Regen all docs. (#700)
* Stop recursing if discovery == {}
* Generate docs with 'make docs'.
diff --git a/docs/dyn/cloudkms_v1.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.html b/docs/dyn/cloudkms_v1.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.html
index 32cf33d..579400a 100644
--- a/docs/dyn/cloudkms_v1.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.html
+++ b/docs/dyn/cloudkms_v1.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.html
@@ -72,19 +72,28 @@
</style>
-<h1><a href="cloudkms_v1.html">Google Cloud Key Management Service (KMS) API</a> . <a href="cloudkms_v1.projects.html">projects</a> . <a href="cloudkms_v1.projects.locations.html">locations</a> . <a href="cloudkms_v1.projects.locations.keyRings.html">keyRings</a> . <a href="cloudkms_v1.projects.locations.keyRings.cryptoKeys.html">cryptoKeys</a> . <a href="cloudkms_v1.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.html">cryptoKeyVersions</a></h1>
+<h1><a href="cloudkms_v1.html">Cloud Key Management Service (KMS) API</a> . <a href="cloudkms_v1.projects.html">projects</a> . <a href="cloudkms_v1.projects.locations.html">locations</a> . <a href="cloudkms_v1.projects.locations.keyRings.html">keyRings</a> . <a href="cloudkms_v1.projects.locations.keyRings.cryptoKeys.html">cryptoKeys</a> . <a href="cloudkms_v1.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.html">cryptoKeyVersions</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
+ <code><a href="#asymmetricDecrypt">asymmetricDecrypt(name, body, x__xgafv=None)</a></code></p>
+<p class="firstline">Decrypts data that was encrypted with a public key retrieved from</p>
+<p class="toc_element">
+ <code><a href="#asymmetricSign">asymmetricSign(name, body, x__xgafv=None)</a></code></p>
+<p class="firstline">Signs data using a CryptoKeyVersion with CryptoKey.purpose</p>
+<p class="toc_element">
<code><a href="#create">create(parent, body, x__xgafv=None)</a></code></p>
<p class="firstline">Create a new CryptoKeyVersion in a CryptoKey.</p>
<p class="toc_element">
- <code><a href="#destroy">destroy(name, body, x__xgafv=None)</a></code></p>
+ <code><a href="#destroy">destroy(name, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Schedule a CryptoKeyVersion for destruction.</p>
<p class="toc_element">
<code><a href="#get">get(name, x__xgafv=None)</a></code></p>
<p class="firstline">Returns metadata for a given CryptoKeyVersion.</p>
<p class="toc_element">
- <code><a href="#list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p>
+ <code><a href="#getPublicKey">getPublicKey(name, x__xgafv=None)</a></code></p>
+<p class="firstline">Returns the public key for the given CryptoKeyVersion. The</p>
+<p class="toc_element">
+ <code><a href="#list">list(parent, pageSize=None, pageToken=None, x__xgafv=None, view=None)</a></code></p>
<p class="firstline">Lists CryptoKeyVersions.</p>
<p class="toc_element">
<code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
@@ -93,10 +102,74 @@
<code><a href="#patch">patch(name, body, updateMask=None, x__xgafv=None)</a></code></p>
<p class="firstline">Update a CryptoKeyVersion's metadata.</p>
<p class="toc_element">
- <code><a href="#restore">restore(name, body, x__xgafv=None)</a></code></p>
+ <code><a href="#restore">restore(name, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Restore a CryptoKeyVersion in the</p>
<h3>Method Details</h3>
<div class="method">
+ <code class="details" id="asymmetricDecrypt">asymmetricDecrypt(name, body, x__xgafv=None)</code>
+ <pre>Decrypts data that was encrypted with a public key retrieved from
+GetPublicKey corresponding to a CryptoKeyVersion with
+CryptoKey.purpose ASYMMETRIC_DECRYPT.
+
+Args:
+ name: string, Required. The resource name of the CryptoKeyVersion to use for
+decryption. (required)
+ body: object, The request body. (required)
+ The object takes the form of:
+
+{ # Request message for KeyManagementService.AsymmetricDecrypt.
+ "ciphertext": "A String", # Required. The data encrypted with the named CryptoKeyVersion's public
+ # key using OAEP.
