
1353 lines
84 KiB
Raw Normal View History

# Copyright 2020 Google LLC
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# See the License for the specific language governing permissions and
# limitations under the License.
require 'google/apis/core/base_service'
require 'google/apis/core/json_representation'
require 'google/apis/core/hashable'
require 'google/apis/errors'
module Google
module Apis
module CloudkmsV1
# Cloud Key Management Service (KMS) API
# Manages keys and performs cryptographic operations in a central cloud service,
# for direct use by other cloud resources and applications.
# @example
# require 'google/apis/cloudkms_v1'
# Cloudkms = Google::Apis::CloudkmsV1 # Alias the module
# service =
# @see
class CloudKMSService < Google::Apis::Core::BaseService
# @return [String]
# API key. Your API key identifies your project and provides you with API access,
# quota, and reports. Required unless you provide an OAuth 2.0 token.
attr_accessor :key
# @return [String]
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
attr_accessor :quota_user
def initialize
super('', '',
client_name: 'google-apis-cloudkms_v1',
client_version: Google::Apis::CloudkmsV1::GEM_VERSION)
@batch_path = 'batch'
# Gets information about a location.
# @param [String] name
# Resource name for the location.
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::Location] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::Location]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def get_project_location(name, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:get, 'v1/{+name}', options)
command.response_representation = Google::Apis::CloudkmsV1::Location::Representation
command.response_class = Google::Apis::CloudkmsV1::Location
command.params['name'] = name unless name.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Lists information about the supported locations for this service.
# @param [String] name
# The resource that owns the locations collection, if applicable.
# @param [String] filter
# The standard list filter.
# @param [Fixnum] page_size
# The standard list page size.
# @param [String] page_token
# The standard list page token.
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::ListLocationsResponse] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::ListLocationsResponse]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def list_project_locations(name, filter: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:get, 'v1/{+name}/locations', options)
command.response_representation = Google::Apis::CloudkmsV1::ListLocationsResponse::Representation
command.response_class = Google::Apis::CloudkmsV1::ListLocationsResponse
command.params['name'] = name unless name.nil?
command.query['filter'] = filter unless filter.nil?
command.query['pageSize'] = page_size unless page_size.nil?
command.query['pageToken'] = page_token unless page_token.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Create a new KeyRing in a given Project and Location.
# @param [String] parent
# Required. The resource name of the location associated with the KeyRings, in
# the format `projects/*/locations/*`.
# @param [Google::Apis::CloudkmsV1::KeyRing] key_ring_object
# @param [String] key_ring_id
# Required. It must be unique within a location and match the regular expression
# `[a-zA-Z0-9_-]`1,63``
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::KeyRing] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::KeyRing]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def create_project_location_key_ring(parent, key_ring_object = nil, key_ring_id: nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:post, 'v1/{+parent}/keyRings', options)
command.request_representation = Google::Apis::CloudkmsV1::KeyRing::Representation
command.request_object = key_ring_object
command.response_representation = Google::Apis::CloudkmsV1::KeyRing::Representation
command.response_class = Google::Apis::CloudkmsV1::KeyRing
command.params['parent'] = parent unless parent.nil?
command.query['keyRingId'] = key_ring_id unless key_ring_id.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Returns metadata for a given KeyRing.
# @param [String] name
# Required. The name of the KeyRing to get.
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::KeyRing] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::KeyRing]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def get_project_location_key_ring(name, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:get, 'v1/{+name}', options)
command.response_representation = Google::Apis::CloudkmsV1::KeyRing::Representation
command.response_class = Google::Apis::CloudkmsV1::KeyRing
command.params['name'] = name unless name.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Gets the access control policy for a resource. Returns an empty policy if the
# resource exists and does not have a policy set.
# @param [String] resource
# REQUIRED: The resource for which the policy is being requested. See the
# operation documentation for the appropriate value for this field.
# @param [Fixnum] options_requested_policy_version
# Optional. The policy format version to be returned. Valid values are 0, 1, and
# 3. Requests specifying an invalid value will be rejected. Requests for
# policies with any conditional bindings must specify version 3. Policies
# without any conditional bindings may specify any valid value or leave the
# field unset. To learn which resources support conditions in their IAM policies,
# see the [IAM documentation](
# resource-policies).
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::Policy]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def get_project_location_key_ring_iam_policy(resource, options_requested_policy_version: nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:get, 'v1/{+resource}:getIamPolicy', options)
command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation
command.response_class = Google::Apis::CloudkmsV1::Policy
command.params['resource'] = resource unless resource.nil?
