Class: Google::Cloud::Kms::V1::KeyManagementService::Client

Inherits:
Object
  • Object
show all
Includes:
Paths
Defined in:
lib/google/cloud/kms/v1/key_management_service/client.rb

Overview

Client for the KeyManagementService service.

Google Cloud Key Management Service

Manages cryptographic keys and operations using those keys. Implements a REST model with the following objects:

If you are using manual gRPC libraries, see Using gRPC with Cloud KMS.

Defined Under Namespace

Classes: Configuration

Class Method Summary collapse

Instance Method Summary collapse

Methods included from Paths

#crypto_key_path, #crypto_key_version_path, #import_job_path, #key_ring_path, #location_path

Constructor Details

#initialize {|config| ... } ⇒ Client

Create a new KeyManagementService client object.

Examples:


# Create a client using the default configuration
client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new

# Create a client using a custom configuration
client = ::Google::Cloud::Kms::V1::KeyManagementService::Client.new do |config|
  config.timeout = 10.0
end

Yields:

  • (config)

    Configure the KeyManagementService client.

Yield Parameters:



244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 244

def initialize
  # These require statements are intentionally placed here to initialize
  # the gRPC module only when it's required.
  # See https://github.com/googleapis/toolkit/issues/446
  require "gapic/grpc"
  require "google/cloud/kms/v1/service_services_pb"

  # Create the configuration object
  @config = Configuration.new Client.configure

  # Yield the configuration if needed
  yield @config if block_given?

  # Create credentials
  credentials = @config.credentials
  # Use self-signed JWT if the endpoint is unchanged from default,
  # but only if the default endpoint does not have a region prefix.
  enable_self_signed_jwt = @config.endpoint == Client.configure.endpoint &&
                           !@config.endpoint.split(".").first.include?("-")
  credentials ||= Credentials.default scope: @config.scope,
                                      enable_self_signed_jwt: enable_self_signed_jwt
  if credentials.is_a?(::String) || credentials.is_a?(::Hash)
    credentials = Credentials.new credentials, scope: @config.scope
  end
  @quota_project_id = @config.quota_project
  @quota_project_id ||= credentials.quota_project_id if credentials.respond_to? :quota_project_id

  @key_management_service_stub = ::Gapic::ServiceStub.new(
    ::Google::Cloud::Kms::V1::KeyManagementService::Stub,
    credentials:  credentials,
    endpoint:     @config.endpoint,
    channel_args: @config.channel_args,
    interceptors: @config.interceptors
  )
end

Class Method Details

.configure {|config| ... } ⇒ Client::Configuration

Configure the KeyManagementService Client class.

See Configuration for a description of the configuration fields.

Examples:


# Modify the configuration for all KeyManagementService clients
::Google::Cloud::Kms::V1::KeyManagementService::Client.configure do |config|
  config.timeout = 10.0
end

Yields:

  • (config)

    Configure the Client client.

Yield Parameters:

Returns:



67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 67

def self.configure
  @configure ||= begin
    namespace = ["Google", "Cloud", "Kms", "V1"]
    parent_config = while namespace.any?
                      parent_name = namespace.join "::"
                      parent_const = const_get parent_name
                      break parent_const.configure if parent_const.respond_to? :configure
                      namespace.pop
                    end
    default_config = Client::Configuration.new parent_config

    default_config.rpcs.list_key_rings.timeout = 60.0
    default_config.rpcs.list_key_rings.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.list_crypto_keys.timeout = 60.0
    default_config.rpcs.list_crypto_keys.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.list_crypto_key_versions.timeout = 60.0
    default_config.rpcs.list_crypto_key_versions.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.list_import_jobs.timeout = 60.0
    default_config.rpcs.list_import_jobs.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.get_key_ring.timeout = 60.0
    default_config.rpcs.get_key_ring.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.get_crypto_key.timeout = 60.0
    default_config.rpcs.get_crypto_key.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.get_crypto_key_version.timeout = 60.0
    default_config.rpcs.get_crypto_key_version.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.get_public_key.timeout = 60.0
    default_config.rpcs.get_public_key.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.get_import_job.timeout = 60.0
    default_config.rpcs.get_import_job.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.create_key_ring.timeout = 60.0
    default_config.rpcs.create_key_ring.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.create_crypto_key.timeout = 60.0
    default_config.rpcs.create_crypto_key.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.create_crypto_key_version.timeout = 60.0

