google_cloud_kms_v1/client.rs
1// Copyright 2025 Google LLC
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// https://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14//
15// Code generated by sidekick. DO NOT EDIT.
16#![allow(rustdoc::redundant_explicit_links)]
17#![allow(rustdoc::broken_intra_doc_links)]
18
19/// Implements a client for the Cloud Key Management Service (KMS) API.
20///
21/// # Example
22/// ```
23/// # use google_cloud_kms_v1::client::Autokey;
24/// use google_cloud_gax::paginator::ItemPaginator as _;
25/// # async fn sample() -> Result<(), Box<dyn std::error::Error>> {
26/// let client = Autokey::builder().build().await?;
27/// let parent = "parent_value";
28/// let mut list = client.list_key_handles()
29/// .set_parent(parent)
30/// .by_item();
31/// while let Some(item) = list.next().await.transpose()? {
32/// println!("{:?}", item);
33/// }
34/// # Ok(()) }
35/// ```
36///
37/// # Service Description
38///
39/// Provides interfaces for using [Cloud KMS
40/// Autokey](https://cloud.google.com/kms/help/autokey) to provision new
41/// [CryptoKeys][google.cloud.kms.v1.CryptoKey], ready for Customer Managed
42/// Encryption Key (CMEK) use, on-demand. To support certain client tooling, this
43/// feature is modeled around a [KeyHandle][google.cloud.kms.v1.KeyHandle]
44/// resource: creating a [KeyHandle][google.cloud.kms.v1.KeyHandle] in a resource
45/// project and given location triggers Cloud KMS Autokey to provision a
46/// [CryptoKey][google.cloud.kms.v1.CryptoKey] in the configured key project and
47/// the same location.
48///
49/// Prior to use in a given resource project,
50/// [UpdateAutokeyConfig][google.cloud.kms.v1.AutokeyAdmin.UpdateAutokeyConfig]
51/// should have been called on an ancestor folder, setting the key project where
52/// Cloud KMS Autokey should create new
53/// [CryptoKeys][google.cloud.kms.v1.CryptoKey]. See documentation for additional
54/// prerequisites. To check what key project, if any, is currently configured on
55/// a resource project's ancestor folder, see
56/// [ShowEffectiveAutokeyConfig][google.cloud.kms.v1.AutokeyAdmin.ShowEffectiveAutokeyConfig].
57///
58/// [google.cloud.kms.v1.AutokeyAdmin.ShowEffectiveAutokeyConfig]: crate::client::AutokeyAdmin::show_effective_autokey_config
59/// [google.cloud.kms.v1.AutokeyAdmin.UpdateAutokeyConfig]: crate::client::AutokeyAdmin::update_autokey_config
60/// [google.cloud.kms.v1.CryptoKey]: crate::model::CryptoKey
61/// [google.cloud.kms.v1.KeyHandle]: crate::model::KeyHandle
62///
63/// # Configuration
64///
65/// To configure `Autokey` use the `with_*` methods in the type returned
66/// by [builder()][Autokey::builder]. The default configuration should
67/// work for most applications. Common configuration changes include
68///
69/// * [with_endpoint()]: by default this client uses the global default endpoint
70/// (`https://cloudkms.googleapis.com`). Applications using regional
71/// endpoints or running in restricted networks (e.g. a network configured
72// with [Private Google Access with VPC Service Controls]) may want to
73/// override this default.
74/// * [with_credentials()]: by default this client uses
75/// [Application Default Credentials]. Applications using custom
76/// authentication may need to override this default.
77///
78/// [with_endpoint()]: super::builder::autokey::ClientBuilder::with_endpoint
79/// [with_credentials()]: super::builder::autokey::ClientBuilder::with_credentials
80/// [Private Google Access with VPC Service Controls]: https://cloud.google.com/vpc-service-controls/docs/private-connectivity
81/// [Application Default Credentials]: https://cloud.google.com/docs/authentication#adc
82///
83/// # Pooling and Cloning
84///
85/// `Autokey` holds a connection pool internally, it is advised to
86/// create one and reuse it. You do not need to wrap `Autokey` in
87/// an [Rc](std::rc::Rc) or [Arc](std::sync::Arc) to reuse it, because it
88/// already uses an `Arc` internally.