+ }
+
+ x__xgafv: string, V1 error format.
+ Allowed values
+ 1 - v1 error format
+ 2 - v2 error format
+
+Returns:
+ An object of the form:
+
+ { # Response message for KeyManagementService.AsymmetricDecrypt.
+ "plaintext": "A String", # The decrypted data originally encrypted with the matching public key.
+ }</pre>
+</div>
+
+<div class="method">
+ <code class="details" id="asymmetricSign">asymmetricSign(name, body, x__xgafv=None)</code>
+ <pre>Signs data using a CryptoKeyVersion with CryptoKey.purpose
+ASYMMETRIC_SIGN, producing a signature that can be verified with the public
+key retrieved from GetPublicKey.
+
+Args:
+ name: string, Required. The resource name of the CryptoKeyVersion to use for signing. (required)
+ body: object, The request body. (required)
+ The object takes the form of:
+
+{ # Request message for KeyManagementService.AsymmetricSign.
+ "digest": { # A Digest holds a cryptographic message digest. # Required. The digest of the data to sign. The digest must be produced with
+ # the same digest algorithm as specified by the key version's
+ # algorithm.
+ "sha256": "A String", # A message digest produced with the SHA-256 algorithm.
+ "sha512": "A String", # A message digest produced with the SHA-512 algorithm.
+ "sha384": "A String", # A message digest produced with the SHA-384 algorithm.
+ },
+ }
+
+ x__xgafv: string, V1 error format.
+ Allowed values
+ 1 - v1 error format
+ 2 - v2 error format
+
+Returns:
+ An object of the form:
+
+ { # Response message for KeyManagementService.AsymmetricSign.
+ "signature": "A String", # The created signature.
+ }</pre>
+</div>
+
+<div class="method">
<code class="details" id="create">create(parent, body, x__xgafv=None)</code>
<pre>Create a new CryptoKeyVersion in a CryptoKey.
@@ -113,19 +186,39 @@
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
# associated key material.
#
- # It can be used for cryptographic operations either directly, or via its
- # parent CryptoKey, in which case the server will choose the appropriate
- # version for the operation.
- "state": "A String", # The current state of the CryptoKeyVersion.
+ # An ENABLED version can be
+ # used for cryptographic operations.
+ #
+ # For security reasons, the raw cryptographic key material represented by a
+ # CryptoKeyVersion can never be viewed or exported. It can only be used to
+ # encrypt, decrypt, or sign data when an authorized user or application invokes
+ # Cloud KMS.
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
# for destruction. Only present if state is
# DESTROY_SCHEDULED.
- "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
+ "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
+ # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
+ "algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
+ # CryptoKeyVersion supports.
+ "protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
+ # performed with this CryptoKeyVersion.
+ "attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
+ # creation time. Use this statement to verify attributes of the key as stored
+ # on the HSM, independently of Google. Only provided for key versions with
+ # protection_level HSM.
+ # information, see [Verifying attestations]
+ # (https://cloud.google.com/kms/docs/attest-key).
+ "content": "A String", # Output only. The attestation data provided by the HSM when the key
+ # operation was performed.
+ "format": "A String", # Output only. The format of the attestation data.
+ },
+ "state": "A String", # The current state of the CryptoKeyVersion.
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# destroyed. Only present if state is
# DESTROYED.
- "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
- # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
+ "generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
+ # generated.
+ "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
}
x__xgafv: string, V1 error format.
@@ -139,24 +232,44 @@
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
# associated key material.
#
- # It can be used for cryptographic operations either directly, or via its
- # parent CryptoKey, in which case the server will choose the appropriate
- # version for the operation.
- "state": "A String", # The current state of the CryptoKeyVersion.
+ # An ENABLED version can be
+ # used for cryptographic operations.
+ #
+ # For security reasons, the raw cryptographic key material represented by a
+ # CryptoKeyVersion can never be viewed or exported. It can only be used to
+ # encrypt, decrypt, or sign data when an authorized user or application invokes
+ # Cloud KMS.
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
# for destruction. Only present if state is
# DESTROY_SCHEDULED.
- "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
+ "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
+ # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
+ "algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
+ # CryptoKeyVersion supports.
