class Google::Apis::CloudkmsV1::CloudKMSService
Cloud Key Management Service (KMS) API
Manages keys and performs cryptographic operations in a central cloud service,
for direct use by other cloud resources and applications.
@example
require 'google/apis/cloudkms_v1' Cloudkms = Google::Apis::CloudkmsV1 # Alias the module service = Cloudkms::CloudKMSService.new
@see cloud.google.com/kms/
Attributes
@return [String]
API key. Your API key identifies your project and provides you with API access, quota, and reports. Required unless you provide an OAuth 2.0 token.
@return [String]
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
Public Class Methods
# File lib/google/apis/cloudkms_v1/service.rb, line 46 def initialize super('https://cloudkms.googleapis.com/', '', client_name: 'google-apis-cloudkms_v1', client_version: Google::Apis::CloudkmsV1::GEM_VERSION) @batch_path = 'batch' end
Public Instance Methods
Decrypts data that was encrypted with a public key retrieved from GetPublicKey corresponding to a CryptoKeyVersion
with CryptoKey.purpose
ASYMMETRIC_DECRYPT. @param [String] name
Required. The resource name of the CryptoKeyVersion to use for decryption.
@param [Google::Apis::CloudkmsV1::AsymmetricDecryptRequest] asymmetric_decrypt_request_object @param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::AsymmetricDecryptResponse] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::AsymmetricDecryptResponse]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 804 def asymmetric_crypto_key_version_decrypt(name, asymmetric_decrypt_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:asymmetricDecrypt', options) command.request_representation = Google::Apis::CloudkmsV1::AsymmetricDecryptRequest::Representation command.request_object = asymmetric_decrypt_request_object command.response_representation = Google::Apis::CloudkmsV1::AsymmetricDecryptResponse::Representation command.response_class = Google::Apis::CloudkmsV1::AsymmetricDecryptResponse command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Signs data using a CryptoKeyVersion
with CryptoKey.purpose
ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from GetPublicKey. @param [String] name
Required. The resource name of the CryptoKeyVersion to use for signing.
@param [Google::Apis::CloudkmsV1::AsymmetricSignRequest] asymmetric_sign_request_object @param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::AsymmetricSignResponse] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::AsymmetricSignResponse]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 839 def asymmetric_crypto_key_version_sign(name, asymmetric_sign_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:asymmetricSign', options) command.request_representation = Google::Apis::CloudkmsV1::AsymmetricSignRequest::Representation command.request_object = asymmetric_sign_request_object command.response_representation = Google::Apis::CloudkmsV1::AsymmetricSignResponse::Representation command.response_class = Google::Apis::CloudkmsV1::AsymmetricSignResponse command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Create a new KeyRing
in a given Project and Location
. @param [String] parent
Required. The resource name of the location associated with the KeyRings, in the format `projects/*/locations/*`.
@param [Google::Apis::CloudkmsV1::KeyRing] key_ring_object @param [String] key_ring_id
Required. It must be unique within a location and match the regular expression `[a-zA-Z0-9_-]`1,63``
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::KeyRing] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::KeyRing]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 186 def create_project_location_key_ring(parent, key_ring_object = nil, key_ring_id: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+parent}/keyRings', options) command.request_representation = Google::Apis::CloudkmsV1::KeyRing::Representation command.request_object = key_ring_object command.response_representation = Google::Apis::CloudkmsV1::KeyRing::Representation command.response_class = Google::Apis::CloudkmsV1::KeyRing command.params['parent'] = parent unless parent.nil? command.query['keyRingId'] = key_ring_id unless key_ring_id.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Create a new CryptoKey
within a KeyRing
. CryptoKey.purpose
and CryptoKey
. version_template.algorithm are required. @param [String] parent
Required. The name of the KeyRing associated with the CryptoKeys.
@param [Google::Apis::CloudkmsV1::CryptoKey] crypto_key_object @param [String] crypto_key_id
Required. It must be unique within a KeyRing and match the regular expression ` [a-zA-Z0-9_-]`1,63``
@param [Boolean] skip_initial_version_creation
If set to true, the request will create a CryptoKey without any CryptoKeyVersions. You must manually call CreateCryptoKeyVersion or ImportCryptoKeyVersion before you can use this CryptoKey.