command.query['options.requestedPolicyVersion'] = options_requested_policy_version unless options_requested_policy_version.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Lists KeyRings.
# @param [String] parent
# Required. The resource name of the location associated with the KeyRings, in
# the format `projects/*/locations/*`.
# @param [String] filter
# Optional. Only include resources that match the filter in the response. For
# more information, see [Sorting and filtering list results](https://cloud.
# @param [String] order_by
# Optional. Specify how the results should be sorted. If not specified, the
# results will be sorted in the default order. For more information, see [
# Sorting and filtering list results](
# and-filtering).
# @param [Fixnum] page_size
# Optional. Optional limit on the number of KeyRings to include in the response.
# Further KeyRings can subsequently be obtained by including the
# ListKeyRingsResponse.next_page_token in a subsequent request. If unspecified,
# the server will pick an appropriate default.
# @param [String] page_token
# Optional. Optional pagination token, returned earlier via ListKeyRingsResponse.
# next_page_token.
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::ListKeyRingsResponse] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::ListKeyRingsResponse]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def list_project_location_key_rings(parent, filter: nil, order_by: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:get, 'v1/{+parent}/keyRings', options)
command.response_representation = Google::Apis::CloudkmsV1::ListKeyRingsResponse::Representation
command.response_class = Google::Apis::CloudkmsV1::ListKeyRingsResponse
command.params['parent'] = parent unless parent.nil?
command.query['filter'] = filter unless filter.nil?
command.query['orderBy'] = order_by unless order_by.nil?
command.query['pageSize'] = page_size unless page_size.nil?
command.query['pageToken'] = page_token unless page_token.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Sets the access control policy on the specified resource. Replaces any
# existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `
# @param [String] resource
# REQUIRED: The resource for which the policy is being specified. See the
# operation documentation for the appropriate value for this field.
# @param [Google::Apis::CloudkmsV1::SetIamPolicyRequest] set_iam_policy_request_object
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::Policy]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def set_key_ring_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options)
command.request_representation = Google::Apis::CloudkmsV1::SetIamPolicyRequest::Representation
command.request_object = set_iam_policy_request_object
command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation
command.response_class = Google::Apis::CloudkmsV1::Policy
command.params['resource'] = resource unless resource.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Returns permissions that a caller has on the specified resource. If the
# resource does not exist, this will return an empty set of permissions, not a `
# NOT_FOUND` error. Note: This operation is designed to be used for building
# permission-aware UIs and command-line tools, not for authorization checking.
# This operation may "fail open" without warning.
# @param [String] resource
# REQUIRED: The resource for which the policy detail is being requested. See the
# operation documentation for the appropriate value for this field.
# @param [Google::Apis::CloudkmsV1::TestIamPermissionsRequest] test_iam_permissions_request_object
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::TestIamPermissionsResponse]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def test_key_ring_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options)
command.request_representation = Google::Apis::CloudkmsV1::TestIamPermissionsRequest::Representation
command.request_object = test_iam_permissions_request_object
command.response_representation = Google::Apis::CloudkmsV1::TestIamPermissionsResponse::Representation
command.response_class = Google::Apis::CloudkmsV1::TestIamPermissionsResponse
command.params['resource'] = resource unless resource.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Create a new CryptoKey within a KeyRing. CryptoKey.purpose and CryptoKey.
