[−][src]Crate google_cloudkms1
This documentation was generated from Cloud KMS crate version 1.0.10+20190626, where 20190626 is the exact revision of the cloudkms:v1 schema built by the mako code generator v1.0.10.
Everything else about the Cloud KMS v1 API can be found at the official documentation site. The original source code is on github.
Features
Handle the following Resources with ease from the central hub ...
- projects
- locations get, locations key rings create, locations key rings crypto keys create, locations key rings crypto keys crypto key versions asymmetric decrypt, locations key rings crypto keys crypto key versions asymmetric sign, locations key rings crypto keys crypto key versions create, locations key rings crypto keys crypto key versions destroy, locations key rings crypto keys crypto key versions get, locations key rings crypto keys crypto key versions get public key, locations key rings crypto keys crypto key versions import, locations key rings crypto keys crypto key versions list, locations key rings crypto keys crypto key versions patch, locations key rings crypto keys crypto key versions restore, locations key rings crypto keys decrypt, locations key rings crypto keys encrypt, locations key rings crypto keys get, locations key rings crypto keys get iam policy, locations key rings crypto keys list, locations key rings crypto keys patch, locations key rings crypto keys set iam policy, locations key rings crypto keys test iam permissions, locations key rings crypto keys update primary version, locations key rings get, locations key rings get iam policy, locations key rings import jobs create, locations key rings import jobs get, locations key rings import jobs get iam policy, locations key rings import jobs list, locations key rings import jobs set iam policy, locations key rings import jobs test iam permissions, locations key rings list, locations key rings set iam policy, locations key rings test iam permissions and locations list
Not what you are looking for ? Find all other Google APIs in their Rust documentation index.
Structure of this Library
The API is structured into the following primary items:
- Hub
- a central object to maintain state and allow accessing all Activities
- creates Method Builders which in turn allow access to individual Call Builders
- Resources
- primary types that you can apply Activities to
- a collection of properties and Parts
- Parts
- a collection of properties
- never directly used in Activities
- Activities
- operations to apply to Resources
All structures are marked with applicable traits to further categorize them and ease browsing.
Generally speaking, you can invoke Activities like this:
let r = hub.resource().activity(...).doit()
Or specifically ...
let r = hub.projects().locations_key_rings_crypto_keys_crypto_key_versions_import(...).doit() let r = hub.projects().locations_key_rings_crypto_keys_crypto_key_versions_patch(...).doit() let r = hub.projects().locations_key_rings_crypto_keys_crypto_key_versions_create(...).doit() let r = hub.projects().locations_key_rings_crypto_keys_crypto_key_versions_destroy(...).doit() let r = hub.projects().locations_key_rings_crypto_keys_crypto_key_versions_get(...).doit() let r = hub.projects().locations_key_rings_crypto_keys_crypto_key_versions_restore(...).doit()
The resource() and activity(...) calls create builders. The second one dealing with Activities
supports various methods to configure the impending operation (not shown here). It is made such that all required arguments have to be
specified right away (i.e. (...)), whereas all optional ones can be build up as desired.
The doit() method performs the actual communication with the server and returns the respective result.
Usage
Setting up your Project
To use this library, you would put the following lines into your Cargo.toml file:
[dependencies]
google-cloudkms1 = "*"