89#[derive(Clone, Debug)]
90pub struct Autokey {
91 inner: std::sync::Arc<dyn super::stub::dynamic::Autokey>,
92}
93
94impl Autokey {
95 /// Returns a builder for [Autokey].
96 ///
97 /// ```
98 /// # async fn sample() -> google_cloud_gax::client_builder::Result<()> {
99 /// # use google_cloud_kms_v1::client::Autokey;
100 /// let client = Autokey::builder().build().await?;
101 /// # Ok(()) }
102 /// ```
103 pub fn builder() -> super::builder::autokey::ClientBuilder {
104 crate::new_client_builder(super::builder::autokey::client::Factory)
105 }
106
107 /// Creates a new client from the provided stub.
108 ///
109 /// The most common case for calling this function is in tests mocking the
110 /// client's behavior.
111 pub fn from_stub<T>(stub: T) -> Self
112 where
113 T: super::stub::Autokey + 'static,
114 {
115 Self {
116 inner: std::sync::Arc::new(stub),
117 }
118 }
119
120 pub(crate) async fn new(
121 config: gaxi::options::ClientConfig,
122 ) -> crate::ClientBuilderResult<Self> {
123 let inner = Self::build_inner(config).await?;
124 Ok(Self { inner })
125 }
126
127 async fn build_inner(
128 conf: gaxi::options::ClientConfig,
129 ) -> crate::ClientBuilderResult<std::sync::Arc<dyn super::stub::dynamic::Autokey>> {
130 if gaxi::options::tracing_enabled(&conf) {
131 return Ok(std::sync::Arc::new(Self::build_with_tracing(conf).await?));
132 }
133 Ok(std::sync::Arc::new(Self::build_transport(conf).await?))
134 }
135
136 async fn build_transport(
137 conf: gaxi::options::ClientConfig,
138 ) -> crate::ClientBuilderResult<impl super::stub::Autokey> {
139 super::transport::Autokey::new(conf).await
140 }
141
142 async fn build_with_tracing(
143 conf: gaxi::options::ClientConfig,
144 ) -> crate::ClientBuilderResult<impl super::stub::Autokey> {
145 Self::build_transport(conf)
146 .await
147 .map(super::tracing::Autokey::new)
148 }
149
150 /// Creates a new [KeyHandle][google.cloud.kms.v1.KeyHandle], triggering the
151 /// provisioning of a new [CryptoKey][google.cloud.kms.v1.CryptoKey] for CMEK
152 /// use with the given resource type in the configured key project and the same
153 /// location. [GetOperation][google.longrunning.Operations.GetOperation] should
154 /// be used to resolve the resulting long-running operation and get the
155 /// resulting [KeyHandle][google.cloud.kms.v1.KeyHandle] and
156 /// [CryptoKey][google.cloud.kms.v1.CryptoKey].
157 ///
158 /// [google.cloud.kms.v1.CryptoKey]: crate::model::CryptoKey
159 /// [google.cloud.kms.v1.KeyHandle]: crate::model::KeyHandle
160 ///
161 /// # Long running operations
162 ///
163 /// This method is used to start, and/or poll a [long-running Operation].
164 /// The [Working with long-running operations] chapter in the [user guide]
165 /// covers these operations in detail.
166 ///
167 /// [long-running operation]: https://google.aip.dev/151
168 /// [user guide]: https://googleapis.github.io/google-cloud-rust/
169 /// [working with long-running operations]: https://googleapis.github.io/google-cloud-rust/working_with_long_running_operations.html
170 ///
171 /// # Example
172 /// ```
173 /// # use google_cloud_kms_v1::client::Autokey;
174 /// use google_cloud_lro::Poller;
175 /// use google_cloud_kms_v1::model::KeyHandle;
176 /// use google_cloud_kms_v1::Result;
177 /// async fn sample(
178 /// client: &Autokey, parent: &str
179 /// ) -> Result<()> {
180 /// let response = client.create_key_handle()
181 /// .set_parent(parent)
182 /// .set_key_handle(
183 /// KeyHandle::new()/* set fields */
184 /// )
185 /// .poller().until_done().await?;
186 /// println!("response {:?}", response);
187 /// Ok(())
188 /// }
189 /// ```
190 pub fn create_key_handle(&self) -> super::builder::autokey::CreateKeyHandle {
191 super::builder::autokey::CreateKeyHandle::new(self.inner.clone())
192 }
193
194 /// Returns the [KeyHandle][google.cloud.kms.v1.KeyHandle].
