You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
676 lines
29 KiB
676 lines
29 KiB
<html><body>
|
|
<style>
|
|
|
|
body, h1, h2, h3, div, span, p, pre, a {
|
|
margin: 0;
|
|
padding: 0;
|
|
border: 0;
|
|
font-weight: inherit;
|
|
font-style: inherit;
|
|
font-size: 100%;
|
|
font-family: inherit;
|
|
vertical-align: baseline;
|
|
}
|
|
|
|
body {
|
|
font-size: 13px;
|
|
padding: 1em;
|
|
}
|
|
|
|
h1 {
|
|
font-size: 26px;
|
|
margin-bottom: 1em;
|
|
}
|
|
|
|
h2 {
|
|
font-size: 24px;
|
|
margin-bottom: 1em;
|
|
}
|
|
|
|
h3 {
|
|
font-size: 20px;
|
|
margin-bottom: 1em;
|
|
margin-top: 1em;
|
|
}
|
|
|
|
pre, code {
|
|
line-height: 1.5;
|
|
font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
|
|
}
|
|
|
|
pre {
|
|
margin-top: 0.5em;
|
|
}
|
|
|
|
h1, h2, h3, p {
|
|
font-family: Arial, sans serif;
|
|
}
|
|
|
|
h1, h2, h3 {
|
|
border-bottom: solid #CCC 1px;
|
|
}
|
|
|
|
.toc_element {
|
|
margin-top: 0.5em;
|
|
}
|
|
|
|
.firstline {
|
|
margin-left: 2 em;
|
|
}
|
|
|
|
.method {
|
|
margin-top: 1em;
|
|
border: solid 1px #CCC;
|
|
padding: 1em;
|
|
background: #EEE;
|
|
}
|
|
|
|
.details {
|
|
font-weight: bold;
|
|
font-size: 14px;
|
|
}
|
|
|
|
</style>
|
|
|
|
<h1><a href="cloudkms_v1.html">Cloud Key Management Service (KMS) API</a> . <a href="cloudkms_v1.projects.html">projects</a> . <a href="cloudkms_v1.projects.locations.html">locations</a> . <a href="cloudkms_v1.projects.locations.keyRings.html">keyRings</a> . <a href="cloudkms_v1.projects.locations.keyRings.cryptoKeys.html">cryptoKeys</a> . <a href="cloudkms_v1.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.html">cryptoKeyVersions</a></h1>
|
|
<h2>Instance Methods</h2>
|
|
<p class="toc_element">
|
|
<code><a href="#asymmetricDecrypt">asymmetricDecrypt(name, body, x__xgafv=None)</a></code></p>
|
|
<p class="firstline">Decrypts data that was encrypted with a public key retrieved from</p>
|
|
<p class="toc_element">
|
|
<code><a href="#asymmetricSign">asymmetricSign(name, body, x__xgafv=None)</a></code></p>
|
|
<p class="firstline">Signs data using a CryptoKeyVersion with CryptoKey.purpose</p>
|
|
<p class="toc_element">
|
|
<code><a href="#create">create(parent, body, x__xgafv=None)</a></code></p>
|
|
<p class="firstline">Create a new CryptoKeyVersion in a CryptoKey.</p>
|
|
<p class="toc_element">
|
|
<code><a href="#destroy">destroy(name, body=None, x__xgafv=None)</a></code></p>
|
|
<p class="firstline">Schedule a CryptoKeyVersion for destruction.</p>
|
|
<p class="toc_element">
|
|
<code><a href="#get">get(name, x__xgafv=None)</a></code></p>
|
|
<p class="firstline">Returns metadata for a given CryptoKeyVersion.</p>
|
|
<p class="toc_element">
|
|
<code><a href="#getPublicKey">getPublicKey(name, x__xgafv=None)</a></code></p>
|
|
<p class="firstline">Returns the public key for the given CryptoKeyVersion. The</p>
|
|
<p class="toc_element">
|
|
<code><a href="#list">list(parent, pageSize=None, pageToken=None, x__xgafv=None, view=None)</a></code></p>
|
|
<p class="firstline">Lists CryptoKeyVersions.</p>
|
|
<p class="toc_element">
|
|
<code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
|
|
<p class="firstline">Retrieves the next page of results.</p>
|
|
<p class="toc_element">
|
|
<code><a href="#patch">patch(name, body, updateMask=None, x__xgafv=None)</a></code></p>
|
|
<p class="firstline">Update a CryptoKeyVersion's metadata.</p>
|
|
<p class="toc_element">
|
|
<code><a href="#restore">restore(name, body=None, x__xgafv=None)</a></code></p>
|
|
<p class="firstline">Restore a CryptoKeyVersion in the</p>
|
|
<h3>Method Details</h3>
|
|
<div class="method">
|
|
<code class="details" id="asymmetricDecrypt">asymmetricDecrypt(name, body, x__xgafv=None)</code>
|
|
<pre>Decrypts data that was encrypted with a public key retrieved from
|
|
GetPublicKey corresponding to a CryptoKeyVersion with
|
|
CryptoKey.purpose ASYMMETRIC_DECRYPT.