# version_template.algorithm are required.
# @param [String] parent
# Required. The name of the KeyRing associated with the CryptoKeys.
# @param [Google::Apis::CloudkmsV1::CryptoKey] crypto_key_object
# @param [String] crypto_key_id
# Required. It must be unique within a KeyRing and match the regular expression `
# [a-zA-Z0-9_-]`1,63``
# @param [Boolean] skip_initial_version_creation
# If set to true, the request will create a CryptoKey without any
# CryptoKeyVersions. You must manually call CreateCryptoKeyVersion or
# ImportCryptoKeyVersion before you can use this CryptoKey.
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::CryptoKey] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::CryptoKey]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def create_project_location_key_ring_crypto_key(parent, crypto_key_object = nil, crypto_key_id: nil, skip_initial_version_creation: nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:post, 'v1/{+parent}/cryptoKeys', options)
command.request_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation
command.request_object = crypto_key_object
command.response_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation
command.response_class = Google::Apis::CloudkmsV1::CryptoKey
command.params['parent'] = parent unless parent.nil?
command.query['cryptoKeyId'] = crypto_key_id unless crypto_key_id.nil?
command.query['skipInitialVersionCreation'] = skip_initial_version_creation unless skip_initial_version_creation.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Decrypts data that was protected by Encrypt. The CryptoKey.purpose must be
# @param [String] name
# Required. The resource name of the CryptoKey to use for decryption. The server
# will choose the appropriate version.
# @param [Google::Apis::CloudkmsV1::DecryptRequest] decrypt_request_object
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::DecryptResponse] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::DecryptResponse]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def decrypt_crypto_key(name, decrypt_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:post, 'v1/{+name}:decrypt', options)
command.request_representation = Google::Apis::CloudkmsV1::DecryptRequest::Representation
command.request_object = decrypt_request_object
command.response_representation = Google::Apis::CloudkmsV1::DecryptResponse::Representation
command.response_class = Google::Apis::CloudkmsV1::DecryptResponse
command.params['name'] = name unless name.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Encrypts data, so that it can only be recovered by a call to Decrypt. The
# CryptoKey.purpose must be ENCRYPT_DECRYPT.
# @param [String] name
# Required. The resource name of the CryptoKey or CryptoKeyVersion to use for
# encryption. If a CryptoKey is specified, the server will use its primary
# version.
# @param [Google::Apis::CloudkmsV1::EncryptRequest] encrypt_request_object
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::EncryptResponse] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::EncryptResponse]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def encrypt_crypto_key(name, encrypt_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:post, 'v1/{+name}:encrypt', options)
command.request_representation = Google::Apis::CloudkmsV1::EncryptRequest::Representation
command.request_object = encrypt_request_object
command.response_representation = Google::Apis::CloudkmsV1::EncryptResponse::Representation
command.response_class = Google::Apis::CloudkmsV1::EncryptResponse
command.params['name'] = name unless name.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Returns metadata for a given CryptoKey, as well as its primary
# CryptoKeyVersion.
# @param [String] name
# Required. The name of the CryptoKey to get.
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::CryptoKey] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::CryptoKey]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def get_project_location_key_ring_crypto_key(name, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:get, 'v1/{+name}', options)
command.response_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation
command.response_class = Google::Apis::CloudkmsV1::CryptoKey
command.params['name'] = name unless name.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Gets the access control policy for a resource. Returns an empty policy if the
# resource exists and does not have a policy set.
# @param [String] resource
# REQUIRED: The resource for which the policy is being requested. See the
# operation documentation for the appropriate value for this field.
# @param [Fixnum] options_requested_policy_version
# Optional. The policy format version to be returned. Valid values are 0, 1, and
# 3. Requests specifying an invalid value will be rejected. Requests for
# policies with any conditional bindings must specify version 3. Policies
# without any conditional bindings may specify any valid value or leave the
# field unset. To learn which resources support conditions in their IAM policies,
# see the [IAM documentation](
# resource-policies).
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::Policy]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def get_project_location_key_ring_crypto_key_iam_policy(resource, options_requested_policy_version: nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:get, 'v1/{+resource}:getIamPolicy', options)
command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation
command.response_class = Google::Apis::CloudkmsV1::Policy
command.params['resource'] = resource unless resource.nil?
command.query['options.requestedPolicyVersion'] = options_requested_policy_version unless options_requested_policy_version.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Lists CryptoKeys.
