class Google::Cloud::Kms::V1::KeyManagementService::Client
Client
for the KeyManagementService
service.
Google
Cloud
Key Management Service
Manages cryptographic keys and operations using those keys. Implements a REST model with the following objects:
-
{::Google::Cloud::Kms::V1::KeyRing KeyRing}
-
{::Google::Cloud::Kms::V1::CryptoKey CryptoKey}
-
{::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}
-
{::Google::Cloud::Kms::V1::ImportJob ImportJob}
If you are using manual gRPC libraries, see [Using gRPC with Cloud
KMS](cloud.google.com/kms/docs/grpc).
Attributes
@private
Public Class Methods
Configure the KeyManagementService
Client
class.
See {::Google::Cloud::Kms::V1::KeyManagementService::Client::Configuration} for a description of the configuration fields.
@example
# Modify the configuration for all KeyManagementService clients ::Google::Cloud::Kms::V1::KeyManagementService::Client.configure do |config| config.timeout = 10.0 end
@yield [config] Configure the Client
client. @yieldparam config [Client::Configuration]
@return [Client::Configuration]
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 67 def self.configure @configure ||= begin namespace = ["Google", "Cloud", "Kms", "V1"] parent_config = while namespace.any? parent_name = namespace.join "::" parent_const = const_get parent_name break parent_const.configure if parent_const.respond_to? :configure namespace.pop end default_config = Client::Configuration.new parent_config default_config.rpcs.list_key_rings.timeout = 60.0 default_config.rpcs.list_key_rings.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.list_crypto_keys.timeout = 60.0 default_config.rpcs.list_crypto_keys.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.list_crypto_key_versions.timeout = 60.0 default_config.rpcs.list_crypto_key_versions.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.list_import_jobs.timeout = 60.0 default_config.rpcs.list_import_jobs.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.get_key_ring.timeout = 60.0 default_config.rpcs.get_key_ring.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.get_crypto_key.timeout = 60.0 default_config.rpcs.get_crypto_key.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.get_crypto_key_version.timeout = 60.0 default_config.rpcs.get_crypto_key_version.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.get_public_key.timeout = 60.0 default_config.rpcs.get_public_key.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.get_import_job.timeout = 60.0 default_config.rpcs.get_import_job.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.create_key_ring.timeout = 60.0 default_config.rpcs.create_key_ring.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.create_crypto_key.timeout = 60.0 default_config.rpcs.create_crypto_key.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.create_crypto_key_version.timeout = 60.0 default_config.rpcs.import_crypto_key_version.timeout = 60.0 default_config.rpcs.create_import_job.timeout = 60.0 default_config.rpcs.create_import_job.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.update_crypto_key.timeout = 60.0 default_config.rpcs.update_crypto_key.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.update_crypto_key_version.timeout = 60.0 default_config.rpcs.update_crypto_key_version.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.update_crypto_key_primary_version.timeout = 60.0 default_config.rpcs.update_crypto_key_primary_version.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.destroy_crypto_key_version.timeout = 60.0 default_config.rpcs.destroy_crypto_key_version.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.restore_crypto_key_version.timeout = 60.0 default_config.rpcs.restore_crypto_key_version.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.encrypt.timeout = 60.0 default_config.rpcs.encrypt.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.decrypt.timeout = 60.0 default_config.rpcs.decrypt.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.asymmetric_sign.timeout = 60.0 default_config.rpcs.asymmetric_sign.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config.rpcs.asymmetric_decrypt.timeout = 60.0 default_config.rpcs.asymmetric_decrypt.retry_policy = { initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4] } default_config end yield @configure if block_given? @configure end
Create a new KeyManagementService
client object.
@example
# Create a client using the default configuration client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new # Create a client using a custom configuration client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new do |config| config.timeout = 10.0 end
@yield [config] Configure the KeyManagementService
client. @yieldparam config [Client::Configuration]
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 229 def initialize # These require statements are intentionally placed here to initialize # the gRPC module only when it's required. # See https://github.com/googleapis/toolkit/issues/446 require "gapic/grpc" require "google/cloud/kms/v1/service_services_pb" # Create the configuration object @config = Configuration.new Client.configure # Yield the configuration if needed yield @config if block_given? # Create credentials credentials = @config.credentials # Use self-signed JWT if the endpoint is unchanged from default, # but only if the default endpoint does not have a region prefix. enable_self_signed_jwt = @config.endpoint == Client.configure.endpoint && !@config.endpoint.split(".").first.include?("-") credentials ||= Credentials.default scope: @config.scope, enable_self_signed_jwt: enable_self_signed_jwt if credentials.is_a?(::String) || credentials.is_a?(::Hash) credentials = Credentials.new credentials, scope: @config.scope end @quota_project_id = @config.quota_project @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id @key_management_service_stub = ::Gapic::ServiceStub.new( ::Google::Cloud::Kms::V1::KeyManagementService::Stub, credentials: credentials, endpoint: @config.endpoint, channel_args: @config.channel_args, interceptors: @config.interceptors ) end
Public Instance Methods
Decrypts data that was encrypted with a public key retrieved from {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_public_key GetPublicKey} corresponding to a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} ASYMMETRIC_DECRYPT.