|
|
|
|
Args:
|
|
name: string, Required. The resource name of the CryptoKeyVersion to use for
|
|
decryption. (required)
|
|
body: object, The request body. (required)
|
|
The object takes the form of:
|
|
|
|
{ # Request message for KeyManagementService.AsymmetricDecrypt.
|
|
"ciphertext": "A String", # Required. The data encrypted with the named CryptoKeyVersion's public
|
|
# key using OAEP.
|
|
}
|
|
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # Response message for KeyManagementService.AsymmetricDecrypt.
|
|
"plaintext": "A String", # The decrypted data originally encrypted with the matching public key.
|
|
}</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="asymmetricSign">asymmetricSign(name, body, x__xgafv=None)</code>
|
|
<pre>Signs data using a CryptoKeyVersion with CryptoKey.purpose
|
|
ASYMMETRIC_SIGN, producing a signature that can be verified with the public
|
|
key retrieved from GetPublicKey.
|
|
|
|
Args:
|
|
name: string, Required. The resource name of the CryptoKeyVersion to use for signing. (required)
|
|
body: object, The request body. (required)
|
|
The object takes the form of:
|
|
|
|
{ # Request message for KeyManagementService.AsymmetricSign.
|
|
"digest": { # A Digest holds a cryptographic message digest. # Required. The digest of the data to sign. The digest must be produced with
|
|
# the same digest algorithm as specified by the key version's
|
|
# algorithm.
|
|
"sha256": "A String", # A message digest produced with the SHA-256 algorithm.
|
|
"sha512": "A String", # A message digest produced with the SHA-512 algorithm.
|
|
"sha384": "A String", # A message digest produced with the SHA-384 algorithm.
|
|
},
|
|
}
|
|
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # Response message for KeyManagementService.AsymmetricSign.
|
|
"signature": "A String", # The created signature.
|
|
}</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="create">create(parent, body, x__xgafv=None)</code>
|
|
<pre>Create a new CryptoKeyVersion in a CryptoKey.
|
|
|
|
The server will assign the next sequential id. If unset,
|
|
state will be set to
|
|
ENABLED.
|
|
|
|
Args:
|
|
parent: string, Required. The name of the CryptoKey associated with
|
|
the CryptoKeyVersions. (required)
|
|
body: object, The request body. (required)
|
|
The object takes the form of:
|
|
|
|
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
|
|
# associated key material.
|
|
#
|
|
# An ENABLED version can be
|
|
# used for cryptographic operations.
|
|
#
|
|
# For security reasons, the raw cryptographic key material represented by a
|
|
# CryptoKeyVersion can never be viewed or exported. It can only be used to
|
|
# encrypt, decrypt, or sign data when an authorized user or application invokes
|
|
# Cloud KMS.
|
|
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
|
|
# for destruction. Only present if state is
|
|
# DESTROY_SCHEDULED.
|
|
"name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
|
|
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
|
|
"algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
|
|
# CryptoKeyVersion supports.
|
|
"protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
|
|
# performed with this CryptoKeyVersion.
|
|
"attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
|
|
# creation time. Use this statement to verify attributes of the key as stored
|
|
# on the HSM, independently of Google. Only provided for key versions with
|
|
# protection_level HSM.
|
|
# information, see [Verifying attestations]
|
|
# (https://cloud.google.com/kms/docs/attest-key).
|
|
"content": "A String", # Output only. The attestation data provided by the HSM when the key
|
|
# operation was performed.
|
|
"format": "A String", # Output only. The format of the attestation data.
