconsumermanagement.v1beta1.json +5 -1
- googleapiclient/discovery_cache/documents/servicecontrol.v1.json +9 -1
- googleapiclient/discovery_cache/documents/servicecontrol.v2.json +9 -1
- googleapiclient/discovery_cache/documents/servicedirectory.v1.json +2 -2
- googleapiclient/discovery_cache/documents/servicedirectory.v1beta1.json +2 -2
- googleapiclient/discovery_cache/documents/servicemanagement.v1.json +4 -4
- googleapiclient/discovery_cache/documents/servicenetworking.v1.json +4 -4
- googleapiclient/discovery_cache/documents/servicenetworking.v1beta.json +2 -2
- googleapiclient/discovery_cache/documents/serviceusage.v1.json +35 -12
- googleapiclient/discovery_cache/documents/serviceusage.v1beta1.json +35 -12
- googleapiclient/discovery_cache/documents/sheets.v4.json +2 -2
- googleapiclient/discovery_cache/documents/solar.v1.json +6 -1
- googleapiclient/discovery_cache/documents/spanner.v1.json +131 -8
- googleapiclient/discovery_cache/documents/speech.v1.json +3 -3
- googleapiclient/discovery_cache/documents/speech.v1p1beta1.json +3 -3
- googleapiclient/discovery_cache/documents/sqladmin.v1.json +280 -13
- googleapiclient/discovery_cache/documents/sqladmin.v1beta4.json +287 -15
- googleapiclient/discovery_cache/documents/storage.v1.json +6 -2
- googleapiclient/discovery_cache/documents/storagebatchoperations.v1.json +14 -4
- googleapiclient/discovery_cache/documents/storagetransfer.v1.json +27 -3
- googleapiclient/discovery_cache/documents/sts.v1.json +10 -1
- googleapiclient/discovery_cache/documents/sts.v1beta.json +10 -1
- googleapiclient/discovery_cache/documents/tagmanager.v2.json +55 -1
- googleapiclient/discovery_cache/documents/tasks.v1.json +2 -2
- googleapiclient/discovery_cache/documents/testing.v1.json +7 -2
- googleapiclient/discovery_cache/documents/texttospeech.v1.json +4 -4
- googleapiclient/discovery_cache/documents/texttospeech.v1beta1.json +4 -4
- googleapiclient/discovery_cache/documents/toolresults.v1beta3.json +2 -2
- googleapiclient/discovery_cache/documents/tpu.v1.json +31 -4
- googleapiclient/discovery_cache/documents/tpu.v1alpha1.json +44 -17
- googleapiclient/discovery_cache/documents/tpu.v2.json +4 -4
- googleapiclient/discovery_cache/documents/tpu.v2alpha1.json +4 -4
- googleapiclient/discovery_cache/documents/trafficdirector.v2.json +228 -1
- googleapiclient/discovery_cache/documents/trafficdirector.v3.json +228 -1
- googleapiclient/discovery_cache/documents/translate.v3.json +118 -18
- googleapiclient/discovery_cache/documents/translate.v3beta1.json +106 -10
- googleapiclient/discovery_cache/documents/travelimpactmodel.v1.json +6 -6
- googleapiclient/discovery_cache/documents/vault.v1.json +3 -3
- googleapiclient/discovery_cache/documents/verifiedaccess.v2.json +9 -5
- googleapiclient/discovery_cache/documents/vision.v1.json +3 -3
- googleapiclient/discovery_cache/documents/vmmigration.v1.json +22 -6
- googleapiclient/discovery_cache/documents/vmmigration.v1alpha1.json +22 -6
- googleapiclient/discovery_cache/documents/vmwareengine.v1.json +549 -2
- googleapiclient/discovery_cache/documents/vpcaccess.v1.json +14 -2
- googleapiclient/discovery_cache/documents/vpcaccess.v1beta1.json +14 -2
- googleapiclient/discovery_cache/documents/walletobjects.v1.json +6 -1
- googleapiclient/discovery_cache/documents/webrisk.v1.json +3 -3
- googleapiclient/discovery_cache/documents/workflows.v1.json +14 -2
- googleapiclient/discovery_cache/documents/workflows.v1beta.json +14 -2
- googleapiclient/discovery_cache/documents/workloadmanager.v1.json +5 -5
- googleapiclient/discovery_cache/documents/workspaceevents.v1.json +706 -1
- googleapiclient/discovery_cache/documents/workstations.v1.json +47 -4
- googleapiclient/discovery_cache/documents/workstations.v1beta.json +53 -3
- googleapiclient/discovery_cache/documents/youtube.v3.json +149 -1
- googleapiclient/discovery_cache/documents/youtubereporting.v1.json +6 -1
- googleapiclient/version.py +1 -1
- {google_api_python_client-2.186.0.dist-info → google_api_python_client-2.188.0.dist-info}/WHEEL +0 -0
- {google_api_python_client-2.186.0.dist-info → google_api_python_client-2.188.0.dist-info}/licenses/LICENSE +0 -0
- {google_api_python_client-2.186.0.dist-info → google_api_python_client-2.188.0.dist-info}/top_level.txt +0 -0
|
@@ -203,7 +203,7 @@
|
|
|
203
203
|
"folders": {
|
|
204
204
|
"methods": {
|
|
205
205
|
"getAutokeyConfig": {
|
|
206
|
-
"description": "Returns the AutokeyConfig for a folder
|
|
206
|
+
"description": "Returns the AutokeyConfig for a folder.",
|
|
207
207
|
"flatPath": "v1/folders/{foldersId}/autokeyConfig",
|
|
208
208
|
"httpMethod": "GET",
|
|
209
209
|
"id": "cloudkms.folders.getAutokeyConfig",
|
|
@@ -212,7 +212,7 @@
|
|
|
212
212
|
],
|
|
213
213
|
"parameters": {
|
|
214
214
|
"name": {
|
|
215
|
-
"description": "Required. Name of the AutokeyConfig resource, e.g. `folders/{FOLDER_NUMBER}/autokeyConfig
|
|
215
|
+
"description": "Required. Name of the AutokeyConfig resource, e.g. `folders/{FOLDER_NUMBER}/autokeyConfig`.",
|
|
216
216
|
"location": "path",
|
|
217
217
|
"pattern": "^folders/[^/]+/autokeyConfig$",
|
|
218
218
|
"required": true,
|
|
@@ -264,7 +264,7 @@
|
|
|
264
264
|
],
|
|
265
265
|
"parameters": {
|
|
266
266
|
"name": {
|
|
267
|
-
"description": "Identifier. Name of the AutokeyConfig resource, e.g. `folders/{FOLDER_NUMBER}/autokeyConfig`
|
|
267
|
+
"description": "Identifier. Name of the AutokeyConfig resource, e.g. `folders/{FOLDER_NUMBER}/autokeyConfig`",
|
|
268
268
|
"location": "path",
|
|
269
269
|
"pattern": "^folders/[^/]+/autokeyConfig$",
|
|
270
270
|
"required": true,
|
|
@@ -393,32 +393,6 @@
|
|
|
393
393
|
},
|
|
394
394
|
"projects": {
|
|
395
395
|
"methods": {
|
|
396
|
-
"getAutokeyConfig": {
|
|
397
|
-
"description": "Returns the AutokeyConfig for a folder or project.",
|
|
398
|
-
"flatPath": "v1/projects/{projectsId}/autokeyConfig",
|
|
399
|
-
"httpMethod": "GET",
|
|
400
|
-
"id": "cloudkms.projects.getAutokeyConfig",
|
|
401
|
-
"parameterOrder": [
|
|
402
|
-
"name"
|
|
403
|
-
],
|
|
404
|
-
"parameters": {
|
|
405
|
-
"name": {
|
|
406
|
-
"description": "Required. Name of the AutokeyConfig resource, e.g. `folders/{FOLDER_NUMBER}/autokeyConfig` or `projects/{PROJECT_NUMBER}/autokeyConfig`.",
|
|
407
|
-
"location": "path",
|
|
408
|
-
"pattern": "^projects/[^/]+/autokeyConfig$",
|
|
409
|
-
"required": true,
|
|
410
|
-
"type": "string"
|
|
411
|
-
}
|
|
412
|
-
},
|
|
413
|
-
"path": "v1/{+name}",
|
|
414
|
-
"response": {
|
|
415
|
-
"$ref": "AutokeyConfig"
|
|
416
|
-
},
|
|
417
|
-
"scopes": [
|
|
418
|
-
"https://www.googleapis.com/auth/cloud-platform",
|
|
419
|
-
"https://www.googleapis.com/auth/cloudkms"
|
|
420
|
-
]
|
|
421
|
-
},
|
|
422
396
|
"getKajPolicyConfig": {
|
|
423
397
|
"description": "Gets the KeyAccessJustificationsPolicyConfig for a given organization, folder, or project.",
|
|
424
398
|
"flatPath": "v1/projects/{projectsId}/kajPolicyConfig",
|
|
@@ -523,41 +497,6 @@
|
|
|
523
497
|
"https://www.googleapis.com/auth/cloudkms"
|
|
524
498
|
]
|
|
525
499
|
},
|
|
526
|
-
"updateAutokeyConfig": {
|
|
527
|
-
"description": "Updates the AutokeyConfig for a folder. The caller must have both `cloudkms.autokeyConfigs.update` permission on the parent folder and `cloudkms.cryptoKeys.setIamPolicy` permission on the provided key project. A KeyHandle creation in the folder's descendant projects will use this configuration to determine where to create the resulting CryptoKey.",
|
|
528
|
-
"flatPath": "v1/projects/{projectsId}/autokeyConfig",
|
|
529
|
-
"httpMethod": "PATCH",
|
|
530
|
-
"id": "cloudkms.projects.updateAutokeyConfig",
|
|
531
|
-
"parameterOrder": [
|
|
532
|
-
"name"
|
|
533
|
-
],
|
|
534
|
-
"parameters": {
|
|
535
|
-
"name": {
|
|
536
|
-
"description": "Identifier. Name of the AutokeyConfig resource, e.g. `folders/{FOLDER_NUMBER}/autokeyConfig` `projects/{PROJECT_NUMBER}/autokeyConfig`.",
|
|
537
|
-
"location": "path",
|
|
538
|
-
"pattern": "^projects/[^/]+/autokeyConfig$",
|
|
539
|
-
"required": true,
|
|
540
|
-
"type": "string"
|
|
541
|
-
},
|
|
542
|
-
"updateMask": {
|
|
543
|
-
"description": "Required. Masks which fields of the AutokeyConfig to update, e.g. `keyProject`.",
|
|
544
|
-
"format": "google-fieldmask",
|
|
545
|
-
"location": "query",
|
|
546
|
-
"type": "string"
|
|
547
|
-
}
|
|
548
|
-
},
|
|
549
|
-
"path": "v1/{+name}",
|
|
550
|
-
"request": {
|
|
551
|
-
"$ref": "AutokeyConfig"
|
|
552
|
-
},
|
|
553
|
-
"response": {
|
|
554
|
-
"$ref": "AutokeyConfig"
|
|
555
|
-
},
|
|
556
|
-
"scopes": [
|
|
557
|
-
"https://www.googleapis.com/auth/cloud-platform",
|
|
558
|
-
"https://www.googleapis.com/auth/cloudkms"
|
|
559
|
-
]
|
|
560
|
-
},
|
|
561
500
|
"updateKajPolicyConfig": {
|
|
562
501
|
"description": "Updates the KeyAccessJustificationsPolicyConfig for a given organization, folder, or project.",
|
|
563
502
|
"flatPath": "v1/projects/{projectsId}/kajPolicyConfig",
|
|
@@ -688,7 +627,7 @@
|
|
|
688
627
|
],
|
|
689
628
|
"parameters": {
|
|
690
629
|
"extraLocationTypes": {
|
|
691
|
-
"description": "Optional.
|
|
630
|
+
"description": "Optional. Do not use this field. It is unsupported and is ignored unless explicitly documented otherwise. This is primarily for internal usage.",
|
|
692
631
|
"location": "query",
|
|
693
632
|
"repeated": true,
|
|
694
633
|
"type": "string"
|
|
@@ -2490,175 +2429,529 @@
|
|
|
2490
2429
|
]
|
|
2491
2430
|
}
|
|
2492
2431
|
}
|
|
2493
|
-
}
|
|
2494
|
-
}
|
|
2495
|
-
}
|
|
2496
|
-
}
|
|
2497
|
-
}
|
|
2498
2432
|
},
|
|
2499
|
-
"
|
|
2500
|
-
"
|
|
2501
|
-
"
|
|
2502
|
-
"
|
|
2503
|
-
"
|
|
2504
|
-
"
|
|
2505
|
-
"
|
|
2506
|
-
"
|
|
2507
|
-
"
|
|
2508
|
-
|
|
2433
|
+
"singleTenantHsmInstances": {
|
|
2434
|
+
"methods": {
|
|
2435
|
+
"create": {
|
|
2436
|
+
"description": "Creates a new SingleTenantHsmInstance in a given Project and Location. User must create a RegisterTwoFactorAuthKeys proposal with this single-tenant HSM instance to finish setup of the instance.",
|
|
2437
|
+
"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/singleTenantHsmInstances",
|
|
2438
|
+
"httpMethod": "POST",
|
|
2439
|
+
"id": "cloudkms.projects.locations.singleTenantHsmInstances.create",
|
|
2440
|
+
"parameterOrder": [
|
|
2441
|
+
"parent"
|
|
2442
|
+
],
|
|
2443
|
+
"parameters": {
|
|
2444
|
+
"parent": {
|
|
2445
|
+
"description": "Required. The resource name of the location associated with the SingleTenantHsmInstance, in the format `projects/*/locations/*`.",
|
|
2446
|
+
"location": "path",
|
|
2447
|
+
"pattern": "^projects/[^/]+/locations/[^/]+$",
|
|
2448
|
+
"required": true,
|
|
2509
2449
|
"type": "string"
|
|
2510
2450
|
},
|
|
2511
|
-
"
|
|
2512
|
-
"description": "Optional.