195 ///
196 /// [google.cloud.kms.v1.KeyHandle]: crate::model::KeyHandle
197 ///
198 /// # Example
199 /// ```
200 /// # use google_cloud_kms_v1::client::Autokey;
201 /// use google_cloud_kms_v1::Result;
202 /// async fn sample(
203 /// client: &Autokey, name: &str
204 /// ) -> Result<()> {
205 /// let response = client.get_key_handle()
206 /// .set_name(name)
207 /// .send().await?;
208 /// println!("response {:?}", response);
209 /// Ok(())
210 /// }
211 /// ```
212 pub fn get_key_handle(&self) -> super::builder::autokey::GetKeyHandle {
213 super::builder::autokey::GetKeyHandle::new(self.inner.clone())
214 }
215
216 /// Lists [KeyHandles][google.cloud.kms.v1.KeyHandle].
217 ///
218 /// [google.cloud.kms.v1.KeyHandle]: crate::model::KeyHandle
219 ///
220 /// # Example
221 /// ```
222 /// # use google_cloud_kms_v1::client::Autokey;
223 /// use google_cloud_gax::paginator::ItemPaginator as _;
224 /// use google_cloud_kms_v1::Result;
225 /// async fn sample(
226 /// client: &Autokey, parent: &str
227 /// ) -> Result<()> {
228 /// let mut list = client.list_key_handles()
229 /// .set_parent(parent)
230 /// .by_item();
231 /// while let Some(item) = list.next().await.transpose()? {
232 /// println!("{:?}", item);
233 /// }
234 /// Ok(())
235 /// }
236 /// ```
237 pub fn list_key_handles(&self) -> super::builder::autokey::ListKeyHandles {
238 super::builder::autokey::ListKeyHandles::new(self.inner.clone())
239 }
240
241 /// Lists information about the supported locations for this service.
242 /// This method can be called in two ways:
243 ///
244 /// * **List all public locations:** Use the path `GET /v1/locations`.
245 /// * **List project-visible locations:** Use the path
246 /// `GET /v1/projects/{project_id}/locations`. This may include public
247 /// locations as well as private or other locations specifically visible
248 /// to the project.
249 ///
250 /// # Example
251 /// ```
252 /// # use google_cloud_kms_v1::client::Autokey;
253 /// use google_cloud_gax::paginator::ItemPaginator as _;
254 /// use google_cloud_kms_v1::Result;
255 /// async fn sample(
256 /// client: &Autokey
257 /// ) -> Result<()> {
258 /// let mut list = client.list_locations()
259 /// /* set fields */
260 /// .by_item();
261 /// while let Some(item) = list.next().await.transpose()? {
262 /// println!("{:?}", item);
263 /// }
264 /// Ok(())
265 /// }
266 /// ```
267 pub fn list_locations(&self) -> super::builder::autokey::ListLocations {
268 super::builder::autokey::ListLocations::new(self.inner.clone())
269 }
270
271 /// Gets information about a location.
272 ///
273 /// # Example
274 /// ```
275 /// # use google_cloud_kms_v1::client::Autokey;
276 /// use google_cloud_kms_v1::Result;
277 /// async fn sample(
278 /// client: &Autokey
279 /// ) -> Result<()> {
280 /// let response = client.get_location()
281 /// /* set fields */
282 /// .send().await?;
283 /// println!("response {:?}", response);
284 /// Ok(())
285 /// }
286 /// ```
287 pub fn get_location(&self) -> super::builder::autokey::GetLocation {
288 super::builder::autokey::GetLocation::new(self.inner.clone())
289 }
290
291 /// Sets the access control policy on the specified resource. Replaces
292 /// any existing policy.
293 ///
294 /// Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED`
295 /// errors.