|
|
},
|
|
"state": "A String", # The current state of the CryptoKeyVersion.
|
|
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
|
|
# destroyed. Only present if state is
|
|
# DESTROYED.
|
|
"generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
|
|
# generated.
|
|
"createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
|
|
}
|
|
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
|
|
# associated key material.
|
|
#
|
|
# An ENABLED version can be
|
|
# used for cryptographic operations.
|
|
#
|
|
# For security reasons, the raw cryptographic key material represented by a
|
|
# CryptoKeyVersion can never be viewed or exported. It can only be used to
|
|
# encrypt, decrypt, or sign data when an authorized user or application invokes
|
|
# Cloud KMS.
|
|
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
|
|
# for destruction. Only present if state is
|
|
# DESTROY_SCHEDULED.
|
|
"name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
|
|
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
|
|
"algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
|
|
# CryptoKeyVersion supports.
|
|
"protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
|
|
# performed with this CryptoKeyVersion.
|
|
"attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
|
|
# creation time. Use this statement to verify attributes of the key as stored
|
|
# on the HSM, independently of Google. Only provided for key versions with
|
|
# protection_level HSM.
|
|
# information, see [Verifying attestations]
|
|
# (https://cloud.google.com/kms/docs/attest-key).
|
|
"content": "A String", # Output only. The attestation data provided by the HSM when the key
|
|
# operation was performed.
|
|
"format": "A String", # Output only. The format of the attestation data.
|
|
},
|
|
"state": "A String", # The current state of the CryptoKeyVersion.
|
|
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
|
|
# destroyed. Only present if state is
|
|
# DESTROYED.
|
|
"generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
|
|
# generated.
|
|
"createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
|
|
}</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="destroy">destroy(name, body=None, x__xgafv=None)</code>
|
|
<pre>Schedule a CryptoKeyVersion for destruction.
|
|
|
|
Upon calling this method, CryptoKeyVersion.state will be set to
|
|
DESTROY_SCHEDULED
|
|
and destroy_time will be set to a time 24
|
|
hours in the future, at which point the state
|
|
will be changed to
|
|
DESTROYED, and the key
|
|
material will be irrevocably destroyed.
|
|
|
|
Before the destroy_time is reached,
|
|
RestoreCryptoKeyVersion may be called to reverse the process.
|
|
|
|
Args:
|
|
name: string, The resource name of the CryptoKeyVersion to destroy. (required)
|
|
body: object, The request body.
|
|
The object takes the form of:
|
|
|
|
{ # Request message for KeyManagementService.DestroyCryptoKeyVersion.
|
|
}
|
|
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
|
|
# associated key material.
|
|
#
|
|
# An ENABLED version can be
|
|
# used for cryptographic operations.
|
|
#
|
|
# For security reasons, the raw cryptographic key material represented by a
|
|
# CryptoKeyVersion can never be viewed or exported. It can only be used to
|
|
# encrypt, decrypt, or sign data when an authorized user or application invokes
|
|
# Cloud KMS.
|
|
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
|
|
# for destruction. Only present if state is
|
|
# DESTROY_SCHEDULED.
|
|
"name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
|
|
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
|
|
"algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
|
|
# CryptoKeyVersion supports.
|
|
"protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
|
|
# performed with this CryptoKeyVersion.
|
|
"attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
|
|
# creation time. Use this statement to verify attributes of the key as stored
|
|
# on the HSM, independently of Google. Only provided for key versions with
|
|
# protection_level HSM.
|
|
# information, see [Verifying attestations]
|
|
# (https://cloud.google.com/kms/docs/attest-key).
|
|
"content": "A String", # Output only. The attestation data provided by the HSM when the key
|
|
# operation was performed.
|
|
"format": "A String", # Output only. The format of the attestation data.
