# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. require 'google/apis/core/base_service' require 'google/apis/core/json_representation' require 'google/apis/core/hashable' require 'google/apis/errors' module Google module Apis module CloudkmsV1 # Cloud Key Management Service (KMS) API # # Manages keys and performs cryptographic operations in a central cloud service, # for direct use by other cloud resources and applications. # # @example # require 'google/apis/cloudkms_v1' # # Cloudkms = Google::Apis::CloudkmsV1 # Alias the module # service = Cloudkms::CloudKMSService.new # # @see https://cloud.google.com/kms/ class CloudKMSService < Google::Apis::Core::BaseService # @return [String] # API key. Your API key identifies your project and provides you with API access, # quota, and reports. Required unless you provide an OAuth 2.0 token. attr_accessor :key # @return [String] # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. attr_accessor :quota_user def initialize super('https://cloudkms.googleapis.com/', '', client_name: 'google-apis-cloudkms_v1', client_version: Google::Apis::CloudkmsV1::GEM_VERSION) @batch_path = 'batch' end # Generate random bytes using the Cloud KMS randomness source in the provided # location. # @param [String] location # The project-specific location in which to generate random bytes. For example, " # projects/my-project/locations/us-central1". # @param [Google::Apis::CloudkmsV1::GenerateRandomBytesRequest] generate_random_bytes_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::GenerateRandomBytesResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::GenerateRandomBytesResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def generate_location_random_bytes(location, generate_random_bytes_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+location}:generateRandomBytes', options) command.request_representation = Google::Apis::CloudkmsV1::GenerateRandomBytesRequest::Representation command.request_object = generate_random_bytes_request_object command.response_representation = Google::Apis::CloudkmsV1::GenerateRandomBytesResponse::Representation command.response_class = Google::Apis::CloudkmsV1::GenerateRandomBytesResponse command.params['location'] = location unless location.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Gets information about a location. # @param [String] name # Resource name for the location. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::Location] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::Location] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_location(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', options) command.response_representation = Google::Apis::CloudkmsV1::Location::Representation command.response_class = Google::Apis::CloudkmsV1::Location command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Lists information about the supported locations for this service. # @param [String] name # The resource that owns the locations collection, if applicable. # @param [String] filter # A filter to narrow down results to a preferred subset. The filtering language # accepts strings like "displayName=tokyo", and is documented in more detail in [ # AIP-160](https://google.aip.dev/160). # @param [Fixnum] page_size # The maximum number of results to return. If not set, the service selects a # default. # @param [String] page_token # A page token received from the `next_page_token` field in the response. Send # that page token to receive the subsequent page. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::ListLocationsResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::ListLocationsResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def list_project_locations(name, filter: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}/locations', options) command.response_representation = Google::Apis::CloudkmsV1::ListLocationsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::ListLocationsResponse command.params['name'] = name unless name.nil? command.query['filter'] = filter unless filter.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Creates a new EkmConnection in a given Project and Location. # @param [String] parent # Required. The resource name of the location associated with the EkmConnection, # in the format `projects/*/locations/*`. # @param [Google::Apis::CloudkmsV1::EkmConnection] ekm_connection_object # @param [String] ekm_connection_id # Required. It must be unique within a location and match the regular expression # `[a-zA-Z0-9_-]`1,63``. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::EkmConnection] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::EkmConnection] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def create_project_location_ekm_connection(parent, ekm_connection_object = nil, ekm_connection_id: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+parent}/ekmConnections', options) command.request_representation = Google::Apis::CloudkmsV1::EkmConnection::Representation command.request_object = ekm_connection_object command.response_representation = Google::Apis::CloudkmsV1::EkmConnection::Representation command.response_class = Google::Apis::CloudkmsV1::EkmConnection command.params['parent'] = parent unless parent.nil? command.query['ekmConnectionId'] = ekm_connection_id unless ekm_connection_id.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Returns metadata for a given EkmConnection. # @param [String] name # Required. The name of the EkmConnection to get. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::EkmConnection] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::EkmConnection] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_location_ekm_connection(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', options) command.response_representation = Google::Apis::CloudkmsV1::EkmConnection::Representation command.response_class = Google::Apis::CloudkmsV1::EkmConnection command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Gets the access control policy for a resource. Returns an empty policy if the # resource exists and does not have a policy set. # @param [String] resource # REQUIRED: The resource for which the policy is being requested. See the # operation documentation for the appropriate value for this field. # @param [Fixnum] options_requested_policy_version # Optional. The maximum policy version that will be used to format the policy. # Valid values are 0, 1, and 3. Requests specifying an invalid value will be # rejected. Requests for policies with any conditional role bindings must # specify version 3. Policies with no conditional role bindings may specify any # valid value or leave the field unset. The policy in the response might use the # policy version that you specified, or it might use a lower policy version. For # example, if you specify version 3, but the policy has no conditional role # bindings, the response uses version 1. To learn which resources support # conditions in their IAM policies, see the [IAM documentation](https://cloud. # google.com/iam/help/conditions/resource-policies). # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::Policy] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_location_ekm_connection_iam_policy(resource, options_requested_policy_version: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+resource}:getIamPolicy', options) command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation command.response_class = Google::Apis::CloudkmsV1::Policy command.params['resource'] = resource unless resource.nil? command.query['options.requestedPolicyVersion'] = options_requested_policy_version unless options_requested_policy_version.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Lists EkmConnections. # @param [String] parent # Required. The resource name of the location associated with the EkmConnections # to list, in the format `projects/*/locations/*`. # @param [String] filter # Optional. Only include resources that match the filter in the response. For # more information, see [Sorting and filtering list results](https://cloud. # google.com/kms/docs/sorting-and-filtering). # @param [String] order_by # Optional. Specify how the results should be sorted. If not specified, the # results will be sorted in the default order. For more information, see [ # Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting- # and-filtering). # @param [Fixnum] page_size # Optional. Optional limit on the number of EkmConnections to include in the # response. Further EkmConnections can subsequently be obtained by including the # ListEkmConnectionsResponse.next_page_token in a subsequent request. If # unspecified, the server will pick an appropriate default. # @param [String] page_token # Optional. Optional pagination token, returned earlier via # ListEkmConnectionsResponse.next_page_token. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::ListEkmConnectionsResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::ListEkmConnectionsResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def list_project_location_ekm_connections(parent, filter: nil, order_by: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+parent}/ekmConnections', options) command.response_representation = Google::Apis::CloudkmsV1::ListEkmConnectionsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::ListEkmConnectionsResponse command.params['parent'] = parent unless parent.nil? command.query['filter'] = filter unless filter.nil? command.query['orderBy'] = order_by unless order_by.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Updates an EkmConnection's metadata. # @param [String] name # Output only. The resource name for the EkmConnection in the format `projects/*/ # locations/*/ekmConnections/*`. # @param [Google::Apis::CloudkmsV1::EkmConnection] ekm_connection_object # @param [String] update_mask # Required. List of fields to be updated in this request. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::EkmConnection] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::EkmConnection] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def patch_project_location_ekm_connection(name, ekm_connection_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:patch, 'v1/{+name}', options) command.request_representation = Google::Apis::CloudkmsV1::EkmConnection::Representation command.request_object = ekm_connection_object command.response_representation = Google::Apis::CloudkmsV1::EkmConnection::Representation command.response_class = Google::Apis::CloudkmsV1::EkmConnection command.params['name'] = name unless name.nil? command.query['updateMask'] = update_mask unless update_mask.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Sets the access control policy on the specified resource. Replaces any # existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and ` # PERMISSION_DENIED` errors. # @param [String] resource # REQUIRED: The resource for which the policy is being specified. See the # operation documentation for the appropriate value for this field. # @param [Google::Apis::CloudkmsV1::SetIamPolicyRequest] set_iam_policy_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::Policy] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def set_ekm_connection_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options) command.request_representation = Google::Apis::CloudkmsV1::SetIamPolicyRequest::Representation command.request_object = set_iam_policy_request_object command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation command.response_class = Google::Apis::CloudkmsV1::Policy command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Returns permissions that a caller has on the specified resource. If the # resource does not exist, this will return an empty set of permissions, not a ` # NOT_FOUND` error. Note: This operation is designed to be used for building # permission-aware UIs and command-line tools, not for authorization checking. # This operation may "fail open" without warning. # @param [String] resource # REQUIRED: The resource for which the policy detail is being requested. See the # operation documentation for the appropriate value for this field. # @param [Google::Apis::CloudkmsV1::TestIamPermissionsRequest] test_iam_permissions_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def test_ekm_connection_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options) command.request_representation = Google::Apis::CloudkmsV1::TestIamPermissionsRequest::Representation command.request_object = test_iam_permissions_request_object command.response_representation = Google::Apis::CloudkmsV1::TestIamPermissionsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::TestIamPermissionsResponse command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Create a new KeyRing in a given Project and Location. # @param [String] parent # Required. The resource name of the location associated with