    default_config.rpcs.import_crypto_key_version.timeout = 60.0

    default_config.rpcs.create_import_job.timeout = 60.0
    default_config.rpcs.create_import_job.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.update_crypto_key.timeout = 60.0
    default_config.rpcs.update_crypto_key.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.update_crypto_key_version.timeout = 60.0
    default_config.rpcs.update_crypto_key_version.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.update_crypto_key_primary_version.timeout = 60.0
    default_config.rpcs.update_crypto_key_primary_version.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.destroy_crypto_key_version.timeout = 60.0
    default_config.rpcs.destroy_crypto_key_version.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.restore_crypto_key_version.timeout = 60.0
    default_config.rpcs.restore_crypto_key_version.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.encrypt.timeout = 60.0
    default_config.rpcs.encrypt.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.decrypt.timeout = 60.0
    default_config.rpcs.decrypt.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.asymmetric_sign.timeout = 60.0
    default_config.rpcs.asymmetric_sign.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.asymmetric_decrypt.timeout = 60.0
    default_config.rpcs.asymmetric_decrypt.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.mac_sign.timeout = 60.0
    default_config.rpcs.mac_sign.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.mac_verify.timeout = 60.0
    default_config.rpcs.mac_verify.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config.rpcs.generate_random_bytes.timeout = 60.0
    default_config.rpcs.generate_random_bytes.retry_policy = {
      initial_delay: 0.1, max_delay: 60.0, multiplier: 1.3, retry_codes: [14, 4]
    }

    default_config
  end
  yield @configure if block_given?
  @configure
end

Instance Method Details

#asymmetric_decrypt(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::AsymmetricDecryptResponse #asymmetric_decrypt(name: nil, ciphertext: nil, ciphertext_crc32c: nil) ⇒ ::Google::Cloud::Kms::V1::AsymmetricDecryptResponse

Decrypts data that was encrypted with a public key retrieved from GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_DECRYPT.

Overloads:

  • #asymmetric_decrypt(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::AsymmetricDecryptResponse

    Pass arguments to asymmetric_decrypt via a request object, either of type AsymmetricDecryptRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::AsymmetricDecryptRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #asymmetric_decrypt(name: nil, ciphertext: nil, ciphertext_crc32c: nil) ⇒ ::Google::Cloud::Kms::V1::AsymmetricDecryptResponse

    Pass arguments to asymmetric_decrypt via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 2172

def asymmetric_decrypt request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::AsymmetricDecryptRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.asymmetric_decrypt..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "name" => request.name
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.asymmetric_decrypt.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.asymmetric_decrypt.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :asymmetric_decrypt, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#asymmetric_sign(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::AsymmetricSignResponse #asymmetric_sign(name: nil, digest: nil, digest_crc32c: nil, data: nil, data_crc32c: nil) ⇒ ::Google::Cloud::Kms::V1::AsymmetricSignResponse

Signs data using a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from GetPublicKey.

Overloads:

  • #asymmetric_sign(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::AsymmetricSignResponse

    Pass arguments to asymmetric_sign via a request object, either of type AsymmetricSignRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::AsymmetricSignRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #asymmetric_sign(name: nil, digest: nil, digest_crc32c: nil, data: nil, data_crc32c: nil) ⇒ ::Google::Cloud::Kms::V1::AsymmetricSignResponse

    Pass arguments to asymmetric_sign via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. The resource name of the CryptoKeyVersion to use for signing.

    • digest (::Google::Cloud::Kms::V1::Digest, ::Hash) (defaults to: nil)

      Optional. The digest of the data to sign. The digest must be produced with the same digest algorithm as specified by the key version's algorithm.

    • digest_crc32c (::Google::Protobuf::Int64Value, ::Hash) (defaults to: nil)

      Optional. An optional CRC32C checksum of the AsymmetricSignRequest.digest. If specified, KeyManagementService will verify the integrity of the received AsymmetricSignRequest.digest using this checksum. KeyManagementService will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C(AsymmetricSignRequest.digest) is equal to AsymmetricSignRequest.digest_crc32c, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.

    • data (::String) (defaults to: nil)

      Optional. This field will only be honored for RAW_PKCS1 keys. The data to sign. A digest is computed over the data that will be signed, PKCS #1 padding is applied to the digest directly and then encrypted.

    • data_crc32c (::Google::Protobuf::Int64Value, ::Hash) (defaults to: nil)

      Optional. An optional CRC32C checksum of the AsymmetricSignRequest.data. If specified, KeyManagementService will verify the integrity of the received AsymmetricSignRequest.data using this checksum. KeyManagementService will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C(AsymmetricSignRequest.data) is equal to AsymmetricSignRequest.data_crc32c, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 2084

def asymmetric_sign request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::AsymmetricSignRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.asymmetric_sign..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "name" => request.name
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.asymmetric_sign.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.asymmetric_sign.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :asymmetric_sign, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#configure {|config| ... } ⇒ Client::Configuration

Configure the KeyManagementService Client instance.

The configuration is set to the derived mode, meaning that values can be changed, but structural changes (adding new fields, etc.) are not allowed. Structural changes should be made on configure.

See Configuration for a description of the configuration fields.

Yields:

  • (config)

    Configure the Client client.