|
|
},
|
|
"state": "A String", # The current state of the CryptoKeyVersion.
|
|
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
|
|
# destroyed. Only present if state is
|
|
# DESTROYED.
|
|
"generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
|
|
# generated.
|
|
"createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
|
|
}</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="get">get(name, x__xgafv=None)</code>
|
|
<pre>Returns metadata for a given CryptoKeyVersion.
|
|
|
|
Args:
|
|
name: string, The name of the CryptoKeyVersion to get. (required)
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
|
|
# associated key material.
|
|
#
|
|
# An ENABLED version can be
|
|
# used for cryptographic operations.
|
|
#
|
|
# For security reasons, the raw cryptographic key material represented by a
|
|
# CryptoKeyVersion can never be viewed or exported. It can only be used to
|
|
# encrypt, decrypt, or sign data when an authorized user or application invokes
|
|
# Cloud KMS.
|
|
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
|
|
# for destruction. Only present if state is
|
|
# DESTROY_SCHEDULED.
|
|
"name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
|
|
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
|
|
"algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
|
|
# CryptoKeyVersion supports.
|
|
"protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
|
|
# performed with this CryptoKeyVersion.
|
|
"attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
|
|
# creation time. Use this statement to verify attributes of the key as stored
|
|
# on the HSM, independently of Google. Only provided for key versions with
|
|
# protection_level HSM.
|
|
# information, see [Verifying attestations]
|
|
# (https://cloud.google.com/kms/docs/attest-key).
|
|
"content": "A String", # Output only. The attestation data provided by the HSM when the key
|
|
# operation was performed.
|
|
"format": "A String", # Output only. The format of the attestation data.
|
|
},
|
|
"state": "A String", # The current state of the CryptoKeyVersion.
|
|
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
|
|
# destroyed. Only present if state is
|
|
# DESTROYED.
|
|
"generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
|
|
# generated.
|
|
"createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
|
|
}</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="getPublicKey">getPublicKey(name, x__xgafv=None)</code>
|
|
<pre>Returns the public key for the given CryptoKeyVersion. The
|
|
CryptoKey.purpose must be
|
|
ASYMMETRIC_SIGN or
|
|
ASYMMETRIC_DECRYPT.
|
|
|
|
Args:
|
|
name: string, The name of the CryptoKeyVersion public key to
|
|
get. (required)
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # The public key for a given CryptoKeyVersion. Obtained via
|
|
# GetPublicKey.
|
|
"pem": "A String", # The public key, encoded in PEM format. For more information, see the
|
|
# [RFC 7468](https://tools.ietf.org/html/rfc7468) sections for
|
|
# [General Considerations](https://tools.ietf.org/html/rfc7468#section-2) and
|
|
# [Textual Encoding of Subject Public Key Info]
|
|
# (https://tools.ietf.org/html/rfc7468#section-13).
|
|
"algorithm": "A String", # The Algorithm associated
|
|
# with this key.
|
|
}</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="list">list(parent, pageSize=None, pageToken=None, x__xgafv=None, view=None)</code>
|
|
<pre>Lists CryptoKeyVersions.
|
|
|
|
Args:
|
|
parent: string, Required. The resource name of the CryptoKey to list, in the format
|
|
`projects/*/locations/*/keyRings/*/cryptoKeys/*`. (required)
|
|
pageSize: integer, Optional limit on the number of CryptoKeyVersions to
|
|
include in the response. Further CryptoKeyVersions can
|
|
subsequently be obtained by including the
|
|
ListCryptoKeyVersionsResponse.next_page_token in a subsequent request.
|
|
If unspecified, the server will pick an appropriate default.
|
|
pageToken: string, Optional pagination token, returned earlier via
|
|
ListCryptoKeyVersionsResponse.next_page_token.
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
view: string, The fields to include in the response.