@overload asymmetric_decrypt
(request, options = nil)
Pass arguments to `asymmetric_decrypt` via a request object, either of type {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::AsymmetricDecryptRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload asymmetric_decrypt
(name: nil, ciphertext: nil, ciphertext_crc32c: nil)
Pass arguments to `asymmetric_decrypt` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for decryption. @param ciphertext [::String] Required. The data encrypted with the named {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s public key using OAEP. @param ciphertext_crc32c [::Google::Protobuf::Int64Value, ::Hash] Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}. If specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext} using this checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C({::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext AsymmetricDecryptRequest.ciphertext}) is equal to {::Google::Cloud::Kms::V1::AsymmetricDecryptRequest#ciphertext_crc32c AsymmetricDecryptRequest.ciphertext_crc32c}, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::AsymmetricDecryptResponse] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::AsymmetricDecryptResponse]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 2139 def asymmetric_decrypt request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::AsymmetricDecryptRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.asymmetric_decrypt.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.asymmetric_decrypt.timeout, metadata: metadata, retry_policy: @config.rpcs.asymmetric_decrypt.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :asymmetric_decrypt, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Signs data using a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from {::Google::Cloud::Kms::V1::KeyManagementService::Client#get_public_key GetPublicKey}.
@overload asymmetric_sign
(request, options = nil)
Pass arguments to `asymmetric_sign` via a request object, either of type {::Google::Cloud::Kms::V1::AsymmetricSignRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::AsymmetricSignRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload asymmetric_sign
(name: nil, digest: nil, digest_crc32c: nil)
Pass arguments to `asymmetric_sign` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for signing. @param digest [::Google::Cloud::Kms::V1::Digest, ::Hash] Required. The digest of the data to sign. The digest must be produced with the same digest algorithm as specified by the key version's {::Google::Cloud::Kms::V1::CryptoKeyVersion#algorithm algorithm}. @param digest_crc32c [::Google::Protobuf::Int64Value, ::Hash] Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}. If specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest} using this checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C({::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest AsymmetricSignRequest.digest}) is equal to {::Google::Cloud::Kms::V1::AsymmetricSignRequest#digest_crc32c AsymmetricSignRequest.digest_crc32c}, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::AsymmetricSignResponse] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::AsymmetricSignResponse]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 2051 def asymmetric_sign request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::AsymmetricSignRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.asymmetric_sign.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.asymmetric_sign.timeout, metadata: metadata, retry_policy: @config.rpcs.asymmetric_sign.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :asymmetric_sign, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Configure the KeyManagementService
Client
instance.
The configuration is set to the derived mode, meaning that values can be changed, but structural changes (adding new fields, etc.) are not allowed. Structural changes should be made on {Client.configure}.
See {::Google::Cloud::Kms::V1::KeyManagementService::Client::Configuration} for a description of the configuration fields.
@yield [config] Configure the Client
client. @yieldparam config [Client::Configuration]
@return [Client::Configuration]
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 208 def configure yield @config if block_given? @config end
Create a new {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} within a {::Google::Cloud::Kms::V1::KeyRing KeyRing}.
{::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} and {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#algorithm CryptoKey.version_template.algorithm} are required.
@overload create_crypto_key
(request, options = nil)
Pass arguments to `create_crypto_key` via a request object, either of type {::Google::Cloud::Kms::V1::CreateCryptoKeyRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::CreateCryptoKeyRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload create_crypto_key
(parent: nil, crypto_key_id: nil, crypto_key: nil, skip_initial_version_creation: nil)
Pass arguments to `create_crypto_key` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the KeyRing associated with the {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys}. @param crypto_key_id [::String] Required. It must be unique within a KeyRing and match the regular expression `[a-zA-Z0-9_-]{1,63}` @param crypto_key [::Google::Cloud::Kms::V1::CryptoKey, ::Hash] Required. A {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} with initial field values. @param skip_initial_version_creation [::Boolean] If set to true, the request will create a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} without any {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}. You must manually call {::Google::Cloud::Kms::V1::KeyManagementService::Client#create_crypto_key_version CreateCryptoKeyVersion} or {::Google::Cloud::Kms::V1::KeyManagementService::Client#import_crypto_key_version ImportCryptoKeyVersion} before you can use this {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::CryptoKey] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::CryptoKey]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 1088 def create_crypto_key request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::CreateCryptoKeyRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.create_crypto_key.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.create_crypto_key.timeout, metadata: metadata, retry_policy: @config.rpcs.create_crypto_key.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :create_crypto_key, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Create a new {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} in a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
The server will assign the next sequential id. If unset, {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} will be set to {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::ENABLED ENABLED}.
@overload create_crypto_key_version
(request, options = nil)
Pass arguments to `create_crypto_key_version` via a request object, either of type {::Google::Cloud::Kms::V1::CreateCryptoKeyVersionRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::CreateCryptoKeyVersionRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload create_crypto_key_version
(parent: nil, crypto_key_version: nil)
Pass arguments to `create_crypto_key_version` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} associated with the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}. @param crypto_key_version [::Google::Cloud::Kms::V1::CryptoKeyVersion, ::Hash] Required. A {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with initial field values.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::CryptoKeyVersion] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 1163 def create_crypto_key_version request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::CreateCryptoKeyVersionRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.create_crypto_key_version.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.create_crypto_key_version.timeout, metadata: metadata, retry_policy: @config.rpcs.create_crypto_key_version.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :create_crypto_key_version, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Create a new {::Google::Cloud::Kms::V1::ImportJob ImportJob} within a {::Google::Cloud::Kms::V1::KeyRing KeyRing}.