+ "protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
+ # performed with this CryptoKeyVersion.
+ "attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
+ # creation time. Use this statement to verify attributes of the key as stored
+ # on the HSM, independently of Google. Only provided for key versions with
+ # protection_level HSM.
+ # information, see [Verifying attestations]
+ # (https://cloud.google.com/kms/docs/attest-key).
+ "content": "A String", # Output only. The attestation data provided by the HSM when the key
+ # operation was performed.
+ "format": "A String", # Output only. The format of the attestation data.
+ },
+ "state": "A String", # The current state of the CryptoKeyVersion.
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# destroyed. Only present if state is
# DESTROYED.
- "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
- # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
+ "generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
+ # generated.
+ "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
}</pre>
</div>
<div class="method">
- <code class="details" id="destroy">destroy(name, body, x__xgafv=None)</code>
+ <code class="details" id="destroy">destroy(name, body=None, x__xgafv=None)</code>
<pre>Schedule a CryptoKeyVersion for destruction.
Upon calling this method, CryptoKeyVersion.state will be set to
@@ -172,7 +285,7 @@
Args:
name: string, The resource name of the CryptoKeyVersion to destroy. (required)
- body: object, The request body. (required)
+ body: object, The request body.
The object takes the form of:
{ # Request message for KeyManagementService.DestroyCryptoKeyVersion.
@@ -189,19 +302,39 @@
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
# associated key material.
#
- # It can be used for cryptographic operations either directly, or via its
- # parent CryptoKey, in which case the server will choose the appropriate
- # version for the operation.
- "state": "A String", # The current state of the CryptoKeyVersion.
+ # An ENABLED version can be
+ # used for cryptographic operations.
+ #
+ # For security reasons, the raw cryptographic key material represented by a
+ # CryptoKeyVersion can never be viewed or exported. It can only be used to
+ # encrypt, decrypt, or sign data when an authorized user or application invokes
+ # Cloud KMS.
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
# for destruction. Only present if state is
# DESTROY_SCHEDULED.
- "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
+ "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
+ # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
+ "algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
+ # CryptoKeyVersion supports.
+ "protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
+ # performed with this CryptoKeyVersion.
+ "attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
+ # creation time. Use this statement to verify attributes of the key as stored
+ # on the HSM, independently of Google. Only provided for key versions with
+ # protection_level HSM.
+ # information, see [Verifying attestations]
+ # (https://cloud.google.com/kms/docs/attest-key).
+ "content": "A String", # Output only. The attestation data provided by the HSM when the key
+ # operation was performed.
+ "format": "A String", # Output only. The format of the attestation data.
+ },
+ "state": "A String", # The current state of the CryptoKeyVersion.
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# destroyed. Only present if state is
# DESTROYED.
- "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
- # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
+ "generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
+ # generated.
+ "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
}</pre>
</div>
@@ -222,24 +355,74 @@
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
# associated key material.
#
- # It can be used for cryptographic operations either directly, or via its
- # parent CryptoKey, in which case the server will choose the appropriate
- # version for the operation.
- "state": "A String", # The current state of the CryptoKeyVersion.
+ # An ENABLED version can be
+ # used for cryptographic operations.
+ #
+ # For security reasons, the raw cryptographic key material represented by a
+ # CryptoKeyVersion can never be viewed or exported. It can only be used to
+ # encrypt, decrypt, or sign data when an authorized user or application invokes
+ # Cloud KMS.
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
# for destruction. Only present if state is
# DESTROY_SCHEDULED.
- "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
+ "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
+ # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
+ "algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
+ # CryptoKeyVersion supports.
+ "protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
+ # performed with this CryptoKeyVersion.
+ "attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
+ # creation time. Use this statement to verify attributes of the key as stored
+ # on the HSM, independently of Google. Only provided for key versions with
+ # protection_level HSM.
+ # information, see [Verifying attestations]
+ # (https://cloud.google.com/kms/docs/attest-key).
+ "content": "A String", # Output only. The attestation data provided by the HSM when the key
+ # operation was performed.
+ "format": "A String", # Output only. The format of the attestation data.
+ },
+ "state": "A String", # The current state of the CryptoKeyVersion.
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# destroyed. Only present if state is
# DESTROYED.
- "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
- # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
+ "generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
+ # generated.