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::CryptoKey] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::CryptoKey]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 425 def create_project_location_key_ring_crypto_key(parent, crypto_key_object = nil, crypto_key_id: nil, skip_initial_version_creation: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+parent}/cryptoKeys', options) command.request_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation command.request_object = crypto_key_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKey command.params['parent'] = parent unless parent.nil? command.query['cryptoKeyId'] = crypto_key_id unless crypto_key_id.nil? command.query['skipInitialVersionCreation'] = skip_initial_version_creation unless skip_initial_version_creation.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Create a new CryptoKeyVersion
in a CryptoKey
. The server will assign the next sequential id. If unset, state will be set to ENABLED. @param [String] parent
Required. The name of the CryptoKey associated with the CryptoKeyVersions.
@param [Google::Apis::CloudkmsV1::CryptoKeyVersion] crypto_key_version_object @param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::CryptoKeyVersion]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 873 def create_project_location_key_ring_crypto_key_crypto_key_version(parent, crypto_key_version_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+parent}/cryptoKeyVersions', options) command.request_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.request_object = crypto_key_version_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion command.params['parent'] = parent unless parent.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Create a new ImportJob
within a KeyRing
. ImportJob.import_method
is required. @param [String] parent
Required. The name of the KeyRing associated with the ImportJobs.
@param [Google::Apis::CloudkmsV1::ImportJob] import_job_object @param [String] import_job_id
Required. It must be unique within a KeyRing and match the regular expression ` [a-zA-Z0-9_-]`1,63``
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::ImportJob] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::ImportJob]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 1244 def create_project_location_key_ring_import_job(parent, import_job_object = nil, import_job_id: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+parent}/importJobs', options) command.request_representation = Google::Apis::CloudkmsV1::ImportJob::Representation command.request_object = import_job_object command.response_representation = Google::Apis::CloudkmsV1::ImportJob::Representation command.response_class = Google::Apis::CloudkmsV1::ImportJob command.params['parent'] = parent unless parent.nil? command.query['importJobId'] = import_job_id unless import_job_id.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Decrypts data that was protected by Encrypt. The CryptoKey.purpose
must be ENCRYPT_DECRYPT. @param [String] name
Required. The resource name of the CryptoKey to use for decryption. The server will choose the appropriate version.
@param [Google::Apis::CloudkmsV1::DecryptRequest] decrypt_request_object @param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::DecryptResponse] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::DecryptResponse]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 462 def decrypt_crypto_key(name, decrypt_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:decrypt', options) command.request_representation = Google::Apis::CloudkmsV1::DecryptRequest::Representation command.request_object = decrypt_request_object command.response_representation = Google::Apis::CloudkmsV1::DecryptResponse::Representation command.response_class = Google::Apis::CloudkmsV1::DecryptResponse command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Schedule a CryptoKeyVersion
for destruction. Upon calling this method, CryptoKeyVersion.state
will be set to DESTROY_SCHEDULED, and destroy_time will be set to the time destroy_scheduled_duration in the future. At that time, the state will automatically change to DESTROYED, and the key material will be irrevocably destroyed. Before the destroy_time is reached, RestoreCryptoKeyVersion may be called to reverse the process. @param [String] name
Required. The resource name of the CryptoKeyVersion to destroy.
@param [Google::Apis::CloudkmsV1::DestroyCryptoKeyVersionRequest] destroy_crypto_key_version_request_object @param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::CryptoKeyVersion]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 911 def destroy_crypto_key_version(name, destroy_crypto_key_version_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:destroy', options) command.request_representation = Google::Apis::CloudkmsV1::DestroyCryptoKeyVersionRequest::Representation command.request_object = destroy_crypto_key_version_request_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Encrypts data, so that it can only be recovered by a call to Decrypt. The CryptoKey.purpose
must be ENCRYPT_DECRYPT. @param [String] name
Required. The resource name of the CryptoKey or CryptoKeyVersion to use for encryption. If a CryptoKey is specified, the server will use its primary version.
