Struct sdkms::SdkmsClient
source · [−]pub struct SdkmsClient { /* private fields */ }
Expand description
A client session with SDKMS.
REST APIs are exposed as methods on this type. Communication with SDKMS API endpoint is protected with TLS and this
type uses simple_hyper_client::blocking::Client
along with tokio_native_tls::TlsConnector
for HTTP/TLS.
When making crypto API calls using an API key, it is possible to pass the API key as an HTTP Basic Authorization
header along with each request. This can be achieved by setting the API key using
SdkmsClientBuilder::with_api_key()
. Note that some features, e.g. transient keys, may not be available when
using this authentication method. To be able to use such features, you can establish a session using any of the
following methods:
Note that certain non-cryptographic APIs require a user session, which can be established using
authenticate_user()
. This includes many APIs such as:
Also note that a user session is generally not permitted to call crypto APIs. In case your current authorization is not appropriate for a particular API call, you’ll get an error to that effect from SDKMS.
Certain APIs are “approvable”, i.e. they can be subject to an approval policy. In such cases there are two methods
on SdkmsClient
, e.g. encrypt()
/ request_approval_to_encrypt()
. Whether or not you need to call
request_approval_to_encrypt()
depends on the approval policy that is applicable to the security object being
used in your request. You can find out if a particular request is subject to an approval policy by first calling
the regular API, e.g. encrypt()
and checking if the response indicates that an approval request is needed at
which point you can call request_approval_to_encrypt()
. There is an example of how to do this in
the repository.
Implementations
sourceimpl SdkmsClient
impl SdkmsClient
pub fn builder() -> SdkmsClientBuilder
pub fn authenticate_with_api_key(&self, api_key: &str) -> Result<Self>
pub fn authenticate_with_cert(&self, app_id: Option<&Uuid>) -> Result<Self>
pub fn authenticate_app(&self, app_id: &Uuid, app_secret: &str) -> Result<Self>
pub fn authenticate_user(&self, email: &str, password: &str) -> Result<Self>
pub fn api_endpoint(&self) -> &str
pub fn auth_response(&self) -> Option<&AuthResponse>
pub fn entity_id(&self) -> Option<Uuid>
pub fn has_session(&self) -> bool
sourceimpl SdkmsClient
impl SdkmsClient
pub fn terminate(&mut self) -> Result<()>
pub fn invoke_plugin_nice<I, O>(&self, id: &Uuid, req: &I) -> Result<O> where
I: Serialize,
O: for<'de> Deserialize<'de>,
pub fn execute<O: Operation>(
&self,
body: &O::Body,
p: <O::PathParams as TupleRef<'_>>::Ref,
q: Option<&O::QueryParams>
) -> Result<O::Output>
pub fn request_approval<O: Operation>(
&self,
body: &O::Body,
p: <O::PathParams as TupleRef<'_>>::Ref,
q: Option<&O::QueryParams>,
description: Option<String>
) -> Result<PendingApproval<O>>
pub fn expires_in(&self) -> Option<u64>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn list_accounts(
&self,
query_params: Option<&GetAccountParams>
) -> Result<Vec<Account>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn get_account(
&self,
id: &Uuid,
query_params: Option<&GetAccountParams>
) -> Result<Account>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn create_account(&self, req: &AccountRequest) -> Result<Account>
pub fn request_approval_to_create_account(
&self,
req: &AccountRequest,
description: Option<String>
) -> Result<PendingApproval<OperationCreateAccount>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn update_account(&self, id: &Uuid, req: &AccountRequest) -> Result<Account>
pub fn request_approval_to_update_account(
&self,
id: &Uuid,
req: &AccountRequest,
description: Option<String>
) -> Result<PendingApproval<OperationUpdateAccount>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn delete_account(&self, id: &Uuid) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn account_usage(
&self,
id: &Uuid,
query_params: Option<&CountParams>
) -> Result<GetUsageResponse>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn list_approval_requests(
&self,
query_params: Option<&ListApprovalRequestsParams>
) -> Result<Vec<ApprovalRequest>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn get_approval_request(&self, id: &Uuid) -> Result<ApprovalRequest>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn create_approval_request(
&self,
req: &ApprovalRequestRequest
) -> Result<ApprovalRequest>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn approve_request(
&self,
id: &Uuid,
req: &ApproveRequest
) -> Result<ApprovalRequest>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn deny_request(&self, id: &Uuid) -> Result<ApprovalRequest>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn get_approval_request_result(&self, id: &Uuid) -> Result<ApprovableResult>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn delete_approval_request(&self, id: &Uuid) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
sourceimpl SdkmsClient
impl SdkmsClient
sourceimpl SdkmsClient
impl SdkmsClient
pub fn create_app(
&self,
query_params: Option<&GetAppParams>,
req: &AppRequest
) -> Result<App>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn update_app(
&self,
id: &Uuid,
query_params: Option<&GetAppParams>,
req: &AppRequest
) -> Result<App>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn delete_app(&self, id: &Uuid) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn reset_app_secret(
&self,
id: &Uuid,
query_params: Option<&GetAppParams>,
req: &AppResetSecretRequest
) -> Result<App>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn get_app_credential(&self, id: &Uuid) -> Result<AppCredentialResponse>