# @param [String] parent
# Required. The resource name of the KeyRing to list, in the format `projects/*/
# locations/*/keyRings/*`.
# @param [String] filter
# Optional. Only include resources that match the filter in the response. For
# more information, see [Sorting and filtering list results](https://cloud.
# @param [String] order_by
# Optional. Specify how the results should be sorted. If not specified, the
# results will be sorted in the default order. For more information, see [
# Sorting and filtering list results](
# and-filtering).
# @param [Fixnum] page_size
# Optional. Optional limit on the number of CryptoKeys to include in the
# response. Further CryptoKeys can subsequently be obtained by including the
# ListCryptoKeysResponse.next_page_token in a subsequent request. If unspecified,
# the server will pick an appropriate default.
# @param [String] page_token
# Optional. Optional pagination token, returned earlier via
# ListCryptoKeysResponse.next_page_token.
# @param [String] version_view
# The fields of the primary version to include in the response.
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::ListCryptoKeysResponse] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::ListCryptoKeysResponse]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def list_project_location_key_ring_crypto_keys(parent, filter: nil, order_by: nil, page_size: nil, page_token: nil, version_view: nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:get, 'v1/{+parent}/cryptoKeys', options)
command.response_representation = Google::Apis::CloudkmsV1::ListCryptoKeysResponse::Representation
command.response_class = Google::Apis::CloudkmsV1::ListCryptoKeysResponse
command.params['parent'] = parent unless parent.nil?
command.query['filter'] = filter unless filter.nil?
command.query['orderBy'] = order_by unless order_by.nil?
command.query['pageSize'] = page_size unless page_size.nil?
command.query['pageToken'] = page_token unless page_token.nil?
command.query['versionView'] = version_view unless version_view.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Update a CryptoKey.
# @param [String] name
# Output only. The resource name for this CryptoKey in the format `projects/*/
# locations/*/keyRings/*/cryptoKeys/*`.
# @param [Google::Apis::CloudkmsV1::CryptoKey] crypto_key_object
# @param [String] update_mask
# Required. List of fields to be updated in this request.
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::CryptoKey] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::CryptoKey]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def patch_project_location_key_ring_crypto_key(name, crypto_key_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:patch, 'v1/{+name}', options)
command.request_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation
command.request_object = crypto_key_object
command.response_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation
command.response_class = Google::Apis::CloudkmsV1::CryptoKey
command.params['name'] = name unless name.nil?
command.query['updateMask'] = update_mask unless update_mask.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Sets the access control policy on the specified resource. Replaces any
# existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `
# @param [String] resource
# REQUIRED: The resource for which the policy is being specified. See the
# operation documentation for the appropriate value for this field.
# @param [Google::Apis::CloudkmsV1::SetIamPolicyRequest] set_iam_policy_request_object
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::Policy]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def set_crypto_key_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options)
command.request_representation = Google::Apis::CloudkmsV1::SetIamPolicyRequest::Representation
command.request_object = set_iam_policy_request_object
command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation
command.response_class = Google::Apis::CloudkmsV1::Policy
command.params['resource'] = resource unless resource.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Returns permissions that a caller has on the specified resource. If the