# This project intentionally uses an old version of Hyper. See
# https://github.com/Byron/google-apis-rs/issues/173 for more
# information.
hyper = "^0.10"
hyper-rustls = "^0.6"
serde = "^1.0"
serde_json = "^1.0"
yup-oauth2 = "^1.0"
A complete example
extern crate hyper; extern crate hyper_rustls; extern crate yup_oauth2 as oauth2; extern crate google_cloudkms1 as cloudkms1; use cloudkms1::CryptoKeyVersion; use cloudkms1::{Result, Error}; use std::default::Default; use oauth2::{Authenticator, DefaultAuthenticatorDelegate, ApplicationSecret, MemoryStorage}; use cloudkms1::CloudKMS; // Get an ApplicationSecret instance by some means. It contains the `client_id` and // `client_secret`, among other things. let secret: ApplicationSecret = Default::default(); // Instantiate the authenticator. It will choose a suitable authentication flow for you, // unless you replace `None` with the desired Flow. // Provide your own `AuthenticatorDelegate` to adjust the way it operates and get feedback about // what's going on. You probably want to bring in your own `TokenStorage` to persist tokens and // retrieve them from storage. let auth = Authenticator::new(&secret, DefaultAuthenticatorDelegate, hyper::Client::with_connector(hyper::net::HttpsConnector::new(hyper_rustls::TlsClient::new())), <MemoryStorage as Default>::default(), None); let mut hub = CloudKMS::new(hyper::Client::with_connector(hyper::net::HttpsConnector::new(hyper_rustls::TlsClient::new())), auth); // As the method needs a request, you would usually fill it with the desired information // into the respective structure. Some of the parts shown here might not be applicable ! // Values shown here are possibly random and not representative ! let mut req = CryptoKeyVersion::default(); // You can configure optional parameters by calling the respective setters at will, and // execute the final call using `doit()`. // Values shown here are possibly random and not representative ! let result = hub.projects().locations_key_rings_crypto_keys_crypto_key_versions_patch(req, "name") .update_mask("sed") .doit(); match result { Err(e) => match e { // The Error enum provides details about what exactly happened. // You can also just use its `Debug`, `Display` or `Error` traits Error::HttpError(_) |Error::MissingAPIKey |Error::MissingToken(_) |Error::Cancelled |Error::UploadSizeLimitExceeded(_, _) |Error::Failure(_) |Error::BadRequest(_) |Error::FieldClash(_) |Error::JsonDecodeError(_, _) => println!("{}", e), }, Ok(res) => println!("Success: {:?}", res), }
Handling Errors
All errors produced by the system are provided either as Result enumeration as return value of the doit() methods, or handed as possibly intermediate results to either the Hub Delegate, or the Authenticator Delegate.
When delegates handle errors or intermediate values, they may have a chance to instruct the system to retry. This makes the system potentially resilient to all kinds of errors.
Uploads and Downloads
If a method supports downloads, the response body, which is part of the Result, should be
read by you to obtain the media.
If such a method also supports a Response Result, it will return that by default.
You can see it as meta-data for the actual media. To trigger a media download, you will have to set up the builder by making
this call: .param("alt", "media").
Methods supporting uploads can do so using up to 2 different protocols:
simple and resumable. The distinctiveness of each is represented by customized
doit(...) methods, which are then named upload(...) and upload_resumable(...) respectively.
Customization and Callbacks
You may alter the way an doit() method is called by providing a delegate to the
Method Builder before making the final doit() call.
Respective methods will be called to provide progress information, as well as determine whether the system should
retry on failure.
The delegate trait is default-implemented, allowing you to customize it with minimal effort.
Optional Parts in Server-Requests
All structures provided by this library are made to be enocodable and decodable via json. Optionals are used to indicate that partial requests are responses are valid. Most optionals are are considered Parts which are identifiable by name, which will be sent to the server to indicate either the set parts of the request or the desired parts in the response.
Builder Arguments
Using method builders, you are able to prepare an action call by repeatedly calling it's methods. These will always take a single argument, for which the following statements are true.
- PODs are handed by copy
- strings are passed as
&str - request values are moved
Arguments will always be copied or cloned into the builder, to make them independent of their original life times.