@param [Google::Apis::CloudkmsV1::EncryptRequest] encrypt_request_object @param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::EncryptResponse] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::EncryptResponse]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 498 def encrypt_crypto_key(name, encrypt_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:encrypt', options) command.request_representation = Google::Apis::CloudkmsV1::EncryptRequest::Representation command.request_object = encrypt_request_object command.response_representation = Google::Apis::CloudkmsV1::EncryptResponse::Representation command.response_class = Google::Apis::CloudkmsV1::EncryptResponse command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Generate random bytes using the Cloud KMS randomness source in the provided location. @param [String] location
The project-specific location in which to generate random bytes. For example, " projects/my-project/locations/us-central1".
@param [Google::Apis::CloudkmsV1::GenerateRandomBytesRequest] generate_random_bytes_request_object @param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::GenerateRandomBytesResponse] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::GenerateRandomBytesResponse]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 76 def generate_location_random_bytes(location, generate_random_bytes_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+location}:generateRandomBytes', options) command.request_representation = Google::Apis::CloudkmsV1::GenerateRandomBytesRequest::Representation command.request_object = generate_random_bytes_request_object command.response_representation = Google::Apis::CloudkmsV1::GenerateRandomBytesResponse::Representation command.response_class = Google::Apis::CloudkmsV1::GenerateRandomBytesResponse command.params['location'] = location unless location.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Gets information about a location. @param [String] name
Resource name for the location.
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::Location] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::Location]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 108 def get_project_location(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', options) command.response_representation = Google::Apis::CloudkmsV1::Location::Representation command.response_class = Google::Apis::CloudkmsV1::Location command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Returns metadata for a given KeyRing
. @param [String] name
Required. The name of the KeyRing to get.
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::KeyRing] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::KeyRing]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 219 def get_project_location_key_ring(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', options) command.response_representation = Google::Apis::CloudkmsV1::KeyRing::Representation command.response_class = Google::Apis::CloudkmsV1::KeyRing command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Returns metadata for a given CryptoKey
, as well as its primary CryptoKeyVersion
. @param [String] name
Required. The name of the CryptoKey to get.
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::CryptoKey] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::CryptoKey]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 531 def get_project_location_key_ring_crypto_key(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', options) command.response_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKey command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Returns metadata for a given CryptoKeyVersion
. @param [String] name
Required. The name of the CryptoKeyVersion to get.
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::CryptoKeyVersion]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 943 def get_project_location_key_ring_crypto_key_crypto_key_version(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', options) command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Returns the public key for the given CryptoKeyVersion
. The CryptoKey.purpose
must be ASYMMETRIC_SIGN or ASYMMETRIC_DECRYPT. @param [String] name
Required. The name of the CryptoKeyVersion public key to get.
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::PublicKey] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::PublicKey]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 974 def get_project_location_key_ring_crypto_key_crypto_key_version_public_key(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}/publicKey', options) command.response_representation = Google::Apis::CloudkmsV1::PublicKey::Representation command.response_class = Google::Apis::CloudkmsV1::PublicKey command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. @param [String] resource
REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.
@param [Fixnum] options_requested_policy_version
Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/ resource-policies).
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::Policy]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 571 def get_project_location_key_ring_crypto_key_iam_policy(resource, options_requested_policy_version: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+resource}:getIamPolicy', options) command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation command.response_class = Google::Apis::CloudkmsV1::Policy command.params['resource'] = resource unless resource.nil? command.query['options.requestedPolicyVersion'] = options_requested_policy_version unless options_requested_policy_version.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. @param [String] resource
REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.
@param [Fixnum] options_requested_policy_version
Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/ resource-policies).
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::Policy]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 259 def get_project_location_key_ring_iam_policy(resource, options_requested_policy_version: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+resource}:getIamPolicy', options) command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation command.response_class = Google::Apis::CloudkmsV1::Policy command.params['resource'] = resource unless resource.nil? command.query['options.requestedPolicyVersion'] = options_requested_policy_version unless options_requested_policy_version.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Returns metadata for a given ImportJob
. @param [String] name
Required. The name of the ImportJob to get.
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::ImportJob] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::ImportJob]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 1277 def get_project_location_key_ring_import_job(name, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}', options) command.response_representation = Google::Apis::CloudkmsV1::ImportJob::Representation command.response_class = Google::Apis::CloudkmsV1::ImportJob command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. @param [String] resource
REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.