pub fn request_approval_to_get_app_credential(
&self,
id: &Uuid,
description: Option<String>
) -> Result<PendingApproval<OperationGetAppCredential>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn encrypt(&self, req: &EncryptRequest) -> Result<EncryptResponse>
pub fn request_approval_to_encrypt(
&self,
req: &EncryptRequest,
description: Option<String>
) -> Result<PendingApproval<OperationEncrypt>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn encrypt_init(
&self,
req: &EncryptInitRequest
) -> Result<EncryptInitResponse>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn encrypt_update(
&self,
req: &EncryptUpdateRequest
) -> Result<EncryptUpdateResponse>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn encrypt_final(
&self,
req: &EncryptFinalRequest
) -> Result<EncryptFinalResponse>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn decrypt(&self, req: &DecryptRequest) -> Result<DecryptResponse>
pub fn request_approval_to_decrypt(
&self,
req: &DecryptRequest,
description: Option<String>
) -> Result<PendingApproval<OperationDecrypt>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn decrypt_init(
&self,
req: &DecryptInitRequest
) -> Result<DecryptInitResponse>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn decrypt_update(
&self,
req: &DecryptUpdateRequest
) -> Result<DecryptUpdateResponse>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn decrypt_final(
&self,
req: &DecryptFinalRequest
) -> Result<DecryptFinalResponse>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn sign(&self, req: &SignRequest) -> Result<SignResponse>
pub fn request_approval_to_sign(
&self,
req: &SignRequest,
description: Option<String>
) -> Result<PendingApproval<OperationSign>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn verify(&self, req: &VerifyRequest) -> Result<VerifyResponse>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn wrap(&self, req: &WrapKeyRequest) -> Result<WrapKeyResponse>
pub fn request_approval_to_wrap(
&self,
req: &WrapKeyRequest,
description: Option<String>
) -> Result<PendingApproval<OperationWrap>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn unwrap(&self, req: &UnwrapKeyRequest) -> Result<Sobject>
pub fn request_approval_to_unwrap(
&self,
req: &UnwrapKeyRequest,
description: Option<String>
) -> Result<PendingApproval<OperationUnwrap>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn mac(&self, req: &MacRequest) -> Result<MacResponse>
pub fn request_approval_to_mac(
&self,
req: &MacRequest,
description: Option<String>
) -> Result<PendingApproval<OperationMac>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn mac_verify(&self, req: &VerifyMacRequest) -> Result<VerifyResponse>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn derive(&self, req: &DeriveKeyRequest) -> Result<Sobject>
pub fn request_approval_to_derive(
&self,
req: &DeriveKeyRequest,
description: Option<String>
) -> Result<PendingApproval<OperationDerive>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn agree(&self, req: &AgreeKeyRequest) -> Result<Sobject>
pub fn request_approval_to_agree(
&self,
req: &AgreeKeyRequest,
description: Option<String>
) -> Result<PendingApproval<OperationAgree>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn create_digest(&self, req: &DigestRequest) -> Result<DigestResponse>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn list_external_roles(
&self,
query_params: Option<&ListExternalRolesParams>
) -> Result<Vec<ExternalRole>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn get_external_role(&self, id: &Uuid) -> Result<ExternalRole>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn create_external_role(
&self,
req: &ExternalRoleRequest
) -> Result<ExternalRole>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn sync_external_role(&self, id: &Uuid) -> Result<ExternalRole>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn update_external_role(
&self,
id: &Uuid,
req: &ExternalRoleRequest
) -> Result<ExternalRole>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn delete_external_role(&self, id: &Uuid) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn list_groups(&self) -> Result<Vec<Group>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn create_group(&self, req: &GroupRequest) -> Result<Group>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn update_group(&self, id: &Uuid, req: &GroupRequest) -> Result<Group>
pub fn request_approval_to_update_group(
&self,
id: &Uuid,
req: &GroupRequest,
description: Option<String>
) -> Result<PendingApproval<OperationUpdateGroup>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn delete_group(&self, id: &Uuid) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn create_sobject(&self, req: &SobjectRequest) -> Result<Sobject>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn import_sobject(&self, req: &SobjectRequest) -> Result<Sobject>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn update_sobject(&self, id: &Uuid, req: &SobjectRequest) -> Result<Sobject>
pub fn request_approval_to_update_sobject(
&self,
id: &Uuid,
req: &SobjectRequest,
description: Option<String>
) -> Result<PendingApproval<OperationUpdateSobject>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn delete_sobject(&self, id: &Uuid) -> Result<()>
pub fn request_approval_to_delete_sobject(
&self,
id: &Uuid,
description: Option<String>
) -> Result<PendingApproval<OperationDeleteSobject>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn list_sobjects(
&self,
query_params: Option<&ListSobjectsParams>
) -> Result<Vec<Sobject>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn get_sobject(
&self,
query_params: Option<&GetSobjectParams>,
req: &SobjectDescriptor