the KeyRings, in # the format `projects/*/locations/*`. # @param [Google::Apis::CloudkmsV1::KeyRing] key_ring_object # @param [String] key_ring_id # Required. It must be unique within a location and match the regular expression # `[a-zA-Z0-9_-]`1,63`` # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::KeyRing] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::KeyRing] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def create_project_location_key_ring(parent, key_ring_object = nil, key_ring_id: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+parent}/keyRings', options) command.request_representation = Google::Apis::CloudkmsV1::KeyRing::Representation command.request_object = key_ring_object command.response_representation = Google::Apis::CloudkmsV1::KeyRing::Representation command.response_class = Google::Apis::CloudkmsV1::KeyRing command.params['parent'] = parent unless parent.nil? command.query['keyRingId'] = key_ring_id unless key_ring_id.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Returns metadata for a given KeyRing. # @param [String] name # Required. The name of the KeyRing to get. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::KeyRing] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::KeyRing] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_location_key_ring(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', options) command.response_representation = Google::Apis::CloudkmsV1::KeyRing::Representation command.response_class = Google::Apis::CloudkmsV1::KeyRing command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Gets the access control policy for a resource. Returns an empty policy if the # resource exists and does not have a policy set. # @param [String] resource # REQUIRED: The resource for which the policy is being requested. See the # operation documentation for the appropriate value for this field. # @param [Fixnum] options_requested_policy_version # Optional. The maximum policy version that will be used to format the policy. # Valid values are 0, 1, and 3. Requests specifying an invalid value will be # rejected. Requests for policies with any conditional role bindings must # specify version 3. Policies with no conditional role bindings may specify any # valid value or leave the field unset. The policy in the response might use the # policy version that you specified, or it might use a lower policy version. For # example, if you specify version 3, but the policy has no conditional role # bindings, the response uses version 1. To learn which resources support # conditions in their IAM policies, see the [IAM documentation](https://cloud. # google.com/iam/help/conditions/resource-policies). # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::Policy] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_location_key_ring_iam_policy(resource, options_requested_policy_version: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+resource}:getIamPolicy', options) command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation command.response_class = Google::Apis::CloudkmsV1::Policy command.params['resource'] = resource unless resource.nil? command.query['options.requestedPolicyVersion'] = options_requested_policy_version unless options_requested_policy_version.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Lists KeyRings. # @param [String] parent # Required. The resource name of the location associated with the KeyRings, in # the format `projects/*/locations/*`. # @param [String] filter # Optional. Only include resources that match the filter in the response. For # more information, see [Sorting and filtering list results](https://cloud. # google.com/kms/docs/sorting-and-filtering). # @param [String] order_by # Optional. Specify how the results should be sorted. If not specified, the # results will be sorted in the default order. For more information, see [ # Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting- # and-filtering). # @param [Fixnum] page_size # Optional. Optional limit on the number of KeyRings to include in the response. # Further KeyRings can subsequently be obtained by including the # ListKeyRingsResponse.next_page_token in a subsequent request. If unspecified, # the server will pick an appropriate default. # @param [String] page_token # Optional. Optional pagination token, returned earlier via ListKeyRingsResponse. # next_page_token. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::ListKeyRingsResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::ListKeyRingsResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def list_project_location_key_rings(parent, filter: nil, order_by: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+parent}/keyRings', options) command.response_representation = Google::Apis::CloudkmsV1::ListKeyRingsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::ListKeyRingsResponse command.params['parent'] = parent unless parent.nil? command.query['filter'] = filter unless filter.nil? command.query['orderBy'] = order_by unless order_by.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Sets the access control policy on the specified resource. Replaces any # existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and ` # PERMISSION_DENIED` errors. # @param [String] resource # REQUIRED: The resource for which the policy is being specified. See the # operation documentation for the appropriate value for this field. # @param [Google::Apis::CloudkmsV1::SetIamPolicyRequest] set_iam_policy_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::Policy] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def set_key_ring_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options) command.request_representation = Google::Apis::CloudkmsV1::SetIamPolicyRequest::Representation command.request_object = set_iam_policy_request_object command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation command.response_class = Google::Apis::CloudkmsV1::Policy command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Returns permissions that a caller has on the specified resource. If the # resource does not exist, this will return an empty set of permissions, not a ` # NOT_FOUND` error. Note: This operation is designed to be used for building # permission-aware UIs and command-line tools, not for authorization checking. # This operation may "fail open" without warning. # @param [String] resource # REQUIRED: The resource for which the policy detail