Yield Parameters:

Returns:



223
224
225
226
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 223

def configure
  yield @config if block_given?
  @config
end

#create_crypto_key(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKey #create_crypto_key(parent: nil, crypto_key_id: nil, crypto_key: nil, skip_initial_version_creation: nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKey

Create a new CryptoKey within a KeyRing.

CryptoKey.purpose and CryptoKey.version_template.algorithm are required.

Overloads:

  • #create_crypto_key(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKey

    Pass arguments to create_crypto_key via a request object, either of type CreateCryptoKeyRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::CreateCryptoKeyRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #create_crypto_key(parent: nil, crypto_key_id: nil, crypto_key: nil, skip_initial_version_creation: nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKey

    Pass arguments to create_crypto_key via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 1103

def create_crypto_key request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::CreateCryptoKeyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.create_crypto_key..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "parent" => request.parent
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.create_crypto_key.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.create_crypto_key.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :create_crypto_key, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#create_crypto_key_version(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion #create_crypto_key_version(parent: nil, crypto_key_version: nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion

Create a new CryptoKeyVersion in a CryptoKey.

The server will assign the next sequential id. If unset, state will be set to ENABLED.

Overloads:

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 1178

def create_crypto_key_version request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::CreateCryptoKeyVersionRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.create_crypto_key_version..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "parent" => request.parent
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.create_crypto_key_version.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.create_crypto_key_version.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :create_crypto_key_version, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#create_import_job(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::ImportJob #create_import_job(parent: nil, import_job_id: nil, import_job: nil) ⇒ ::Google::Cloud::Kms::V1::ImportJob

Create a new ImportJob within a KeyRing.

ImportJob.import_method is required.

Overloads:

  • #create_import_job(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::ImportJob

    Pass arguments to create_import_job via a request object, either of type CreateImportJobRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::CreateImportJobRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #create_import_job(parent: nil, import_job_id: nil, import_job: nil) ⇒ ::Google::Cloud::Kms::V1::ImportJob

    Pass arguments to create_import_job via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • parent (::String) (defaults to: nil)

      Required. The name of the KeyRing associated with the ImportJobs.

    • import_job_id (::String) (defaults to: nil)

      Required. It must be unique within a KeyRing and match the regular expression [a-zA-Z0-9_-]{1,63}

    • import_job (::Google::Cloud::Kms::V1::ImportJob, ::Hash) (defaults to: nil)

      Required. An ImportJob with initial field values.

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 1378

def create_import_job request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::CreateImportJobRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.create_import_job..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "parent" => request.parent
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.create_import_job.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.create_import_job.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :create_import_job, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#create_key_ring(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::KeyRing #create_key_ring(parent: nil, key_ring_id: nil, key_ring: nil) ⇒ ::Google::Cloud::Kms::V1::KeyRing

Create a new KeyRing in a given Project and Location.

Overloads:

  • #create_key_ring(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::KeyRing

    Pass arguments to create_key_ring via a request object, either of type CreateKeyRingRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::CreateKeyRingRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #create_key_ring(parent: nil, key_ring_id: nil, key_ring: nil) ⇒ ::Google::Cloud::Kms::V1::KeyRing

    Pass arguments to create_key_ring via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • parent (::String) (defaults to: nil)

      Required. The resource name of the location associated with the KeyRings, in the format projects/*/locations/*.

    • key_ring_id (::String) (defaults to: nil)

      Required. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}

    • key_ring (::Google::Cloud::Kms::V1::KeyRing, ::Hash) (defaults to: nil)

      Required. A KeyRing with initial field values.

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 1019

def create_key_ring request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::CreateKeyRingRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.create_key_ring..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "parent" => request.parent
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.create_key_ring.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.create_key_ring.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :create_key_ring, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#decrypt(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::DecryptResponse #decrypt(name: nil, ciphertext: nil, additional_authenticated_data: nil, ciphertext_crc32c: nil, additional_authenticated_data_crc32c: nil) ⇒ ::Google::Cloud::Kms::V1::DecryptResponse

Decrypts data that was protected by Encrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Overloads:

  • #decrypt(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::DecryptResponse

    Pass arguments to decrypt via a request object, either of type DecryptRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::DecryptRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #decrypt(name: nil, ciphertext: nil, additional_authenticated_data: nil, ciphertext_crc32c: nil, additional_authenticated_data_crc32c: nil) ⇒ ::Google::Cloud::Kms::V1::DecryptResponse

    Pass arguments to decrypt via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 1978

def decrypt request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::DecryptRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.decrypt..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "name" => request.name
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.decrypt.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.decrypt.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :decrypt, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#destroy_crypto_key_version(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion #destroy_crypto_key_version(name: nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion

Schedule a CryptoKeyVersion for destruction.

Upon calling this method, CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and destroy_time will be set to the time destroy_scheduled_duration in the future. At that time, the state will automatically change to DESTROYED, and the key material will be irrevocably destroyed.