) -> Result<Sobject>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn remove_private(&self, id: &Uuid) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn export_sobject(&self, req: &SobjectDescriptor) -> Result<Sobject>
pub fn request_approval_to_export_sobject(
&self,
req: &SobjectDescriptor,
description: Option<String>
) -> Result<PendingApproval<OperationExportSobject>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn digest_sobject(
&self,
req: &ObjectDigestRequest
) -> Result<ObjectDigestResponse>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn persist_transient_key(
&self,
req: &PersistTransientKeyRequest
) -> Result<Sobject>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn rotate_sobject(&self, req: &SobjectRequest) -> Result<Sobject>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn activate_sobject(&self, id: &Uuid) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn revoke_sobject(&self, id: &Uuid, req: &RevocationReason) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn batch_sign(
&self,
req: &Vec<SignRequest>
) -> Result<Vec<BatchResponseItem<SignResponse>>>
pub fn request_approval_to_batch_sign(
&self,
req: &Vec<SignRequest>,
description: Option<String>
) -> Result<PendingApproval<OperationBatchSign>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn batch_verify(
&self,
req: &Vec<VerifyRequest>
) -> Result<Vec<BatchResponseItem<VerifyResponse>>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn list_plugins(
&self,
query_params: Option<&ListPluginsParams>
) -> Result<Vec<Plugin>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn get_plugin(&self, id: &Uuid) -> Result<Plugin>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn create_plugin(&self, req: &PluginRequest) -> Result<Plugin>
pub fn request_approval_to_create_plugin(
&self,
req: &PluginRequest,
description: Option<String>
) -> Result<PendingApproval<OperationCreatePlugin>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn update_plugin(&self, id: &Uuid, req: &PluginRequest) -> Result<Plugin>
pub fn request_approval_to_update_plugin(
&self,
id: &Uuid,
req: &PluginRequest,
description: Option<String>
) -> Result<PendingApproval<OperationUpdatePlugin>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn delete_plugin(&self, id: &Uuid) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn invoke_plugin(&self, id: &Uuid, req: &Value) -> Result<PluginOutput>
pub fn request_approval_to_invoke_plugin(
&self,
id: &Uuid,
req: &Value,
description: Option<String>
) -> Result<PendingApproval<OperationInvokePlugin>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn select_account(
&self,
req: &SelectAccountRequest
) -> Result<SelectAccountResponse>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn u2f_auth(&self, req: &U2fAuthRequest) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn recovery_code_auth(&self, req: &RecoveryCodeAuthRequest) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn config_2fa_auth(
&self,
req: &Config2faAuthRequest
) -> Result<Config2faAuthResponse>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn config_2fa_terminate(&self) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn u2f_new_challenge(&self) -> Result<MfaChallengeResponse>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn signup_user(&self, req: &SignupRequest) -> Result<User>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn list_users(
&self,
query_params: Option<&ListUsersParams>
) -> Result<Vec<User>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn update_user(&self, id: &Uuid, req: &UserRequest) -> Result<User>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn reset_password(
&self,
id: &Uuid,
req: &PasswordResetRequest
) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn forgot_password(&self, req: &ForgotPasswordRequest) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn invite_user(&self, req: &UserRequest) -> Result<User>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn process_invite(&self, req: &ProcessInviteRequest) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn resend_invite(&self, id: &Uuid) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn delete_user(&self) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn change_password(&self, req: &PasswordChangeRequest) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn get_user_accounts(&self) -> Result<HashMap<Uuid, UserAccountFlags>>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn delete_user_account(&self, id: &Uuid) -> Result<()>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn generate_recovery_codes(&self) -> Result<RecoveryCodes>
sourceimpl SdkmsClient
impl SdkmsClient
pub fn version(&self) -> Result<VersionResponse>
Trait Implementations
Auto Trait Implementations
impl !RefUnwindSafe for SdkmsClient
impl Send for SdkmsClient
impl Sync for SdkmsClient
impl Unpin for SdkmsClient
impl !UnwindSafe for SdkmsClient
Blanket Implementations
sourceimpl<T> BorrowMut<T> for T where
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
sourceimpl<T> Instrument for T
impl<T> Instrument for T
sourcefn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
sourcefn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
sourceimpl<T> WithSubscriber for T
impl<T> WithSubscriber for T
sourcefn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where
S: Into<Dispatch>,
fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where
S: Into<Dispatch>,
Attaches the provided Subscriber
to this type, returning a
WithDispatch
wrapper. Read more
sourcefn with_current_subscriber(self) -> WithDispatch<Self>
fn with_current_subscriber(self) -> WithDispatch<Self>
Attaches the current default Subscriber
to this type, returning a
WithDispatch
wrapper. Read more