is being requested. See the # operation documentation for the appropriate value for this field. # @param [Google::Apis::CloudkmsV1::TestIamPermissionsRequest] test_iam_permissions_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def test_key_ring_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options) command.request_representation = Google::Apis::CloudkmsV1::TestIamPermissionsRequest::Representation command.request_object = test_iam_permissions_request_object command.response_representation = Google::Apis::CloudkmsV1::TestIamPermissionsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::TestIamPermissionsResponse command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Create a new CryptoKey within a KeyRing. CryptoKey.purpose and CryptoKey. # version_template.algorithm are required. # @param [String] parent # Required. The name of the KeyRing associated with the CryptoKeys. # @param [Google::Apis::CloudkmsV1::CryptoKey] crypto_key_object # @param [String] crypto_key_id # Required. It must be unique within a KeyRing and match the regular expression ` # [a-zA-Z0-9_-]`1,63`` # @param [Boolean] skip_initial_version_creation # If set to true, the request will create a CryptoKey without any # CryptoKeyVersions. You must manually call CreateCryptoKeyVersion or # ImportCryptoKeyVersion before you can use this CryptoKey. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKey] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKey] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def create_project_location_key_ring_crypto_key(parent, crypto_key_object = nil, crypto_key_id: nil, skip_initial_version_creation: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+parent}/cryptoKeys', options) command.request_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation command.request_object = crypto_key_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKey command.params['parent'] = parent unless parent.nil? command.query['cryptoKeyId'] = crypto_key_id unless crypto_key_id.nil? command.query['skipInitialVersionCreation'] = skip_initial_version_creation unless skip_initial_version_creation.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Decrypts data that was protected by Encrypt. The CryptoKey.purpose must be # ENCRYPT_DECRYPT. # @param [String] name # Required. The resource name of the CryptoKey to use for decryption. The server # will choose the appropriate version. # @param [Google::Apis::CloudkmsV1::DecryptRequest] decrypt_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::DecryptResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::DecryptResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def decrypt_crypto_key(name, decrypt_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:decrypt', options) command.request_representation = Google::Apis::CloudkmsV1::DecryptRequest::Representation command.request_object = decrypt_request_object command.response_representation = Google::Apis::CloudkmsV1::DecryptResponse::Representation command.response_class = Google::Apis::CloudkmsV1::DecryptResponse command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Encrypts data, so that it can only be recovered by a call to Decrypt. The # CryptoKey.purpose must be ENCRYPT_DECRYPT. # @param [String] name # Required. The resource name of the CryptoKey or CryptoKeyVersion to use for # encryption. If a CryptoKey is specified, the server will use its primary # version. # @param [Google::Apis::CloudkmsV1::EncryptRequest] encrypt_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::EncryptResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::EncryptResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def encrypt_crypto_key(name, encrypt_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:encrypt', options) command.request_representation = Google::Apis::CloudkmsV1::EncryptRequest::Representation command.request_object = encrypt_request_object command.response_representation = Google::Apis::CloudkmsV1::EncryptResponse::Representation command.response_class = Google::Apis::CloudkmsV1::EncryptResponse command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Returns metadata for a given CryptoKey, as well as its primary # CryptoKeyVersion. # @param [String] name # Required. The name of the CryptoKey to get. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKey] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKey] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_location_key_ring_crypto_key(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', options) command.response_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKey command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Gets the access control policy for a resource. Returns an empty policy if the # resource exists and does not have a policy set. # @param [String] resource # REQUIRED: The resource for which the policy is being requested. See the # operation documentation for the appropriate value for this field. # @param [Fixnum] options_requested_policy_version # Optional. The maximum policy version that will be used to format the policy. # Valid values are 0, 1, and 3. Requests specifying an invalid value will be # rejected. Requests for policies with any conditional role bindings must # specify version 3. Policies with no conditional role bindings may specify any # valid value or leave the field unset. The policy in the response might use the # policy version that you specified, or it might use a lower policy version. For # example, if you specify version 3, but the policy has no conditional role # bindings, the response uses version 1. To learn which resources support # conditions in their IAM policies, see the [IAM documentation](https://cloud. # google.com/iam/help/conditions/resource-policies). # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::Policy] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_location_key_ring_crypto_key_iam_policy(resource, options_requested_policy_version: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+resource}:getIamPolicy', options) command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation command.response_class = Google::Apis::CloudkmsV1::Policy command.params['resource'] = resource unless resource.nil? command.query['options.requestedPolicyVersion'] = options_requested_policy_version unless options_requested_policy_version.