@param [Fixnum] options_requested_policy_version
Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/ resource-policies).
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::Policy]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 1317 def get_project_location_key_ring_import_job_iam_policy(resource, options_requested_policy_version: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+resource}:getIamPolicy', options) command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation command.response_class = Google::Apis::CloudkmsV1::Policy command.params['resource'] = resource unless resource.nil? command.query['options.requestedPolicyVersion'] = options_requested_policy_version unless options_requested_policy_version.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Import wrapped key material into a CryptoKeyVersion
. All requests must specify a CryptoKey
. If a CryptoKeyVersion
is additionally specified in the request, key material will be reimported into that version. Otherwise, a new version will be created, and will be assigned the next sequential id within the CryptoKey
. @param [String] parent
Required. The name of the CryptoKey to be imported into. The create permission is only required on this key when creating a new CryptoKeyVersion.
@param [Google::Apis::CloudkmsV1::ImportCryptoKeyVersionRequest] import_crypto_key_version_request_object @param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::CryptoKeyVersion]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 1010 def import_crypto_key_version(parent, import_crypto_key_version_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+parent}/cryptoKeyVersions:import', options) command.request_representation = Google::Apis::CloudkmsV1::ImportCryptoKeyVersionRequest::Representation command.request_object = import_crypto_key_version_request_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion command.params['parent'] = parent unless parent.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Lists CryptoKeyVersions. @param [String] parent
Required. The resource name of the CryptoKey to list, in the format `projects/* /locations/*/keyRings/*/cryptoKeys/*`.
@param [String] filter
Optional. Only include resources that match the filter in the response. For more information, see [Sorting and filtering list results](https://cloud. google.com/kms/docs/sorting-and-filtering).
@param [String] order_by
Optional. Specify how the results should be sorted. If not specified, the results will be sorted in the default order. For more information, see [ Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting- and-filtering).
@param [Fixnum] page_size
Optional. Optional limit on the number of CryptoKeyVersions to include in the response. Further CryptoKeyVersions can subsequently be obtained by including the ListCryptoKeyVersionsResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.
@param [String] page_token
Optional. Optional pagination token, returned earlier via ListCryptoKeyVersionsResponse.next_page_token.
@param [String] view
The fields to include in the response.
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::ListCryptoKeyVersionsResponse] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::ListCryptoKeyVersionsResponse]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 1062 def list_project_location_key_ring_crypto_key_crypto_key_versions(parent, filter: nil, order_by: nil, page_size: nil, page_token: nil, view: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+parent}/cryptoKeyVersions', options) command.response_representation = Google::Apis::CloudkmsV1::ListCryptoKeyVersionsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::ListCryptoKeyVersionsResponse command.params['parent'] = parent unless parent.nil? command.query['filter'] = filter unless filter.nil? command.query['orderBy'] = order_by unless order_by.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['view'] = view unless view.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Lists CryptoKeys. @param [String] parent
Required. The resource name of the KeyRing to list, in the format `projects/*/ locations/*/keyRings/*`.
@param [String] filter
Optional. Only include resources that match the filter in the response. For more information, see [Sorting and filtering list results](https://cloud. google.com/kms/docs/sorting-and-filtering).
@param [String] order_by
Optional. Specify how the results should be sorted. If not specified, the results will be sorted in the default order. For more information, see [ Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting- and-filtering).
@param [Fixnum] page_size
Optional. Optional limit on the number of CryptoKeys to include in the response. Further CryptoKeys can subsequently be obtained by including the ListCryptoKeysResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.
@param [String] page_token
Optional. Optional pagination token, returned earlier via ListCryptoKeysResponse.next_page_token.
@param [String] version_view
The fields of the primary version to include in the response.
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::ListCryptoKeysResponse] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::ListCryptoKeysResponse]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 622 def list_project_location_key_ring_crypto_keys(parent, filter: nil, order_by: nil, page_size: nil, page_token: nil, version_view: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+parent}/cryptoKeys', options) command.response_representation = Google::Apis::CloudkmsV1::ListCryptoKeysResponse::Representation command.response_class = Google::Apis::CloudkmsV1::ListCryptoKeysResponse command.params['parent'] = parent unless parent.nil? command.query['filter'] = filter unless filter.nil? command.query['orderBy'] = order_by unless order_by.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['versionView'] = version_view unless version_view.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Lists ImportJobs. @param [String] parent
Required. The resource name of the KeyRing to list, in the format `projects/*/ locations/*/keyRings/*`.