296 ///
297 /// # Example
298 /// ```
299 /// # use google_cloud_kms_v1::client::Autokey;
300 /// use google_cloud_kms_v1::Result;
301 /// async fn sample(
302 /// client: &Autokey
303 /// ) -> Result<()> {
304 /// let response = client.set_iam_policy()
305 /// /* set fields */
306 /// .send().await?;
307 /// println!("response {:?}", response);
308 /// Ok(())
309 /// }
310 /// ```
311 pub fn set_iam_policy(&self) -> super::builder::autokey::SetIamPolicy {
312 super::builder::autokey::SetIamPolicy::new(self.inner.clone())
313 }
314
315 /// Gets the access control policy for a resource. Returns an empty policy
316 /// if the resource exists and does not have a policy set.
317 ///
318 /// # Example
319 /// ```
320 /// # use google_cloud_kms_v1::client::Autokey;
321 /// use google_cloud_kms_v1::Result;
322 /// async fn sample(
323 /// client: &Autokey
324 /// ) -> Result<()> {
325 /// let response = client.get_iam_policy()
326 /// /* set fields */
327 /// .send().await?;
328 /// println!("response {:?}", response);
329 /// Ok(())
330 /// }
331 /// ```
332 pub fn get_iam_policy(&self) -> super::builder::autokey::GetIamPolicy {
333 super::builder::autokey::GetIamPolicy::new(self.inner.clone())
334 }
335
336 /// Returns permissions that a caller has on the specified resource. If the
337 /// resource does not exist, this will return an empty set of
338 /// permissions, not a `NOT_FOUND` error.
339 ///
340 /// Note: This operation is designed to be used for building
341 /// permission-aware UIs and command-line tools, not for authorization
342 /// checking. This operation may "fail open" without warning.
343 ///
344 /// # Example
345 /// ```
346 /// # use google_cloud_kms_v1::client::Autokey;
347 /// use google_cloud_kms_v1::Result;
348 /// async fn sample(
349 /// client: &Autokey
350 /// ) -> Result<()> {
351 /// let response = client.test_iam_permissions()
352 /// /* set fields */
353 /// .send().await?;
354 /// println!("response {:?}", response);
355 /// Ok(())
356 /// }
357 /// ```
358 pub fn test_iam_permissions(&self) -> super::builder::autokey::TestIamPermissions {
359 super::builder::autokey::TestIamPermissions::new(self.inner.clone())
360 }
361
362 /// Provides the [Operations][google.longrunning.Operations] service functionality in this service.
363 ///
364 /// [google.longrunning.Operations]: google-cloud-longrunning::client::Operations
365 ///
366 /// # Example
367 /// ```
368 /// # use google_cloud_kms_v1::client::Autokey;
369 /// use google_cloud_kms_v1::Result;
370 /// async fn sample(
371 /// client: &Autokey
372 /// ) -> Result<()> {
373 /// let response = client.get_operation()
374 /// /* set fields */
375 /// .send().await?;
376 /// println!("response {:?}", response);
377 /// Ok(())
378 /// }
379 /// ```
380 pub fn get_operation(&self) -> super::builder::autokey::GetOperation {
381 super::builder::autokey::GetOperation::new(self.inner.clone())
382 }
383}
384
385/// Implements a client for the Cloud Key Management Service (KMS) API.
386///
387/// # Example
388/// ```
389/// # use google_cloud_kms_v1::client::AutokeyAdmin;
390/// # async fn sample() -> Result<(), Box<dyn std::error::Error>> {
391/// let client = AutokeyAdmin::builder().build().await?;
392/// let name = "name_value";
393/// let response = client.get_autokey_config()
394/// .set_name(name)
395/// .send().await?;
396/// println!("response {:?}", response);
397/// # Ok(()) }
398/// ```
399///
400/// # Service Description
401///
402/// Provides interfaces for managing [Cloud KMS
403/// Autokey](https://cloud.google.com/kms/help/autokey) folder-level or
404/// project-level configurations. A configuration is inherited by all descendent
405/// folders and projects. A configuration at a folder or project overrides any
406/// other configurations in its ancestry. Setting a configuration on a folder is
407/// a prerequisite for Cloud KMS Autokey, so that users working in a descendant
408/// project can request provisioned [CryptoKeys][google.cloud.kms.v1.CryptoKey],
409/// ready for Customer Managed Encryption Key (CMEK) use, on-demand when using
410/// the dedicated key project mode. This is not required when using the delegated
411/// key management mode for same-project keys.