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # Response message for KeyManagementService.ListCryptoKeyVersions.
|
|
"nextPageToken": "A String", # A token to retrieve next page of results. Pass this value in
|
|
# ListCryptoKeyVersionsRequest.page_token to retrieve the next page of
|
|
# results.
|
|
"totalSize": 42, # The total number of CryptoKeyVersions that matched the
|
|
# query.
|
|
"cryptoKeyVersions": [ # The list of CryptoKeyVersions.
|
|
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
|
|
# associated key material.
|
|
#
|
|
# An ENABLED version can be
|
|
# used for cryptographic operations.
|
|
#
|
|
# For security reasons, the raw cryptographic key material represented by a
|
|
# CryptoKeyVersion can never be viewed or exported. It can only be used to
|
|
# encrypt, decrypt, or sign data when an authorized user or application invokes
|
|
# Cloud KMS.
|
|
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
|
|
# for destruction. Only present if state is
|
|
# DESTROY_SCHEDULED.
|
|
"name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
|
|
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
|
|
"algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
|
|
# CryptoKeyVersion supports.
|
|
"protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
|
|
# performed with this CryptoKeyVersion.
|
|
"attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
|
|
# creation time. Use this statement to verify attributes of the key as stored
|
|
# on the HSM, independently of Google. Only provided for key versions with
|
|
# protection_level HSM.
|
|
# information, see [Verifying attestations]
|
|
# (https://cloud.google.com/kms/docs/attest-key).
|
|
"content": "A String", # Output only. The attestation data provided by the HSM when the key
|
|
# operation was performed.
|
|
"format": "A String", # Output only. The format of the attestation data.
|
|
},
|
|
"state": "A String", # The current state of the CryptoKeyVersion.
|
|
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
|
|
# destroyed. Only present if state is
|
|
# DESTROYED.
|
|
"generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
|
|
# generated.
|
|
"createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
|
|
},
|
|
],
|
|
}</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="list_next">list_next(previous_request, previous_response)</code>
|
|
<pre>Retrieves the next page of results.
|
|
|
|
Args:
|
|
previous_request: The request for the previous page. (required)
|
|
previous_response: The response from the request for the previous page. (required)
|
|
|
|
Returns:
|
|
A request object that you can call 'execute()' on to request the next
|
|
page. Returns None if there are no more items in the collection.
|
|
</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="patch">patch(name, body, updateMask=None, x__xgafv=None)</code>
|
|
<pre>Update a CryptoKeyVersion's metadata.
|
|
|
|
state may be changed between
|
|
ENABLED and
|
|
DISABLED using this
|
|
method. See DestroyCryptoKeyVersion and RestoreCryptoKeyVersion to
|
|
move between other states.
|
|
|
|
Args:
|
|
name: string, Output only. The resource name for this CryptoKeyVersion in the format
|
|
`projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. (required)
|
|
body: object, The request body. (required)
|
|
The object takes the form of:
|
|
|
|
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
|
|
# associated key material.
|
|
#
|
|
# An ENABLED version can be
|
|
# used for cryptographic operations.
|
|
#
|
|
# For security reasons, the raw cryptographic key material represented by a
|
|
# CryptoKeyVersion can never be viewed or exported. It can only be used to
|
|
# encrypt, decrypt, or sign data when an authorized user or application invokes
|
|
# Cloud KMS.
|
|
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
|
|
# for destruction. Only present if state is
|
|
# DESTROY_SCHEDULED.
|
|
"name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
|
|
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
|
|
"algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
|
|
# CryptoKeyVersion supports.
|
|
"protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
|
|
# performed with this CryptoKeyVersion.
|
|
"attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
|
|
# creation time. Use this statement to verify attributes of the key as stored
|
|
# on the HSM, independently of Google. Only provided for key versions with
|
|
# protection_level HSM.
|
|
# information, see [Verifying attestations]
|
|
# (https://cloud.google.com/kms/docs/attest-key).
|
|
"content": "A String", # Output only. The attestation data provided by the HSM when the key
|
|
# operation was performed.
|
|
"format": "A String", # Output only. The format of the attestation data.
|
|
},
|
|
"state": "A String", # The current state of the CryptoKeyVersion.
|
|
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
|
|
# destroyed. Only present if state is
|
|
# DESTROYED.
|
|
"generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
|
|
# generated.
|
|
"createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
|
|
}
|
|
|
|
updateMask: string, Required list of fields to be updated in this request.