# resource does not exist, this will return an empty set of permissions, not a `
# NOT_FOUND` error. Note: This operation is designed to be used for building
# permission-aware UIs and command-line tools, not for authorization checking.
# This operation may "fail open" without warning.
# @param [String] resource
# REQUIRED: The resource for which the policy detail is being requested. See the
# operation documentation for the appropriate value for this field.
# @param [Google::Apis::CloudkmsV1::TestIamPermissionsRequest] test_iam_permissions_request_object
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::TestIamPermissionsResponse]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def test_crypto_key_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options)
command.request_representation = Google::Apis::CloudkmsV1::TestIamPermissionsRequest::Representation
command.request_object = test_iam_permissions_request_object
command.response_representation = Google::Apis::CloudkmsV1::TestIamPermissionsResponse::Representation
command.response_class = Google::Apis::CloudkmsV1::TestIamPermissionsResponse
command.params['resource'] = resource unless resource.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Update the version of a CryptoKey that will be used in Encrypt. Returns an
# error if called on an asymmetric key.
# @param [String] name
# Required. The resource name of the CryptoKey to update.
# @param [Google::Apis::CloudkmsV1::UpdateCryptoKeyPrimaryVersionRequest] update_crypto_key_primary_version_request_object
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::CryptoKey] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::CryptoKey]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def update_project_location_key_ring_crypto_key_primary_version(name, update_crypto_key_primary_version_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:post, 'v1/{+name}:updatePrimaryVersion', options)
command.request_representation = Google::Apis::CloudkmsV1::UpdateCryptoKeyPrimaryVersionRequest::Representation
command.request_object = update_crypto_key_primary_version_request_object
command.response_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation
command.response_class = Google::Apis::CloudkmsV1::CryptoKey
command.params['name'] = name unless name.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Decrypts data that was encrypted with a public key retrieved from GetPublicKey
# corresponding to a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_DECRYPT.
# @param [String] name
# Required. The resource name of the CryptoKeyVersion to use for decryption.
# @param [Google::Apis::CloudkmsV1::AsymmetricDecryptRequest] asymmetric_decrypt_request_object
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::AsymmetricDecryptResponse] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::AsymmetricDecryptResponse]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def asymmetric_crypto_key_version_decrypt(name, asymmetric_decrypt_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:post, 'v1/{+name}:asymmetricDecrypt', options)
command.request_representation = Google::Apis::CloudkmsV1::AsymmetricDecryptRequest::Representation
command.request_object = asymmetric_decrypt_request_object
command.response_representation = Google::Apis::CloudkmsV1::AsymmetricDecryptResponse::Representation
command.response_class = Google::Apis::CloudkmsV1::AsymmetricDecryptResponse
command.params['name'] = name unless name.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Signs data using a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_SIGN,
# producing a signature that can be verified with the public key retrieved from
# GetPublicKey.
# @param [String] name
# Required. The resource name of the CryptoKeyVersion to use for signing.
# @param [Google::Apis::CloudkmsV1::AsymmetricSignRequest] asymmetric_sign_request_object
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::AsymmetricSignResponse] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::AsymmetricSignResponse]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def asymmetric_crypto_key_version_sign(name, asymmetric_sign_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:post, 'v1/{+name}:asymmetricSign', options)
command.request_representation = Google::Apis::CloudkmsV1::AsymmetricSignRequest::Representation
command.request_object = asymmetric_sign_request_object
command.response_representation = Google::Apis::CloudkmsV1::AsymmetricSignResponse::Representation
command.response_class = Google::Apis::CloudkmsV1::AsymmetricSignResponse
command.params['name'] = name unless name.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Create a new CryptoKeyVersion in a CryptoKey. The server will assign the next
# sequential id. If unset, state will be set to ENABLED.
# @param [String] parent
# Required. The name of the CryptoKey associated with the CryptoKeyVersions.
# @param [Google::Apis::CloudkmsV1::CryptoKeyVersion] crypto_key_version_object
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::CryptoKeyVersion]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def create_project_location_key_ring_crypto_key_crypto_key_version(parent, crypto_key_version_object = nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:post, 'v1/{+parent}/cryptoKeyVersions', options)
command.request_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation
command.request_object = crypto_key_version_object
command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation
command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion
command.params['parent'] = parent unless parent.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Schedule a CryptoKeyVersion for destruction. Upon calling this method,