{::Google::Cloud::Kms::V1::ImportJob#import_method ImportJob.import_method} is required.
@overload create_import_job
(request, options = nil)
Pass arguments to `create_import_job` via a request object, either of type {::Google::Cloud::Kms::V1::CreateImportJobRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::CreateImportJobRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload create_import_job
(parent: nil, import_job_id: nil, import_job: nil)
Pass arguments to `create_import_job` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the {::Google::Cloud::Kms::V1::KeyRing KeyRing} associated with the {::Google::Cloud::Kms::V1::ImportJob ImportJobs}. @param import_job_id [::String] Required. It must be unique within a KeyRing and match the regular expression `[a-zA-Z0-9_-]{1,63}` @param import_job [::Google::Cloud::Kms::V1::ImportJob, ::Hash] Required. An {::Google::Cloud::Kms::V1::ImportJob ImportJob} with initial field values.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::ImportJob] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::ImportJob]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 1363 def create_import_job request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::CreateImportJobRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.create_import_job.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.create_import_job.timeout, metadata: metadata, retry_policy: @config.rpcs.create_import_job.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :create_import_job, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Create a new {::Google::Cloud::Kms::V1::KeyRing KeyRing} in a given Project and Location.
@overload create_key_ring
(request, options = nil)
Pass arguments to `create_key_ring` via a request object, either of type {::Google::Cloud::Kms::V1::CreateKeyRingRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::CreateKeyRingRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload create_key_ring
(parent: nil, key_ring_id: nil, key_ring: nil)
Pass arguments to `create_key_ring` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. The resource name of the location associated with the {::Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format `projects/*/locations/*`. @param key_ring_id [::String] Required. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]{1,63}` @param key_ring [::Google::Cloud::Kms::V1::KeyRing, ::Hash] Required. A {::Google::Cloud::Kms::V1::KeyRing KeyRing} with initial field values.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::KeyRing] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::KeyRing]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 1004 def create_key_ring request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::CreateKeyRingRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.create_key_ring.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.create_key_ring.timeout, metadata: metadata, retry_policy: @config.rpcs.create_key_ring.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :create_key_ring, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Decrypts data that was protected by {::Google::Cloud::Kms::V1::KeyManagementService::Client#encrypt Encrypt}. The {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} must be {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ENCRYPT_DECRYPT ENCRYPT_DECRYPT}.
@overload decrypt(request, options = nil)
Pass arguments to `decrypt` via a request object, either of type {::Google::Cloud::Kms::V1::DecryptRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::DecryptRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload decrypt(name: nil, ciphertext: nil, additional_authenticated_data: nil, ciphertext_crc32c: nil, additional_authenticated_data_crc32c: nil)
Pass arguments to `decrypt` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to use for decryption. The server will choose the appropriate version. @param ciphertext [::String] Required. The encrypted data originally returned in {::Google::Cloud::Kms::V1::EncryptResponse#ciphertext EncryptResponse.ciphertext}. @param additional_authenticated_data [::String] Optional. Optional data that must match the data originally supplied in {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}. @param ciphertext_crc32c [::Google::Protobuf::Int64Value, ::Hash] Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}. If specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext} using this checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#ciphertext DecryptRequest.ciphertext}) is equal to {::Google::Cloud::Kms::V1::DecryptRequest#ciphertext_crc32c DecryptRequest.ciphertext_crc32c}, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type. @param additional_authenticated_data_crc32c [::Google::Protobuf::Int64Value, ::Hash] Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}. If specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data} using this checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C({::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}) is equal to {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data_crc32c DecryptRequest.additional_authenticated_data_crc32c}, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::DecryptResponse] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::DecryptResponse]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 1963 def decrypt request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::DecryptRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.decrypt.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.decrypt.timeout, metadata: metadata, retry_policy: @config.rpcs.decrypt.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :decrypt, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Schedule a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} for destruction.
Upon calling this method, {::Google::Cloud::Kms::V1::CryptoKeyVersion#state CryptoKeyVersion.state} will be set to {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROY_SCHEDULED DESTROY_SCHEDULED}, and {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will be set to the time {::Google::Cloud::Kms::V1::CryptoKey#destroy_scheduled_duration destroy_scheduled_duration} in the future. At that time, the {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} will automatically change to {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED}, and the key material will be irrevocably destroyed.
Before the {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} is reached, {::Google::Cloud::Kms::V1::KeyManagementService::Client#restore_crypto_key_version RestoreCryptoKeyVersion} may be called to reverse the process.
@overload destroy_crypto_key_version
(request, options = nil)
Pass arguments to `destroy_crypto_key_version` via a request object, either of type {::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload destroy_crypto_key_version
(name: nil)
Pass arguments to `destroy_crypto_key_version` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to destroy.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::CryptoKeyVersion] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 1662 def destroy_crypto_key_version request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.destroy_crypto_key_version.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.destroy_crypto_key_version.timeout, metadata: metadata, retry_policy: @config.rpcs.destroy_crypto_key_version.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :destroy_crypto_key_version, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Encrypts data, so that it can only be recovered by a call to {::Google::Cloud::Kms::V1::KeyManagementService::Client#decrypt Decrypt}. The {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} must be {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ENCRYPT_DECRYPT ENCRYPT_DECRYPT}.