+ "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
}</pre>
</div>
<div class="method">
- <code class="details" id="list">list(parent, pageSize=None, pageToken=None, x__xgafv=None)</code>
+ <code class="details" id="getPublicKey">getPublicKey(name, x__xgafv=None)</code>
+ <pre>Returns the public key for the given CryptoKeyVersion. The
+CryptoKey.purpose must be
+ASYMMETRIC_SIGN or
+ASYMMETRIC_DECRYPT.
+
+Args:
+ name: string, The name of the CryptoKeyVersion public key to
+get. (required)
+ x__xgafv: string, V1 error format.
+ Allowed values
+ 1 - v1 error format
+ 2 - v2 error format
+
+Returns:
+ An object of the form:
+
+ { # The public key for a given CryptoKeyVersion. Obtained via
+ # GetPublicKey.
+ "pem": "A String", # The public key, encoded in PEM format. For more information, see the
+ # [RFC 7468](https://tools.ietf.org/html/rfc7468) sections for
+ # [General Considerations](https://tools.ietf.org/html/rfc7468#section-2) and
+ # [Textual Encoding of Subject Public Key Info]
+ # (https://tools.ietf.org/html/rfc7468#section-13).
+ "algorithm": "A String", # The Algorithm associated
+ # with this key.
+ }</pre>
+</div>
+
+<div class="method">
+ <code class="details" id="list">list(parent, pageSize=None, pageToken=None, x__xgafv=None, view=None)</code>
<pre>Lists CryptoKeyVersions.
Args:
@@ -256,6 +439,7 @@
Allowed values
1 - v1 error format
2 - v2 error format
+ view: string, The fields to include in the response.
Returns:
An object of the form:
@@ -270,19 +454,39 @@
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
# associated key material.
#
- # It can be used for cryptographic operations either directly, or via its
- # parent CryptoKey, in which case the server will choose the appropriate
- # version for the operation.
- "state": "A String", # The current state of the CryptoKeyVersion.
+ # An ENABLED version can be
+ # used for cryptographic operations.
+ #
+ # For security reasons, the raw cryptographic key material represented by a
+ # CryptoKeyVersion can never be viewed or exported. It can only be used to
+ # encrypt, decrypt, or sign data when an authorized user or application invokes
+ # Cloud KMS.
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
# for destruction. Only present if state is
# DESTROY_SCHEDULED.
- "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
+ "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
+ # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
+ "algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
+ # CryptoKeyVersion supports.
+ "protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
+ # performed with this CryptoKeyVersion.
+ "attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
+ # creation time. Use this statement to verify attributes of the key as stored
+ # on the HSM, independently of Google. Only provided for key versions with
+ # protection_level HSM.
+ # information, see [Verifying attestations]
+ # (https://cloud.google.com/kms/docs/attest-key).
+ "content": "A String", # Output only. The attestation data provided by the HSM when the key
+ # operation was performed.
+ "format": "A String", # Output only. The format of the attestation data.
+ },
+ "state": "A String", # The current state of the CryptoKeyVersion.
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# destroyed. Only present if state is
# DESTROYED.
- "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
- # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
+ "generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
+ # generated.
+ "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
},
],
}</pre>
@@ -321,19 +525,39 @@
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
# associated key material.
#
- # It can be used for cryptographic operations either directly, or via its
- # parent CryptoKey, in which case the server will choose the appropriate
- # version for the operation.
- "state": "A String", # The current state of the CryptoKeyVersion.
+ # An ENABLED version can be
+ # used for cryptographic operations.
+ #
+ # For security reasons, the raw cryptographic key material represented by a
+ # CryptoKeyVersion can never be viewed or exported. It can only be used to
+ # encrypt, decrypt, or sign data when an authorized user or application invokes
+ # Cloud KMS.
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
# for destruction. Only present if state is
# DESTROY_SCHEDULED.
- "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
+ "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
+ # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
+ "algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
+ # CryptoKeyVersion supports.
+ "protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
+ # performed with this CryptoKeyVersion.
+ "attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
+ # creation time. Use this statement to verify attributes of the key as stored
+ # on the HSM, independently of Google. Only provided for key versions with
+ # protection_level HSM.