412///
413/// [google.cloud.kms.v1.CryptoKey]: crate::model::CryptoKey
414///
415/// # Configuration
416///
417/// To configure `AutokeyAdmin` use the `with_*` methods in the type returned
418/// by [builder()][AutokeyAdmin::builder]. The default configuration should
419/// work for most applications. Common configuration changes include
420///
421/// * [with_endpoint()]: by default this client uses the global default endpoint
422/// (`https://cloudkms.googleapis.com`). Applications using regional
423/// endpoints or running in restricted networks (e.g. a network configured
424// with [Private Google Access with VPC Service Controls]) may want to
425/// override this default.
426/// * [with_credentials()]: by default this client uses
427/// [Application Default Credentials]. Applications using custom
428/// authentication may need to override this default.
429///
430/// [with_endpoint()]: super::builder::autokey_admin::ClientBuilder::with_endpoint
431/// [with_credentials()]: super::builder::autokey_admin::ClientBuilder::with_credentials
432/// [Private Google Access with VPC Service Controls]: https://cloud.google.com/vpc-service-controls/docs/private-connectivity
433/// [Application Default Credentials]: https://cloud.google.com/docs/authentication#adc
434///
435/// # Pooling and Cloning
436///
437/// `AutokeyAdmin` holds a connection pool internally, it is advised to
438/// create one and reuse it. You do not need to wrap `AutokeyAdmin` in
439/// an [Rc](std::rc::Rc) or [Arc](std::sync::Arc) to reuse it, because it
440/// already uses an `Arc` internally.
441#[derive(Clone, Debug)]
442pub struct AutokeyAdmin {
443 inner: std::sync::Arc<dyn super::stub::dynamic::AutokeyAdmin>,
444}
445
446impl AutokeyAdmin {
447 /// Returns a builder for [AutokeyAdmin].
448 ///
449 /// ```
450 /// # async fn sample() -> google_cloud_gax::client_builder::Result<()> {
451 /// # use google_cloud_kms_v1::client::AutokeyAdmin;
452 /// let client = AutokeyAdmin::builder().build().await?;
453 /// # Ok(()) }
454 /// ```
455 pub fn builder() -> super::builder::autokey_admin::ClientBuilder {
456 crate::new_client_builder(super::builder::autokey_admin::client::Factory)
457 }
458
459 /// Creates a new client from the provided stub.
460 ///
461 /// The most common case for calling this function is in tests mocking the
462 /// client's behavior.
463 pub fn from_stub<T>(stub: T) -> Self
464 where
465 T: super::stub::AutokeyAdmin + 'static,
466 {
467 Self {
468 inner: std::sync::Arc::new(stub),
469 }
470 }
471
472 pub(crate) async fn new(
473 config: gaxi::options::ClientConfig,
474 ) -> crate::ClientBuilderResult<Self> {
475 let inner = Self::build_inner(config).await?;
476 Ok(Self { inner })
477 }
478
479 async fn build_inner(
480 conf: gaxi::options::ClientConfig,
481 ) -> crate::ClientBuilderResult<std::sync::Arc<dyn super::stub::dynamic::AutokeyAdmin>> {
482 if gaxi::options::tracing_enabled(&conf) {
483 return Ok(std::sync::Arc::new(Self::build_with_tracing(conf).await?));
484 }
485 Ok(std::sync::Arc::new(Self::build_transport(conf).await?))
486 }
487
488 async fn build_transport(
489 conf: gaxi::options::ClientConfig,
490 ) -> crate::ClientBuilderResult<impl super::stub::AutokeyAdmin> {
491 super::transport::AutokeyAdmin::new(conf).await
492 }
493
494 async fn build_with_tracing(
495 conf: gaxi::options::ClientConfig,
496 ) -> crate::ClientBuilderResult<impl super::stub::AutokeyAdmin> {
497 Self::build_transport(conf)
498 .await
499 .map(super::tracing::AutokeyAdmin::new)
500 }
501
502 /// Updates the [AutokeyConfig][google.cloud.kms.v1.AutokeyConfig] for a folder
503 /// or a project. The caller must have both `cloudkms.autokeyConfigs.update`
504 /// permission on the parent folder and `cloudkms.cryptoKeys.setIamPolicy`
505 /// permission on the provided key project. A
506 /// [KeyHandle][google.cloud.kms.v1.KeyHandle] creation in the folder's
507 /// descendant projects will use this configuration to determine where to
508 /// create the resulting [CryptoKey][google.cloud.kms.v1.CryptoKey].