|
|
2513
|
-
"
|
|
2451
|
+
"singleTenantHsmInstanceId": {
|
|
2452
|
+
"description": "Optional. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`.",
|
|
2453
|
+
"location": "query",
|
|
2514
2454
|
"type": "string"
|
|
2515
2455
|
}
|
|
2516
2456
|
},
|
|
2517
|
-
"
|
|
2457
|
+
"path": "v1/{+parent}/singleTenantHsmInstances",
|
|
2458
|
+
"request": {
|
|
2459
|
+
"$ref": "SingleTenantHsmInstance"
|
|
2518
2460
|
},
|
|
2519
|
-
"
|
|
2520
|
-
"
|
|
2521
|
-
"id": "AsymmetricDecryptResponse",
|
|
2522
|
-
"properties": {
|
|
2523
|
-
"plaintext": {
|
|
2524
|
-
"description": "The decrypted data originally encrypted with the matching public key.",
|
|
2525
|
-
"format": "byte",
|
|
2526
|
-
"type": "string"
|
|
2461
|
+
"response": {
|
|
2462
|
+
"$ref": "Operation"
|
|
2527
2463
|
},
|
|
2528
|
-
"
|
|
2529
|
-
"
|
|
2530
|
-
"
|
|
2531
|
-
|
|
2464
|
+
"scopes": [
|
|
2465
|
+
"https://www.googleapis.com/auth/cloud-platform",
|
|
2466
|
+
"https://www.googleapis.com/auth/cloudkms"
|
|
2467
|
+
]
|
|
2532
2468
|
},
|
|
2533
|
-
"
|
|
2534
|
-
"description": "
|
|
2535
|
-
"
|
|
2536
|
-
"
|
|
2537
|
-
"
|
|
2538
|
-
"
|
|
2539
|
-
"
|
|
2540
|
-
"EXTERNAL_VPC"
|
|
2541
|
-
],
|
|
2542
|
-
"enumDescriptions": [
|
|
2543
|
-
"Not specified.",
|
|
2544
|
-
"Crypto operations are performed in software.",
|
|
2545
|
-
"Crypto operations are performed in a Hardware Security Module.",
|
|
2546
|
-
"Crypto operations are performed by an external key manager.",
|
|
2547
|
-
"Crypto operations are performed in an EKM-over-VPC backend."
|
|
2469
|
+
"get": {
|
|
2470
|
+
"description": "Returns metadata for a given SingleTenantHsmInstance.",
|
|
2471
|
+
"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/singleTenantHsmInstances/{singleTenantHsmInstancesId}",
|
|
2472
|
+
"httpMethod": "GET",
|
|
2473
|
+
"id": "cloudkms.projects.locations.singleTenantHsmInstances.get",
|
|
2474
|
+
"parameterOrder": [
|
|
2475
|
+
"name"
|
|
2548
2476
|
],
|
|
2477
|
+
"parameters": {
|
|
2478
|
+
"name": {
|
|
2479
|
+
"description": "Required. The name of the SingleTenantHsmInstance to get.",
|
|
2480
|
+
"location": "path",
|
|
2481
|
+
"pattern": "^projects/[^/]+/locations/[^/]+/singleTenantHsmInstances/[^/]+$",
|
|
2482
|
+
"required": true,
|
|
2549
2483
|
"type": "string"
|
|
2550
|
-
},
|
|
2551
|
-
"verifiedCiphertextCrc32c": {
|
|
2552
|
-
"description": "Integrity verification field. A flag indicating whether AsymmetricDecryptRequest.ciphertext_crc32c was received by KeyManagementService and used for the integrity verification of the ciphertext. A false value of this field indicates either that AsymmetricDecryptRequest.ciphertext_crc32c was left unset or that it was not delivered to KeyManagementService. If you've set AsymmetricDecryptRequest.ciphertext_crc32c but this field is still false, discard the response and perform a limited number of retries.",
|
|
2553
|
-
"type": "boolean"
|
|
2554
2484
|
}
|
|
2555
2485
|
},
|
|
2556
|
-
"
|
|
2557
|
-
|
|
2558
|
-
"
|
|
2559
|
-
"description": "Request message for KeyManagementService.AsymmetricSign.",
|
|
2560
|
-
"id": "AsymmetricSignRequest",
|
|
2561
|
-
"properties": {
|
|
2562
|
-
"data": {
|
|
2563
|
-
"description": "Optional. The data to sign. It can't be supplied if AsymmetricSignRequest.digest is supplied.",
|
|
2564
|
-
"format": "byte",
|
|
2565
|
-
"type": "string"
|
|
2566
|
-
},
|
|
2567
|
-
"dataCrc32c": {
|
|
2568
|
-
"description": "Optional. An optional CRC32C checksum of the AsymmetricSignRequest.data. If specified, KeyManagementService will verify the integrity of the received AsymmetricSignRequest.data using this checksum. KeyManagementService will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C(AsymmetricSignRequest.data) is equal to AsymmetricSignRequest.data_crc32c, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.",
|
|
2569
|
-
"format": "int64",
|
|
2570
|
-
"type": "string"
|
|
2486
|
+
"path": "v1/{+name}",
|
|
2487
|
+
"response": {
|
|
2488
|
+
"$ref": "SingleTenantHsmInstance"
|
|
2571
2489
|
},
|
|
2572
|
-
"
|
|
2573
|
-
"
|
|
2574
|
-
"
|
|
2490
|
+
"scopes": [
|
|
2491
|
+
"https://www.googleapis.com/auth/cloud-platform",
|
|
2492
|
+
"https://www.googleapis.com/auth/cloudkms"
|
|
2493
|
+
]
|
|
2575
2494
|
},
|
|
2576
|
-
"
|
|
2577
|
-
"description": "
|
|
2578
|
-
"
|
|
2495
|
+
"list": {
|
|
2496
|
+
"description": "Lists SingleTenantHsmInstances.",
|
|
2497
|
+
"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/singleTenantHsmInstances",
|
|
2498
|
+
"httpMethod": "GET",
|
|
2499
|
+
"id": "cloudkms.projects.locations.singleTenantHsmInstances.list",
|
|
2500
|
+
"parameterOrder": [
|
|
2501
|
+
"parent"
|
|
2502
|
+
],
|
|
2503
|
+
"parameters": {
|
|
2504
|
+
"filter": {
|
|
2505
|
+
"description": "Optional. Only include resources that match the filter in the response. For more information, see [Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting-and-filtering).",
|
|
2506
|
+
"location": "query",
|
|
2579
2507
|
"type": "string"
|
|
2580
|
-
}
|
|
2581
|
-
},
|
|
2582
|
-
"type": "object"
|
|
2583
2508
|
},
|
|
2584
|
-
"
|
|
2585
|
-
"description": "
|
|
2586
|
-
"
|
|
2587
|
-
"properties": {
|
|
2588
|
-
"name": {
|
|
2589
|
-
"description": "The resource name of the CryptoKeyVersion used for signing. Check this field to verify that the intended resource was used for signing.",
|
|
2509
|
+
"orderBy": {
|
|
2510
|
+
"description": "Optional. Specify how the results should be sorted. If not specified, the results will be sorted in the default order. For more information, see [Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting-and-filtering).",
|
|
2511
|
+
"location": "query",
|
|
2590
2512
|
"type": "string"
|
|
2591
2513
|
},
|
|
2592
|
-
"
|
|
2593
|
-
"description": "
|
|
2594
|
-
"
|
|
2595
|
-
"
|
|
2596
|
-
"
|
|
2597
|
-
"HSM",
|
|
2598
|
-
"EXTERNAL",
|
|
2599
|
-
"EXTERNAL_VPC"
|
|
2600
|
-
],
|
|
2601
|
-
"enumDescriptions": [
|
|
2602
|
-
"Not specified.",
|
|
2603
|
-
"Crypto operations are performed in software.",
|
|
2604
|
-
"Crypto operations are performed in a Hardware Security Module.",
|
|
2605
|
-
"Crypto operations are performed by an external key manager.",
|
|
2606
|
-
"Crypto operations are performed in an EKM-over-VPC backend."
|
|
2607
|
-
],
|
|
2608
|
-
"type": "string"
|
|
2514
|
+
"pageSize": {
|
|
2515
|
+
"description": "Optional. Optional limit on the number of SingleTenantHsmInstances to include in the response. Further SingleTenantHsmInstances can subsequently be obtained by including the ListSingleTenantHsmInstancesResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.",
|
|
2516
|
+
"format": "int32",
|
|
2517
|
+
"location": "query",
|
|
2518
|
+
"type": "integer"
|
|
2609
2519
|
},
|
|
2610
|
-
"
|
|
2611
|
-
"description": "
|
|
2612
|
-
"
|
|
2520
|
+
"pageToken": {
|
|
2521
|
+
"description": "Optional. Optional pagination token, returned earlier via ListSingleTenantHsmInstancesResponse.next_page_token.",
|
|
2522
|
+
"location": "query",
|
|
2613
2523
|
"type": "string"
|
|
2614
2524
|
},
|
|
2615
|
-
"
|
|
2616
|
-
"description": "
|
|
2617
|
-
"
|
|
2525
|
+
"parent": {
|
|
2526
|
+
"description": "Required. The resource name of the location associated with the SingleTenantHsmInstances to list, in the format `projects/*/locations/*`.",
|
|
2527
|
+
"location": "path",
|
|
2528
|
+
"pattern": "^projects/[^/]+/locations/[^/]+$",
|
|
2529
|
+
"required": true,
|
|
2618
2530
|
"type": "string"
|
|
2619
2531
|
},
|
|
2620
|
-
"
|
|
2621
|
-
"description": "
|
|
2622
|
-
"
|
|
2623
|
-
},
|
|
2624
|
-
"verifiedDigestCrc32c": {
|
|
2625
|
-
"description": "Integrity verification field. A flag indicating whether AsymmetricSignRequest.digest_crc32c was received by KeyManagementService and used for the integrity verification of the digest. A false value of this field indicates either that AsymmetricSignRequest.digest_crc32c was left unset or that it was not delivered to KeyManagementService. If you've set AsymmetricSignRequest.digest_crc32c but this field is still false, discard the response and perform a limited number of retries.",
|
|
2532
|
+
"showDeleted": {
|
|
2533
|
+
"description": "Optional. If set to true, HsmManagement.ListSingleTenantHsmInstances will also return SingleTenantHsmInstances in DELETED state.",
|
|
2534
|
+
"location": "query",
|
|
2626
2535
|
"type": "boolean"
|
|
2627
2536
|
}
|
|
2628
2537
|
},
|
|
2629
|
-
"
|
|
2630
|
-
|
|
2631
|
-
"
|
|
2632
|
-
"description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.",
|
|
2633
|
-
"id": "AuditConfig",
|
|
2634
|
-
"properties": {
|
|
2635
|
-
"auditLogConfigs": {
|
|
2636
|
-
"description": "The configuration for logging of each type of permission.",
|
|
2637
|
-
"items": {
|
|
2638
|
-
"$ref": "AuditLogConfig"
|
|
2538
|
+
"path": "v1/{+parent}/singleTenantHsmInstances",
|
|
2539
|
+
"response": {
|
|
2540
|
+
"$ref": "ListSingleTenantHsmInstancesResponse"
|
|
2639
2541
|
},
|
|
2640
|
-
"
|
|
2542
|
+
"scopes": [
|
|
2543
|
+
"https://www.googleapis.com/auth/cloud-platform",
|
|
2544
|
+
"https://www.googleapis.com/auth/cloudkms"
|
|
2545
|
+
]
|
|
2546
|
+
}
|
|
2641
2547
|
},
|
|
2642
|
-
"
|
|
2643
|
-
"
|
|
2548
|
+
"resources": {
|
|
2549
|
+
"proposals": {
|
|
2550
|
+
"methods": {
|
|
2551
|
+
"approve": {
|
|
2552
|
+
"description": "Approves a SingleTenantHsmInstanceProposal for a given SingleTenantHsmInstance. The proposal must be in the PENDING state.",
|
|
2553
|
+
"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/singleTenantHsmInstances/{singleTenantHsmInstancesId}/proposals/{proposalsId}:approve",
|
|
2554
|
+
"httpMethod": "POST",
|
|
2555
|
+
"id": "cloudkms.projects.locations.singleTenantHsmInstances.proposals.approve",
|
|
2556
|
+
"parameterOrder": [
|
|
2557
|
+
"name"
|
|
2558
|
+
],
|
|
2559
|
+
"parameters": {
|
|
2560
|
+
"name": {
|
|
2561
|
+
"description": "Required. The name of the SingleTenantHsmInstanceProposal to approve.",
|
|
2562
|
+
"location": "path",
|
|
2563
|
+
"pattern": "^projects/[^/]+/locations/[^/]+/singleTenantHsmInstances/[^/]+/proposals/[^/]+$",
|
|
2564
|
+
"required": true,
|
|
2644
2565
|
"type": "string"
|
|
2645
2566
|
}
|
|
2646
2567
|
},
|
|
2647
|
-
"
|
|
2648
|
-
|
|
2649
|
-
"
|
|
2650
|
-
"description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.",
|
|
2651
|
-
"id": "AuditLogConfig",
|
|
2652
|
-
"properties": {
|
|
2653
|
-
"exemptedMembers": {
|
|
2654
|
-
"description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.",
|
|
2655
|
-
"items": {
|
|
2656
|
-
"type": "string"
|
|
2568
|
+
"path": "v1/{+name}:approve",
|
|
2569
|
+
"request": {
|
|
2570
|
+
"$ref": "ApproveSingleTenantHsmInstanceProposalRequest"
|
|
2657
2571
|
},
|
|
2658
|
-
"
|
|
2572
|
+
"response": {
|
|
2573
|
+
"$ref": "ApproveSingleTenantHsmInstanceProposalResponse"
|
|
2659
2574
|
},
|
|
2660
|
-
"
|
|
2661
|
-
"
|
|
2575
|
+
"scopes": [
|
|
2576
|
+
"https://www.googleapis.com/auth/cloud-platform",
|
|
2577
|
+
"https://www.googleapis.com/auth/cloudkms"
|
|
2578
|
+
]
|
|
2579
|
+
},
|
|
2580
|
+
"create": {
|
|
2581
|
+
"description": "Creates a new SingleTenantHsmInstanceProposal for a given SingleTenantHsmInstance.",
|
|
2582
|
+
"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/singleTenantHsmInstances/{singleTenantHsmInstancesId}/proposals",
|
|
2583
|
+
"httpMethod": "POST",
|
|
2584
|
+
"id": "cloudkms.projects.locations.singleTenantHsmInstances.proposals.create",
|
|
2585
|
+
"parameterOrder": [
|
|
2586
|
+
"parent"
|
|
2587
|
+
],
|
|
2588
|
+
"parameters": {
|
|
2589
|
+
"parent": {
|
|
2590
|
+
"description": "Required. The name of the SingleTenantHsmInstance associated with the SingleTenantHsmInstanceProposals.",
|
|
2591
|
+
"location": "path",
|
|
2592
|
+
"pattern": "^projects/[^/]+/locations/[^/]+/singleTenantHsmInstances/[^/]+$",
|
|
2593
|
+
"required": true,
|
|
2594
|
+