@overload encrypt(request, options = nil)
Pass arguments to `encrypt` via a request object, either of type {::Google::Cloud::Kms::V1::EncryptRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::EncryptRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload encrypt(name: nil, plaintext: nil, additional_authenticated_data: nil, plaintext_crc32c: nil, additional_authenticated_data_crc32c: nil)
Pass arguments to `encrypt` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} or {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for encryption. If a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} is specified, the server will use its {::Google::Cloud::Kms::V1::CryptoKey#primary primary version}. @param plaintext [::String] Required. The data to encrypt. Must be no larger than 64KiB. The maximum size depends on the key version's {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}. For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE} keys, the plaintext must be no larger than 64KiB. For {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of the plaintext and additional_authenticated_data fields must be no larger than 8KiB. @param additional_authenticated_data [::String] Optional. Optional data that, if specified, must also be provided during decryption through {::Google::Cloud::Kms::V1::DecryptRequest#additional_authenticated_data DecryptRequest.additional_authenticated_data}. The maximum size depends on the key version's {::Google::Cloud::Kms::V1::CryptoKeyVersionTemplate#protection_level protection_level}. For {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE} keys, the AAD must be no larger than 64KiB. For {::Google::Cloud::Kms::V1::ProtectionLevel::HSM HSM} keys, the combined length of the plaintext and additional_authenticated_data fields must be no larger than 8KiB. @param plaintext_crc32c [::Google::Protobuf::Int64Value, ::Hash] Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}. If specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received {::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext} using this checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#plaintext EncryptRequest.plaintext}) is equal to {::Google::Cloud::Kms::V1::EncryptRequest#plaintext_crc32c EncryptRequest.plaintext_crc32c}, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type. @param additional_authenticated_data_crc32c [::Google::Protobuf::Int64Value, ::Hash] Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}. If specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data} using this checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C({::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data EncryptRequest.additional_authenticated_data}) is equal to {::Google::Cloud::Kms::V1::EncryptRequest#additional_authenticated_data_crc32c EncryptRequest.additional_authenticated_data_crc32c}, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::EncryptResponse] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::EncryptResponse]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 1858 def encrypt request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::EncryptRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.encrypt.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.encrypt.timeout, metadata: metadata, retry_policy: @config.rpcs.encrypt.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :encrypt, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Generate random bytes using the Cloud
KMS randomness source in the provided location.
@overload generate_random_bytes
(request, options = nil)
Pass arguments to `generate_random_bytes` via a request object, either of type {::Google::Cloud::Kms::V1::GenerateRandomBytesRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::GenerateRandomBytesRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload generate_random_bytes
(location: nil, length_bytes: nil, protection_level: nil)
Pass arguments to `generate_random_bytes` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param location [::String] The project-specific location in which to generate random bytes. For example, "projects/my-project/locations/us-central1". @param length_bytes [::Integer] The length in bytes of the amount of randomness to retrieve. Minimum 8 bytes, maximum 1024 bytes. @param protection_level [::Google::Cloud::Kms::V1::ProtectionLevel] The {::Google::Cloud::Kms::V1::ProtectionLevel ProtectionLevel} to use when generating the random data. Defaults to {::Google::Cloud::Kms::V1::ProtectionLevel::SOFTWARE SOFTWARE}.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::GenerateRandomBytesResponse] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::GenerateRandomBytesResponse]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 2405 def generate_random_bytes request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GenerateRandomBytesRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.generate_random_bytes.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "location" => request.location } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.generate_random_bytes.timeout, metadata: metadata, retry_policy: @config.rpcs.generate_random_bytes.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :generate_random_bytes, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Returns metadata for a given {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}, as well as its {::Google::Cloud::Kms::V1::CryptoKey#primary primary} {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
@overload get_crypto_key
(request, options = nil)
Pass arguments to `get_crypto_key` via a request object, either of type {::Google::Cloud::Kms::V1::GetCryptoKeyRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::GetCryptoKeyRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload get_crypto_key
(name: nil)
Pass arguments to `get_crypto_key` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to get.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::CryptoKey] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::CryptoKey]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 722 def get_crypto_key request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetCryptoKeyRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.get_crypto_key.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.get_crypto_key.timeout, metadata: metadata, retry_policy: @config.rpcs.get_crypto_key.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :get_crypto_key, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Returns metadata for a given {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
@overload get_crypto_key_version
(request, options = nil)
Pass arguments to `get_crypto_key_version` via a request object, either of type {::Google::Cloud::Kms::V1::GetCryptoKeyVersionRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::GetCryptoKeyVersionRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload get_crypto_key_version
(name: nil)
Pass arguments to `get_crypto_key_version` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to get.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::CryptoKeyVersion] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 790 def get_crypto_key_version request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetCryptoKeyVersionRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.get_crypto_key_version.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.get_crypto_key_version.timeout, metadata: metadata, retry_policy: @config.rpcs.get_crypto_key_version.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :get_crypto_key_version, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Returns metadata for a given {::Google::Cloud::Kms::V1::ImportJob ImportJob}.
