# Copyright 2015 Google Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. require 'google/apis/core/base_service' require 'google/apis/core/json_representation' require 'google/apis/core/hashable' require 'google/apis/errors' module Google module Apis module CloudkmsV1 # Cloud Key Management Service (KMS) API # # Manages encryption for your cloud services the same way you do on-premises. # You can generate, use, rotate, and destroy AES256 encryption keys. # # @example # require 'google/apis/cloudkms_v1' # # Cloudkms = Google::Apis::CloudkmsV1 # Alias the module # service = Cloudkms::CloudKMSService.new # # @see https://cloud.google.com/kms/ class CloudKMSService < Google::Apis::Core::BaseService # @return [String] # API key. Your API key identifies your project and provides you with API access, # quota, and reports. Required unless you provide an OAuth 2.0 token. attr_accessor :key # @return [String] # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. attr_accessor :quota_user def initialize super('https://cloudkms.googleapis.com/', '') @batch_path = 'batch' end # Gets information about a location. # @param [String] name # Resource name for the location. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::Location] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::Location] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_location(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', options) command.response_representation = Google::Apis::CloudkmsV1::Location::Representation command.response_class = Google::Apis::CloudkmsV1::Location command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Lists information about the supported locations for this service. # @param [String] name # The resource that owns the locations collection, if applicable. # @param [String] filter # The standard list filter. # @param [Fixnum] page_size # The standard list page size. # @param [String] page_token # The standard list page token. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::ListLocationsResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::ListLocationsResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def list_project_locations(name, filter: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}/locations', options) command.response_representation = Google::Apis::CloudkmsV1::ListLocationsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::ListLocationsResponse command.params['name'] = name unless name.nil? command.query['filter'] = filter unless filter.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Create a new KeyRing in a given Project and Location. # @param [String] parent # Required. The resource name of the location associated with the # KeyRings, in the format `projects/*/locations/*`. # @param [Google::Apis::CloudkmsV1::KeyRing] key_ring_object # @param [String] key_ring_id # Required. It must be unique within a location and match the regular # expression `[a-zA-Z0-9_-]`1,63`` # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::KeyRing] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::KeyRing] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def create_project_location_key_ring(parent, key_ring_object = nil, key_ring_id: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+parent}/keyRings', options) command.request_representation = Google::Apis::CloudkmsV1::KeyRing::Representation command.request_object = key_ring_object command.response_representation = Google::Apis::CloudkmsV1::KeyRing::Representation command.response_class = Google::Apis::CloudkmsV1::KeyRing command.params['parent'] = parent unless parent.nil? command.query['keyRingId'] = key_ring_id unless key_ring_id.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Returns metadata for a given KeyRing. # @param [String] name # The name of the KeyRing to get. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::KeyRing] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::KeyRing] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_location_key_ring(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', options) command.response_representation = Google::Apis::CloudkmsV1::KeyRing::Representation command.response_class = Google::Apis::CloudkmsV1::KeyRing command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Gets the access control policy for a resource. # Returns an empty policy if the resource exists and does not have a policy # set. # @param [String] resource # REQUIRED: The resource for which the policy is being requested. # See the operation documentation for the appropriate value for this field. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::Policy] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_location_key_ring_iam_policy(resource, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+resource}:getIamPolicy', options) command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation command.response_class = Google::Apis::CloudkmsV1::Policy command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Lists KeyRings. # @param [String] parent # Required. The resource name of the location associated with the # KeyRings, in the format `projects/*/locations/*`. # @param [Fixnum] page_size # Optional limit on the number of KeyRings to include in the # response. Further KeyRings can subsequently be obtained by # including the ListKeyRingsResponse.next_page_token in a subsequent # request. If unspecified, the server will pick an appropriate default. # @param [String] page_token # Optional pagination token, returned earlier via # ListKeyRingsResponse.next_page_token. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::ListKeyRingsResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::ListKeyRingsResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def list_project_location_key_rings(parent, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+parent}/keyRings', options) command.response_representation = Google::Apis::CloudkmsV1::ListKeyRingsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::ListKeyRingsResponse command.params['parent'] = parent unless parent.