Structs
| AsymmetricDecryptRequest | Request message for KeyManagementService.AsymmetricDecrypt. |
| AsymmetricDecryptResponse | Response message for KeyManagementService.AsymmetricDecrypt. |
| AsymmetricSignRequest | Request message for KeyManagementService.AsymmetricSign. |
| AsymmetricSignResponse | Response message for KeyManagementService.AsymmetricSign. |
| AuditConfig | Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. |
| AuditLogConfig | Provides the configuration for logging a type of permissions. Example: |
| Binding | Associates |
| Chunk | |
| CloudKMS | Central instance to access all CloudKMS related resource activities |
| ContentRange | Implements the Content-Range header, for serialization only |
| CryptoKey | A CryptoKey represents a logical key that can be used for cryptographic operations. |
| CryptoKeyVersion | A CryptoKeyVersion represents an individual cryptographic key, and the associated key material. |
| CryptoKeyVersionTemplate | A CryptoKeyVersionTemplate specifies the properties to use when creating a new CryptoKeyVersion, either manually with CreateCryptoKeyVersion or automatically as a result of auto-rotation. |
| DecryptRequest | Request message for KeyManagementService.Decrypt. |
| DecryptResponse | Response message for KeyManagementService.Decrypt. |
| DefaultDelegate | A delegate with a conservative default implementation, which is used if no other delegate is set. |
| DestroyCryptoKeyVersionRequest | Request message for KeyManagementService.DestroyCryptoKeyVersion. |
| Digest | A Digest holds a cryptographic message digest. |
| DummyNetworkStream | |
| EncryptRequest | Request message for KeyManagementService.Encrypt. |
| EncryptResponse | Response message for KeyManagementService.Encrypt. |
| ErrorResponse | A utility to represent detailed errors we might see in case there are BadRequests. The latter happen if the sent parameters or request structures are unsound |
| Expr | Represents an expression text. Example: |
| ImportCryptoKeyVersionRequest | Request message for KeyManagementService.ImportCryptoKeyVersion. |
| ImportJob | An ImportJob can be used to create CryptoKeys and CryptoKeyVersions using pre-existing key material, generated outside of Cloud KMS. |
| JsonServerError | A utility type which can decode a server response that indicates error |
| KeyOperationAttestation | Contains an HSM-generated attestation about a key operation. For more information, see [Verifying attestations] (https://cloud.google.com/kms/docs/attest-key). |
| KeyRing | A KeyRing is a toplevel logical grouping of CryptoKeys. |
| ListCryptoKeyVersionsResponse | Response message for KeyManagementService.ListCryptoKeyVersions. |
| ListCryptoKeysResponse | Response message for KeyManagementService.ListCryptoKeys. |
| ListImportJobsResponse | Response message for KeyManagementService.ListImportJobs. |
| ListKeyRingsResponse | Response message for KeyManagementService.ListKeyRings. |
| ListLocationsResponse | The response message for Locations.ListLocations. |
| Location | A resource that represents Google Cloud Platform location. |
| MethodInfo | Contains information about an API request. |
| MultiPartReader | Provides a |
| Policy | Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources. |
| ProjectLocationGetCall | Gets information about a location. |
| ProjectLocationKeyRingCreateCall | Create a new KeyRing in a given Project and Location. |
| ProjectLocationKeyRingCryptoKeyCreateCall | Create a new CryptoKey within a KeyRing. |
| ProjectLocationKeyRingCryptoKeyCryptoKeyVersionAsymmetricDecryptCall | Decrypts data that was encrypted with a public key retrieved from GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_DECRYPT. |
| ProjectLocationKeyRingCryptoKeyCryptoKeyVersionAsymmetricSignCall | Signs data using a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from GetPublicKey. |
| ProjectLocationKeyRingCryptoKeyCryptoKeyVersionCreateCall | Create a new CryptoKeyVersion in a CryptoKey. |
| ProjectLocationKeyRingCryptoKeyCryptoKeyVersionDestroyCall | Schedule a CryptoKeyVersion for destruction. |
| ProjectLocationKeyRingCryptoKeyCryptoKeyVersionGetCall | Returns metadata for a given CryptoKeyVersion. |
| ProjectLocationKeyRingCryptoKeyCryptoKeyVersionGetPublicKeyCall | Returns the public key for the given CryptoKeyVersion. The CryptoKey.purpose must be ASYMMETRIC_SIGN or ASYMMETRIC_DECRYPT. |
| ProjectLocationKeyRingCryptoKeyCryptoKeyVersionImportCall | Imports a new CryptoKeyVersion into an existing CryptoKey using the wrapped key material provided in the request. |
| ProjectLocationKeyRingCryptoKeyCryptoKeyVersionListCall | Lists CryptoKeyVersions. |
| ProjectLocationKeyRingCryptoKeyCryptoKeyVersionPatchCall | Update a CryptoKeyVersion's metadata. |
| ProjectLocationKeyRingCryptoKeyCryptoKeyVersionRestoreCall | Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state. |