"type": "string"
|
|
2595
|
+
},
|
|
2596
|
+
"singleTenantHsmInstanceProposalId": {
|
|
2597
|
+
"description": "Optional. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}`.",
|
|
2598
|
+
"location": "query",
|
|
2599
|
+
"type": "string"
|
|
2600
|
+
}
|
|
2601
|
+
},
|
|
2602
|
+
"path": "v1/{+parent}/proposals",
|
|
2603
|
+
"request": {
|
|
2604
|
+
"$ref": "SingleTenantHsmInstanceProposal"
|
|
2605
|
+
},
|
|
2606
|
+
"response": {
|
|
2607
|
+
"$ref": "Operation"
|
|
2608
|
+
},
|
|
2609
|
+
"scopes": [
|
|
2610
|
+
"https://www.googleapis.com/auth/cloud-platform",
|
|
2611
|
+
"https://www.googleapis.com/auth/cloudkms"
|
|
2612
|
+
]
|
|
2613
|
+
},
|
|
2614
|
+
"delete": {
|
|
2615
|
+
"description": "Deletes a SingleTenantHsmInstanceProposal.",
|
|
2616
|
+
"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/singleTenantHsmInstances/{singleTenantHsmInstancesId}/proposals/{proposalsId}",
|
|
2617
|
+
"httpMethod": "DELETE",
|
|
2618
|
+
"id": "cloudkms.projects.locations.singleTenantHsmInstances.proposals.delete",
|
|
2619
|
+
"parameterOrder": [
|
|
2620
|
+
"name"
|
|
2621
|
+
],
|
|
2622
|
+
"parameters": {
|
|
2623
|
+
"name": {
|
|
2624
|
+
"description": "Required. The name of the SingleTenantHsmInstanceProposal to delete.",
|
|
2625
|
+
"location": "path",
|
|
2626
|
+
"pattern": "^projects/[^/]+/locations/[^/]+/singleTenantHsmInstances/[^/]+/proposals/[^/]+$",
|
|
2627
|
+
"required": true,
|
|
2628
|
+
"type": "string"
|
|
2629
|
+
}
|
|
2630
|
+
},
|
|
2631
|
+
"path": "v1/{+name}",
|
|
2632
|
+
"response": {
|
|
2633
|
+
"$ref": "Empty"
|
|
2634
|
+
},
|
|
2635
|
+
"scopes": [
|
|
2636
|
+
"https://www.googleapis.com/auth/cloud-platform",
|
|
2637
|
+
"https://www.googleapis.com/auth/cloudkms"
|
|
2638
|
+
]
|
|
2639
|
+
},
|
|
2640
|
+
"execute": {
|
|
2641
|
+
"description": "Executes a SingleTenantHsmInstanceProposal for a given SingleTenantHsmInstance. The proposal must be in the APPROVED state.",
|
|
2642
|
+
"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/singleTenantHsmInstances/{singleTenantHsmInstancesId}/proposals/{proposalsId}:execute",
|
|
2643
|
+
"httpMethod": "POST",
|
|
2644
|
+
"id": "cloudkms.projects.locations.singleTenantHsmInstances.proposals.execute",
|
|
2645
|
+
"parameterOrder": [
|
|
2646
|
+
"name"
|
|
2647
|
+
],
|
|
2648
|
+
"parameters": {
|
|
2649
|
+
"name": {
|
|
2650
|
+
"description": "Required. The name of the SingleTenantHsmInstanceProposal to execute.",
|
|
2651
|
+
"location": "path",
|
|
2652
|
+
"pattern": "^projects/[^/]+/locations/[^/]+/singleTenantHsmInstances/[^/]+/proposals/[^/]+$",
|
|
2653
|
+
"required": true,
|
|
2654
|
+
"type": "string"
|
|
2655
|
+
}
|
|
2656
|
+
},
|
|
2657
|
+
"path": "v1/{+name}:execute",
|
|
2658
|
+
"request": {
|
|
2659
|
+
"$ref": "ExecuteSingleTenantHsmInstanceProposalRequest"
|
|
2660
|
+
},
|
|
2661
|
+
"response": {
|
|
2662
|
+
"$ref": "Operation"
|
|
2663
|
+
},
|
|
2664
|
+
"scopes": [
|
|
2665
|
+
"https://www.googleapis.com/auth/cloud-platform",
|
|
2666
|
+
"https://www.googleapis.com/auth/cloudkms"
|
|
2667
|
+
]
|
|
2668
|
+
},
|
|
2669
|
+
"get": {
|
|
2670
|
+
"description": "Returns metadata for a given SingleTenantHsmInstanceProposal.",
|
|
2671
|
+
"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/singleTenantHsmInstances/{singleTenantHsmInstancesId}/proposals/{proposalsId}",
|
|
2672
|
+
"httpMethod": "GET",
|
|
2673
|
+
"id": "cloudkms.projects.locations.singleTenantHsmInstances.proposals.get",
|
|
2674
|
+
"parameterOrder": [
|
|
2675
|
+
"name"
|
|
2676
|
+
],
|
|
2677
|
+
"parameters": {
|
|
2678
|
+
"name": {
|
|
2679
|
+
"description": "Required. The name of the SingleTenantHsmInstanceProposal to get.",
|
|
2680
|
+
"location": "path",
|
|
2681
|
+
"pattern": "^projects/[^/]+/locations/[^/]+/singleTenantHsmInstances/[^/]+/proposals/[^/]+$",
|
|
2682
|
+
"required": true,
|
|
2683
|
+
"type": "string"
|
|
2684
|
+
}
|
|
2685
|
+
},
|
|
2686
|
+
"path": "v1/{+name}",
|
|
2687
|
+
"response": {
|
|
2688
|
+
"$ref": "SingleTenantHsmInstanceProposal"
|
|
2689
|
+
},
|
|
2690
|
+
"scopes": [
|
|
2691
|
+
"https://www.googleapis.com/auth/cloud-platform",
|
|
2692
|
+
"https://www.googleapis.com/auth/cloudkms"
|
|
2693
|
+
]
|
|
2694
|
+
},
|
|
2695
|
+
"list": {
|
|
2696
|
+
"description": "Lists SingleTenantHsmInstanceProposals.",
|
|
2697
|
+
"flatPath": "v1/projects/{projectsId}/locations/{locationsId}/singleTenantHsmInstances/{singleTenantHsmInstancesId}/proposals",
|
|
2698
|
+
"httpMethod": "GET",
|
|
2699
|
+
"id": "cloudkms.projects.locations.singleTenantHsmInstances.proposals.list",
|
|
2700
|
+
"parameterOrder": [
|
|
2701
|
+
"parent"
|
|
2702
|
+
],
|
|
2703
|
+
"parameters": {
|
|
2704
|
+
"filter": {
|
|
2705
|
+
"description": "Optional. Only include resources that match the filter in the response. For more information, see [Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting-and-filtering).",
|
|
2706
|
+
"location": "query",
|
|
2707
|
+
"type": "string"
|
|
2708
|
+
},
|
|
2709
|
+
"orderBy": {
|
|
2710
|
+
"description": "Optional. Specify how the results should be sorted. If not specified, the results will be sorted in the default order. For more information, see [Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting-and-filtering).",
|
|
2711
|
+
"location": "query",
|
|
2712
|
+
"type": "string"
|
|
2713
|
+
},
|
|
2714
|
+
"pageSize": {
|
|
2715
|
+
"description": "Optional. Optional limit on the number of SingleTenantHsmInstanceProposals to include in the response. Further SingleTenantHsmInstanceProposals can subsequently be obtained by including the ListSingleTenantHsmInstanceProposalsResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.",
|
|
2716
|
+
"format": "int32",
|
|
2717
|
+
"location": "query",
|
|
2718
|
+
"type": "integer"
|
|
2719
|
+
},
|
|
2720
|
+
"pageToken": {
|
|
2721
|
+
"description": "Optional. Optional pagination token, returned earlier via ListSingleTenantHsmInstanceProposalsResponse.next_page_token.",
|
|
2722
|
+
"location": "query",
|
|
2723
|
+
"type": "string"
|
|
2724
|
+
},
|
|
2725
|
+
"parent": {
|
|
2726
|
+
"description": "Required. The resource name of the location associated with the SingleTenantHsmInstanceProposals to list, in the format `projects/*/locations/*/singleTenantHsmInstances/*`.",
|
|
2727
|
+
"location": "path",
|
|
2728
|
+
"pattern": "^projects/[^/]+/locations/[^/]+/singleTenantHsmInstances/[^/]+$",
|
|
2729
|
+
"required": true,
|
|
2730
|
+
"type": "string"
|
|
2731
|
+
},
|
|
2732
|
+
"showDeleted": {
|
|
2733
|
+
"description": "Optional. If set to true, HsmManagement.ListSingleTenantHsmInstanceProposals will also return SingleTenantHsmInstanceProposals in DELETED state.",
|
|
2734
|
+
"location": "query",
|
|
2735
|
+
"type": "boolean"
|
|
2736
|
+
}
|
|
2737
|
+
},
|
|
2738
|
+
"path": "v1/{+parent}/proposals",
|
|
2739
|
+
"response": {
|
|
2740
|
+
"$ref": "ListSingleTenantHsmInstanceProposalsResponse"
|
|
2741
|
+
},
|
|
2742
|
+
"scopes": [
|
|
2743
|
+
"https://www.googleapis.com/auth/cloud-platform",
|
|
2744
|
+
"https://www.googleapis.com/auth/cloudkms"
|
|
2745
|
+
]
|
|
2746
|
+
}
|
|
2747
|
+
}
|
|
2748
|
+
}
|
|
2749
|
+
}
|
|
2750
|
+
}
|
|
2751
|
+
}
|
|
2752
|
+
}
|
|
2753
|
+
}
|
|
2754
|
+
}
|
|
2755
|
+
},
|
|
2756
|
+
"revision": "20251231",
|
|
2757
|
+
"rootUrl": "https://cloudkms.googleapis.com/",
|
|
2758
|
+
"schemas": {
|
|
2759
|
+
"AddQuorumMember": {
|
|
2760
|
+
"description": "Add a quorum member to the SingleTenantHsmInstance. This will increase the total_approver_count by 1. The SingleTenantHsmInstance must be in the ACTIVE state to perform this operation.",
|
|
2761
|
+
"id": "AddQuorumMember",
|
|
2762
|
+
"properties": {
|
|
2763
|
+
"twoFactorPublicKeyPem": {
|
|
2764
|
+
"description": "Required. The public key associated with the 2FA key for the new quorum member to add. Public keys must be associated with RSA 2048 keys.",
|
|
2765
|
+
"type": "string"
|
|
2766
|
+
}
|
|
2767
|
+
},
|
|
2768
|
+
"type": "object"
|
|
2769
|
+
},
|
|
2770
|
+
"ApproveSingleTenantHsmInstanceProposalRequest": {
|
|
2771
|
+
"description": "Request message for HsmManagement.ApproveSingleTenantHsmInstanceProposal.",
|
|
2772
|
+
"id": "ApproveSingleTenantHsmInstanceProposalRequest",
|
|
2773
|
+
"properties": {
|
|
2774
|
+
"quorumReply": {
|
|
2775
|
+
"$ref": "QuorumReply",
|
|
2776
|
+
"description": "Required. The reply to QuorumParameters for approving the proposal."
|
|
2777
|
+
},
|
|
2778
|
+
"requiredActionQuorumReply": {
|
|
2779
|
+
"$ref": "RequiredActionQuorumReply",
|
|
2780
|
+
"description": "Required. The reply to RequiredActionQuorumParameters for approving the proposal."
|
|
2781
|
+
}
|
|
2782
|
+
},
|
|
2783
|
+
"type": "object"
|
|
2784
|
+
},
|
|
2785
|
+
"ApproveSingleTenantHsmInstanceProposalResponse": {
|
|
2786
|
+
"description": "Response message for HsmManagement.ApproveSingleTenantHsmInstanceProposal.",
|
|
2787
|
+
"id": "ApproveSingleTenantHsmInstanceProposalResponse",
|
|
2788
|
+
"properties": {},
|
|
2789
|
+
"type": "object"
|
|
2790
|
+
},
|
|
2791
|
+
"AsymmetricDecryptRequest": {
|
|
2792
|
+
"description": "Request message for KeyManagementService.AsymmetricDecrypt.",
|
|
2793
|
+
"id": "AsymmetricDecryptRequest",
|
|
2794
|
+
"properties": {
|
|
2795
|
+
"ciphertext": {
|
|
2796
|
+
"description": "Required. The data encrypted with the named CryptoKeyVersion's public key using OAEP.",
|
|
2797
|
+
"format": "byte",
|
|
2798
|
+
"type": "string"
|
|
2799
|
+
},
|
|
2800
|
+
"ciphertextCrc32c": {
|
|
2801
|
+
"description": "Optional. An optional CRC32C checksum of the AsymmetricDecryptRequest.ciphertext. If specified, KeyManagementService will verify the integrity of the received AsymmetricDecryptRequest.ciphertext using this checksum. KeyManagementService will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C(AsymmetricDecryptRequest.ciphertext) is equal to AsymmetricDecryptRequest.ciphertext_crc32c, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.",
|
|
2802
|
+
"format": "int64",
|
|
2803
|
+
"type": "string"
|
|
2804
|
+
}
|
|
2805
|
+
},
|
|
2806
|
+
"type": "object"
|
|
2807
|
+
},
|
|
2808
|
+
"AsymmetricDecryptResponse": {
|
|
2809
|
+
"description": "Response message for KeyManagementService.AsymmetricDecrypt.",
|
|
2810
|
+
"id": "AsymmetricDecryptResponse",
|
|
2811
|
+
"properties": {
|
|
2812
|
+
"plaintext": {
|
|
2813
|
+
"description": "The decrypted data originally encrypted with the matching public key.",
|
|
2814
|
+
"format": "byte",
|
|
2815
|
+
"type": "string"
|
|
2816
|
+
},
|
|
2817
|
+
"plaintextCrc32c": {
|
|
2818
|
+
"description": "Integrity verification field. A CRC32C checksum of the returned AsymmetricDecryptResponse.plaintext. An integrity check of AsymmetricDecryptResponse.plaintext can be performed by computing the CRC32C checksum of AsymmetricDecryptResponse.plaintext and comparing your results to this field. Discard the response in case of non-matching checksum values, and perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.",
|
|
2819
|
+
"format": "int64",
|
|
2820
|
+
"type": "string"
|
|
2821
|
+
},
|
|
2822
|
+
"protectionLevel": {
|
|
2823
|
+
"description": "The ProtectionLevel of the CryptoKeyVersion used in decryption.",
|
|
2824
|
+
"enum": [
|
|
2825
|
+
"PROTECTION_LEVEL_UNSPECIFIED",
|
|
2826
|
+
"SOFTWARE",
|
|
2827
|
+
"HSM",
|
|
2828
|
+
"EXTERNAL",
|
|
2829
|
+
"EXTERNAL_VPC",
|
|
2830
|
+
"HSM_SINGLE_TENANT"
|
|
2831
|
+
],
|
|
2832
|
+
"enumDescriptions": [
|
|
2833
|
+
"Not specified.",
|
|
2834
|
+
"Crypto operations are performed in software.",
|
|
2835
|
+
"Crypto operations are performed in a Hardware Security Module.",
|
|
2836
|
+
"Crypto operations are performed by an external key manager.",
|
|
2837
|
+
"Crypto operations are performed in an EKM-over-VPC backend.",
|
|
2838
|
+
"Crypto operations are performed in a single-tenant HSM."