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Sets the access control policy on the specified resource. Replaces any # existing policy. # @param [String] resource # REQUIRED: The resource for which the policy is being specified. # See the operation documentation for the appropriate value for this field. # @param [Google::Apis::CloudkmsV1::SetIamPolicyRequest] set_iam_policy_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::Policy] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def set_key_ring_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options) command.request_representation = Google::Apis::CloudkmsV1::SetIamPolicyRequest::Representation command.request_object = set_iam_policy_request_object command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation command.response_class = Google::Apis::CloudkmsV1::Policy command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Returns permissions that a caller has on the specified resource. # If the resource does not exist, this will return an empty set of # permissions, not a NOT_FOUND error. # Note: This operation is designed to be used for building permission-aware # UIs and command-line tools, not for authorization checking. This operation # may "fail open" without warning. # @param [String] resource # REQUIRED: The resource for which the policy detail is being requested. # See the operation documentation for the appropriate value for this field. # @param [Google::Apis::CloudkmsV1::TestIamPermissionsRequest] test_iam_permissions_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def test_key_ring_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options) command.request_representation = Google::Apis::CloudkmsV1::TestIamPermissionsRequest::Representation command.request_object = test_iam_permissions_request_object command.response_representation = Google::Apis::CloudkmsV1::TestIamPermissionsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::TestIamPermissionsResponse command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Create a new CryptoKey within a KeyRing. # CryptoKey.purpose is required. # @param [String] parent # Required. The name of the KeyRing associated with the # CryptoKeys. # @param [Google::Apis::CloudkmsV1::CryptoKey] crypto_key_object # @param [String] crypto_key_id # Required. It must be unique within a KeyRing and match the regular # expression `[a-zA-Z0-9_-]`1,63`` # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKey] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKey] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def create_project_location_key_ring_crypto_key(parent, crypto_key_object = nil, crypto_key_id: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+parent}/cryptoKeys', options) command.request_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation command.request_object = crypto_key_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKey command.params['parent'] = parent unless parent.nil? command.query['cryptoKeyId'] = crypto_key_id unless crypto_key_id.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Decrypts data that was protected by Encrypt. # @param [String] name # Required. The resource name of the CryptoKey to use for decryption. # The server will choose the appropriate version. # @param [Google::Apis::CloudkmsV1::DecryptRequest] decrypt_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::DecryptResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::DecryptResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def decrypt_crypto_key(name, decrypt_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:decrypt', options) command.request_representation = Google::Apis::CloudkmsV1::DecryptRequest::Representation command.request_object = decrypt_request_object command.response_representation = Google::Apis::CloudkmsV1::DecryptResponse::Representation command.response_class = Google::Apis::CloudkmsV1::DecryptResponse command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Encrypts data, so that it can only be recovered by a call to Decrypt. # @param [String] name # Required. The resource name of the CryptoKey or CryptoKeyVersion # to use for encryption. # If a CryptoKey is specified, the server will use its # primary version. # @param [Google::Apis::CloudkmsV1::EncryptRequest] encrypt_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::EncryptResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::EncryptResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def encrypt_crypto_key(name, encrypt_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:encrypt', options) command.request_representation = Google::Apis::CloudkmsV1::EncryptRequest::Representation command.request_object = encrypt_request_object command.response_representation = Google::Apis::CloudkmsV1::EncryptResponse::Representation command.response_class = Google::Apis::CloudkmsV1::EncryptResponse command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Returns metadata for a given CryptoKey, as well as its # primary CryptoKeyVersion. # @param [String] name # The name of the CryptoKey to get. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKey] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKey] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_location_key_ring_crypto_key(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', options) command.response_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKey command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Gets the access control policy for a resource. # Returns an empty policy if the resource exists and does not have a policy # set. # @param [String] resource # REQUIRED: The resource for which the policy is being requested. # See the operation documentation for the appropriate value for this field. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::Policy] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_location_key_ring_crypto_key_iam_policy(resource, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+resource}:getIamPolicy', options) command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation command.response_class = Google::Apis::CloudkmsV1::Policy command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Lists CryptoKeys. # @param [String] parent # Required. The resource name of the KeyRing to list, in the format # `projects/*/locations/*/keyRings/*`. # @param [Fixnum] page_size # Optional limit on the number of CryptoKeys to include in the # response. Further CryptoKeys can subsequently be obtained by # including the ListCryptoKeysResponse.next_page_token in a subsequent # request. If unspecified, the server will pick an appropriate default. # @param [String] page_token # Optional pagination token, returned earlier via # ListCryptoKeysResponse.next_page_token. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::ListCryptoKeysResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::ListCryptoKeysResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def list_project_location_key_ring_crypto_keys(parent, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+parent}/cryptoKeys', options) command.response_representation = Google::Apis::CloudkmsV1::ListCryptoKeysResponse::Representation command.response_class = Google::Apis::CloudkmsV1::ListCryptoKeysResponse command.params['parent'] = parent unless parent.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Update a CryptoKey. # @param [String] name # Output only. The resource name for this CryptoKey in the format # `projects/*/locations/*/keyRings/*/cryptoKeys/*`. # @param [Google::Apis::CloudkmsV1::CryptoKey] crypto_key_object # @param [String] update_mask # Required list of fields to be updated in this request. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKey] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKey] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def patch_project_location_key_ring_crypto_key(name, crypto_key_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:patch, 'v1/{+name}', options) command.request_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation command.request_object = crypto_key_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKey command.params['name'] = name unless name.nil? command.query['updateMask'] = update_mask unless update_mask.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Sets the access control policy on the specified resource. Replaces any # existing policy. # @param [String] resource # REQUIRED: The resource for which the policy is being specified. # See the operation documentation for the appropriate value for this field. # @param [Google::Apis::CloudkmsV1::SetIamPolicyRequest] set_iam_policy_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::Policy] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def set_crypto_key_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options) command.request_representation = Google::Apis::CloudkmsV1::SetIamPolicyRequest::Representation command.request_object = set_iam_policy_request_object command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation command.response_class = Google::Apis::CloudkmsV1::Policy command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Returns permissions that a caller has on the specified resource. # If the resource does not exist, this will return an empty set of # permissions, not a NOT_FOUND error. # Note: This operation is designed to be used for building permission-aware # UIs and command-line tools, not for authorization checking. This operation # may "fail open" without warning. # @param [String] resource # REQUIRED: The resource for which the policy detail is being requested. # See the operation documentation for the appropriate value for this field. # @param [Google::Apis::CloudkmsV1::TestIamPermissionsRequest] test_iam_permissions_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def test_crypto_key_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options) command.request_representation = Google::Apis::CloudkmsV1::TestIamPermissionsRequest::Representation command.request_object = test_iam_permissions_request_object command.response_representation = Google::Apis::CloudkmsV1::TestIamPermissionsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::TestIamPermissionsResponse command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Update the version of a CryptoKey that will be used in Encrypt. # @param [String] name # The resource name of the CryptoKey to update. # @param [Google::Apis::CloudkmsV1::UpdateCryptoKeyPrimaryVersionRequest] update_crypto_key_primary_version_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKey] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKey] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def update_project_location_key_ring_crypto_key_primary_version(name, update_crypto_key_primary_version_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:updatePrimaryVersion', options) command.request_representation = Google::Apis::CloudkmsV1::UpdateCryptoKeyPrimaryVersionRequest::Representation command.request_object = update_crypto_key_primary_version_request_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKey command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Create a new CryptoKeyVersion in a CryptoKey. # The server will assign the next sequential id. If unset, # state will be set to # ENABLED. # @param [String] parent # Required. The name of the CryptoKey associated with # the CryptoKeyVersions. # @param [Google::Apis::CloudkmsV1::CryptoKeyVersion] crypto_key_version_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKeyVersion] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def create_project_location_key_ring_crypto_key_crypto_key_version(parent, crypto_key_version_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+parent}/cryptoKeyVersions', options) command.request_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.request_object = crypto_key_version_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion command.params['parent'] = parent unless parent.