@param [String] filter
Optional. Only include resources that match the filter in the response. For more information, see [Sorting and filtering list results](https://cloud. google.com/kms/docs/sorting-and-filtering).
@param [String] order_by
Optional. Specify how the results should be sorted. If not specified, the results will be sorted in the default order. For more information, see [ Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting- and-filtering).
@param [Fixnum] page_size
Optional. Optional limit on the number of ImportJobs to include in the response. Further ImportJobs can subsequently be obtained by including the ListImportJobsResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.
@param [String] page_token
Optional. Optional pagination token, returned earlier via ListImportJobsResponse.next_page_token.
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::ListImportJobsResponse] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::ListImportJobsResponse]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 1366 def list_project_location_key_ring_import_jobs(parent, filter: nil, order_by: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+parent}/importJobs', options) command.response_representation = Google::Apis::CloudkmsV1::ListImportJobsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::ListImportJobsResponse command.params['parent'] = parent unless parent.nil? command.query['filter'] = filter unless filter.nil? command.query['orderBy'] = order_by unless order_by.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Lists KeyRings. @param [String] parent
Required. The resource name of the location associated with the KeyRings, in the format `projects/*/locations/*`.
@param [String] filter
Optional. Only include resources that match the filter in the response. For more information, see [Sorting and filtering list results](https://cloud. google.com/kms/docs/sorting-and-filtering).
@param [String] order_by
Optional. Specify how the results should be sorted. If not specified, the results will be sorted in the default order. For more information, see [ Sorting and filtering list results](https://cloud.google.com/kms/docs/sorting- and-filtering).
@param [Fixnum] page_size
Optional. Optional limit on the number of KeyRings to include in the response. Further KeyRings can subsequently be obtained by including the ListKeyRingsResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.
@param [String] page_token
Optional. Optional pagination token, returned earlier via ListKeyRingsResponse. next_page_token.
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::ListKeyRingsResponse] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::ListKeyRingsResponse]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 308 def list_project_location_key_rings(parent, filter: nil, order_by: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+parent}/keyRings', options) command.response_representation = Google::Apis::CloudkmsV1::ListKeyRingsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::ListKeyRingsResponse command.params['parent'] = parent unless parent.nil? command.query['filter'] = filter unless filter.nil? command.query['orderBy'] = order_by unless order_by.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Lists information about the supported locations for this service. @param [String] name
The resource that owns the locations collection, if applicable.
@param [String] filter
A filter to narrow down results to a preferred subset. The filtering language accepts strings like "displayName=tokyo", and is documented in more detail in [ AIP-160](https://google.aip.dev/160).
@param [Fixnum] page_size
The maximum number of results to return. If not set, the service selects a default.
@param [String] page_token
A page token received from the `next_page_token` field in the response. Send that page token to receive the subsequent page.
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::ListLocationsResponse] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::ListLocationsResponse]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 148 def list_project_locations(name, filter: nil, page_size: nil, page_token: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:get, 'v1/{+name}/locations', options) command.response_representation = Google::Apis::CloudkmsV1::ListLocationsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::ListLocationsResponse command.params['name'] = name unless name.nil? command.query['filter'] = filter unless filter.nil? command.query['pageSize'] = page_size unless page_size.nil? command.query['pageToken'] = page_token unless page_token.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Signs data using a CryptoKeyVersion
with CryptoKey.purpose
MAC, producing a tag that can be verified by another source with the same key. @param [String] name
Required. The resource name of the CryptoKeyVersion to use for signing.
@param [Google::Apis::CloudkmsV1::MacSignRequest] mac_sign_request_object @param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::MacSignResponse] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::MacSignResponse]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 1099 def mac_crypto_key_version_sign(name, mac_sign_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:macSign', options) command.request_representation = Google::Apis::CloudkmsV1::MacSignRequest::Representation command.request_object = mac_sign_request_object command.response_representation = Google::Apis::CloudkmsV1::MacSignResponse::Representation command.response_class = Google::Apis::CloudkmsV1::MacSignResponse command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Verifies MAC tag using a CryptoKeyVersion
with CryptoKey.purpose
MAC, and returns a response that indicates whether or not the verification was successful. @param [String] name
Required. The resource name of the CryptoKeyVersion to use for verification.