|
|
2839
|
+
],
|
|
2840
|
+
"type": "string"
|
|
2841
|
+
},
|
|
2842
|
+
"verifiedCiphertextCrc32c": {
|
|
2843
|
+
"description": "Integrity verification field. A flag indicating whether AsymmetricDecryptRequest.ciphertext_crc32c was received by KeyManagementService and used for the integrity verification of the ciphertext. A false value of this field indicates either that AsymmetricDecryptRequest.ciphertext_crc32c was left unset or that it was not delivered to KeyManagementService. If you've set AsymmetricDecryptRequest.ciphertext_crc32c but this field is still false, discard the response and perform a limited number of retries.",
|
|
2844
|
+
"type": "boolean"
|
|
2845
|
+
}
|
|
2846
|
+
},
|
|
2847
|
+
"type": "object"
|
|
2848
|
+
},
|
|
2849
|
+
"AsymmetricSignRequest": {
|
|
2850
|
+
"description": "Request message for KeyManagementService.AsymmetricSign.",
|
|
2851
|
+
"id": "AsymmetricSignRequest",
|
|
2852
|
+
"properties": {
|
|
2853
|
+
"data": {
|
|
2854
|
+
"description": "Optional. The data to sign. It can't be supplied if AsymmetricSignRequest.digest is supplied.",
|
|
2855
|
+
"format": "byte",
|
|
2856
|
+
"type": "string"
|
|
2857
|
+
},
|
|
2858
|
+
"dataCrc32c": {
|
|
2859
|
+
"description": "Optional. An optional CRC32C checksum of the AsymmetricSignRequest.data. If specified, KeyManagementService will verify the integrity of the received AsymmetricSignRequest.data using this checksum. KeyManagementService will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C(AsymmetricSignRequest.data) is equal to AsymmetricSignRequest.data_crc32c, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.",
|
|
2860
|
+
"format": "int64",
|
|
2861
|
+
"type": "string"
|
|
2862
|
+
},
|
|
2863
|
+
"digest": {
|
|
2864
|
+
"$ref": "Digest",
|
|
2865
|
+
"description": "Optional. The digest of the data to sign. The digest must be produced with the same digest algorithm as specified by the key version's algorithm. This field may not be supplied if AsymmetricSignRequest.data is supplied."
|
|
2866
|
+
},
|
|
2867
|
+
"digestCrc32c": {
|
|
2868
|
+
"description": "Optional. An optional CRC32C checksum of the AsymmetricSignRequest.digest. If specified, KeyManagementService will verify the integrity of the received AsymmetricSignRequest.digest using this checksum. KeyManagementService will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C(AsymmetricSignRequest.digest) is equal to AsymmetricSignRequest.digest_crc32c, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.",
|
|
2869
|
+
"format": "int64",
|
|
2870
|
+
"type": "string"
|
|
2871
|
+
}
|
|
2872
|
+
},
|
|
2873
|
+
"type": "object"
|
|
2874
|
+
},
|
|
2875
|
+
"AsymmetricSignResponse": {
|
|
2876
|
+
"description": "Response message for KeyManagementService.AsymmetricSign.",
|
|
2877
|
+
"id": "AsymmetricSignResponse",
|
|
2878
|
+
"properties": {
|
|
2879
|
+
"name": {
|
|
2880
|
+
"description": "The resource name of the CryptoKeyVersion used for signing. Check this field to verify that the intended resource was used for signing.",
|
|
2881
|
+
"type": "string"
|
|
2882
|
+
},
|
|
2883
|
+
"protectionLevel": {
|
|
2884
|
+
"description": "The ProtectionLevel of the CryptoKeyVersion used for signing.",
|
|
2885
|
+
"enum": [
|
|
2886
|
+
"PROTECTION_LEVEL_UNSPECIFIED",
|
|
2887
|
+
"SOFTWARE",
|
|
2888
|
+
"HSM",
|
|
2889
|
+
"EXTERNAL",
|
|
2890
|
+
"EXTERNAL_VPC",
|
|
2891
|
+
"HSM_SINGLE_TENANT"
|
|
2892
|
+
],
|
|
2893
|
+
"enumDescriptions": [
|
|
2894
|
+
"Not specified.",
|
|
2895
|
+
"Crypto operations are performed in software.",
|
|
2896
|
+
"Crypto operations are performed in a Hardware Security Module.",
|
|
2897
|
+
"Crypto operations are performed by an external key manager.",
|
|
2898
|
+
"Crypto operations are performed in an EKM-over-VPC backend.",
|
|
2899
|
+
"Crypto operations are performed in a single-tenant HSM."
|
|
2900
|
+
],
|
|
2901
|
+
"type": "string"
|
|
2902
|
+
},
|
|
2903
|
+
"signature": {
|
|
2904
|
+
"description": "The created signature.",
|
|
2905
|
+
"format": "byte",
|
|
2906
|
+
"type": "string"
|
|
2907
|
+
},
|
|
2908
|
+
"signatureCrc32c": {
|
|
2909
|
+
"description": "Integrity verification field. A CRC32C checksum of the returned AsymmetricSignResponse.signature. An integrity check of AsymmetricSignResponse.signature can be performed by computing the CRC32C checksum of AsymmetricSignResponse.signature and comparing your results to this field. Discard the response in case of non-matching checksum values, and perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.",
|
|
2910
|
+
"format": "int64",
|
|
2911
|
+
"type": "string"
|
|
2912
|
+
},
|
|
2913
|
+
"verifiedDataCrc32c": {
|
|
2914
|
+
"description": "Integrity verification field. A flag indicating whether AsymmetricSignRequest.data_crc32c was received by KeyManagementService and used for the integrity verification of the data. A false value of this field indicates either that AsymmetricSignRequest.data_crc32c was left unset or that it was not delivered to KeyManagementService. If you've set AsymmetricSignRequest.data_crc32c but this field is still false, discard the response and perform a limited number of retries.",
|
|
2915
|
+
"type": "boolean"
|
|
2916
|
+
},
|
|
2917
|
+
"verifiedDigestCrc32c": {
|
|
2918
|
+
"description": "Integrity verification field. A flag indicating whether AsymmetricSignRequest.digest_crc32c was received by KeyManagementService and used for the integrity verification of the digest. A false value of this field indicates either that AsymmetricSignRequest.digest_crc32c was left unset or that it was not delivered to KeyManagementService. If you've set AsymmetricSignRequest.digest_crc32c but this field is still false, discard the response and perform a limited number of retries.",
|
|
2919
|
+
"type": "boolean"
|
|
2920
|
+
}
|
|
2921
|
+
},
|
|
2922
|
+
"type": "object"
|
|
2923
|
+
},
|
|
2924
|
+
"AuditConfig": {
|
|
2925
|
+
"description": "Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { \"audit_configs\": [ { \"service\": \"allServices\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" }, { \"log_type\": \"ADMIN_READ\" } ] }, { \"service\": \"sampleservice.googleapis.com\", \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\" }, { \"log_type\": \"DATA_WRITE\", \"exempted_members\": [ \"user:aliya@example.com\" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts `jose@example.com` from DATA_READ logging, and `aliya@example.com` from DATA_WRITE logging.",
|
|
2926
|
+
"id": "AuditConfig",
|
|
2927
|
+
"properties": {
|
|
2928
|
+
"auditLogConfigs": {
|
|
2929
|
+
"description": "The configuration for logging of each type of permission.",
|
|
2930
|
+
"items": {
|
|
2931
|
+
"$ref": "AuditLogConfig"
|
|
2932
|
+
},
|
|
2933
|
+
"type": "array"
|
|
2934
|
+
},
|
|
2935
|
+
"service": {
|
|
2936
|
+
"description": "Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services.",
|
|
2937
|
+
"type": "string"
|
|
2938
|
+
}
|
|
2939
|
+
},
|
|
2940
|
+
"type": "object"
|
|
2941
|
+
},
|
|
2942
|
+
"AuditLogConfig": {
|
|
2943
|
+
"description": "Provides the configuration for logging a type of permissions. Example: { \"audit_log_configs\": [ { \"log_type\": \"DATA_READ\", \"exempted_members\": [ \"user:jose@example.com\" ] }, { \"log_type\": \"DATA_WRITE\" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting jose@example.com from DATA_READ logging.",
|
|
2944
|
+
"id": "AuditLogConfig",
|
|
2945
|
+
"properties": {
|
|
2946
|
+
"exemptedMembers": {
|
|
2947
|
+
"description": "Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members.",
|
|
2948
|
+
"items": {
|
|
2949
|
+
"type": "string"
|
|
2950
|
+
},
|
|
2951
|
+
"type": "array"
|
|
2952
|
+
},
|
|
2953
|
+
"logType": {
|
|
2954
|
+
"description": "The log type that this config enables.",
|
|
2662
2955
|
"enum": [
|
|
2663
2956
|
"LOG_TYPE_UNSPECIFIED",
|
|
2664
2957
|
"ADMIN_READ",
|
|
@@ -2677,7 +2970,7 @@
|
|
|
2677
2970
|
"type": "object"
|
|
2678
2971
|
},
|
|
2679
2972
|
"AutokeyConfig": {
|
|
2680
|
-
"description": "Cloud KMS Autokey configuration for a folder
|
|
2973
|
+
"description": "Cloud KMS Autokey configuration for a folder.",
|
|
2681
2974
|
"id": "AutokeyConfig",
|
|
2682
2975
|
"properties": {
|
|
2683
2976
|
"etag": {
|
|
@@ -2689,7 +2982,7 @@
|
|
|
2689
2982
|
"type": "string"
|
|
2690
2983
|
},
|
|
2691
2984
|
"name": {
|
|
2692
|
-
"description": "Identifier. Name of the AutokeyConfig resource, e.g. `folders/{FOLDER_NUMBER}/autokeyConfig`
|
|
2985
|
+
"description": "Identifier. Name of the AutokeyConfig resource, e.g. `folders/{FOLDER_NUMBER}/autokeyConfig`",
|
|
2693
2986
|
"type": "string"
|
|
2694
2987
|
},
|
|
2695
2988
|
"state": {
|
|
@@ -2800,21 +3093,55 @@
|
|
|
2800
3093
|
"items": {
|
|
2801
3094
|
"type": "string"
|
|
2802
3095
|
},
|
|
2803
|
-
"type": "array"
|
|
2804
|
-
},
|
|
2805
|
-
"googleCardCerts": {
|
|
2806
|
-
"description": "Google card certificate chain corresponding to the attestation.",
|
|
2807
|
-
"items": {
|
|
3096
|
+
"type": "array"
|
|
3097
|
+
},
|
|
3098
|
+
"googleCardCerts": {
|
|
3099
|
+
"description": "Google card certificate chain corresponding to the attestation.",
|
|
3100
|
+
"items": {
|
|
3101
|
+
"type": "string"
|
|
3102
|
+
},
|
|
3103
|
+
"type": "array"
|
|
3104
|
+
},
|
|
3105
|
+
"googlePartitionCerts": {
|
|
3106
|
+
"description": "Google partition certificate chain corresponding to the attestation.",
|
|
3107
|
+
"items": {
|
|
3108
|
+
"type": "string"
|
|
3109
|
+
},
|
|
3110
|
+
"type": "array"
|
|
3111
|
+
}
|
|
3112
|
+
},
|
|
3113
|
+
"type": "object"
|
|
3114
|
+
},
|
|
3115
|
+
"Challenge": {
|
|
3116
|
+
"description": "A challenge to be signed by a 2FA key.",
|
|
3117
|
+
"id": "Challenge",
|
|
3118
|
+
"properties": {
|
|
3119
|
+
"challenge": {
|
|
3120
|
+
"description": "Output only. The challenge to be signed by the 2FA key indicated by the public key.",
|
|
3121
|
+
"format": "byte",
|
|
3122
|
+
"readOnly": true,
|
|
3123
|
+
"type": "string"
|
|
3124
|
+
},
|
|
3125
|
+
"publicKeyPem": {
|
|
3126
|
+
"description": "Output only. The public key associated with the 2FA key that should sign the challenge.",
|
|
3127
|
+
"readOnly": true,
|
|
2808
3128
|
"type": "string"
|
|
3129
|
+
}
|
|
2809
3130
|
},
|
|
2810
|
-
"type": "
|
|
3131
|
+
"type": "object"
|
|
2811
3132
|
},
|
|
2812
|
-
"
|
|
2813
|
-
"description": "
|
|
2814
|
-
"
|
|
3133
|
+
"ChallengeReply": {
|
|
3134
|
+
"description": "A reply to a challenge signed by a 2FA key.",
|
|
3135
|
+
"id": "ChallengeReply",
|
|
3136
|
+
"properties": {
|
|
3137
|
+
"publicKeyPem": {
|
|
3138
|
+
"description": "Required. The public key associated with the 2FA key.",
|
|
2815
3139
|
"type": "string"
|
|
2816
3140
|
},
|
|
2817
|
-
"
|
|
3141
|
+
"signedChallenge": {
|
|
3142
|
+
"description": "Required. The signed challenge associated with the 2FA key. The signature must be RSASSA-PKCS1 v1.5 with a SHA256 digest.",
|
|
3143
|
+
"format": "byte",
|
|
3144
|
+
"type": "string"
|
|
2818
3145
|
}
|
|
2819
3146
|
},
|
|
2820
3147
|
"type": "object"
|
|
@@ -2847,7 +3174,7 @@
|
|
|
2847
3174
|
"type": "string"
|
|
2848
3175
|
},
|
|
2849
3176
|
"cryptoKeyBackend": {
|
|
2850
|
-
"description": "Immutable. The resource name of the backend environment where the key material for all CryptoKeyVersions associated with this CryptoKey reside and where all related cryptographic operations are performed. Only applicable if CryptoKeyVersions have a ProtectionLevel of EXTERNAL_VPC, with the resource name in the format `projects/*/locations/*/ekmConnections/*`. Note, this list is non-exhaustive and may apply to additional ProtectionLevels in the future.",
|
|
3177
|
+
"description": "Immutable. The resource name of the backend environment where the key material for all CryptoKeyVersions associated with this CryptoKey reside and where all related cryptographic operations are performed. Only applicable if CryptoKeyVersions have a ProtectionLevel of EXTERNAL_VPC, with the resource name in the format `projects/*/locations/*/ekmConnections/*`. Only applicable if CryptoKeyVersions have a ProtectionLevel of HSM_SINGLE_TENANT, with the resource name in the format `projects/*/locations/*/singleTenantHsmInstances/*`. Note, this list is non-exhaustive and may apply to additional ProtectionLevels in the future.",
|
|
2851
3178
|
"type": "string"
|
|
2852
3179
|
},
|
|
2853
3180
|
"destroyScheduledDuration": {
|
|
@@ -2965,9 +3292,14 @@
|
|
|
2965
3292
|
"ML_KEM_768",
|
|
2966
3293
|
"ML_KEM_1024",
|
|
2967
3294
|
"KEM_XWING",
|
|
3295
|
+
"PQ_SIGN_ML_DSA_44",
|
|
2968
3296
|
"PQ_SIGN_ML_DSA_65",
|
|
3297
|
+
"PQ_SIGN_ML_DSA_87",
|
|
2969
3298
|
"PQ_SIGN_SLH_DSA_SHA2_128S",
|
|
2970
|
-
"PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256"
|
|
3299
|
+
"PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256",
|
|
3300
|
+
"PQ_SIGN_ML_DSA_44_EXTERNAL_MU",
|
|
3301
|
+
"PQ_SIGN_ML_DSA_65_EXTERNAL_MU",
|
|
3302
|
+
"PQ_SIGN_ML_DSA_87_EXTERNAL_MU"
|
|
2971
3303
|
],
|
|
2972
3304
|
"enumDescriptions": [
|
|
2973
3305
|
"Not specified.",
|
|
@@ -3009,9 +3341,14 @@
|
|
|
3009
3341
|
"ML-KEM-768 (FIPS 203)",
|
|
3010
3342
|
"ML-KEM-1024 (FIPS 203)",
|
|
3011
3343
|
"X-Wing hybrid KEM combining ML-KEM-768 with X25519 following datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/.",
|
|
3344
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 1. Randomized version.",
|
|
3012
3345
|
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 3. Randomized version.",
|
|
3346
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 5. Randomized version.",
|
|
3013
3347
|
"The post-quantum stateless hash-based digital signature algorithm, at security level 1. Randomized version.",
|
|
3014
|
-
"The post-quantum stateless hash-based digital signature algorithm, at security level 1. Randomized pre-hash version supporting SHA256 digests."