@overload get_import_job
(request, options = nil)
Pass arguments to `get_import_job` via a request object, either of type {::Google::Cloud::Kms::V1::GetImportJobRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::GetImportJobRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload get_import_job
(name: nil)
Pass arguments to `get_import_job` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the {::Google::Cloud::Kms::V1::ImportJob ImportJob} to get.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::ImportJob] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::ImportJob]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 930 def get_import_job request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetImportJobRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.get_import_job.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.get_import_job.timeout, metadata: metadata, retry_policy: @config.rpcs.get_import_job.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :get_import_job, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Returns metadata for a given {::Google::Cloud::Kms::V1::KeyRing KeyRing}.
@overload get_key_ring
(request, options = nil)
Pass arguments to `get_key_ring` via a request object, either of type {::Google::Cloud::Kms::V1::GetKeyRingRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::GetKeyRingRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload get_key_ring
(name: nil)
Pass arguments to `get_key_ring` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. The {::Google::Cloud::Kms::V1::KeyRing#name name} of the {::Google::Cloud::Kms::V1::KeyRing KeyRing} to get.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::KeyRing] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::KeyRing]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 653 def get_key_ring request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetKeyRingRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.get_key_ring.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.get_key_ring.timeout, metadata: metadata, retry_policy: @config.rpcs.get_key_ring.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :get_key_ring, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Returns the public key for the given {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. The {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} must be {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ASYMMETRIC_SIGN ASYMMETRIC_SIGN} or {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ASYMMETRIC_DECRYPT ASYMMETRIC_DECRYPT}.
@overload get_public_key
(request, options = nil)
Pass arguments to `get_public_key` via a request object, either of type {::Google::Cloud::Kms::V1::GetPublicKeyRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::GetPublicKeyRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload get_public_key
(name: nil)
Pass arguments to `get_public_key` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} public key to get.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::PublicKey] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::PublicKey]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 862 def get_public_key request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetPublicKeyRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.get_public_key.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.get_public_key.timeout, metadata: metadata, retry_policy: @config.rpcs.get_public_key.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :get_public_key, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Import wrapped key material into a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}.
All requests must specify a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}. If a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} is additionally specified in the request, key material will be reimported into that version. Otherwise, a new version will be created, and will be assigned the next sequential id within the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
@overload import_crypto_key_version
(request, options = nil)
Pass arguments to `import_crypto_key_version` via a request object, either of type {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload import_crypto_key_version
(parent: nil, crypto_key_version: nil, algorithm: nil, import_job: nil, rsa_aes_wrapped_key: nil)
Pass arguments to `import_crypto_key_version` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. The {::Google::Cloud::Kms::V1::CryptoKey#name name} of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to be imported into. The create permission is only required on this key when creating a new {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. @param crypto_key_version [::String] Optional. The optional {::Google::Cloud::Kms::V1::CryptoKeyVersion#name name} of an existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to target for an import operation. If this field is not present, a new {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} containing the supplied key material is created. If this field is present, the supplied key material is imported into the existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}. To import into an existing {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}, the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} must be a child of {::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest#parent ImportCryptoKeyVersionRequest.parent}, have been previously created via [ImportCryptoKeyVersion][], and be in {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROYED DESTROYED} or {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::IMPORT_FAILED IMPORT_FAILED} state. The key material and algorithm must match the previous {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} exactly if the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} has ever contained key material. @param algorithm [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm] Required. The {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm algorithm} of the key being imported. This does not need to match the {::Google::Cloud::Kms::V1::CryptoKey#version_template version_template} of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} this version imports into. @param import_job [::String] Required. The {::Google::Cloud::Kms::V1::ImportJob#name name} of the {::Google::Cloud::Kms::V1::ImportJob ImportJob} that was used to wrap this key material. @param rsa_aes_wrapped_key [::String] Wrapped key material produced with {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_3072_SHA1_AES_256 RSA_OAEP_3072_SHA1_AES_256} or {::Google::Cloud::Kms::V1::ImportJob::ImportMethod::RSA_OAEP_4096_SHA1_AES_256 RSA_OAEP_4096_SHA1_AES_256}. This field contains the concatenation of two wrapped keys: <ol> <li>An ephemeral AES-256 wrapping key wrapped with the {::Google::Cloud::Kms::V1::ImportJob#public_key public_key} using RSAES-OAEP with SHA-1, MGF1 with SHA-1, and an empty label. </li> <li>The key to be imported, wrapped with the ephemeral AES-256 key using AES-KWP (RFC 5649). </li> </ol> If importing symmetric key material, it is expected that the unwrapped key contains plain bytes. If importing asymmetric key material, it is expected that the unwrapped key is in PKCS#8-encoded DER format (the PrivateKeyInfo structure from RFC 5208). This format is the same as the format produced by PKCS#11 mechanism CKM_RSA_AES_KEY_WRAP.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::CryptoKeyVersion] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 1287 def import_crypto_key_version request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.import_crypto_key_version.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.import_crypto_key_version.timeout, metadata: metadata, retry_policy: @config.rpcs.import_crypto_key_version.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :import_crypto_key_version, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Lists {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions}.