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Schedule a CryptoKeyVersion for destruction. # Upon calling this method, CryptoKeyVersion.state will be set to # DESTROY_SCHEDULED # and destroy_time will be set to a time 24 # hours in the future, at which point the state # will be changed to # DESTROYED, and the key # material will be irrevocably destroyed. # Before the destroy_time is reached, # RestoreCryptoKeyVersion may be called to reverse the process. # @param [String] name # The resource name of the CryptoKeyVersion to destroy. # @param [Google::Apis::CloudkmsV1::DestroyCryptoKeyVersionRequest] destroy_crypto_key_version_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKeyVersion] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def destroy_crypto_key_version(name, destroy_crypto_key_version_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:destroy', options) command.request_representation = Google::Apis::CloudkmsV1::DestroyCryptoKeyVersionRequest::Representation command.request_object = destroy_crypto_key_version_request_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Returns metadata for a given CryptoKeyVersion. # @param [String] name # The name of the CryptoKeyVersion to get. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKeyVersion] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def get_project_location_key_ring_crypto_key_crypto_key_version(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', options) command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Lists CryptoKeyVersions. # @param [String] parent # Required. The resource name of the CryptoKey to list, in the format # `projects/*/locations/*/keyRings/*/cryptoKeys/*`. # @param [Fixnum] page_size # Optional limit on the number of CryptoKeyVersions to # include in the response. Further CryptoKeyVersions can # subsequently be obtained by including the # ListCryptoKeyVersionsResponse.next_page_token in a subsequent request. # If unspecified, the server will pick an appropriate default. # @param [String] page_token # Optional pagination token, returned earlier via # ListCryptoKeyVersionsResponse.next_page_token. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::ListCryptoKeyVersionsResponse] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::ListCryptoKeyVersionsResponse] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def list_project_location_key_ring_crypto_key_crypto_key_versions(parent, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+parent}/cryptoKeyVersions', options) command.response_representation = Google::Apis::CloudkmsV1::ListCryptoKeyVersionsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::ListCryptoKeyVersionsResponse command.params['parent'] = parent unless parent.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Update a CryptoKeyVersion's metadata. # state may be changed between # ENABLED and # DISABLED using this # method. See DestroyCryptoKeyVersion and RestoreCryptoKeyVersion to # move between other states. # @param [String] name # Output only. The resource name for this CryptoKeyVersion in the format # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. # @param [Google::Apis::CloudkmsV1::CryptoKeyVersion] crypto_key_version_object # @param [String] update_mask # Required list of fields to be updated in this request. # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKeyVersion] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def patch_project_location_key_ring_crypto_key_crypto_key_version(name, crypto_key_version_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:patch, 'v1/{+name}', options) command.request_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.request_object = crypto_key_version_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion command.params['name'] = name unless name.nil? command.query['updateMask'] = update_mask unless update_mask.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end # Restore a CryptoKeyVersion in the # DESTROY_SCHEDULED # state. # Upon restoration of the CryptoKeyVersion, state # will be set to DISABLED, # and destroy_time will be cleared. # @param [String] name # The resource name of the CryptoKeyVersion to restore. # @param [Google::Apis::CloudkmsV1::RestoreCryptoKeyVersionRequest] restore_crypto_key_version_request_object # @param [String] fields # Selector specifying which fields to include in a partial response. # @param [String] quota_user # Available to use for quota purposes for server-side applications. Can be any # arbitrary string assigned to a user, but should not exceed 40 characters. # @param [Google::Apis::RequestOptions] options # Request-specific options # # @yield [result, err] Result & error if block supplied # @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object # @yieldparam err [StandardError] error object if request failed # # @return [Google::Apis::CloudkmsV1::CryptoKeyVersion] # # @raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried # @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification # @raise [Google::Apis::AuthorizationError] Authorization is required def restore_crypto_key_version(name, restore_crypto_key_version_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:restore', options) command.request_representation = Google::Apis::CloudkmsV1::RestoreCryptoKeyVersionRequest::Representation command.request_object = restore_crypto_key_version_request_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end protected def apply_command_defaults(command) command.query['key'] = key unless key.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? end end end end end