|
|
3348
|
+
"The post-quantum stateless hash-based digital signature algorithm, at security level 1. Randomized pre-hash version supporting SHA256 digests.",
|
|
3349
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 1. Randomized version supporting externally-computed message representatives.",
|
|
3350
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 3. Randomized version supporting externally-computed message representatives.",
|
|
3351
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 5. Randomized version supporting externally-computed message representatives."
|
|
3015
3352
|
],
|
|
3016
3353
|
"readOnly": true,
|
|
3017
3354
|
"type": "string"
|
|
@@ -3087,14 +3424,16 @@
|
|
|
3087
3424
|
"SOFTWARE",
|
|
3088
3425
|
"HSM",
|
|
3089
3426
|
"EXTERNAL",
|
|
3090
|
-
"EXTERNAL_VPC"
|
|
3427
|
+
"EXTERNAL_VPC",
|
|
3428
|
+
"HSM_SINGLE_TENANT"
|
|
3091
3429
|
],
|
|
3092
3430
|
"enumDescriptions": [
|
|
3093
3431
|
"Not specified.",
|
|
3094
3432
|
"Crypto operations are performed in software.",
|
|
3095
3433
|
"Crypto operations are performed in a Hardware Security Module.",
|
|
3096
3434
|
"Crypto operations are performed by an external key manager.",
|
|
3097
|
-
"Crypto operations are performed in an EKM-over-VPC backend."
|
|
3435
|
+
"Crypto operations are performed in an EKM-over-VPC backend.",
|
|
3436
|
+
"Crypto operations are performed in a single-tenant HSM."
|
|
3098
3437
|
],
|
|
3099
3438
|
"readOnly": true,
|
|
3100
3439
|
"type": "string"
|
|
@@ -3183,9 +3522,14 @@
|
|
|
3183
3522
|
"ML_KEM_768",
|
|
3184
3523
|
"ML_KEM_1024",
|
|
3185
3524
|
"KEM_XWING",
|
|
3525
|
+
"PQ_SIGN_ML_DSA_44",
|
|
3186
3526
|
"PQ_SIGN_ML_DSA_65",
|
|
3527
|
+
"PQ_SIGN_ML_DSA_87",
|
|
3187
3528
|
"PQ_SIGN_SLH_DSA_SHA2_128S",
|
|
3188
|
-
"PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256"
|
|
3529
|
+
"PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256",
|
|
3530
|
+
"PQ_SIGN_ML_DSA_44_EXTERNAL_MU",
|
|
3531
|
+
"PQ_SIGN_ML_DSA_65_EXTERNAL_MU",
|
|
3532
|
+
"PQ_SIGN_ML_DSA_87_EXTERNAL_MU"
|
|
3189
3533
|
],
|
|
3190
3534
|
"enumDescriptions": [
|
|
3191
3535
|
"Not specified.",
|
|
@@ -3227,9 +3571,14 @@
|
|
|
3227
3571
|
"ML-KEM-768 (FIPS 203)",
|
|
3228
3572
|
"ML-KEM-1024 (FIPS 203)",
|
|
3229
3573
|
"X-Wing hybrid KEM combining ML-KEM-768 with X25519 following datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/.",
|
|
3574
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 1. Randomized version.",
|
|
3230
3575
|
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 3. Randomized version.",
|
|
3576
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 5. Randomized version.",
|
|
3231
3577
|
"The post-quantum stateless hash-based digital signature algorithm, at security level 1. Randomized version.",
|
|
3232
|
-
"The post-quantum stateless hash-based digital signature algorithm, at security level 1. Randomized pre-hash version supporting SHA256 digests."
|
|
3578
|
+
"The post-quantum stateless hash-based digital signature algorithm, at security level 1. Randomized pre-hash version supporting SHA256 digests.",
|
|
3579
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 1. Randomized version supporting externally-computed message representatives.",
|
|
3580
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 3. Randomized version supporting externally-computed message representatives.",
|
|
3581
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 5. Randomized version supporting externally-computed message representatives."
|
|
3233
3582
|
],
|
|
3234
3583
|
"type": "string"
|
|
3235
3584
|
},
|
|
@@ -3240,14 +3589,16 @@
|
|
|
3240
3589
|
"SOFTWARE",
|
|
3241
3590
|
"HSM",
|
|
3242
3591
|
"EXTERNAL",
|
|
3243
|
-
"EXTERNAL_VPC"
|
|
3592
|
+
"EXTERNAL_VPC",
|
|
3593
|
+
"HSM_SINGLE_TENANT"
|
|
3244
3594
|
],
|
|
3245
3595
|
"enumDescriptions": [
|
|
3246
3596
|
"Not specified.",
|
|
3247
3597
|
"Crypto operations are performed in software.",
|
|
3248
3598
|
"Crypto operations are performed in a Hardware Security Module.",
|
|
3249
3599
|
"Crypto operations are performed by an external key manager.",
|
|
3250
|
-
"Crypto operations are performed in an EKM-over-VPC backend."
|
|
3600
|
+
"Crypto operations are performed in an EKM-over-VPC backend.",
|
|
3601
|
+
"Crypto operations are performed in a single-tenant HSM."
|
|
3251
3602
|
],
|
|
3252
3603
|
"type": "string"
|
|
3253
3604
|
}
|
|
@@ -3286,14 +3637,16 @@
|
|
|
3286
3637
|
"SOFTWARE",
|
|
3287
3638
|
"HSM",
|
|
3288
3639
|
"EXTERNAL",
|
|
3289
|
-
"EXTERNAL_VPC"
|
|
3640
|
+
"EXTERNAL_VPC",
|
|
3641
|
+
"HSM_SINGLE_TENANT"
|
|
3290
3642
|
],
|
|
3291
3643
|
"enumDescriptions": [
|
|
3292
3644
|
"Not specified.",
|
|
3293
3645
|
"Crypto operations are performed in software.",
|
|
3294
3646
|
"Crypto operations are performed in a Hardware Security Module.",
|
|
3295
3647
|
"Crypto operations are performed by an external key manager.",
|
|
3296
|
-
"Crypto operations are performed in an EKM-over-VPC backend."
|
|
3648
|
+
"Crypto operations are performed in an EKM-over-VPC backend.",
|
|
3649
|
+
"Crypto operations are performed in a single-tenant HSM."
|
|
3297
3650
|
],
|
|
3298
3651
|
"type": "string"
|
|
3299
3652
|
},
|
|
@@ -3362,14 +3715,16 @@
|
|
|
3362
3715
|
"SOFTWARE",
|
|
3363
3716
|
"HSM",
|
|
3364
3717
|
"EXTERNAL",
|
|
3365
|
-
"EXTERNAL_VPC"
|
|
3718
|
+
"EXTERNAL_VPC",
|
|
3719
|
+
"HSM_SINGLE_TENANT"
|
|
3366
3720
|
],
|
|
3367
3721
|
"enumDescriptions": [
|
|
3368
3722
|
"Not specified.",
|
|
3369
3723
|
"Crypto operations are performed in software.",
|
|
3370
3724
|
"Crypto operations are performed in a Hardware Security Module.",
|
|
3371
3725
|
"Crypto operations are performed by an external key manager.",
|
|
3372
|
-
"Crypto operations are performed in an EKM-over-VPC backend."
|
|
3726
|
+
"Crypto operations are performed in an EKM-over-VPC backend.",
|
|
3727
|
+
"Crypto operations are performed in a single-tenant HSM."
|
|
3373
3728
|
],
|
|
3374
3729
|
"type": "string"
|
|
3375
3730
|
},
|
|
@@ -3380,6 +3735,12 @@
|
|
|
3380
3735
|
},
|
|
3381
3736
|
"type": "object"
|
|
3382
3737
|
},
|
|
3738
|
+
"DeleteSingleTenantHsmInstance": {
|
|
3739
|
+
"description": "Delete the SingleTenantHsmInstance. Deleting a SingleTenantHsmInstance will make all CryptoKeys attached to the SingleTenantHsmInstance unusable. The SingleTenantHsmInstance must not be in the DELETING or DELETED state to perform this operation.",
|
|
3740
|
+
"id": "DeleteSingleTenantHsmInstance",
|
|
3741
|
+
"properties": {},
|
|
3742
|
+
"type": "object"
|
|
3743
|
+
},
|
|
3383
3744
|
"DestroyCryptoKeyVersionRequest": {
|
|
3384
3745
|
"description": "Request message for KeyManagementService.DestroyCryptoKeyVersion.",
|
|
3385
3746
|
"id": "DestroyCryptoKeyVersionRequest",
|
|
@@ -3408,6 +3769,12 @@
|
|
|
3408
3769
|
},
|
|
3409
3770
|
"type": "object"
|
|
3410
3771
|
},
|
|
3772
|
+
"DisableSingleTenantHsmInstance": {
|
|
3773
|
+
"description": "Disable the SingleTenantHsmInstance. The SingleTenantHsmInstance must be in the ACTIVE state to perform this operation.",
|
|
3774
|
+
"id": "DisableSingleTenantHsmInstance",
|
|
3775
|
+
"properties": {},
|
|
3776
|
+
"type": "object"
|
|
3777
|
+
},
|
|
3411
3778
|
"EkmConfig": {
|
|
3412
3779
|
"description": "An EkmConfig is a singleton resource that represents configuration parameters that apply to all CryptoKeys and CryptoKeyVersions with a ProtectionLevel of EXTERNAL_VPC in a given project and location.",
|
|
3413
3780
|
"id": "EkmConfig",
|
|
@@ -3471,6 +3838,18 @@
|
|
|
3471
3838
|
},
|
|
3472
3839
|
"type": "object"
|
|
3473
3840
|
},
|
|
3841
|
+
"Empty": {
|
|
3842
|
+
"description": "A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }",
|
|
3843
|
+
"id": "Empty",
|
|
3844
|
+
"properties": {},
|
|
3845
|
+
"type": "object"
|
|
3846
|
+
},
|
|
3847
|
+
"EnableSingleTenantHsmInstance": {
|
|
3848
|
+
"description": "Enable the SingleTenantHsmInstance. The SingleTenantHsmInstance must be in the DISABLED state to perform this operation.",
|
|
3849
|
+
"id": "EnableSingleTenantHsmInstance",
|
|
3850
|
+
"properties": {},
|
|
3851
|
+
"type": "object"
|
|
3852
|
+
},
|
|
3474
3853
|
"EncryptRequest": {
|
|
3475
3854
|
"description": "Request message for KeyManagementService.Encrypt.",
|
|
3476
3855
|
"id": "EncryptRequest",
|
|
@@ -3523,14 +3902,16 @@
|
|
|
3523
3902
|
"SOFTWARE",
|
|
3524
3903
|
"HSM",
|
|
3525
3904
|
"EXTERNAL",
|
|
3526
|
-
"EXTERNAL_VPC"
|
|
3905
|
+
"EXTERNAL_VPC",
|
|
3906
|
+
"HSM_SINGLE_TENANT"
|
|
3527
3907
|
],
|
|
3528
3908
|
"enumDescriptions": [
|
|
3529
3909
|
"Not specified.",
|
|
3530
3910
|
"Crypto operations are performed in software.",
|
|
3531
3911
|
"Crypto operations are performed in a Hardware Security Module.",
|
|
3532
3912
|
"Crypto operations are performed by an external key manager.",
|
|
3533
|
-
"Crypto operations are performed in an EKM-over-VPC backend."