# CryptoKeyVersion.state will be set to DESTROY_SCHEDULED and destroy_time will
# be set to a time 24 hours in the future, at which point the state will be
# changed to DESTROYED, and the key material will be irrevocably destroyed.
# Before the destroy_time is reached, RestoreCryptoKeyVersion may be called to
# reverse the process.
# @param [String] name
# Required. The resource name of the CryptoKeyVersion to destroy.
# @param [Google::Apis::CloudkmsV1::DestroyCryptoKeyVersionRequest] destroy_crypto_key_version_request_object
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::CryptoKeyVersion]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def destroy_crypto_key_version(name, destroy_crypto_key_version_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:post, 'v1/{+name}:destroy', options)
command.request_representation = Google::Apis::CloudkmsV1::DestroyCryptoKeyVersionRequest::Representation
command.request_object = destroy_crypto_key_version_request_object
command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation
command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion
command.params['name'] = name unless name.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Returns metadata for a given CryptoKeyVersion.
# @param [String] name
# Required. The name of the CryptoKeyVersion to get.
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::CryptoKeyVersion]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def get_project_location_key_ring_crypto_key_crypto_key_version(name, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:get, 'v1/{+name}', options)
command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation
command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion
command.params['name'] = name unless name.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Returns the public key for the given CryptoKeyVersion. The CryptoKey.purpose
# @param [String] name
# Required. The name of the CryptoKeyVersion public key to get.
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::PublicKey] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::PublicKey]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def get_project_location_key_ring_crypto_key_crypto_key_version_public_key(name, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:get, 'v1/{+name}/publicKey', options)
command.response_representation = Google::Apis::CloudkmsV1::PublicKey::Representation
command.response_class = Google::Apis::CloudkmsV1::PublicKey
command.params['name'] = name unless name.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Imports a new CryptoKeyVersion into an existing CryptoKey using the wrapped
# key material provided in the request. The version ID will be assigned the next
# sequential id within the CryptoKey.
# @param [String] parent
# Required. The name of the CryptoKey to be imported into.
# @param [Google::Apis::CloudkmsV1::ImportCryptoKeyVersionRequest] import_crypto_key_version_request_object
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::CryptoKeyVersion]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def import_crypto_key_version(parent, import_crypto_key_version_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:post, 'v1/{+parent}/cryptoKeyVersions:import', options)
command.request_representation = Google::Apis::CloudkmsV1::ImportCryptoKeyVersionRequest::Representation
command.request_object = import_crypto_key_version_request_object
command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation
command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion
command.params['parent'] = parent unless parent.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Lists CryptoKeyVersions.
# @param [String] parent
# Required. The resource name of the CryptoKey to list, in the format `projects/*
# /locations/*/keyRings/*/cryptoKeys/*`.
# @param [String] filter
# Optional. Only include resources that match the filter in the response. For
# more information, see [Sorting and filtering list results](https://cloud.
# @param [String] order_by
# Optional. Specify how the results should be sorted. If not specified, the
# results will be sorted in the default order. For more information, see [
# Sorting and filtering list results](
# and-filtering).
# @param [Fixnum] page_size
# Optional. Optional limit on the number of CryptoKeyVersions to include in the
# response. Further CryptoKeyVersions can subsequently be obtained by including
# the ListCryptoKeyVersionsResponse.next_page_token in a subsequent request. If
# unspecified, the server will pick an appropriate default.
# @param [String] page_token
# Optional. Optional pagination token, returned earlier via
# ListCryptoKeyVersionsResponse.next_page_token.
# @param [String] view
# The fields to include in the response.
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::ListCryptoKeyVersionsResponse] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::ListCryptoKeyVersionsResponse]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def list_project_location_key_ring_crypto_key_crypto_key_versions(parent, filter: nil, order_by: nil, page_size: nil, page_token: nil, view: nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:get, 'v1/{+parent}/cryptoKeyVersions', options)
command.response_representation = Google::Apis::CloudkmsV1::ListCryptoKeyVersionsResponse::Representation
command.response_class = Google::Apis::CloudkmsV1::ListCryptoKeyVersionsResponse
command.params['parent'] = parent unless parent.nil?
command.query['filter'] = filter unless filter.nil?
command.query['orderBy'] = order_by unless order_by.nil?
command.query['pageSize'] = page_size unless page_size.nil?