Before the destroy_time is reached, RestoreCryptoKeyVersion may be called to reverse the process.

Overloads:

  • #destroy_crypto_key_version(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion

    Pass arguments to destroy_crypto_key_version via a request object, either of type DestroyCryptoKeyVersionRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #destroy_crypto_key_version(name: nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion

    Pass arguments to destroy_crypto_key_version via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. The resource name of the CryptoKeyVersion to destroy.

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 1677

def destroy_crypto_key_version request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::DestroyCryptoKeyVersionRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.destroy_crypto_key_version..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "name" => request.name
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.destroy_crypto_key_version.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.destroy_crypto_key_version.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :destroy_crypto_key_version, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#encrypt(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::EncryptResponse #encrypt(name: nil, plaintext: nil, additional_authenticated_data: nil, plaintext_crc32c: nil, additional_authenticated_data_crc32c: nil) ⇒ ::Google::Cloud::Kms::V1::EncryptResponse

Encrypts data, so that it can only be recovered by a call to Decrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Overloads:

  • #encrypt(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::EncryptResponse

    Pass arguments to encrypt via a request object, either of type EncryptRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::EncryptRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #encrypt(name: nil, plaintext: nil, additional_authenticated_data: nil, plaintext_crc32c: nil, additional_authenticated_data_crc32c: nil) ⇒ ::Google::Cloud::Kms::V1::EncryptResponse

    Pass arguments to encrypt via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 1873

def encrypt request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::EncryptRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.encrypt..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "name" => request.name
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.encrypt.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.encrypt.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :encrypt, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#generate_random_bytes(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::GenerateRandomBytesResponse #generate_random_bytes(location: nil, length_bytes: nil, protection_level: nil) ⇒ ::Google::Cloud::Kms::V1::GenerateRandomBytesResponse

Generate random bytes using the Cloud KMS randomness source in the provided location.

Overloads:

  • #generate_random_bytes(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::GenerateRandomBytesResponse

    Pass arguments to generate_random_bytes via a request object, either of type GenerateRandomBytesRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::GenerateRandomBytesRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #generate_random_bytes(location: nil, length_bytes: nil, protection_level: nil) ⇒ ::Google::Cloud::Kms::V1::GenerateRandomBytesResponse

    Pass arguments to generate_random_bytes via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • location (::String) (defaults to: nil)

      The project-specific location in which to generate random bytes. For example, "projects/my-project/locations/us-central1".

    • length_bytes (::Integer) (defaults to: nil)

      The length in bytes of the amount of randomness to retrieve. Minimum 8 bytes, maximum 1024 bytes.

    • protection_level (::Google::Cloud::Kms::V1::ProtectionLevel) (defaults to: nil)

      The ProtectionLevel to use when generating the random data. Defaults to SOFTWARE.

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 2438

def generate_random_bytes request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GenerateRandomBytesRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.generate_random_bytes..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "location" => request.location
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.generate_random_bytes.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.generate_random_bytes.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :generate_random_bytes, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_crypto_key(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKey #get_crypto_key(name: nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKey

Returns metadata for a given CryptoKey, as well as its primary CryptoKeyVersion.

Overloads:

  • #get_crypto_key(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKey

    Pass arguments to get_crypto_key via a request object, either of type GetCryptoKeyRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::GetCryptoKeyRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #get_crypto_key(name: nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKey

    Pass arguments to get_crypto_key via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. The name of the CryptoKey to get.

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 737

def get_crypto_key request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetCryptoKeyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.get_crypto_key..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "name" => request.name
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.get_crypto_key.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.get_crypto_key.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :get_crypto_key, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_crypto_key_version(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion #get_crypto_key_version(name: nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion

Returns metadata for a given CryptoKeyVersion.

Overloads:

  • #get_crypto_key_version(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion

    Pass arguments to get_crypto_key_version via a request object, either of type GetCryptoKeyVersionRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::GetCryptoKeyVersionRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #get_crypto_key_version(name: nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion

    Pass arguments to get_crypto_key_version via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 805

def get_crypto_key_version request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetCryptoKeyVersionRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.get_crypto_key_version..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "name" => request.name
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.get_crypto_key_version.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.get_crypto_key_version.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :get_crypto_key_version, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_import_job(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::ImportJob #get_import_job(name: nil) ⇒ ::Google::Cloud::Kms::V1::ImportJob

Returns metadata for a given ImportJob.

Overloads:

  • #get_import_job(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::ImportJob

    Pass arguments to get_import_job via a request object, either of type GetImportJobRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::GetImportJobRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #get_import_job(name: nil) ⇒ ::Google::Cloud::Kms::V1::ImportJob

    Pass arguments to get_import_job via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. The name of the ImportJob to get.