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Lists CryptoKeys. # @param [String] parent # Required. The resource name of the KeyRing to list, in the format `projects/*/ # locations/*/keyRings/*`. # @param [String] filter # Optional. Only include resources that match the filter in the response. For # more information, see [Sorting and filtering list results](https://cloud. # google.com/kms/docs/sorting-and-filtering). # @param [String] order_by # Optional. Specify how the results should be sorted. If not specified, the # results will be sorted in the default order. For more information, see [ # Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting- # and-filtering). # @param [Fixnum] page_size # Optional. Optional limit on the number of CryptoKeys to include in the # response. Further CryptoKeys can subsequently be obtained by including the # ListCryptoKeysResponse.next_page_token in a subsequent request. If unspecified, # the server will pick an appropriate default. # @param [String] page_token # Optional. Optional pagination token, returned earlier via # ListCryptoKeysResponse.next_page_token. # @param [String] version_view # The fields of the primary version to include in the response. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::ListCryptoKeysResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::ListCryptoKeysResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def list_project_location_key_ring_crypto_keys(parent, filter: nil, order_by: nil, page_size: nil, page_token: nil, version_view: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+parent}/cryptoKeys', options) command.response_representation = Google::Apis::CloudkmsV1::ListCryptoKeysResponse::Representation command.response_class = Google::Apis::CloudkmsV1::ListCryptoKeysResponse command.params['parent'] = parent unless parent.nil? command.query['filter'] = filter unless filter.nil? command.query['orderBy'] = order_by unless order_by.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['versionView'] = version_view unless version_view.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Update a CryptoKey. # @param [String] name # Output only. The resource name for this CryptoKey in the format `projects/*/ # locations/*/keyRings/*/cryptoKeys/*`. # @param [Google::Apis::CloudkmsV1::CryptoKey] crypto_key_object # @param [String] update_mask # Required. List of fields to be updated in this request. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKey] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKey] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def patch_project_location_key_ring_crypto_key(name, crypto_key_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:patch, 'v1/{+name}', options) command.request_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation command.request_object = crypto_key_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKey command.params['name'] = name unless name.nil? command.query['updateMask'] = update_mask unless update_mask.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Sets the access control policy on the specified resource. Replaces any # existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and ` # PERMISSION_DENIED` errors. # @param [String] resource # REQUIRED: The resource for which the policy is being specified. See the # operation documentation for the appropriate value for this field. # @param [Google::Apis::CloudkmsV1::SetIamPolicyRequest] set_iam_policy_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::Policy] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def set_crypto_key_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options) command.request_representation = Google::Apis::CloudkmsV1::SetIamPolicyRequest::Representation command.request_object = set_iam_policy_request_object command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation command.response_class = Google::Apis::CloudkmsV1::Policy command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Returns permissions that a caller has on the specified resource. If the # resource does not exist, this will return an empty set of permissions, not a ` # NOT_FOUND` error. Note: This operation is designed to be used for building # permission-aware UIs and command-line tools, not for authorization checking. # This operation may "fail open" without warning. # @param [String] resource # REQUIRED: The resource for which the policy detail is being requested. See the # operation documentation for the appropriate value for this field. # @param [Google::Apis::CloudkmsV1::TestIamPermissionsRequest] test_iam_permissions_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def test_crypto_key_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options) command.request_representation = Google::Apis::CloudkmsV1::TestIamPermissionsRequest::Representation command.request_object = test_iam_permissions_request_object command.response_representation = Google::Apis::CloudkmsV1::TestIamPermissionsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::TestIamPermissionsResponse command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Update the version of a CryptoKey that will be used in Encrypt. Returns an # error if called on a key whose purpose is not ENCRYPT_DECRYPT. # @param [String] name # Required. The resource name of the CryptoKey to update. # @param [Google::Apis::CloudkmsV1::UpdateCryptoKeyPrimaryVersionRequest] update_crypto_key_primary_version_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKey] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKey] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def update_project_location_key_ring_crypto_key_primary_version(name, update_crypto_key_primary_version_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:updatePrimaryVersion', options) command.request_representation = Google::Apis::CloudkmsV1::UpdateCryptoKeyPrimaryVersionRequest::Representation command.request_object = update_crypto_key_primary_version_request_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKey command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Decrypts data that was encrypted with a public key retrieved from GetPublicKey # corresponding to a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_DECRYPT. # @param [String] name # Required. The resource name of the CryptoKeyVersion to use for decryption. # @param [Google::Apis::CloudkmsV1::AsymmetricDecryptRequest] asymmetric_decrypt_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::AsymmetricDecryptResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::AsymmetricDecryptResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def