509 ///
510 /// [google.cloud.kms.v1.AutokeyConfig]: crate::model::AutokeyConfig
511 /// [google.cloud.kms.v1.CryptoKey]: crate::model::CryptoKey
512 /// [google.cloud.kms.v1.KeyHandle]: crate::model::KeyHandle
513 ///
514 /// # Example
515 /// ```
516 /// # use google_cloud_kms_v1::client::AutokeyAdmin;
517 /// # extern crate wkt as google_cloud_wkt;
518 /// use google_cloud_wkt::FieldMask;
519 /// use google_cloud_kms_v1::model::AutokeyConfig;
520 /// use google_cloud_kms_v1::Result;
521 /// async fn sample(
522 /// client: &AutokeyAdmin, name: &str
523 /// ) -> Result<()> {
524 /// let response = client.update_autokey_config()
525 /// .set_autokey_config(
526 /// AutokeyConfig::new().set_name(name)/* set fields */
527 /// )
528 /// .set_update_mask(FieldMask::default().set_paths(["updated.field.path1", "updated.field.path2"]))
529 /// .send().await?;
530 /// println!("response {:?}", response);
531 /// Ok(())
532 /// }
533 /// ```
534 pub fn update_autokey_config(&self) -> super::builder::autokey_admin::UpdateAutokeyConfig {
535 super::builder::autokey_admin::UpdateAutokeyConfig::new(self.inner.clone())
536 }
537
538 /// Returns the [AutokeyConfig][google.cloud.kms.v1.AutokeyConfig] for a folder
539 /// or project.
540 ///
541 /// [google.cloud.kms.v1.AutokeyConfig]: crate::model::AutokeyConfig
542 ///
543 /// # Example
544 /// ```
545 /// # use google_cloud_kms_v1::client::AutokeyAdmin;
546 /// use google_cloud_kms_v1::Result;
547 /// async fn sample(
548 /// client: &AutokeyAdmin, name: &str
549 /// ) -> Result<()> {
550 /// let response = client.get_autokey_config()
551 /// .set_name(name)
552 /// .send().await?;
553 /// println!("response {:?}", response);
554 /// Ok(())
555 /// }
556 /// ```
557 pub fn get_autokey_config(&self) -> super::builder::autokey_admin::GetAutokeyConfig {
558 super::builder::autokey_admin::GetAutokeyConfig::new(self.inner.clone())
559 }
560
561 /// Returns the effective Cloud KMS Autokey configuration for a given project.
562 ///
563 /// # Example
564 /// ```
565 /// # use google_cloud_kms_v1::client::AutokeyAdmin;
566 /// use google_cloud_kms_v1::Result;
567 /// async fn sample(
568 /// client: &AutokeyAdmin
569 /// ) -> Result<()> {
570 /// let response = client.show_effective_autokey_config()
571 /// /* set fields */
572 /// .send().await?;
573 /// println!("response {:?}", response);
574 /// Ok(())
575 /// }
576 /// ```
577 pub fn show_effective_autokey_config(
578 &self,
579 ) -> super::builder::autokey_admin::ShowEffectiveAutokeyConfig {
580 super::builder::autokey_admin::ShowEffectiveAutokeyConfig::new(self.inner.clone())
581 }
582
583 /// Lists information about the supported locations for this service.
584 /// This method can be called in two ways:
585 ///
586 /// * **List all public locations:** Use the path `GET /v1/locations`.
587 /// * **List project-visible locations:** Use the path
588 /// `GET /v1/projects/{project_id}/locations`. This may include public
589 /// locations as well as private or other locations specifically visible
590 /// to the project.