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
|
|
# associated key material.
|
|
#
|
|
# An ENABLED version can be
|
|
# used for cryptographic operations.
|
|
#
|
|
# For security reasons, the raw cryptographic key material represented by a
|
|
# CryptoKeyVersion can never be viewed or exported. It can only be used to
|
|
# encrypt, decrypt, or sign data when an authorized user or application invokes
|
|
# Cloud KMS.
|
|
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
|
|
# for destruction. Only present if state is
|
|
# DESTROY_SCHEDULED.
|
|
"name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
|
|
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
|
|
"algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
|
|
# CryptoKeyVersion supports.
|
|
"protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
|
|
# performed with this CryptoKeyVersion.
|
|
"attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
|
|
# creation time. Use this statement to verify attributes of the key as stored
|
|
# on the HSM, independently of Google. Only provided for key versions with
|
|
# protection_level HSM.
|
|
# information, see [Verifying attestations]
|
|
# (https://cloud.google.com/kms/docs/attest-key).
|
|
"content": "A String", # Output only. The attestation data provided by the HSM when the key
|
|
# operation was performed.
|
|
"format": "A String", # Output only. The format of the attestation data.
|
|
},
|
|
"state": "A String", # The current state of the CryptoKeyVersion.
|
|
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
|
|
# destroyed. Only present if state is
|
|
# DESTROYED.
|
|
"generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
|
|
# generated.
|
|
"createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
|
|
}</pre>
|
|
</div>
|
|
|
|
<div class="method">
|
|
<code class="details" id="restore">restore(name, body=None, x__xgafv=None)</code>
|
|
<pre>Restore a CryptoKeyVersion in the
|
|
DESTROY_SCHEDULED
|
|
state.
|
|
|
|
Upon restoration of the CryptoKeyVersion, state
|
|
will be set to DISABLED,
|
|
and destroy_time will be cleared.
|
|
|
|
Args:
|
|
name: string, The resource name of the CryptoKeyVersion to restore. (required)
|
|
body: object, The request body.
|
|
The object takes the form of:
|
|
|
|
{ # Request message for KeyManagementService.RestoreCryptoKeyVersion.
|
|
}
|
|
|
|
x__xgafv: string, V1 error format.
|
|
Allowed values
|
|
1 - v1 error format
|
|
2 - v2 error format
|
|
|
|
Returns:
|
|
An object of the form:
|
|
|
|
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
|
|
# associated key material.
|
|
#
|
|
# An ENABLED version can be
|
|
# used for cryptographic operations.
|
|
#
|
|
# For security reasons, the raw cryptographic key material represented by a
|
|
# CryptoKeyVersion can never be viewed or exported. It can only be used to
|
|
# encrypt, decrypt, or sign data when an authorized user or application invokes
|
|
# Cloud KMS.
|
|
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
|
|
# for destruction. Only present if state is
|
|
# DESTROY_SCHEDULED.
|
|
"name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
|
|
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
|
|
"algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
|
|
# CryptoKeyVersion supports.
|
|
"protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
|
|
# performed with this CryptoKeyVersion.
|
|
"attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
|
|
# creation time. Use this statement to verify attributes of the key as stored
|
|
# on the HSM, independently of Google. Only provided for key versions with
|
|
# protection_level HSM.
|
|
# information, see [Verifying attestations]
|
|
# (https://cloud.google.com/kms/docs/attest-key).
|
|
"content": "A String", # Output only. The attestation data provided by the HSM when the key
|
|
# operation was performed.
|
|
"format": "A String", # Output only. The format of the attestation data.
|
|
},
|
|
"state": "A String", # The current state of the CryptoKeyVersion.
|
|
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
|
|
# destroyed. Only present if state is
|
|
# DESTROYED.
|
|
"generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
|
|
# generated.
|
|
"createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
|
|
}</pre>
|
|
</div>
|
|
|
|
</body></html> |