asymmetric_crypto_key_version_decrypt(name, asymmetric_decrypt_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:asymmetricDecrypt', options) command.request_representation = Google::Apis::CloudkmsV1::AsymmetricDecryptRequest::Representation command.request_object = asymmetric_decrypt_request_object command.response_representation = Google::Apis::CloudkmsV1::AsymmetricDecryptResponse::Representation command.response_class = Google::Apis::CloudkmsV1::AsymmetricDecryptResponse command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Signs data using a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_SIGN, # producing a signature that can be verified with the public key retrieved from # GetPublicKey. # @param [String] name # Required. The resource name of the CryptoKeyVersion to use for signing. # @param [Google::Apis::CloudkmsV1::AsymmetricSignRequest] asymmetric_sign_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::AsymmetricSignResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::AsymmetricSignResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def asymmetric_crypto_key_version_sign(name, asymmetric_sign_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:asymmetricSign', options) command.request_representation = Google::Apis::CloudkmsV1::AsymmetricSignRequest::Representation command.request_object = asymmetric_sign_request_object command.response_representation = Google::Apis::CloudkmsV1::AsymmetricSignResponse::Representation command.response_class = Google::Apis::CloudkmsV1::AsymmetricSignResponse command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Create a new CryptoKeyVersion in a CryptoKey. The server will assign the next # sequential id. If unset, state will be set to ENABLED. # @param [String] parent # Required. The name of the CryptoKey associated with the CryptoKeyVersions. # @param [Google::Apis::CloudkmsV1::CryptoKeyVersion] crypto_key_version_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKeyVersion] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def create_project_location_key_ring_crypto_key_crypto_key_version(parent, crypto_key_version_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+parent}/cryptoKeyVersions', options) command.request_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.request_object = crypto_key_version_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion command.params['parent'] = parent unless parent.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Schedule a CryptoKeyVersion for destruction. Upon calling this method, # CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and destroy_time will # be set to the time destroy_scheduled_duration in the future. At that time, the # state will automatically change to DESTROYED, and the key material will be # irrevocably destroyed. Before the destroy_time is reached, # RestoreCryptoKeyVersion may be called to reverse the process. # @param [String] name # Required. The resource name of the CryptoKeyVersion to destroy. # @param [Google::Apis::CloudkmsV1::DestroyCryptoKeyVersionRequest] destroy_crypto_key_version_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKeyVersion] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def destroy_crypto_key_version(name, destroy_crypto_key_version_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:destroy', options) command.request_representation = Google::Apis::CloudkmsV1::DestroyCryptoKeyVersionRequest::Representation command.request_object = destroy_crypto_key_version_request_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Returns metadata for a given CryptoKeyVersion. # @param [String] name # Required. The name of the CryptoKeyVersion to get. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKeyVersion] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_location_key_ring_crypto_key_crypto_key_version(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', options) command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Returns the public key for the given CryptoKeyVersion. The CryptoKey.purpose # must be ASYMMETRIC_SIGN or ASYMMETRIC_DECRYPT. # @param [String] name # Required. The name of the CryptoKeyVersion public key to get. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::PublicKey] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::PublicKey] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_location_key_ring_crypto_key_crypto_key_version_public_key(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}/publicKey', options) command.response_representation = Google::Apis::CloudkmsV1::PublicKey::Representation command.response_class = Google::Apis::CloudkmsV1::PublicKey command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Import wrapped key material into a CryptoKeyVersion. All requests must specify # a CryptoKey. If a CryptoKeyVersion is additionally specified in the request, # key material will be reimported into that version. Otherwise, a new version # will be created, and will be assigned the next sequential id within the # CryptoKey. # @param [String] parent # Required. The name of the CryptoKey to be imported into. The create permission # is only required on this key when creating a new CryptoKeyVersion. # @param [Google::Apis::CloudkmsV1::ImportCryptoKeyVersionRequest] import_crypto_key_version_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKeyVersion] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def import_crypto_key_version(parent, import_crypto_key_version_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+parent}/cryptoKeyVersions:import', options) command.request_representation = Google::Apis::CloudkmsV1::ImportCryptoKeyVersionRequest::Representation command.request_object = import_crypto_key_version_request_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion command.params['parent'] = parent unless parent.