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 945

def get_import_job request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetImportJobRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.get_import_job..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "name" => request.name
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.get_import_job.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.get_import_job.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :get_import_job, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_key_ring(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::KeyRing #get_key_ring(name: nil) ⇒ ::Google::Cloud::Kms::V1::KeyRing

Returns metadata for a given KeyRing.

Overloads:

  • #get_key_ring(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::KeyRing

    Pass arguments to get_key_ring via a request object, either of type GetKeyRingRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::GetKeyRingRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #get_key_ring(name: nil) ⇒ ::Google::Cloud::Kms::V1::KeyRing

    Pass arguments to get_key_ring via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. The name of the KeyRing to get.

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 668

def get_key_ring request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetKeyRingRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.get_key_ring..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "name" => request.name
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.get_key_ring.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.get_key_ring.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :get_key_ring, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#get_public_key(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::PublicKey #get_public_key(name: nil) ⇒ ::Google::Cloud::Kms::V1::PublicKey

Returns the public key for the given CryptoKeyVersion. The CryptoKey.purpose must be ASYMMETRIC_SIGN or ASYMMETRIC_DECRYPT.

Overloads:

  • #get_public_key(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::PublicKey

    Pass arguments to get_public_key via a request object, either of type GetPublicKeyRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::GetPublicKeyRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #get_public_key(name: nil) ⇒ ::Google::Cloud::Kms::V1::PublicKey

    Pass arguments to get_public_key via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. The name of the CryptoKeyVersion public key to get.

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 877

def get_public_key request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::GetPublicKeyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.get_public_key..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "name" => request.name
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.get_public_key.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.get_public_key.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :get_public_key, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#import_crypto_key_version(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion #import_crypto_key_version(parent: nil, crypto_key_version: nil, algorithm: nil, import_job: nil, rsa_aes_wrapped_key: nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion

Import wrapped key material into a CryptoKeyVersion.

All requests must specify a CryptoKey. If a CryptoKeyVersion is additionally specified in the request, key material will be reimported into that version. Otherwise, a new version will be created, and will be assigned the next sequential id within the CryptoKey.

Overloads:

  • #import_crypto_key_version(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion

    Pass arguments to import_crypto_key_version via a request object, either of type ImportCryptoKeyVersionRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #import_crypto_key_version(parent: nil, crypto_key_version: nil, algorithm: nil, import_job: nil, rsa_aes_wrapped_key: nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion

    Pass arguments to import_crypto_key_version via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • parent (::String) (defaults to: nil)

      Required. The name of the CryptoKey to be imported into.

      The create permission is only required on this key when creating a new CryptoKeyVersion.

    • crypto_key_version (::String) (defaults to: nil)

      Optional. The optional name of an existing CryptoKeyVersion to target for an import operation. If this field is not present, a new CryptoKeyVersion containing the supplied key material is created.

      If this field is present, the supplied key material is imported into the existing CryptoKeyVersion. To import into an existing CryptoKeyVersion, the CryptoKeyVersion must be a child of ImportCryptoKeyVersionRequest.parent, have been previously created via [ImportCryptoKeyVersion][], and be in DESTROYED or IMPORT_FAILED state. The key material and algorithm must match the previous CryptoKeyVersion exactly if the CryptoKeyVersion has ever contained key material.

    • algorithm (::Google::Cloud::Kms::V1::CryptoKeyVersion::CryptoKeyVersionAlgorithm) (defaults to: nil)

      Required. The algorithm of the key being imported. This does not need to match the version_template of the CryptoKey this version imports into.

    • import_job (::String) (defaults to: nil)

      Required. The name of the ImportJob that was used to wrap this key material.

    • rsa_aes_wrapped_key (::String) (defaults to: nil)

      Wrapped key material produced with RSA_OAEP_3072_SHA1_AES_256 or RSA_OAEP_4096_SHA1_AES_256.

      This field contains the concatenation of two wrapped keys:

      1. An ephemeral AES-256 wrapping key wrapped with the public_key using RSAES-OAEP with SHA-1, MGF1 with SHA-1, and an empty label.
      2. The key to be imported, wrapped with the ephemeral AES-256 key using AES-KWP (RFC 5649).

      If importing symmetric key material, it is expected that the unwrapped key contains plain bytes. If importing asymmetric key material, it is expected that the unwrapped key is in PKCS#8-encoded DER format (the PrivateKeyInfo structure from RFC 5208).

      This format is the same as the format produced by PKCS#11 mechanism CKM_RSA_AES_KEY_WRAP.