command.query['pageToken'] = page_token unless page_token.nil?
command.query['view'] = view unless view.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Update a CryptoKeyVersion's metadata. state may be changed between ENABLED and
# DISABLED using this method. See DestroyCryptoKeyVersion and
# RestoreCryptoKeyVersion to move between other states.
# @param [String] name
# Output only. The resource name for this CryptoKeyVersion in the format `
# projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
# @param [Google::Apis::CloudkmsV1::CryptoKeyVersion] crypto_key_version_object
# @param [String] update_mask
# Required. List of fields to be updated in this request.
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::CryptoKeyVersion]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def patch_project_location_key_ring_crypto_key_crypto_key_version(name, crypto_key_version_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:patch, 'v1/{+name}', options)
command.request_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation
command.request_object = crypto_key_version_object
command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation
command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion
command.params['name'] = name unless name.nil?
command.query['updateMask'] = update_mask unless update_mask.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state. Upon restoration of
# the CryptoKeyVersion, state will be set to DISABLED, and destroy_time will be
# cleared.
# @param [String] name
# Required. The resource name of the CryptoKeyVersion to restore.
# @param [Google::Apis::CloudkmsV1::RestoreCryptoKeyVersionRequest] restore_crypto_key_version_request_object
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::CryptoKeyVersion]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def restore_crypto_key_version(name, restore_crypto_key_version_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:post, 'v1/{+name}:restore', options)
command.request_representation = Google::Apis::CloudkmsV1::RestoreCryptoKeyVersionRequest::Representation
command.request_object = restore_crypto_key_version_request_object
command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation
command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion
command.params['name'] = name unless name.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Create a new ImportJob within a KeyRing. ImportJob.import_method is required.
# @param [String] parent
# Required. The name of the KeyRing associated with the ImportJobs.
# @param [Google::Apis::CloudkmsV1::ImportJob] import_job_object
# @param [String] import_job_id
# Required. It must be unique within a KeyRing and match the regular expression `
# [a-zA-Z0-9_-]`1,63``
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::ImportJob] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::ImportJob]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def create_project_location_key_ring_import_job(parent, import_job_object = nil, import_job_id: nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:post, 'v1/{+parent}/importJobs', options)
command.request_representation = Google::Apis::CloudkmsV1::ImportJob::Representation
command.request_object = import_job_object
command.response_representation = Google::Apis::CloudkmsV1::ImportJob::Representation
command.response_class = Google::Apis::CloudkmsV1::ImportJob
command.params['parent'] = parent unless parent.nil?
command.query['importJobId'] = import_job_id unless import_job_id.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Returns metadata for a given ImportJob.
# @param [String] name
# Required. The name of the ImportJob to get.
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::ImportJob] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::ImportJob]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def get_project_location_key_ring_import_job(name, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:get, 'v1/{+name}', options)
command.response_representation = Google::Apis::CloudkmsV1::ImportJob::Representation
command.response_class = Google::Apis::CloudkmsV1::ImportJob
command.params['name'] = name unless name.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Gets the access control policy for a resource. Returns an empty policy if the
# resource exists and does not have a policy set.
# @param [String] resource
# REQUIRED: The resource for which the policy is being requested. See the
# operation documentation for the appropriate value for this field.
# @param [Fixnum] options_requested_policy_version
# Optional. The policy format version to be returned. Valid values are 0, 1, and
# 3. Requests specifying an invalid value will be rejected. Requests for
# policies with any conditional bindings must specify version 3. Policies
# without any conditional bindings may specify any valid value or leave the
# field unset. To learn which resources support conditions in their IAM policies,
# see the [IAM documentation](
# resource-policies).
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::Policy]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def get_project_location_key_ring_import_job_iam_policy(resource, options_requested_policy_version: nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:get, 'v1/{+resource}:getIamPolicy', options)
command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation
command.response_class = Google::Apis::CloudkmsV1::Policy
command.params['resource'] = resource unless resource.nil?
command.query['options.requestedPolicyVersion'] = options_requested_policy_version unless options_requested_policy_version.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Lists ImportJobs.