@param [Google::Apis::CloudkmsV1::MacVerifyRequest] mac_verify_request_object @param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::MacVerifyResponse] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::MacVerifyResponse]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 1134 def mac_crypto_key_version_verify(name, mac_verify_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:macVerify', options) command.request_representation = Google::Apis::CloudkmsV1::MacVerifyRequest::Representation command.request_object = mac_verify_request_object command.response_representation = Google::Apis::CloudkmsV1::MacVerifyResponse::Representation command.response_class = Google::Apis::CloudkmsV1::MacVerifyResponse command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Update a CryptoKey
. @param [String] name
Output only. The resource name for this CryptoKey in the format `projects/*/ locations/*/keyRings/*/cryptoKeys/*`.
@param [Google::Apis::CloudkmsV1::CryptoKey] crypto_key_object @param [String] update_mask
Required. List of fields to be updated in this request.
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::CryptoKey] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::CryptoKey]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 661 def patch_project_location_key_ring_crypto_key(name, crypto_key_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:patch, 'v1/{+name}', options) command.request_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation command.request_object = crypto_key_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKey command.params['name'] = name unless name.nil? command.query['updateMask'] = update_mask unless update_mask.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Update a CryptoKeyVersion's metadata. state may be changed between ENABLED and DISABLED using this method. See DestroyCryptoKeyVersion and RestoreCryptoKeyVersion to move between other states. @param [String] name
Output only. The resource name for this CryptoKeyVersion in the format ` projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
@param [Google::Apis::CloudkmsV1::CryptoKeyVersion] crypto_key_version_object @param [String] update_mask
Required. List of fields to be updated in this request.
@param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::CryptoKeyVersion]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 1172 def patch_project_location_key_ring_crypto_key_crypto_key_version(name, crypto_key_version_object = nil, update_mask: nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:patch, 'v1/{+name}', options) command.request_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.request_object = crypto_key_version_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion command.params['name'] = name unless name.nil? command.query['updateMask'] = update_mask unless update_mask.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Restore a CryptoKeyVersion
in the DESTROY_SCHEDULED state. Upon restoration of the CryptoKeyVersion
, state will be set to DISABLED, and destroy_time will be cleared. @param [String] name
Required. The resource name of the CryptoKeyVersion to restore.
@param [Google::Apis::CloudkmsV1::RestoreCryptoKeyVersionRequest] restore_crypto_key_version_request_object @param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::CryptoKeyVersion] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::CryptoKeyVersion]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 1208 def restore_crypto_key_version(name, restore_crypto_key_version_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:restore', options) command.request_representation = Google::Apis::CloudkmsV1::RestoreCryptoKeyVersionRequest::Representation command.request_object = restore_crypto_key_version_request_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKeyVersion::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKeyVersion command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and ` PERMISSION_DENIED` errors. @param [String] resource
REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.
@param [Google::Apis::CloudkmsV1::SetIamPolicyRequest] set_iam_policy_request_object @param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::Policy]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 698 def set_crypto_key_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options) command.request_representation = Google::Apis::CloudkmsV1::SetIamPolicyRequest::Representation command.request_object = set_iam_policy_request_object command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation command.response_class = Google::Apis::CloudkmsV1::Policy command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and ` PERMISSION_DENIED` errors. @param [String] resource
REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.
@param [Google::Apis::CloudkmsV1::SetIamPolicyRequest] set_iam_policy_request_object @param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::Policy]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 1404 def set_import_job_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options) command.request_representation = Google::Apis::CloudkmsV1::SetIamPolicyRequest::Representation command.request_object = set_iam_policy_request_object command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation command.response_class = Google::Apis::CloudkmsV1::Policy command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Sets the access control policy on the specified resource. Replaces any existing policy. Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and ` PERMISSION_DENIED` errors. @param [String] resource
REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.