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Lists CryptoKeyVersions. # @param [String] parent # Required. The resource name of the CryptoKey to list, in the format `projects/* # /locations/*/keyRings/*/cryptoKeys/*`. # @param [String] filter # Optional. Only include resources that match the filter in the response. For # more information, see [Sorting and filtering list results](https://cloud. # google.com/kms/docs/sorting-and-filtering). # @param [String] order_by # Optional. Specify how the results should be sorted. If not specified, the # results will be sorted in the default order. For more information, see [ # Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting- # and-filtering). # @param [Fixnum] page_size # Optional. Optional limit on the number of CryptoKeyVersions to include in the # response. Further CryptoKeyVersions can subsequently be obtained by including # the ListCryptoKeyVersionsResponse.next_page_token in a subsequent request. If # unspecified, the server will pick an appropriate default. # @param [String] page_token # Optional. Optional pagination token, returned earlier via # ListCryptoKeyVersionsResponse.next_page_token. # @param [String] view # The fields to include in the response. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::ListCryptoKeyVersionsResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::ListCryptoKeyVersionsResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def list_project_location_key_ring_crypto_key_crypto_key_versions(parent, filter: nil, order_by: nil, page_size: nil, page_token: nil, view: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+parent}/cryptoKeyVersions', options) command.response_representation = Google::Apis::CloudkmsV1::ListCryptoKeyVersionsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::ListCryptoKeyVersionsResponse command.params['parent'] = parent unless parent.nil? command.query['filter'] = filter unless filter.nil? command.query['orderBy'] = order_by unless order_by.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['view'] = view unless view.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, producing a # tag that can be verified by another source with the same key. # @param [String] name # Required. The resource name of the CryptoKeyVersion to use for signing. # @param [Google::Apis::CloudkmsV1::MacSignRequest] mac_sign_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::MacSignResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::MacSignResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def mac_crypto_key_version_sign(name, mac_sign_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:macSign', options) command.request_representation = Google::Apis::CloudkmsV1::MacSignRequest::Representation command.request_object = mac_sign_request_object command.response_representation = Google::Apis::CloudkmsV1::MacSignResponse::Representation command.response_class = Google::Apis::CloudkmsV1::MacSignResponse command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, and # returns a response that indicates whether or not the verification was # successful. # @param [String] name # Required. The resource name of the CryptoKeyVersion to use for verification. # @param [Google::Apis::CloudkmsV1::MacVerifyRequest] mac_verify_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::MacVerifyResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::MacVerifyResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def mac_crypto_key_version_verify(name, mac_verify_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:macVerify', options) command.request_representation = Google::Apis::CloudkmsV1::MacVerifyRequest::Representation command.request_object = mac_verify_request_object command.response_representation = Google::Apis::CloudkmsV1::MacVerifyResponse::Representation command.response_class = Google::Apis::CloudkmsV1::MacVerifyResponse command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Update a CryptoKeyVersion's metadata. state may be changed between ENABLED and # DISABLED using this method. See DestroyCryptoKeyVersion and # RestoreCryptoKeyVersion to move between other states. # @param [String] name # Output only. The resource name for this CryptoKeyVersion in the format ` # projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. # @param [Google::Apis::CloudkmsV1::CryptoKeyVersion] crypto_key_version_object # @param [String] update_mask # Required. List of fields to be updated in this request. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKeyVersion] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def patch_project_location_key_ring_crypto_key_crypto_key_version(name, crypto_key_version_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:patch, 'v1/{+name}', options) command.request_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.request_object = crypto_key_version_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion command.params['name'] = name unless name.nil? command.query['updateMask'] = update_mask unless update_mask.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state. Upon restoration of # the CryptoKeyVersion, state will be set to DISABLED, and destroy_time will be # cleared. # @param [String] name # Required. The resource name of the CryptoKeyVersion to restore. # @param [Google::Apis::CloudkmsV1::RestoreCryptoKeyVersionRequest] restore_crypto_key_version_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKeyVersion] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def restore_crypto_key_version(name, restore_crypto_key_version_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:restore', options) command.request_representation = Google::Apis::CloudkmsV1::RestoreCryptoKeyVersionRequest::Representation command.request_object = restore_crypto_key_version_request_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Create a new ImportJob within a KeyRing. ImportJob.import_method is required. # @param [String] parent # Required. The name of the KeyRing associated with the ImportJobs. # @param [Google::Apis::CloudkmsV1::ImportJob] import_job_object # @param [String] import_job_id # Required. It must be unique within a KeyRing and match the regular expression ` # [a-zA-Z0-9_-]`1,63`` # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::ImportJob] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::ImportJob] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def create_project_location_key_ring_import_job(parent, import_job_object = nil, import_job_id: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+parent}/importJobs', options) command.request_representation = Google::Apis::CloudkmsV1::ImportJob::Representation command.request_object = import_job_object command.response_representation = Google::Apis::CloudkmsV1::ImportJob::Representation command.response_class = Google::Apis::CloudkmsV1::ImportJob command.params['parent'] = parent unless parent.nil? command.query['importJobId'] = import_job_id unless import_job_id.