@overload list_crypto_key_versions
(request, options = nil)
Pass arguments to `list_crypto_key_versions` via a request object, either of type {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload list_crypto_key_versions
(parent: nil, page_size: nil, page_token: nil, view: nil, filter: nil, order_by: nil)
Pass arguments to `list_crypto_key_versions` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to list, in the format `projects/*/locations/*/keyRings/*/cryptoKeys/*`. @param page_size [::Integer] Optional. Optional limit on the number of {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions} to include in the response. Further {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersions} can subsequently be obtained by including the {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsResponse#next_page_token ListCryptoKeyVersionsResponse.next_page_token} in a subsequent request. If unspecified, the server will pick an appropriate default. @param page_token [::String] Optional. Optional pagination token, returned earlier via {::Google::Cloud::Kms::V1::ListCryptoKeyVersionsResponse#next_page_token ListCryptoKeyVersionsResponse.next_page_token}. @param view [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionView] The fields to include in the response. @param filter [::String] Optional. Only include resources that match the filter in the response. For more information, see [Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting-and-filtering). @param order_by [::String] Optional. Specify how the results should be sorted. If not specified, the results will be sorted in the default order. For more information, see [Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting-and-filtering).
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKeyVersion>] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKeyVersion>]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 496 def list_crypto_key_versions request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.list_crypto_key_versions.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.list_crypto_key_versions.timeout, metadata: metadata, retry_policy: @config.rpcs.list_crypto_key_versions.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :list_crypto_key_versions, request, options: options do |response, operation| response = ::Gapic::PagedEnumerable.new @key_management_service_stub, :list_crypto_key_versions, request, response, operation, options yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Lists {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys}.
@overload list_crypto_keys
(request, options = nil)
Pass arguments to `list_crypto_keys` via a request object, either of type {::Google::Cloud::Kms::V1::ListCryptoKeysRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::ListCryptoKeysRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload list_crypto_keys
(parent: nil, page_size: nil, page_token: nil, version_view: nil, filter: nil, order_by: nil)
Pass arguments to `list_crypto_keys` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. The resource name of the {::Google::Cloud::Kms::V1::KeyRing KeyRing} to list, in the format `projects/*/locations/*/keyRings/*`. @param page_size [::Integer] Optional. Optional limit on the number of {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} to include in the response. Further {::Google::Cloud::Kms::V1::CryptoKey CryptoKeys} can subsequently be obtained by including the {::Google::Cloud::Kms::V1::ListCryptoKeysResponse#next_page_token ListCryptoKeysResponse.next_page_token} in a subsequent request. If unspecified, the server will pick an appropriate default. @param page_token [::String] Optional. Optional pagination token, returned earlier via {::Google::Cloud::Kms::V1::ListCryptoKeysResponse#next_page_token ListCryptoKeysResponse.next_page_token}. @param version_view [::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionView] The fields of the primary version to include in the response. @param filter [::String] Optional. Only include resources that match the filter in the response. For more information, see [Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting-and-filtering). @param order_by [::String] Optional. Specify how the results should be sorted. If not specified, the results will be sorted in the default order. For more information, see [Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting-and-filtering).
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKey>] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKey>]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 405 def list_crypto_keys request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ListCryptoKeysRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.list_crypto_keys.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.list_crypto_keys.timeout, metadata: metadata, retry_policy: @config.rpcs.list_crypto_keys.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :list_crypto_keys, request, options: options do |response, operation| response = ::Gapic::PagedEnumerable.new @key_management_service_stub, :list_crypto_keys, request, response, operation, options yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Lists {::Google::Cloud::Kms::V1::ImportJob ImportJobs}.
@overload list_import_jobs
(request, options = nil)
Pass arguments to `list_import_jobs` via a request object, either of type {::Google::Cloud::Kms::V1::ListImportJobsRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::ListImportJobsRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload list_import_jobs
(parent: nil, page_size: nil, page_token: nil, filter: nil, order_by: nil)
Pass arguments to `list_import_jobs` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. The resource name of the {::Google::Cloud::Kms::V1::KeyRing KeyRing} to list, in the format `projects/*/locations/*/keyRings/*`. @param page_size [::Integer] Optional. Optional limit on the number of {::Google::Cloud::Kms::V1::ImportJob ImportJobs} to include in the response. Further {::Google::Cloud::Kms::V1::ImportJob ImportJobs} can subsequently be obtained by including the {::Google::Cloud::Kms::V1::ListImportJobsResponse#next_page_token ListImportJobsResponse.next_page_token} in a subsequent request. If unspecified, the server will pick an appropriate default. @param page_token [::String] Optional. Optional pagination token, returned earlier via {::Google::Cloud::Kms::V1::ListImportJobsResponse#next_page_token ListImportJobsResponse.next_page_token}. @param filter [::String] Optional. Only include resources that match the filter in the response. For more information, see [Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting-and-filtering). @param order_by [::String] Optional. Specify how the results should be sorted. If not specified, the results will be sorted in the default order. For more information, see [Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting-and-filtering).
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::ImportJob>] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::ImportJob>]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 584 def list_import_jobs request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ListImportJobsRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.list_import_jobs.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.list_import_jobs.timeout, metadata: metadata, retry_policy: @config.rpcs.list_import_jobs.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :list_import_jobs, request, options: options do |response, operation| response = ::Gapic::PagedEnumerable.new @key_management_service_stub, :list_import_jobs, request, response, operation, options yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Lists {::Google::Cloud::Kms::V1::KeyRing KeyRings}.