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 1302

def import_crypto_key_version request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ImportCryptoKeyVersionRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.import_crypto_key_version..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "parent" => request.parent
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.import_crypto_key_version.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.import_crypto_key_version.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :import_crypto_key_version, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#list_crypto_key_versions(request, options = nil) ⇒ ::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKeyVersion> #list_crypto_key_versions(parent: nil, page_size: nil, page_token: nil, view: nil, filter: nil, order_by: nil) ⇒ ::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKeyVersion>

Overloads:

  • #list_crypto_key_versions(request, options = nil) ⇒ ::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKeyVersion>

    Pass arguments to list_crypto_key_versions via a request object, either of type ListCryptoKeyVersionsRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #list_crypto_key_versions(parent: nil, page_size: nil, page_token: nil, view: nil, filter: nil, order_by: nil) ⇒ ::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKeyVersion>

    Pass arguments to list_crypto_key_versions via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 511

def list_crypto_key_versions request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ListCryptoKeyVersionsRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.list_crypto_key_versions..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "parent" => request.parent
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.list_crypto_key_versions.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.list_crypto_key_versions.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :list_crypto_key_versions, request, options: options do |response, operation|
    response = ::Gapic::PagedEnumerable.new @key_management_service_stub, :list_crypto_key_versions, request, response, operation, options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#list_crypto_keys(request, options = nil) ⇒ ::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKey> #list_crypto_keys(parent: nil, page_size: nil, page_token: nil, version_view: nil, filter: nil, order_by: nil) ⇒ ::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKey>

Lists CryptoKeys.

Overloads:

  • #list_crypto_keys(request, options = nil) ⇒ ::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKey>

    Pass arguments to list_crypto_keys via a request object, either of type ListCryptoKeysRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::ListCryptoKeysRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #list_crypto_keys(parent: nil, page_size: nil, page_token: nil, version_view: nil, filter: nil, order_by: nil) ⇒ ::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::CryptoKey>

    Pass arguments to list_crypto_keys via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 420

def list_crypto_keys request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ListCryptoKeysRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.list_crypto_keys..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "parent" => request.parent
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.list_crypto_keys.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.list_crypto_keys.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :list_crypto_keys, request, options: options do |response, operation|
    response = ::Gapic::PagedEnumerable.new @key_management_service_stub, :list_crypto_keys, request, response, operation, options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#list_import_jobs(request, options = nil) ⇒ ::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::ImportJob> #list_import_jobs(parent: nil, page_size: nil, page_token: nil, filter: nil, order_by: nil) ⇒ ::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::ImportJob>

Lists ImportJobs.

Overloads:

  • #list_import_jobs(request, options = nil) ⇒ ::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::ImportJob>

    Pass arguments to list_import_jobs via a request object, either of type ListImportJobsRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::ListImportJobsRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #list_import_jobs(parent: nil, page_size: nil, page_token: nil, filter: nil, order_by: nil) ⇒ ::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::ImportJob>

    Pass arguments to list_import_jobs via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • parent (::String) (defaults to: nil)

      Required. The resource name of the KeyRing to list, in the format projects/*/locations/*/keyRings/*.

    • page_size (::Integer) (defaults to: nil)

      Optional. Optional limit on the number of ImportJobs to include in the response. Further ImportJobs can subsequently be obtained by including the ListImportJobsResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.

    • page_token (::String) (defaults to: nil)

      Optional. Optional pagination token, returned earlier via ListImportJobsResponse.next_page_token.

    • filter (::String) (defaults to: nil)

      Optional. Only include resources that match the filter in the response. For more information, see Sorting and filtering list results.

    • order_by (::String) (defaults to: nil)

      Optional. Specify how the results should be sorted. If not specified, the results will be sorted in the default order. For more information, see Sorting and filtering list results.

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 599

def list_import_jobs request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ListImportJobsRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.list_import_jobs..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "parent" => request.parent
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.list_import_jobs.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.list_import_jobs.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :list_import_jobs, request, options: options do |response, operation|
    response = ::Gapic::PagedEnumerable.new @key_management_service_stub, :list_import_jobs, request, response, operation, options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#list_key_rings(request, options = nil) ⇒ ::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::KeyRing> #list_key_rings(parent: nil, page_size: nil, page_token: nil, filter: nil, order_by: nil) ⇒ ::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::KeyRing>

Lists KeyRings.

Overloads:

  • #list_key_rings(request, options = nil) ⇒ ::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::KeyRing>

    Pass arguments to list_key_rings via a request object, either of type ListKeyRingsRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::ListKeyRingsRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #list_key_rings(parent: nil, page_size: nil, page_token: nil, filter: nil, order_by: nil) ⇒ ::Gapic::PagedEnumerable<::Google::Cloud::Kms::V1::KeyRing>

    Pass arguments to list_key_rings via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • parent (::String) (defaults to: nil)

      Required. The resource name of the location associated with the KeyRings, in the format projects/*/locations/*.

    • page_size (::Integer) (defaults to: nil)

      Optional. Optional limit on the number of KeyRings to include in the response. Further KeyRings can subsequently be obtained by including the ListKeyRingsResponse.next_page_token in a subsequent request. If unspecified, the server will pick an appropriate default.