|
|
3913
|
+
"Crypto operations are performed in an EKM-over-VPC backend.",
|
|
3914
|
+
"Crypto operations are performed in a single-tenant HSM."
|
|
3534
3915
|
],
|
|
3535
3916
|
"type": "string"
|
|
3536
3917
|
},
|
|
@@ -3545,6 +3926,12 @@
|
|
|
3545
3926
|
},
|
|
3546
3927
|
"type": "object"
|
|
3547
3928
|
},
|
|
3929
|
+
"ExecuteSingleTenantHsmInstanceProposalRequest": {
|
|
3930
|
+
"description": "Request message for HsmManagement.ExecuteSingleTenantHsmInstanceProposal.",
|
|
3931
|
+
"id": "ExecuteSingleTenantHsmInstanceProposalRequest",
|
|
3932
|
+
"properties": {},
|
|
3933
|
+
"type": "object"
|
|
3934
|
+
},
|
|
3548
3935
|
"Expr": {
|
|
3549
3936
|
"description": "Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: \"Summary size limit\" description: \"Determines if a summary is less than 100 chars\" expression: \"document.summary.size() < 100\" Example (Equality): title: \"Requestor is owner\" description: \"Determines if requestor is the document owner\" expression: \"document.owner == request.auth.claims.email\" Example (Logic): title: \"Public documents\" description: \"Determine whether the document should be publicly visible\" expression: \"document.type != 'private' && document.type != 'internal'\" Example (Data Manipulation): title: \"Notification string\" description: \"Create a notification string with a timestamp.\" expression: \"'New message received at ' + string(document.create_time)\" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information.",
|
|
3550
3937
|
"id": "Expr",
|
|
@@ -3599,14 +3986,16 @@
|
|
|
3599
3986
|
"SOFTWARE",
|
|
3600
3987
|
"HSM",
|
|
3601
3988
|
"EXTERNAL",
|
|
3602
|
-
"EXTERNAL_VPC"
|
|
3989
|
+
"EXTERNAL_VPC",
|
|
3990
|
+
"HSM_SINGLE_TENANT"
|
|
3603
3991
|
],
|
|
3604
3992
|
"enumDescriptions": [
|
|
3605
3993
|
"Not specified.",
|
|
3606
3994
|
"Crypto operations are performed in software.",
|
|
3607
3995
|
"Crypto operations are performed in a Hardware Security Module.",
|
|
3608
3996
|
"Crypto operations are performed by an external key manager.",
|
|
3609
|
-
"Crypto operations are performed in an EKM-over-VPC backend."
|
|
3997
|
+
"Crypto operations are performed in an EKM-over-VPC backend.",
|
|
3998
|
+
"Crypto operations are performed in a single-tenant HSM."
|
|
3610
3999
|
],
|
|
3611
4000
|
"type": "string"
|
|
3612
4001
|
}
|
|
@@ -3676,9 +4065,14 @@
|
|
|
3676
4065
|
"ML_KEM_768",
|
|
3677
4066
|
"ML_KEM_1024",
|
|
3678
4067
|
"KEM_XWING",
|
|
4068
|
+
"PQ_SIGN_ML_DSA_44",
|
|
3679
4069
|
"PQ_SIGN_ML_DSA_65",
|
|
4070
|
+
"PQ_SIGN_ML_DSA_87",
|
|
3680
4071
|
"PQ_SIGN_SLH_DSA_SHA2_128S",
|
|
3681
|
-
"PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256"
|
|
4072
|
+
"PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256",
|
|
4073
|
+
"PQ_SIGN_ML_DSA_44_EXTERNAL_MU",
|
|
4074
|
+
"PQ_SIGN_ML_DSA_65_EXTERNAL_MU",
|
|
4075
|
+
"PQ_SIGN_ML_DSA_87_EXTERNAL_MU"
|
|
3682
4076
|
],
|
|
3683
4077
|
"enumDescriptions": [
|
|
3684
4078
|
"Not specified.",
|
|
@@ -3720,9 +4114,14 @@
|
|
|
3720
4114
|
"ML-KEM-768 (FIPS 203)",
|
|
3721
4115
|
"ML-KEM-1024 (FIPS 203)",
|
|
3722
4116
|
"X-Wing hybrid KEM combining ML-KEM-768 with X25519 following datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/.",
|
|
4117
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 1. Randomized version.",
|
|
3723
4118
|
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 3. Randomized version.",
|
|
4119
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 5. Randomized version.",
|
|
3724
4120
|
"The post-quantum stateless hash-based digital signature algorithm, at security level 1. Randomized version.",
|
|
3725
|
-
"The post-quantum stateless hash-based digital signature algorithm, at security level 1. Randomized pre-hash version supporting SHA256 digests."
|
|
4121
|
+
"The post-quantum stateless hash-based digital signature algorithm, at security level 1. Randomized pre-hash version supporting SHA256 digests.",
|
|
4122
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 1. Randomized version supporting externally-computed message representatives.",
|
|
4123
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 3. Randomized version supporting externally-computed message representatives.",
|
|
4124
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 5. Randomized version supporting externally-computed message representatives."
|
|
3726
4125
|
],
|
|
3727
4126
|
"type": "string"
|
|
3728
4127
|
},
|
|
@@ -3762,6 +4161,10 @@
|
|
|
3762
4161
|
"readOnly": true,
|
|
3763
4162
|
"type": "string"
|
|
3764
4163
|
},
|
|
4164
|
+
"cryptoKeyBackend": {
|
|
4165
|
+
"description": "Immutable. The resource name of the backend environment where the key material for the wrapping key resides and where all related cryptographic operations are performed. Currently, this field is only populated for keys stored in HSM_SINGLE_TENANT. Note, this list is non-exhaustive and may apply to additional ProtectionLevels in the future.",
|
|
4166
|
+
"type": "string"
|
|
4167
|
+
},
|
|
3765
4168
|
"expireEventTime": {
|
|
3766
4169
|
"description": "Output only. The time this ImportJob expired. Only present if state is EXPIRED.",
|
|
3767
4170
|
"format": "google-datetime",
|
|
@@ -3814,14 +4217,16 @@
|
|
|
3814
4217
|
"SOFTWARE",
|
|
3815
4218
|
"HSM",
|
|
3816
4219
|
"EXTERNAL",
|
|
3817
|
-
"EXTERNAL_VPC"
|
|
4220
|
+
"EXTERNAL_VPC",
|
|
4221
|
+
"HSM_SINGLE_TENANT"
|
|
3818
4222
|
],
|
|
3819
4223
|
"enumDescriptions": [
|
|
3820
4224
|
"Not specified.",
|
|
3821
4225
|
"Crypto operations are performed in software.",
|
|
3822
4226
|
"Crypto operations are performed in a Hardware Security Module.",
|
|
3823
4227
|
"Crypto operations are performed by an external key manager.",
|
|
3824
|
-
"Crypto operations are performed in an EKM-over-VPC backend."
|
|
4228
|
+
"Crypto operations are performed in an EKM-over-VPC backend.",
|
|
4229
|
+
"Crypto operations are performed in a single-tenant HSM."
|
|
3825
4230
|
],
|
|
3826
4231
|
"type": "string"
|
|
3827
4232
|
},
|
|
@@ -4144,6 +4549,52 @@
|
|
|
4144
4549
|
},
|
|
4145
4550
|
"type": "object"
|
|
4146
4551
|
},
|
|
4552
|
+
"ListSingleTenantHsmInstanceProposalsResponse": {
|
|
4553
|
+
"description": "Response message for HsmManagement.ListSingleTenantHsmInstanceProposals.",
|
|
4554
|
+
"id": "ListSingleTenantHsmInstanceProposalsResponse",
|
|
4555
|
+
"properties": {
|
|
4556
|
+
"nextPageToken": {
|
|
4557
|
+
"description": "A token to retrieve next page of results. Pass this value in ListSingleTenantHsmInstanceProposalsRequest.page_token to retrieve the next page of results.",
|
|
4558
|
+
"type": "string"
|
|
4559
|
+
},
|
|
4560
|
+
"singleTenantHsmInstanceProposals": {
|
|
4561
|
+
"description": "The list of SingleTenantHsmInstanceProposals.",
|
|
4562
|
+
"items": {
|
|
4563
|
+
"$ref": "SingleTenantHsmInstanceProposal"
|
|
4564
|
+
},
|
|
4565
|
+
"type": "array"
|
|
4566
|
+
},
|
|
4567
|
+
"totalSize": {
|
|
4568
|
+
"description": "The total number of SingleTenantHsmInstanceProposals that matched the query. This field is not populated if ListSingleTenantHsmInstanceProposalsRequest.filter is applied.",
|
|
4569
|
+
"format": "int32",
|
|
4570
|
+
"type": "integer"
|
|
4571
|
+
}
|
|
4572
|
+
},
|
|
4573
|
+
"type": "object"
|
|
4574
|
+
},
|
|
4575
|
+
"ListSingleTenantHsmInstancesResponse": {
|
|
4576
|
+
"description": "Response message for HsmManagement.ListSingleTenantHsmInstances.",
|
|
4577
|
+
"id": "ListSingleTenantHsmInstancesResponse",
|
|
4578
|
+
"properties": {
|
|
4579
|
+
"nextPageToken": {
|
|
4580
|
+
"description": "A token to retrieve next page of results. Pass this value in ListSingleTenantHsmInstancesRequest.page_token to retrieve the next page of results.",
|
|
4581
|
+
"type": "string"
|
|
4582
|
+
},
|
|
4583
|
+
"singleTenantHsmInstances": {
|
|
4584
|
+
"description": "The list of SingleTenantHsmInstances.",
|
|
4585
|
+
"items": {
|
|
4586
|
+
"$ref": "SingleTenantHsmInstance"
|
|
4587
|
+
},
|
|
4588
|
+
"type": "array"
|
|
4589
|
+
},
|
|
4590
|
+
"totalSize": {
|
|
4591
|
+
"description": "The total number of SingleTenantHsmInstances that matched the query. This field is not populated if ListSingleTenantHsmInstancesRequest.filter is applied.",
|
|
4592
|
+
"format": "int32",
|
|
4593
|
+
"type": "integer"
|
|
4594
|
+
}
|
|
4595
|
+
},
|
|
4596
|
+
"type": "object"
|
|
4597
|
+
},
|
|
4147
4598
|
"Location": {
|
|
4148
4599
|
"description": "A resource that represents a Google Cloud location.",
|
|
4149
4600
|
"id": "Location",
|
|
@@ -4189,6 +4640,10 @@
|
|
|
4189
4640
|
"hsmAvailable": {
|
|
4190
4641
|
"description": "Indicates whether CryptoKeys with protection_level HSM can be created in this location.",
|
|
4191
4642
|
"type": "boolean"
|
|
4643
|
+
},
|
|
4644
|
+
"hsmSingleTenantAvailable": {
|
|
4645
|
+
"description": "Indicates whether CryptoKeys with protection_level HSM_SINGLE_TENANT can be created in this location.",
|
|
4646
|
+
"type": "boolean"
|
|
4192
4647
|
}
|
|
4193
4648
|
},
|
|
4194
4649
|
"type": "object"
|
|
@@ -4235,14 +4690,16 @@
|
|
|
4235
4690
|
"SOFTWARE",
|
|
4236
4691
|
"HSM",
|
|
4237
4692
|
"EXTERNAL",
|
|
4238
|
-
"EXTERNAL_VPC"
|
|
4693
|
+
"EXTERNAL_VPC",
|
|
4694
|
+
"HSM_SINGLE_TENANT"
|
|
4239
4695
|
],
|
|
4240
4696
|
"enumDescriptions": [
|
|
4241
4697
|
"Not specified.",
|
|
4242
4698
|
"Crypto operations are performed in software.",
|
|
4243
4699
|
"Crypto operations are performed in a Hardware Security Module.",
|
|
4244
4700
|
"Crypto operations are performed by an external key manager.",
|
|
4245
|
-
"Crypto operations are performed in an EKM-over-VPC backend."
|
|
4701
|
+
"Crypto operations are performed in an EKM-over-VPC backend.",
|
|
4702
|
+
"Crypto operations are performed in a single-tenant HSM."
|
|
4246
4703
|
],
|
|
4247
4704
|
"type": "string"
|
|
4248
4705
|
},
|
|
@@ -4295,14 +4752,16 @@
|
|
|
4295
4752
|
"SOFTWARE",
|
|
4296
4753
|
"HSM",
|
|
4297
4754
|
"EXTERNAL",
|
|
4298
|
-
"EXTERNAL_VPC"
|
|
4755
|
+
"EXTERNAL_VPC",
|
|
4756
|
+
"HSM_SINGLE_TENANT"
|
|
4299
4757
|
],
|
|
4300
4758
|
"enumDescriptions": [
|
|
4301
4759
|
"Not specified.",
|
|
4302
4760
|
"Crypto operations are performed in software.",
|
|
4303
4761
|
"Crypto operations are performed in a Hardware Security Module.",
|
|
4304
4762
|
"Crypto operations are performed by an external key manager.",
|
|
4305
|
-
"Crypto operations are performed in an EKM-over-VPC backend."
|
|
4763
|
+
"Crypto operations are performed in an EKM-over-VPC backend.",
|
|
4764
|
+
"Crypto operations are performed in a single-tenant HSM."
|
|
4306
4765
|
],
|
|
4307
4766
|
"type": "string"
|
|
4308
4767
|
},
|
|
@@ -4437,9 +4896,14 @@
|
|
|
4437
4896
|
"ML_KEM_768",
|
|
4438
4897
|
"ML_KEM_1024",
|
|
4439
4898
|
"KEM_XWING",
|
|
4899
|
+
"PQ_SIGN_ML_DSA_44",
|
|
4440
4900
|
"PQ_SIGN_ML_DSA_65",
|
|
4901
|
+
"PQ_SIGN_ML_DSA_87",
|
|
4441
4902
|
"PQ_SIGN_SLH_DSA_SHA2_128S",
|
|
4442
|
-
"PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256"
|
|
4903
|
+
"PQ_SIGN_HASH_SLH_DSA_SHA2_128S_SHA256",
|
|
4904
|
+
"PQ_SIGN_ML_DSA_44_EXTERNAL_MU",
|
|
4905
|
+
"PQ_SIGN_ML_DSA_65_EXTERNAL_MU",
|
|
4906
|
+
"PQ_SIGN_ML_DSA_87_EXTERNAL_MU"
|
|
4443
4907
|
],
|
|
4444
4908
|
"enumDescriptions": [
|
|
4445
4909
|
"Not specified.",
|
|
@@ -4481,9 +4945,14 @@
|
|
|
4481
4945
|
"ML-KEM-768 (FIPS 203)",
|
|
4482
4946
|
"ML-KEM-1024 (FIPS 203)",
|
|
4483
4947
|
"X-Wing hybrid KEM combining ML-KEM-768 with X25519 following datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/.",
|
|
4948
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 1. Randomized version.",
|
|
4484
4949
|
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 3. Randomized version.",
|
|
4950
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 5. Randomized version.",
|
|
4485
4951
|
"The post-quantum stateless hash-based digital signature algorithm, at security level 1. Randomized version.",
|
|
4486
|
-
"The post-quantum stateless hash-based digital signature algorithm, at security level 1. Randomized pre-hash version supporting SHA256 digests."