| ProjectLocationKeyRingCryptoKeyDecryptCall | Decrypts data that was protected by Encrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT. |
| ProjectLocationKeyRingCryptoKeyEncryptCall | Encrypts data, so that it can only be recovered by a call to Decrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT. |
| ProjectLocationKeyRingCryptoKeyGetCall | Returns metadata for a given CryptoKey, as well as its primary CryptoKeyVersion. |
| ProjectLocationKeyRingCryptoKeyGetIamPolicyCall | Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. |
| ProjectLocationKeyRingCryptoKeyListCall | Lists CryptoKeys. |
| ProjectLocationKeyRingCryptoKeyPatchCall | Update a CryptoKey. |
| ProjectLocationKeyRingCryptoKeySetIamPolicyCall | Sets the access control policy on the specified resource. Replaces any existing policy. |
| ProjectLocationKeyRingCryptoKeyTestIamPermissionCall | Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error. |
| ProjectLocationKeyRingCryptoKeyUpdatePrimaryVersionCall | Update the version of a CryptoKey that will be used in Encrypt. |
| ProjectLocationKeyRingGetCall | Returns metadata for a given KeyRing. |
| ProjectLocationKeyRingGetIamPolicyCall | Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. |
| ProjectLocationKeyRingImportJobCreateCall | Create a new ImportJob within a KeyRing. |
| ProjectLocationKeyRingImportJobGetCall | Returns metadata for a given ImportJob. |
| ProjectLocationKeyRingImportJobGetIamPolicyCall | Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set. |
| ProjectLocationKeyRingImportJobListCall | Lists ImportJobs. |
| ProjectLocationKeyRingImportJobSetIamPolicyCall | Sets the access control policy on the specified resource. Replaces any existing policy. |
| ProjectLocationKeyRingImportJobTestIamPermissionCall | Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error. |
| ProjectLocationKeyRingListCall | Lists KeyRings. |
| ProjectLocationKeyRingSetIamPolicyCall | Sets the access control policy on the specified resource. Replaces any existing policy. |
| ProjectLocationKeyRingTestIamPermissionCall | Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error. |
| ProjectLocationListCall | Lists information about the supported locations for this service. |
| ProjectMethods | A builder providing access to all methods supported on project resources.
It is not used directly, but through the |
| PublicKey | The public key for a given CryptoKeyVersion. Obtained via GetPublicKey. |
| RangeResponseHeader | |
| RestoreCryptoKeyVersionRequest | Request message for KeyManagementService.RestoreCryptoKeyVersion. |
| ResumableUploadHelper | A utility type to perform a resumable upload from start to end. |
| ServerError | |
| ServerMessage | |
| SetIamPolicyRequest | Request message for |
| TestIamPermissionsRequest | Request message for |
| TestIamPermissionsResponse | Response message for |
| UpdateCryptoKeyPrimaryVersionRequest | Request message for KeyManagementService.UpdateCryptoKeyPrimaryVersion. |
| WrappingPublicKey | The public key component of the wrapping key. For details of the type of key this public key corresponds to, see the ImportMethod. |
| XUploadContentType | The |
Enums
| Error | |
| Scope | Identifies the an OAuth2 authorization scope. A scope is needed when requesting an authorization token. |
Traits
| CallBuilder | Identifies types which represent builders for a particular resource method |
| Delegate | A trait specifying functionality to help controlling any request performed by the API. The trait has a conservative default implementation. |
| Hub | Identifies the Hub. There is only one per library, this trait is supposed to make intended use more explicit. The hub allows to access all resource methods more easily. |
| MethodsBuilder | Identifies types for building methods of a particular resource type |
| NestedType | Identifies types which are only used by other types internally. They have no special meaning, this trait just marks them for completeness. |
| Part | Identifies types which are only used as part of other types, which
usually are carrying the |
| ReadSeek | A utility to specify reader types which provide seeking capabilities too |
| RequestValue | Identifies types which are used in API requests. |
| Resource | Identifies types which can be inserted and deleted. Types with this trait are most commonly used by clients of this API. |
| ResponseResult | Identifies types which are used in API responses. |
| ToParts | A trait for all types that can convert themselves into a parts string |
| UnusedType | Identifies types which are not actually used by the API This might be a bug within the google API schema. |
Functions
| remove_json_null_values |
Type Definitions
| Result | A universal result type used as return for all calls. |