    • page_token (::String) (defaults to: nil)

      Optional. Optional pagination token, returned earlier via ListKeyRingsResponse.next_page_token.

    • filter (::String) (defaults to: nil)

      Optional. Only include resources that match the filter in the response. For more information, see Sorting and filtering list results.

    • order_by (::String) (defaults to: nil)

      Optional. Specify how the results should be sorted. If not specified, the results will be sorted in the default order. For more information, see Sorting and filtering list results.

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 330

def list_key_rings request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::ListKeyRingsRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.list_key_rings..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "parent" => request.parent
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.list_key_rings.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.list_key_rings.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :list_key_rings, request, options: options do |response, operation|
    response = ::Gapic::PagedEnumerable.new @key_management_service_stub, :list_key_rings, request, response, operation, options
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#mac_sign(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::MacSignResponse #mac_sign(name: nil, data: nil, data_crc32c: nil) ⇒ ::Google::Cloud::Kms::V1::MacSignResponse

Signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, producing a tag that can be verified by another source with the same key.

Overloads:

  • #mac_sign(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::MacSignResponse

    Pass arguments to mac_sign via a request object, either of type MacSignRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::MacSignRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #mac_sign(name: nil, data: nil, data_crc32c: nil) ⇒ ::Google::Cloud::Kms::V1::MacSignResponse

    Pass arguments to mac_sign via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. The resource name of the CryptoKeyVersion to use for signing.

    • data (::String) (defaults to: nil)

      Required. The data to sign. The MAC tag is computed over this data field based on the specific algorithm.

    • data_crc32c (::Google::Protobuf::Int64Value, ::Hash) (defaults to: nil)

      Optional. An optional CRC32C checksum of the MacSignRequest.data. If specified, KeyManagementService will verify the integrity of the received MacSignRequest.data using this checksum. KeyManagementService will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C(MacSignRequest.data) is equal to MacSignRequest.data_crc32c, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 2259

def mac_sign request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::MacSignRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.mac_sign..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "name" => request.name
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.mac_sign.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.mac_sign.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :mac_sign, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#mac_verify(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::MacVerifyResponse #mac_verify(name: nil, data: nil, data_crc32c: nil, mac: nil, mac_crc32c: nil) ⇒ ::Google::Cloud::Kms::V1::MacVerifyResponse

Verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, and returns a response that indicates whether or not the verification was successful.

Overloads:

  • #mac_verify(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::MacVerifyResponse

    Pass arguments to mac_verify via a request object, either of type MacVerifyRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::MacVerifyRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #mac_verify(name: nil, data: nil, data_crc32c: nil, mac: nil, mac_crc32c: nil) ⇒ ::Google::Cloud::Kms::V1::MacVerifyResponse

    Pass arguments to mac_verify via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. The resource name of the CryptoKeyVersion to use for verification.

    • data (::String) (defaults to: nil)

      Required. The data used previously as a MacSignRequest.data to generate the MAC tag.

    • data_crc32c (::Google::Protobuf::Int64Value, ::Hash) (defaults to: nil)

      Optional. An optional CRC32C checksum of the MacVerifyRequest.data. If specified, KeyManagementService will verify the integrity of the received MacVerifyRequest.data using this checksum. KeyManagementService will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C(MacVerifyRequest.data) is equal to MacVerifyRequest.data_crc32c, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.

    • mac (::String) (defaults to: nil)

      Required. The signature to verify.

    • mac_crc32c (::Google::Protobuf::Int64Value, ::Hash) (defaults to: nil)

      Optional. An optional CRC32C checksum of the MacVerifyRequest.mac. If specified, KeyManagementService will verify the integrity of the received MacVerifyRequest.mac using this checksum. KeyManagementService will report an error if the checksum verification fails. If you receive a checksum error, your client should verify that CRC32C([MacVerifyRequest.tag][]) is equal to MacVerifyRequest.mac_crc32c, and if so, perform a limited number of retries. A persistent mismatch may indicate an issue in your computation of the CRC32C checksum. Note: This field is defined as int64 for reasons of compatibility across different languages. However, it is a non-negative integer, which will never exceed 2^32-1, and can be safely downconverted to uint32 in languages that support this type.

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 2362

def mac_verify request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::MacVerifyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.mac_verify..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "name" => request.name
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.mac_verify.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.mac_verify.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :mac_verify, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#restore_crypto_key_version(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion #restore_crypto_key_version(name: nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion

Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state.

Upon restoration of the CryptoKeyVersion, state will be set to DISABLED, and destroy_time will be cleared.

Overloads:

  • #restore_crypto_key_version(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion

    Pass arguments to restore_crypto_key_version via a request object, either of type RestoreCryptoKeyVersionRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #restore_crypto_key_version(name: nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion

    Pass arguments to restore_crypto_key_version via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. The resource name of the CryptoKeyVersion to restore.