# @param [String] parent
# Required. The resource name of the KeyRing to list, in the format `projects/*/
# locations/*/keyRings/*`.
# @param [String] filter
# Optional. Only include resources that match the filter in the response. For
# more information, see [Sorting and filtering list results](https://cloud.
# @param [String] order_by
# Optional. Specify how the results should be sorted. If not specified, the
# results will be sorted in the default order. For more information, see [
# Sorting and filtering list results](
# and-filtering).
# @param [Fixnum] page_size
# Optional. Optional limit on the number of ImportJobs to include in the
# response. Further ImportJobs can subsequently be obtained by including the
# ListImportJobsResponse.next_page_token in a subsequent request. If unspecified,
# the server will pick an appropriate default.
# @param [String] page_token
# Optional. Optional pagination token, returned earlier via
# ListImportJobsResponse.next_page_token.
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::ListImportJobsResponse] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::ListImportJobsResponse]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def list_project_location_key_ring_import_jobs(parent, filter: nil, order_by: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:get, 'v1/{+parent}/importJobs', options)
command.response_representation = Google::Apis::CloudkmsV1::ListImportJobsResponse::Representation
command.response_class = Google::Apis::CloudkmsV1::ListImportJobsResponse
command.params['parent'] = parent unless parent.nil?
command.query['filter'] = filter unless filter.nil?
command.query['orderBy'] = order_by unless order_by.nil?
command.query['pageSize'] = page_size unless page_size.nil?
command.query['pageToken'] = page_token unless page_token.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Sets the access control policy on the specified resource. Replaces any
# existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `
# @param [String] resource
# REQUIRED: The resource for which the policy is being specified. See the
# operation documentation for the appropriate value for this field.
# @param [Google::Apis::CloudkmsV1::SetIamPolicyRequest] set_iam_policy_request_object
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::Policy]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def set_import_job_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options)
command.request_representation = Google::Apis::CloudkmsV1::SetIamPolicyRequest::Representation
command.request_object = set_iam_policy_request_object
command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation
command.response_class = Google::Apis::CloudkmsV1::Policy
command.params['resource'] = resource unless resource.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
# Returns permissions that a caller has on the specified resource. If the
# resource does not exist, this will return an empty set of permissions, not a `
# NOT_FOUND` error. Note: This operation is designed to be used for building
# permission-aware UIs and command-line tools, not for authorization checking.
# This operation may "fail open" without warning.
# @param [String] resource
# REQUIRED: The resource for which the policy detail is being requested. See the
# operation documentation for the appropriate value for this field.
# @param [Google::Apis::CloudkmsV1::TestIamPermissionsRequest] test_iam_permissions_request_object
# @param [String] fields
# Selector specifying which fields to include in a partial response.
# @param [String] quota_user
# Available to use for quota purposes for server-side applications. Can be any
# arbitrary string assigned to a user, but should not exceed 40 characters.
# @param [Google::Apis::RequestOptions] options
# Request-specific options
# @yield [result, err] Result & error if block supplied
# @yieldparam result [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] parsed result object
# @yieldparam err [StandardError] error object if request failed
# @return [Google::Apis::CloudkmsV1::TestIamPermissionsResponse]
# @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried
# @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification
# @raise [Google::Apis::AuthorizationError] Authorization is required
def test_import_job_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block)
command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options)
command.request_representation = Google::Apis::CloudkmsV1::TestIamPermissionsRequest::Representation
command.request_object = test_iam_permissions_request_object
command.response_representation = Google::Apis::CloudkmsV1::TestIamPermissionsResponse::Representation
command.response_class = Google::Apis::CloudkmsV1::TestIamPermissionsResponse
command.params['resource'] = resource unless resource.nil?
command.query['fields'] = fields unless fields.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?
execute_or_queue_command(command, &block)
def apply_command_defaults(command)
command.query['key'] = key unless key.nil?
command.query['quotaUser'] = quota_user unless quota_user.nil?