|
|
4952
|
+
"The post-quantum stateless hash-based digital signature algorithm, at security level 1. Randomized pre-hash version supporting SHA256 digests.",
|
|
4953
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 1. Randomized version supporting externally-computed message representatives.",
|
|
4954
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 3. Randomized version supporting externally-computed message representatives.",
|
|
4955
|
+
"The post-quantum Module-Lattice-Based Digital Signature Algorithm, at security level 5. Randomized version supporting externally-computed message representatives."
|
|
4487
4956
|
],
|
|
4488
4957
|
"type": "string"
|
|
4489
4958
|
},
|
|
@@ -4507,14 +4976,16 @@
|
|
|
4507
4976
|
"SOFTWARE",
|
|
4508
4977
|
"HSM",
|
|
4509
4978
|
"EXTERNAL",
|
|
4510
|
-
"EXTERNAL_VPC"
|
|
4979
|
+
"EXTERNAL_VPC",
|
|
4980
|
+
"HSM_SINGLE_TENANT"
|
|
4511
4981
|
],
|
|
4512
4982
|
"enumDescriptions": [
|
|
4513
4983
|
"Not specified.",
|
|
4514
4984
|
"Crypto operations are performed in software.",
|
|
4515
4985
|
"Crypto operations are performed in a Hardware Security Module.",
|
|
4516
4986
|
"Crypto operations are performed by an external key manager.",
|
|
4517
|
-
"Crypto operations are performed in an EKM-over-VPC backend."
|
|
4987
|
+
"Crypto operations are performed in an EKM-over-VPC backend.",
|
|
4988
|
+
"Crypto operations are performed in a single-tenant HSM."
|
|
4518
4989
|
],
|
|
4519
4990
|
"type": "string"
|
|
4520
4991
|
},
|
|
@@ -4543,6 +5014,75 @@
|
|
|
4543
5014
|
},
|
|
4544
5015
|
"type": "object"
|
|
4545
5016
|
},
|
|
5017
|
+
"QuorumAuth": {
|
|
5018
|
+
"description": "Configuration for M of N quorum auth.",
|
|
5019
|
+
"id": "QuorumAuth",
|
|
5020
|
+
"properties": {
|
|
5021
|
+
"requiredApproverCount": {
|
|
5022
|
+
"description": "Output only. The required numbers of approvers. The M value used for M of N quorum auth. Must be greater than or equal to 2 and less than or equal to total_approver_count - 1.",
|
|
5023
|
+
"format": "int32",
|
|
5024
|
+
"readOnly": true,
|
|
5025
|
+
"type": "integer"
|
|
5026
|
+
},
|
|
5027
|
+
"totalApproverCount": {
|
|
5028
|
+
"description": "Required. The total number of approvers. This is the N value used for M of N quorum auth. Must be greater than or equal to 3 and less than or equal to 16.",
|
|
5029
|
+
"format": "int32",
|
|
5030
|
+
"type": "integer"
|
|
5031
|
+
},
|
|
5032
|
+
"twoFactorPublicKeyPems": {
|
|
5033
|
+
"description": "Output only. The public keys associated with the 2FA keys for M of N quorum auth.",
|
|
5034
|
+
"items": {
|
|
5035
|
+
"type": "string"
|
|
5036
|
+
},
|
|
5037
|
+
"readOnly": true,
|
|
5038
|
+
"type": "array"
|
|
5039
|
+
}
|
|
5040
|
+
},
|
|
5041
|
+
"type": "object"
|
|
5042
|
+
},
|
|
5043
|
+
"QuorumParameters": {
|
|
5044
|
+
"description": "Parameters of quorum approval for the SingleTenantHsmInstanceProposal.",
|
|
5045
|
+
"id": "QuorumParameters",
|
|
5046
|
+
"properties": {
|
|
5047
|
+
"approvedTwoFactorPublicKeyPems": {
|
|
5048
|
+
"description": "Output only. The public keys associated with the 2FA keys that have already approved the SingleTenantHsmInstanceProposal by signing the challenge.",
|
|
5049
|
+
"items": {
|
|
5050
|
+
"type": "string"
|
|
5051
|
+
},
|
|
5052
|
+
"readOnly": true,
|
|
5053
|
+
"type": "array"
|
|
5054
|
+
},
|
|
5055
|
+
"challenges": {
|
|
5056
|
+
"description": "Output only. The challenges to be signed by 2FA keys for quorum auth. M of N of these challenges are required to be signed to approve the operation.",
|
|
5057
|
+
"items": {
|
|
5058
|
+
"$ref": "Challenge"
|
|
5059
|
+
},
|
|
5060
|
+
"readOnly": true,
|
|
5061
|
+
"type": "array"
|
|
5062
|
+
},
|
|
5063
|
+
"requiredApproverCount": {
|
|
5064
|
+
"description": "Output only. The required numbers of approvers. This is the M value used for M of N quorum auth. It is less than the number of public keys.",
|
|
5065
|
+
"format": "int32",
|
|
5066
|
+
"readOnly": true,
|
|
5067
|
+
"type": "integer"
|
|
5068
|
+
}
|
|
5069
|
+
},
|
|
5070
|
+
"type": "object"
|
|
5071
|
+
},
|
|
5072
|
+
"QuorumReply": {
|
|
5073
|
+
"description": "The reply to QuorumParameters for approving the proposal.",
|
|
5074
|
+
"id": "QuorumReply",
|
|
5075
|
+
"properties": {
|
|
5076
|
+
"challengeReplies": {
|
|
5077
|
+
"description": "Required. The challenge replies to approve the proposal. Challenge replies can be sent across multiple requests. The proposal will be approved when required_approver_count challenge replies are provided.",
|
|
5078
|
+
"items": {
|
|
5079
|
+
"$ref": "ChallengeReply"
|
|
5080
|
+
},
|
|
5081
|
+
"type": "array"
|
|
5082
|
+
}
|
|
5083
|
+
},
|
|
5084
|
+
"type": "object"
|
|
5085
|
+
},
|
|
4546
5086
|
"RawDecryptRequest": {
|
|
4547
5087
|
"description": "Request message for KeyManagementService.RawDecrypt.",
|
|
4548
5088
|
"id": "RawDecryptRequest",
|
|
@@ -4606,14 +5146,16 @@
|
|
|
4606
5146
|
"SOFTWARE",
|
|
4607
5147
|
"HSM",
|
|
4608
5148
|
"EXTERNAL",
|
|
4609
|
-
"EXTERNAL_VPC"
|
|
5149
|
+
"EXTERNAL_VPC",
|
|
5150
|
+
"HSM_SINGLE_TENANT"
|
|
4610
5151
|
],
|
|
4611
5152
|
"enumDescriptions": [
|
|
4612
5153
|
"Not specified.",
|
|
4613
5154
|
"Crypto operations are performed in software.",
|
|
4614
5155
|
"Crypto operations are performed in a Hardware Security Module.",
|
|
4615
5156
|
"Crypto operations are performed by an external key manager.",
|
|
4616
|
-
"Crypto operations are performed in an EKM-over-VPC backend."
|
|
5157
|
+
"Crypto operations are performed in an EKM-over-VPC backend.",
|
|
5158
|
+
"Crypto operations are performed in a single-tenant HSM."
|
|
4617
5159
|
],
|
|
4618
5160
|
"type": "string"
|
|
4619
5161
|
},
|
|
@@ -4704,14 +5246,16 @@
|
|
|
4704
5246
|
"SOFTWARE",
|
|
4705
5247
|
"HSM",
|
|
4706
5248
|
"EXTERNAL",
|
|
4707
|
-
"EXTERNAL_VPC"
|
|
5249
|
+
"EXTERNAL_VPC",
|
|
5250
|
+
"HSM_SINGLE_TENANT"
|
|
4708
5251
|
],
|
|
4709
5252
|
"enumDescriptions": [
|
|
4710
5253
|
"Not specified.",
|
|
4711
5254
|
"Crypto operations are performed in software.",
|
|
4712
5255
|
"Crypto operations are performed in a Hardware Security Module.",
|
|
4713
5256
|
"Crypto operations are performed by an external key manager.",
|
|
4714
|
-
"Crypto operations are performed in an EKM-over-VPC backend."
|
|
5257
|
+
"Crypto operations are performed in an EKM-over-VPC backend.",
|
|
5258
|
+
"Crypto operations are performed in a single-tenant HSM."
|
|
4715
5259
|
],
|
|
4716
5260
|
"type": "string"
|
|
4717
5261
|
},
|
|
@@ -4735,6 +5279,100 @@
|
|
|
4735
5279
|
},
|
|
4736
5280
|
"type": "object"
|
|
4737
5281
|
},
|
|
5282
|
+
"RefreshSingleTenantHsmInstance": {
|
|
5283
|
+
"description": "Refreshes the SingleTenantHsmInstance. This operation must be performed periodically to keep the SingleTenantHsmInstance active. This operation must be performed before unrefreshed_duration_until_disable has passed. The SingleTenantHsmInstance must be in the ACTIVE state to perform this operation.",
|
|
5284
|
+
"id": "RefreshSingleTenantHsmInstance",
|
|
5285
|
+
"properties": {},
|
|
5286
|
+
"type": "object"
|
|
5287
|
+
},
|
|
5288
|
+
"RegisterTwoFactorAuthKeys": {
|
|
5289
|
+
"description": "Register 2FA keys for the SingleTenantHsmInstance. This operation requires all Challenges to be signed by 2FA keys. The SingleTenantHsmInstance must be in the PENDING_TWO_FACTOR_AUTH_REGISTRATION state to perform this operation.",
|
|
5290
|
+
"id": "RegisterTwoFactorAuthKeys",
|
|
5291
|
+
"properties": {
|
|
5292
|
+
"requiredApproverCount": {
|
|
5293
|
+
"description": "Required. The required numbers of approvers to set for the SingleTenantHsmInstance. This is the M value used for M of N quorum auth. Must be greater than or equal to 2 and less than or equal to total_approver_count - 1.",
|
|
5294
|
+
"format": "int32",
|
|
5295
|
+
"type": "integer"
|
|
5296
|
+
},
|
|
5297
|
+
"twoFactorPublicKeyPems": {
|
|
5298
|
+
"description": "Required. The public keys associated with the 2FA keys for M of N quorum auth. Public keys must be associated with RSA 2048 keys.",
|
|
5299
|
+
"items": {
|
|
5300
|
+
"type": "string"
|
|
5301
|
+
},
|
|
5302
|
+
"type": "array"
|
|
5303
|
+
}
|
|
5304
|
+
},
|
|
5305
|
+
"type": "object"
|
|
5306
|
+
},
|
|
5307
|
+
"RemoveQuorumMember": {
|
|
5308
|
+
"description": "Remove a quorum member from the SingleTenantHsmInstance. This will reduce total_approver_count by 1. The SingleTenantHsmInstance must be in the ACTIVE state to perform this operation.",
|
|
5309
|
+
"id": "RemoveQuorumMember",
|
|
5310
|
+
"properties": {
|
|
5311
|
+
"twoFactorPublicKeyPem": {
|
|
5312
|
+
"description": "Required. The public key associated with the 2FA key for the quorum member to remove. Public keys must be associated with RSA 2048 keys.",
|
|
5313
|
+
"type": "string"
|
|
5314
|
+
}
|
|
5315
|
+
},
|
|
5316
|
+
"type": "object"
|
|
5317
|
+
},
|
|
5318
|
+
"RequiredActionQuorumParameters": {
|
|
5319
|
+
"description": "Parameters for an approval that has both required challenges and a quorum.",
|
|
5320
|
+
"id": "RequiredActionQuorumParameters",
|
|
5321
|
+
"properties": {
|
|
5322
|
+
"approvedTwoFactorPublicKeyPems": {
|
|
5323
|
+
"description": "Output only. The public keys associated with the 2FA keys that have already approved the SingleTenantHsmInstanceProposal by signing the challenge.",
|
|
5324
|
+
"items": {
|
|
5325
|
+
"type": "string"
|
|
5326
|
+
},
|
|
5327
|
+
"readOnly": true,
|
|
5328
|
+
"type": "array"
|
|
5329
|
+
},
|
|
5330
|
+
"quorumChallenges": {
|
|
5331
|
+
"description": "Output only. The challenges to be signed by 2FA keys for quorum auth. M of N of these challenges are required to be signed to approve the operation.",
|
|
5332
|
+
"items": {
|
|
5333
|
+
"$ref": "Challenge"
|
|
5334
|
+
},
|
|
5335
|
+
"readOnly": true,
|
|
5336
|
+
"type": "array"
|
|
5337
|
+
},
|
|
5338
|
+
"requiredApproverCount": {
|
|
5339
|
+
"description": "Output only. The required number of quorum approvers. This is the M value used for M of N quorum auth. It is less than the number of public keys.",
|
|
5340
|
+
"format": "int32",
|
|
5341
|
+
"readOnly": true,
|
|
5342
|
+
"type": "integer"
|
|
5343
|
+
},
|
|
5344
|
+
"requiredChallenges": {
|
|
5345
|
+
"description": "Output only. A list of specific challenges that must be signed. For some operations, this will contain a single challenge.",
|
|
5346
|
+
"items": {
|
|
5347
|
+
"$ref": "Challenge"
|
|
5348
|
+
},
|
|
5349
|
+
"readOnly": true,
|
|
5350
|
+
"type": "array"
|
|
5351
|
+
}
|
|
5352
|
+
},
|
|
5353
|
+
"type": "object"
|
|
5354
|
+
},
|
|
5355
|
+
"RequiredActionQuorumReply": {
|
|
5356
|
+
"description": "The reply to RequiredActionQuorumParameters for approving the proposal.",
|
|
5357
|
+
"id": "RequiredActionQuorumReply",
|
|
5358
|
+
"properties": {
|
|
5359
|
+
"quorumChallengeReplies": {
|
|
5360
|
+
"description": "Required. Quorum members' signed challenge replies. These can be provided across multiple requests. The proposal will be approved when required_approver_count quorum_challenge_replies are provided and when all required_challenge_replies are provided.",
|
|
5361
|
+
"items": {
|
|
5362
|
+
"$ref": "ChallengeReply"
|
|
5363
|
+
},
|
|
5364
|
+
"type": "array"
|
|
5365
|
+
},
|
|
5366
|
+
"requiredChallengeReplies": {
|
|
5367
|
+
"description": "Required. All required challenges must be signed for the proposal to be approved. These can be sent across multiple requests.",
|
|
5368
|
+
"items": {
|
|
5369
|
+
"$ref": "ChallengeReply"
|
|
5370
|
+
},
|
|
5371
|
+
"type": "array"
|
|
5372
|
+
}
|
|
5373
|
+
},
|
|
5374
|
+
"type": "object"
|
|
5375
|
+
},
|
|
4738
5376
|
"RestoreCryptoKeyVersionRequest": {
|
|
4739
5377
|
"description": "Request message for KeyManagementService.RestoreCryptoKeyVersion.",
|
|
4740
5378
|
"id": "RestoreCryptoKeyVersionRequest",
|
|
@@ -4824,6 +5462,179 @@
|
|
|
4824
5462
|
},
|
|
4825
5463
|
"type": "object"
|
|
4826
5464
|
},
|
|
5465
|
+
"SingleTenantHsmInstance": {
|
|
5466
|
+
"description": "A SingleTenantHsmInstance represents a single-tenant HSM instance. It can be used for creating CryptoKeys with a ProtectionLevel of HSM_SINGLE_TENANT, as well as performing cryptographic operations using keys created within the SingleTenantHsmInstance.",
|
|
5467
|
+
"id": "SingleTenantHsmInstance",
|
|
5468
|
+
"properties": {
|
|
5469
|
+
"createTime": {
|
|
5470
|
+
"description": "Output only. The time at which the SingleTenantHsmInstance was created.",
|
|
5471
|
+
"format": "google-datetime",
|
|
5472
|
+
"readOnly": true,
|
|
5473
|
+
"type": "string"
|
|
5474
|
+
},
|
|
5475
|
+
"deleteTime": {
|
|
5476
|
+
"description": "Output only. The time at which the SingleTenantHsmInstance was deleted.",
|
|
5477
|
+
"format": "google-datetime",
|
|
5478
|
+
"readOnly": true,
|
|
5479
|
+
"type": "string"
|
|
5480
|
+
},
|
|
5481
|
+
"disableTime": {
|
|
5482
|
+
"description": "Output only. The time at which the instance will be automatically disabled if not refreshed. This field is updated upon creation and after each successful refresh operation and enable. A RefreshSingleTenantHsmInstance operation must be made via a SingleTenantHsmInstanceProposal before this time otherwise the SingleTenantHsmInstance will become disabled.",
|
|
5483
|
+
"format": "google-datetime",
|
|
5484
|
+
"readOnly": true,
|
|
5485
|
+
"type": "string"
|
|
5486
|
+
},
|
|
5487
|
+
"name": {
|
|
5488
|
+
"description": "Identifier. The resource name for this SingleTenantHsmInstance in the format `projects/*/locations/*/singleTenantHsmInstances/*`.",
|
|
5489
|
+
"type": "string"
|
|
5490
|
+
},
|
|
5491
|
+
"quorumAuth": {
|
|
5492
|
+
"$ref": "QuorumAuth",
|
|
5493
|
+
"description": "Required. The quorum auth configuration for the SingleTenantHsmInstance."