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 1751

def restore_crypto_key_version request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::RestoreCryptoKeyVersionRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.restore_crypto_key_version..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "name" => request.name
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.restore_crypto_key_version.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.restore_crypto_key_version.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :restore_crypto_key_version, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#update_crypto_key(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKey #update_crypto_key(crypto_key: nil, update_mask: nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKey

Update a CryptoKey.

Overloads:

  • #update_crypto_key(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKey

    Pass arguments to update_crypto_key via a request object, either of type UpdateCryptoKeyRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::UpdateCryptoKeyRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #update_crypto_key(crypto_key: nil, update_mask: nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKey

    Pass arguments to update_crypto_key via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 1448

def update_crypto_key request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::UpdateCryptoKeyRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.update_crypto_key..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "crypto_key.name" => request.crypto_key.name
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.update_crypto_key.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.update_crypto_key.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :update_crypto_key, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#update_crypto_key_primary_version(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKey #update_crypto_key_primary_version(name: nil, crypto_key_version_id: nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKey

Update the version of a CryptoKey that will be used in Encrypt.

Returns an error if called on a key whose purpose is not ENCRYPT_DECRYPT.

Overloads:

  • #update_crypto_key_primary_version(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKey

    Pass arguments to update_crypto_key_primary_version via a request object, either of type UpdateCryptoKeyPrimaryVersionRequest or an equivalent Hash.

    Parameters:

    • request (::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest, ::Hash)

      A request object representing the call parameters. Required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash.

    • options (::Gapic::CallOptions, ::Hash) (defaults to: nil)

      Overrides the default settings for this call, e.g, timeout, retries, etc. Optional.

  • #update_crypto_key_primary_version(name: nil, crypto_key_version_id: nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKey

    Pass arguments to update_crypto_key_primary_version via keyword arguments. Note that at least one keyword argument is required. To specify no parameters, or to keep all the default parameter values, pass an empty Hash as a request object (see above).

    Parameters:

    • name (::String) (defaults to: nil)

      Required. The resource name of the CryptoKey to update.

    • crypto_key_version_id (::String) (defaults to: nil)

      Required. The id of the child CryptoKeyVersion to use as primary.

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 1597

def update_crypto_key_primary_version request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::UpdateCryptoKeyPrimaryVersionRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.update_crypto_key_primary_version..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "name" => request.name
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.update_crypto_key_primary_version.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.update_crypto_key_primary_version.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :update_crypto_key_primary_version, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end

#update_crypto_key_version(request, options = nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion #update_crypto_key_version(crypto_key_version: nil, update_mask: nil) ⇒ ::Google::Cloud::Kms::V1::CryptoKeyVersion

Update a CryptoKeyVersion's metadata.

state may be changed between ENABLED and DISABLED using this method. See DestroyCryptoKeyVersion and RestoreCryptoKeyVersion to move between other states.

Overloads:

Yields:

  • (response, operation)

    Access the result along with the RPC operation

Yield Parameters:

Returns:

Raises:

  • (::Google::Cloud::Error)

    if the RPC is aborted.



1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
# File 'lib/google/cloud/kms/v1/key_management_service/client.rb', line 1524

def update_crypto_key_version request, options = nil
  raise ::ArgumentError, "request must be provided" if request.nil?

  request = ::Gapic::Protobuf.coerce request, to: ::Google::Cloud::Kms::V1::UpdateCryptoKeyVersionRequest

  # Converts hash and nil to an options object
  options = ::Gapic::CallOptions.new(**options.to_h) if options.respond_to? :to_h

  # Customize the options with defaults
   = @config.rpcs.update_crypto_key_version..to_h

  # Set x-goog-api-client and x-goog-user-project headers
  [:"x-goog-api-client"] ||= ::Gapic::Headers.x_goog_api_client \
    lib_name: @config.lib_name, lib_version: @config.lib_version,
    gapic_version: ::Google::Cloud::Kms::V1::VERSION
  [:"x-goog-user-project"] = @quota_project_id if @quota_project_id

  header_params = {
    "crypto_key_version.name" => request.crypto_key_version.name
  }
  request_params_header = header_params.map { |k, v| "#{k}=#{v}" }.join("&")
  [:"x-goog-request-params"] ||= request_params_header

  options.apply_defaults timeout:      @config.rpcs.update_crypto_key_version.timeout,
                         metadata:     ,
                         retry_policy: @config.rpcs.update_crypto_key_version.retry_policy

  options.apply_defaults timeout:      @config.timeout,
                         metadata:     @config.,
                         retry_policy: @config.retry_policy

  @key_management_service_stub.call_rpc :update_crypto_key_version, request, options: options do |response, operation|
    yield response, operation if block_given?
    return response
  end
rescue ::GRPC::BadStatus => e
  raise ::Google::Cloud::Error.from_error(e)
end