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Returns metadata for a given ImportJob. # @param [String] name # Required. The name of the ImportJob to get. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::ImportJob] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::ImportJob] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_location_key_ring_import_job(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', options) command.response_representation = Google::Apis::CloudkmsV1::ImportJob::Representation command.response_class = Google::Apis::CloudkmsV1::ImportJob command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Gets the access control policy for a resource. Returns an empty policy if the # resource exists and does not have a policy set. # @param [String] resource # REQUIRED: The resource for which the policy is being requested. See the # operation documentation for the appropriate value for this field. # @param [Fixnum] options_requested_policy_version # Optional. The maximum policy version that will be used to format the policy. # Valid values are 0, 1, and 3. Requests specifying an invalid value will be # rejected. Requests for policies with any conditional role bindings must # specify version 3. Policies with no conditional role bindings may specify any # valid value or leave the field unset. The policy in the response might use the # policy version that you specified, or it might use a lower policy version. For # example, if you specify version 3, but the policy has no conditional role # bindings, the response uses version 1. To learn which resources support # conditions in their IAM policies, see the [IAM documentation](https://cloud. # google.com/iam/help/conditions/resource-policies). # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::Policy] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_location_key_ring_import_job_iam_policy(resource, options_requested_policy_version: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+resource}:getIamPolicy', options) command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation command.response_class = Google::Apis::CloudkmsV1::Policy command.params['resource'] = resource unless resource.nil? command.query['options.requestedPolicyVersion'] = options_requested_policy_version unless options_requested_policy_version.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Lists ImportJobs. # @param [String] parent # Required. The resource name of the KeyRing to list, in the format `projects/*/ # locations/*/keyRings/*`. # @param [String] filter # Optional. Only include resources that match the filter in the response. For # more information, see [Sorting and filtering list results](https://cloud. # google.com/kms/docs/sorting-and-filtering). # @param [String] order_by # Optional. Specify how the results should be sorted. If not specified, the # results will be sorted in the default order. For more information, see [ # Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting- # and-filtering). # @param [Fixnum] page_size # Optional. Optional limit on the number of ImportJobs to include in the # response. Further ImportJobs can subsequently be obtained by including the # ListImportJobsResponse.next_page_token in a subsequent request. If unspecified, # the server will pick an appropriate default. # @param [String] page_token # Optional. Optional pagination token, returned earlier via # ListImportJobsResponse.next_page_token. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::ListImportJobsResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::ListImportJobsResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def list_project_location_key_ring_import_jobs(parent, filter: nil, order_by: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+parent}/importJobs', options) command.response_representation = Google::Apis::CloudkmsV1::ListImportJobsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::ListImportJobsResponse command.params['parent'] = parent unless parent.nil? command.query['filter'] = filter unless filter.nil? command.query['orderBy'] = order_by unless order_by.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Sets the access control policy on the specified resource. Replaces any # existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and ` # PERMISSION_DENIED` errors. # @param [String] resource # REQUIRED: The resource for which the policy is being specified. See the # operation documentation for the appropriate value for this field. # @param [Google::Apis::CloudkmsV1::SetIamPolicyRequest] set_iam_policy_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::Policy] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def set_import_job_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options) command.request_representation = Google::Apis::CloudkmsV1::SetIamPolicyRequest::Representation command.request_object = set_iam_policy_request_object command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation command.response_class = Google::Apis::CloudkmsV1::Policy command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Returns permissions that a caller has on the specified resource. If the # resource does not exist, this will return an empty set of permissions, not a ` # NOT_FOUND` error. Note: This operation is designed to be used for building # permission-aware UIs and command-line tools, not for authorization checking. # This operation may "fail open" without warning. # @param [String] resource # REQUIRED: The resource for which the policy detail is being requested. See the # operation documentation for the appropriate value for this field. # @param [Google::Apis::CloudkmsV1::TestIamPermissionsRequest] test_iam_permissions_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def test_import_job_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options) command.request_representation = Google::Apis::CloudkmsV1::TestIamPermissionsRequest::Representation command.request_object = test_iam_permissions_request_object command.response_representation = Google::Apis::CloudkmsV1::TestIamPermissionsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::TestIamPermissionsResponse command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end protected def apply_command_defaults(command) command.query['key'] = key unless key.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? end end end end end