@overload list_key_rings
(request, options = nil)
Pass arguments to `list_key_rings` via a request object, either of type {::Google::Cloud::Kms::V1::ListKeyRingsRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::ListKeyRingsRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload list_key_rings
(parent: nil, page_size: nil, page_token: nil, filter: nil, order_by: nil)
Pass arguments to `list_key_rings` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param parent [::String] Required. The resource name of the location associated with the {::Google::Cloud::Kms::V1::KeyRing KeyRings}, in the format `projects/*/locations/*`. @param page_size [::Integer] Optional. Optional limit on the number of {::Google::Cloud::Kms::V1::KeyRing KeyRings} to include in the response. Further {::Google::Cloud::Kms::V1::KeyRing KeyRings} can subsequently be obtained by including the {::Google::Cloud::Kms::V1::ListKeyRingsResponse#next_page_token ListKeyRingsResponse.next_page_token} in a subsequent request. If unspecified, the server will pick an appropriate default. @param page_token [::String] Optional. Optional pagination token, returned earlier via {::Google::Cloud::Kms::V1::ListKeyRingsResponse#next_page_token ListKeyRingsResponse.next_page_token}. @param filter [::String] Optional. Only include resources that match the filter in the response. For more information, see [Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting-and-filtering). @param order_by [::String] Optional. Specify how the results should be sorted. If not specified, the results will be sorted in the default order. For more information, see [Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting-and-filtering).
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::KeyRing>] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::KeyRing>]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 315 def list_key_rings request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ListKeyRingsRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.list_key_rings.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "parent" => request.parent } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.list_key_rings.timeout, metadata: metadata, retry_policy: @config.rpcs.list_key_rings.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :list_key_rings, request, options: options do |response, operation| response = ::Gapic::PagedEnumerable.new @key_management_service_stub, :list_key_rings, request, response, operation, options yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Signs data using a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} MAC, producing a tag that can be verified by another source with the same key.
@overload mac_sign
(request, options = nil)
Pass arguments to `mac_sign` via a request object, either of type {::Google::Cloud::Kms::V1::MacSignRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::MacSignRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload mac_sign
(name: nil, data: nil, data_crc32c: nil)
Pass arguments to `mac_sign` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for signing. @param data [::String] Required. The data to sign. The MAC tag is computed over this data field based on the specific algorithm. @param data_crc32c [::Google::Protobuf::Int64Value, ::Hash] Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}. If specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} using this checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C({::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data}) is equal to {::Google::Cloud::Kms::V1::MacSignRequest#data_crc32c MacSignRequest.data_crc32c}, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::MacSignResponse] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::MacSignResponse]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 2226 def mac_sign request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::MacSignRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.mac_sign.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.mac_sign.timeout, metadata: metadata, retry_policy: @config.rpcs.mac_sign.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :mac_sign, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Verifies MAC tag using a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with {::Google::Cloud::Kms::V1::CryptoKey#purpose CryptoKey.purpose} MAC, and returns a response that indicates whether or not the verification was successful.
@overload mac_verify
(request, options = nil)
Pass arguments to `mac_verify` via a request object, either of type {::Google::Cloud::Kms::V1::MacVerifyRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::MacVerifyRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload mac_verify
(name: nil, data: nil, data_crc32c: nil, mac: nil, mac_crc32c: nil)
Pass arguments to `mac_verify` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use for verification. @param data [::String] Required. The data used previously as a {::Google::Cloud::Kms::V1::MacSignRequest#data MacSignRequest.data} to generate the MAC tag. @param data_crc32c [::Google::Protobuf::Int64Value, ::Hash] Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}. If specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received {::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data} using this checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C({::Google::Cloud::Kms::V1::MacVerifyRequest#data MacVerifyRequest.data}) is equal to {::Google::Cloud::Kms::V1::MacVerifyRequest#data_crc32c MacVerifyRequest.data_crc32c}, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type. @param mac [::String] Required. The signature to verify. @param mac_crc32c [::Google::Protobuf::Int64Value, ::Hash] Optional. An optional CRC32C checksum of the {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac}. If specified, {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will verify the integrity of the received {::Google::Cloud::Kms::V1::MacVerifyRequest#mac MacVerifyRequest.mac} using this checksum. {::Google::Cloud::Kms::V1::KeyManagementService::Client KeyManagementService} will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C([MacVerifyRequest.tag][]) is equal to {::Google::Cloud::Kms::V1::MacVerifyRequest#mac_crc32c MacVerifyRequest.mac_crc32c}, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::MacVerifyResponse] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::MacVerifyResponse]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 2329 def mac_verify request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::MacVerifyRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.mac_verify.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.mac_verify.timeout, metadata: metadata, retry_policy: @config.rpcs.mac_verify.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :mac_verify, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Restore a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} in the {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DESTROY_SCHEDULED DESTROY_SCHEDULED} state.
Upon restoration of the CryptoKeyVersion
, {::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} will be set to {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DISABLED DISABLED}, and {::Google::Cloud::Kms::V1::CryptoKeyVersion#destroy_time destroy_time} will be cleared.
@overload restore_crypto_key_version
(request, options = nil)
Pass arguments to `restore_crypto_key_version` via a request object, either of type {::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload restore_crypto_key_version
(name: nil)
Pass arguments to `restore_crypto_key_version` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to restore.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::CryptoKeyVersion] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 1736 def restore_crypto_key_version request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.restore_crypto_key_version.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.restore_crypto_key_version.timeout, metadata: metadata, retry_policy: @config.rpcs.restore_crypto_key_version.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :restore_crypto_key_version, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Update a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey}.