@param [Google::Apis::CloudkmsV1::SetIamPolicyRequest] set_iam_policy_request_object @param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::Policy] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::Policy]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 346 def set_key_ring_iam_policy(resource, set_iam_policy_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:setIamPolicy', options) command.request_representation = Google::Apis::CloudkmsV1::SetIamPolicyRequest::Representation command.request_object = set_iam_policy_request_object command.response_representation = Google::Apis::CloudkmsV1::Policy::Representation command.response_class = Google::Apis::CloudkmsV1::Policy command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a ` NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may “fail open” without warning. @param [String] resource
REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
@param [Google::Apis::CloudkmsV1::TestIamPermissionsRequest] test_iam_permissions_request_object @param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::TestIamPermissionsResponse]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 736 def test_crypto_key_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options) command.request_representation = Google::Apis::CloudkmsV1::TestIamPermissionsRequest::Representation command.request_object = test_iam_permissions_request_object command.response_representation = Google::Apis::CloudkmsV1::TestIamPermissionsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::TestIamPermissionsResponse command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a ` NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may “fail open” without warning. @param [String] resource
REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
@param [Google::Apis::CloudkmsV1::TestIamPermissionsRequest] test_iam_permissions_request_object @param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::TestIamPermissionsResponse]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 1442 def test_import_job_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options) command.request_representation = Google::Apis::CloudkmsV1::TestIamPermissionsRequest::Representation command.request_object = test_iam_permissions_request_object command.response_representation = Google::Apis::CloudkmsV1::TestIamPermissionsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::TestIamPermissionsResponse command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a ` NOT_FOUND` error. Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may “fail open” without warning. @param [String] resource
REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.
@param [Google::Apis::CloudkmsV1::TestIamPermissionsRequest] test_iam_permissions_request_object @param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::TestIamPermissionsResponse] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::TestIamPermissionsResponse]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 384 def test_key_ring_iam_permissions(resource, test_iam_permissions_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+resource}:testIamPermissions', options) command.request_representation = Google::Apis::CloudkmsV1::TestIamPermissionsRequest::Representation command.request_object = test_iam_permissions_request_object command.response_representation = Google::Apis::CloudkmsV1::TestIamPermissionsResponse::Representation command.response_class = Google::Apis::CloudkmsV1::TestIamPermissionsResponse command.params['resource'] = resource unless resource.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Update the version of a CryptoKey
that will be used in Encrypt. Returns an error if called on a key whose purpose is not ENCRYPT_DECRYPT. @param [String] name
Required. The resource name of the CryptoKey to update.
@param [Google::Apis::CloudkmsV1::UpdateCryptoKeyPrimaryVersionRequest] update_crypto_key_primary_version_request_object @param [String] fields
Selector specifying which fields to include in a partial response.
@param [String] quota_user
Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exceed 40 characters.
@param [Google::Apis::RequestOptions] options
Request-specific options
@yield [result, err] Result & error if block supplied @yieldparam result [Google::Apis::CloudkmsV1::CryptoKey] parsed result object @yieldparam err [StandardError] error object if request failed
@return [Google::Apis::CloudkmsV1::CryptoKey]
@raise [Google::Apis::ServerError] An error occurred on the server and the request can be retried @raise [Google::Apis::ClientError] The request is invalid and should not be retried without modification @raise [Google::Apis::AuthorizationError] Authorization is required
# File lib/google/apis/cloudkms_v1/service.rb, line 770 def update_project_location_key_ring_crypto_key_primary_version(name, update_crypto_key_primary_version_request_object = nil, fields: nil, quota_user: nil, options: nil, &block) command = make_simple_command(:post, 'v1/{+name}:updatePrimaryVersion', options) command.request_representation = Google::Apis::CloudkmsV1::UpdateCryptoKeyPrimaryVersionRequest::Representation command.request_object = update_crypto_key_primary_version_request_object command.response_representation = Google::Apis::CloudkmsV1::CryptoKey::Representation command.response_class = Google::Apis::CloudkmsV1::CryptoKey command.params['name'] = name unless name.nil? command.query['fields'] = fields unless fields.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? execute_or_queue_command(command, &block) end
Protected Instance Methods
# File lib/google/apis/cloudkms_v1/service.rb, line 1456 def apply_command_defaults(command) command.query['key'] = key unless key.nil? command.query['quotaUser'] = quota_user unless quota_user.nil? end