|
|
5494
|
+
},
|
|
5495
|
+
"state": {
|
|
5496
|
+
"description": "Output only. The state of the SingleTenantHsmInstance.",
|
|
5497
|
+
"enum": [
|
|
5498
|
+
"STATE_UNSPECIFIED",
|
|
5499
|
+
"CREATING",
|
|
5500
|
+
"PENDING_TWO_FACTOR_AUTH_REGISTRATION",
|
|
5501
|
+
"ACTIVE",
|
|
5502
|
+
"DISABLING",
|
|
5503
|
+
"DISABLED",
|
|
5504
|
+
"DELETING",
|
|
5505
|
+
"DELETED",
|
|
5506
|
+
"FAILED"
|
|
5507
|
+
],
|
|
5508
|
+
"enumDescriptions": [
|
|
5509
|
+
"Not specified.",
|
|
5510
|
+
"The SingleTenantHsmInstance is being created.",
|
|
5511
|
+
"The SingleTenantHsmInstance is waiting for 2FA keys to be registered. This can be done by calling CreateSingleTenantHsmInstanceProposal with the RegisterTwoFactorAuthKeys operation.",
|
|
5512
|
+
"The SingleTenantHsmInstance is ready to use. A SingleTenantHsmInstance must be in the ACTIVE state for all CryptoKeys created within the SingleTenantHsmInstance to be usable.",
|
|
5513
|
+
"The SingleTenantHsmInstance is being disabled.",
|
|
5514
|
+
"The SingleTenantHsmInstance is disabled.",
|
|
5515
|
+
"The SingleTenantHsmInstance is being deleted. Requests to the instance will be rejected in this state.",
|
|
5516
|
+
"The SingleTenantHsmInstance has been deleted.",
|
|
5517
|
+
"The SingleTenantHsmInstance has failed and can not be recovered or used."
|
|
5518
|
+
],
|
|
5519
|
+
"readOnly": true,
|
|
5520
|
+
"type": "string"
|
|
5521
|
+
},
|
|
5522
|
+
"unrefreshedDurationUntilDisable": {
|
|
5523
|
+
"description": "Output only. The system-defined duration that an instance can remain unrefreshed until it is automatically disabled. This will have a value of 120 days.",
|
|
5524
|
+
"format": "google-duration",
|
|
5525
|
+
"readOnly": true,
|
|
5526
|
+
"type": "string"
|
|
5527
|
+
}
|
|
5528
|
+
},
|
|
5529
|
+
"type": "object"
|
|
5530
|
+
},
|
|
5531
|
+
"SingleTenantHsmInstanceProposal": {
|
|
5532
|
+
"description": "A SingleTenantHsmInstanceProposal represents a proposal to perform an operation on a SingleTenantHsmInstance.",
|
|
5533
|
+
"id": "SingleTenantHsmInstanceProposal",
|
|
5534
|
+
"properties": {
|
|
5535
|
+
"addQuorumMember": {
|
|
5536
|
+
"$ref": "AddQuorumMember",
|
|
5537
|
+
"description": "Add a quorum member to the SingleTenantHsmInstance. This will increase the total_approver_count by 1. The SingleTenantHsmInstance must be in the ACTIVE state to perform this operation."
|
|
5538
|
+
},
|
|
5539
|
+
"createTime": {
|
|
5540
|
+
"description": "Output only. The time at which the SingleTenantHsmInstanceProposal was created.",
|
|
5541
|
+
"format": "google-datetime",
|
|
5542
|
+
"readOnly": true,
|
|
5543
|
+
"type": "string"
|
|
5544
|
+
},
|
|
5545
|
+
"deleteSingleTenantHsmInstance": {
|
|
5546
|
+
"$ref": "DeleteSingleTenantHsmInstance",
|
|
5547
|
+
"description": "Delete the SingleTenantHsmInstance. Deleting a SingleTenantHsmInstance will make all CryptoKeys attached to the SingleTenantHsmInstance unusable. The SingleTenantHsmInstance must be in the DISABLED or PENDING_TWO_FACTOR_AUTH_REGISTRATION state to perform this operation."
|
|
5548
|
+
},
|
|
5549
|
+
"deleteTime": {
|
|
5550
|
+
"description": "Output only. The time at which the SingleTenantHsmInstanceProposal was deleted.",
|
|
5551
|
+
"format": "google-datetime",
|
|
5552
|
+
"readOnly": true,
|
|
5553
|
+
"type": "string"
|
|
5554
|
+
},
|
|
5555
|
+
"disableSingleTenantHsmInstance": {
|
|
5556
|
+
"$ref": "DisableSingleTenantHsmInstance",
|
|
5557
|
+
"description": "Disable the SingleTenantHsmInstance. The SingleTenantHsmInstance must be in the ACTIVE state to perform this operation."
|
|
5558
|
+
},
|
|
5559
|
+
"enableSingleTenantHsmInstance": {
|
|
5560
|
+
"$ref": "EnableSingleTenantHsmInstance",
|
|
5561
|
+
"description": "Enable the SingleTenantHsmInstance. The SingleTenantHsmInstance must be in the DISABLED state to perform this operation."
|
|
5562
|
+
},
|
|
5563
|
+
"expireTime": {
|
|
5564
|
+
"description": "The time at which the SingleTenantHsmInstanceProposal will expire if not approved and executed.",
|
|
5565
|
+
"format": "google-datetime",
|
|
5566
|
+
"type": "string"
|
|
5567
|
+
},
|
|
5568
|
+
"failureReason": {
|
|
5569
|
+
"description": "Output only. The root cause of the most recent failure. Only present if state is FAILED.",
|
|
5570
|
+
"readOnly": true,
|
|
5571
|
+
"type": "string"
|
|
5572
|
+
},
|
|
5573
|
+
"name": {
|
|
5574
|
+
"description": "Identifier. The resource name for this SingleTenantHsmInstance in the format `projects/*/locations/*/singleTenantHsmInstances/*/proposals/*`.",
|
|
5575
|
+
"type": "string"
|
|
5576
|
+
},
|
|
5577
|
+
"purgeTime": {
|
|
5578
|
+
"description": "Output only. The time at which the soft-deleted SingleTenantHsmInstanceProposal will be permanently purged. This field is only populated when the state is DELETED and will be set a time after expiration of the proposal, i.e. >= expire_time or (create_time + ttl).",
|
|
5579
|
+
"format": "google-datetime",
|
|
5580
|
+
"readOnly": true,
|
|
5581
|
+
"type": "string"
|
|
5582
|
+
},
|
|
5583
|
+
"quorumParameters": {
|
|
5584
|
+
"$ref": "QuorumParameters",
|
|
5585
|
+
"description": "Output only. The quorum approval parameters for the SingleTenantHsmInstanceProposal.",
|
|
5586
|
+
"readOnly": true
|
|
5587
|
+
},
|
|
5588
|
+
"refreshSingleTenantHsmInstance": {
|
|
5589
|
+
"$ref": "RefreshSingleTenantHsmInstance",
|
|
5590
|
+
"description": "Refreshes the SingleTenantHsmInstance. This operation must be performed periodically to keep the SingleTenantHsmInstance active. This operation must be performed before unrefreshed_duration_until_disable has passed. The SingleTenantHsmInstance must be in the ACTIVE state to perform this operation."
|
|
5591
|
+
},
|
|
5592
|
+
"registerTwoFactorAuthKeys": {
|
|
5593
|
+
"$ref": "RegisterTwoFactorAuthKeys",
|
|
5594
|
+
"description": "Register 2FA keys for the SingleTenantHsmInstance. This operation requires all N Challenges to be signed by 2FA keys. The SingleTenantHsmInstance must be in the PENDING_TWO_FACTOR_AUTH_REGISTRATION state to perform this operation."
|
|
5595
|
+
},
|
|
5596
|
+
"removeQuorumMember": {
|
|
5597
|
+
"$ref": "RemoveQuorumMember",
|
|
5598
|
+
"description": "Remove a quorum member from the SingleTenantHsmInstance. This will reduce total_approver_count by 1. The SingleTenantHsmInstance must be in the ACTIVE state to perform this operation."
|
|
5599
|
+
},
|
|
5600
|
+
"requiredActionQuorumParameters": {
|
|
5601
|
+
"$ref": "RequiredActionQuorumParameters",
|
|
5602
|
+
"description": "Output only. Parameters for an approval of a SingleTenantHsmInstanceProposal that has both required challenges and a quorum.",
|
|
5603
|
+
"readOnly": true
|
|
5604
|
+
},
|
|
5605
|
+
"state": {
|
|
5606
|
+
"description": "Output only. The state of the SingleTenantHsmInstanceProposal.",
|
|
5607
|
+
"enum": [
|
|
5608
|
+
"STATE_UNSPECIFIED",
|
|
5609
|
+
"CREATING",
|
|
5610
|
+
"PENDING",
|
|
5611
|
+
"APPROVED",
|
|
5612
|
+
"RUNNING",
|
|
5613
|
+
"SUCCEEDED",
|
|
5614
|
+
"FAILED",
|
|
5615
|
+
"DELETED"
|
|
5616
|
+
],
|
|
5617
|
+
"enumDescriptions": [
|
|
5618
|
+
"Not specified.",
|
|
5619
|
+
"The SingleTenantHsmInstanceProposal is being created.",
|
|
5620
|
+
"The SingleTenantHsmInstanceProposal is pending approval.",
|
|
5621
|
+
"The SingleTenantHsmInstanceProposal has been approved.",
|
|
5622
|
+
"The SingleTenantHsmInstanceProposal is being executed.",
|
|
5623
|
+
"The SingleTenantHsmInstanceProposal has been executed successfully.",
|
|
5624
|
+
"The SingleTenantHsmInstanceProposal has failed.",
|
|
5625
|
+
"The SingleTenantHsmInstanceProposal has been deleted and will be purged after the purge_time."
|
|
5626
|
+
],
|
|
5627
|
+
"readOnly": true,
|
|
5628
|
+
"type": "string"
|
|
5629
|
+
},
|
|
5630
|
+
"ttl": {
|
|
5631
|
+
"description": "Input only. The TTL for the SingleTenantHsmInstanceProposal. Proposals will expire after this duration.",
|
|
5632
|
+
"format": "google-duration",
|
|
5633
|
+
"type": "string"
|
|
5634
|
+
}
|
|
5635
|
+
},
|
|
5636
|
+
"type": "object"
|
|
5637
|
+
},
|
|
4827
5638
|
"Status": {
|
|
4828
5639
|
"description": "The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs. It is used by [gRPC](https://github.com/grpc). Each `Status` message contains three pieces of data: error code, error message, and error details. You can find out more about this error model and how to work with it in the [API Design Guide](https://cloud.google.com/apis/design/errors).",
|
|
4829
5640
|
"id": "Status",
|