@overload update_crypto_key
(request, options = nil)
Pass arguments to `update_crypto_key` via a request object, either of type {::Google::Cloud::Kms::V1::UpdateCryptoKeyRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::UpdateCryptoKeyRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload update_crypto_key
(crypto_key: nil, update_mask: nil)
Pass arguments to `update_crypto_key` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param crypto_key [::Google::Cloud::Kms::V1::CryptoKey, ::Hash] Required. {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} with updated values. @param update_mask [::Google::Protobuf::FieldMask, ::Hash] Required. List of fields to be updated in this request.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::CryptoKey] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::CryptoKey]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 1433 def update_crypto_key request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::UpdateCryptoKeyRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.update_crypto_key.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "crypto_key.name" => request.crypto_key.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.update_crypto_key.timeout, metadata: metadata, retry_policy: @config.rpcs.update_crypto_key.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :update_crypto_key, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Update the version of a {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} that will be used in {::Google::Cloud::Kms::V1::KeyManagementService::Client#encrypt Encrypt}.
Returns an error if called on a key whose purpose is not {::Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose::ENCRYPT_DECRYPT ENCRYPT_DECRYPT}.
@overload update_crypto_key_primary_version
(request, options = nil)
Pass arguments to `update_crypto_key_primary_version` via a request object, either of type {::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload update_crypto_key_primary_version
(name: nil, crypto_key_version_id: nil)
Pass arguments to `update_crypto_key_primary_version` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param name [::String] Required. The resource name of the {::Google::Cloud::Kms::V1::CryptoKey CryptoKey} to update. @param crypto_key_version_id [::String] Required. The id of the child {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} to use as primary.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::CryptoKey] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::CryptoKey]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 1582 def update_crypto_key_primary_version request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.update_crypto_key_primary_version.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "name" => request.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.update_crypto_key_primary_version.timeout, metadata: metadata, retry_policy: @config.rpcs.update_crypto_key_primary_version.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :update_crypto_key_primary_version, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end
Update a {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion}'s metadata.
{::Google::Cloud::Kms::V1::CryptoKeyVersion#state state} may be changed between {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::ENABLED ENABLED} and {::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionState::DISABLED DISABLED} using this method. See {::Google::Cloud::Kms::V1::KeyManagementService::Client#destroy_crypto_key_version DestroyCryptoKeyVersion} and {::Google::Cloud::Kms::V1::KeyManagementService::Client#restore_crypto_key_version RestoreCryptoKeyVersion} to move between other states.
@overload update_crypto_key_version
(request, options = nil)
Pass arguments to `update_crypto_key_version` via a request object, either of type {::Google::Cloud::Kms::V1::UpdateCryptoKeyVersionRequest} or an equivalent Hash. @param request [::Google::Cloud::Kms::V1::UpdateCryptoKeyVersionRequest, ::Hash] A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash. @param options [::Gapic::CallOptions, ::Hash] Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.
@overload update_crypto_key_version
(crypto_key_version: nil, update_mask: nil)
Pass arguments to `update_crypto_key_version` via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above). @param crypto_key_version [::Google::Cloud::Kms::V1::CryptoKeyVersion, ::Hash] Required. {::Google::Cloud::Kms::V1::CryptoKeyVersion CryptoKeyVersion} with updated values. @param update_mask [::Google::Protobuf::FieldMask, ::Hash] Required. List of fields to be updated in this request.
@yield [response, operation] Access the result along with the RPC operation @yieldparam response [::Google::Cloud::Kms::V1::CryptoKeyVersion] @yieldparam operation [::GRPC::ActiveCall::Operation]
@return [::Google::Cloud::Kms::V1::CryptoKeyVersion]
@raise [::Google::Cloud::Error] if the RPC is aborted.
# File lib/google/cloud/kms/v1/key_management_service/client.rb, line 1509 def update_crypto_key_version request, options = nil raise ::ArgumentError, "request must be provided" if request.nil? request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::UpdateCryptoKeyVersionRequest # Converts hash and nil to an options object options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h # Customize the options with defaults metadata = @config.rpcs.update_crypto_key_version.metadata.to_h # Set x-goog-api-client and x-goog-user-project headers metadata[:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \ lib_name: @config.lib_name, lib_version: @config.lib_version, gapic_version: ::Google::Cloud::Kms::V1::VERSION metadata[:"x-goog-user-project"] = @quota_project_id if @quota_project_id header_params = { "crypto_key_version.name" => request.crypto_key_version.name } request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&") metadata[:"x-goog-request-params"] ||= request_params_header options.apply_defaults timeout: @config.rpcs.update_crypto_key_version.timeout, metadata: metadata, retry_policy: @config.rpcs.update_crypto_key_version.retry_policy options.apply_defaults timeout: @config.timeout, metadata: @config.metadata, retry_policy: @config.retry_policy @key_management_service_stub.call_rpc :update_crypto_key_version, request, options: options do |response, operation| yield response, operation if block_given? return response end rescue ::GRPC::BadStatus => e raise ::Google::Cloud::Error.from_error(e) end