+ # information, see [Verifying attestations]
+ # (https://cloud.google.com/kms/docs/attest-key).
+ "content": "A String", # Output only. The attestation data provided by the HSM when the key
+ # operation was performed.
+ "format": "A String", # Output only. The format of the attestation data.
+ },
+ "state": "A String", # The current state of the CryptoKeyVersion.
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# destroyed. Only present if state is
# DESTROYED.
- "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
- # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
+ "generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
+ # generated.
+ "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
}
updateMask: string, Required list of fields to be updated in this request.
@@ -348,26 +572,46 @@
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
# associated key material.
#
- # It can be used for cryptographic operations either directly, or via its
- # parent CryptoKey, in which case the server will choose the appropriate
- # version for the operation.
- "state": "A String", # The current state of the CryptoKeyVersion.
+ # An ENABLED version can be
+ # used for cryptographic operations.
+ #
+ # For security reasons, the raw cryptographic key material represented by a
+ # CryptoKeyVersion can never be viewed or exported. It can only be used to
+ # encrypt, decrypt, or sign data when an authorized user or application invokes
+ # Cloud KMS.
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
# for destruction. Only present if state is
# DESTROY_SCHEDULED.
- "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
+ "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
+ # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
+ "algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
+ # CryptoKeyVersion supports.
+ "protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
+ # performed with this CryptoKeyVersion.
+ "attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
+ # creation time. Use this statement to verify attributes of the key as stored
+ # on the HSM, independently of Google. Only provided for key versions with
+ # protection_level HSM.
+ # information, see [Verifying attestations]
+ # (https://cloud.google.com/kms/docs/attest-key).
+ "content": "A String", # Output only. The attestation data provided by the HSM when the key
+ # operation was performed.
+ "format": "A String", # Output only. The format of the attestation data.
+ },
+ "state": "A String", # The current state of the CryptoKeyVersion.
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# destroyed. Only present if state is
# DESTROYED.
- "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
- # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
+ "generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
+ # generated.
+ "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
}</pre>
</div>
<div class="method">
- <code class="details" id="restore">restore(name, body, x__xgafv=None)</code>
+ <code class="details" id="restore">restore(name, body=None, x__xgafv=None)</code>
<pre>Restore a CryptoKeyVersion in the
-DESTROY_SCHEDULED,
+DESTROY_SCHEDULED
state.
Upon restoration of the CryptoKeyVersion, state
@@ -376,7 +620,7 @@
Args:
name: string, The resource name of the CryptoKeyVersion to restore. (required)
- body: object, The request body. (required)
+ body: object, The request body.
The object takes the form of:
{ # Request message for KeyManagementService.RestoreCryptoKeyVersion.
@@ -393,19 +637,39 @@
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
# associated key material.
#
- # It can be used for cryptographic operations either directly, or via its
- # parent CryptoKey, in which case the server will choose the appropriate
- # version for the operation.
- "state": "A String", # The current state of the CryptoKeyVersion.
+ # An ENABLED version can be
+ # used for cryptographic operations.
+ #
+ # For security reasons, the raw cryptographic key material represented by a
+ # CryptoKeyVersion can never be viewed or exported. It can only be used to
+ # encrypt, decrypt, or sign data when an authorized user or application invokes
+ # Cloud KMS.
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
# for destruction. Only present if state is
# DESTROY_SCHEDULED.
- "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
+ "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
+ # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
+ "algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
+ # CryptoKeyVersion supports.
+ "protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
+ # performed with this CryptoKeyVersion.
+ "attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
+ # creation time. Use this statement to verify attributes of the key as stored
+ # on the HSM, independently of Google. Only provided for key versions with
+ # protection_level HSM.
+ # information, see [Verifying attestations]
+ # (https://cloud.google.com/kms/docs/attest-key).
+ "content": "A String", # Output only. The attestation data provided by the HSM when the key
+ # operation was performed.
+ "format": "A String", # Output only. The format of the attestation data.
+ },
+ "state": "A String", # The current state of the CryptoKeyVersion.
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# destroyed. Only present if state is
# DESTROYED.
- "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
- # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
+ "generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
+ # generated.
+ "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
}</pre>
</div>