591 ///
592 /// # Example
593 /// ```
594 /// # use google_cloud_kms_v1::client::AutokeyAdmin;
595 /// use google_cloud_gax::paginator::ItemPaginator as _;
596 /// use google_cloud_kms_v1::Result;
597 /// async fn sample(
598 /// client: &AutokeyAdmin
599 /// ) -> Result<()> {
600 /// let mut list = client.list_locations()
601 /// /* set fields */
602 /// .by_item();
603 /// while let Some(item) = list.next().await.transpose()? {
604 /// println!("{:?}", item);
605 /// }
606 /// Ok(())
607 /// }
608 /// ```
609 pub fn list_locations(&self) -> super::builder::autokey_admin::ListLocations {
610 super::builder::autokey_admin::ListLocations::new(self.inner.clone())
611 }
612
613 /// Gets information about a location.
614 ///
615 /// # Example
616 /// ```
617 /// # use google_cloud_kms_v1::client::AutokeyAdmin;
618 /// use google_cloud_kms_v1::Result;
619 /// async fn sample(
620 /// client: &AutokeyAdmin
621 /// ) -> Result<()> {
622 /// let response = client.get_location()
623 /// /* set fields */
624 /// .send().await?;
625 /// println!("response {:?}", response);
626 /// Ok(())
627 /// }
628 /// ```
629 pub fn get_location(&self) -> super::builder::autokey_admin::GetLocation {
630 super::builder::autokey_admin::GetLocation::new(self.inner.clone())
631 }
632
633 /// Sets the access control policy on the specified resource. Replaces
634 /// any existing policy.
635 ///
636 /// Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED`
637 /// errors.
638 ///
639 /// # Example
640 /// ```
641 /// # use google_cloud_kms_v1::client::AutokeyAdmin;
642 /// use google_cloud_kms_v1::Result;
643 /// async fn sample(
644 /// client: &AutokeyAdmin
645 /// ) -> Result<()> {
646 /// let response = client.set_iam_policy()
647 /// /* set fields */
648 /// .send().await?;
649 /// println!("response {:?}", response);
650 /// Ok(())
651 /// }
652 /// ```
653 pub fn set_iam_policy(&self) -> super::builder::autokey_admin::SetIamPolicy {
654 super::builder::autokey_admin::SetIamPolicy::new(self.inner.clone())
655 }
656
657 /// Gets the access control policy for a resource. Returns an empty policy
658 /// if the resource exists and does not have a policy set.
659 ///
660 /// # Example
661 /// ```
662 /// # use google_cloud_kms_v1::client::AutokeyAdmin;
663 /// use google_cloud_kms_v1::Result;
664 /// async fn sample(
665 /// client: &AutokeyAdmin
666 /// ) -> Result<()> {
667 /// let response = client.get_iam_policy()
668 /// /* set fields */
669 /// .send().await?;
670 /// println!("response {:?}", response);
671 /// Ok(())
672 /// }
673 /// ```
674 pub fn get_iam_policy(&self) -> super::builder::autokey_admin::GetIamPolicy {
675 super::builder::autokey_admin::GetIamPolicy::new(self.inner.clone())
676 }
677
678 /// Returns permissions that a caller has on the specified resource. If the
679 /// resource does not exist, this will return an empty set of
680 /// permissions, not a `NOT_FOUND` error.
681 ///
682 /// Note: This operation is designed to be used for building
683 /// permission-aware UIs and command-line tools, not for authorization
684 /// checking. This operation may "fail open" without warning.
685 ///
686 /// # Example
687 /// ```
688 /// # use google_cloud_kms_v1::client::AutokeyAdmin;
689 /// use google_cloud_kms_v1::Result;
690 /// async fn sample(
691 /// client: &AutokeyAdmin
692 /// ) -> Result<()> {
693 /// let response = client.test_iam_permissions()
694 /// /* set fields */
695 /// .send().await?;
696 /// println!("response {:?}", response);
697 /// Ok(())
698 /// }
699 /// ```
700 pub fn test_iam_permissions(&self) -> super::builder::autokey_admin::TestIamPermissions {
701 super::builder::autokey_admin::TestIamPermissions::new(self.inner.clone())
702 }
703
704 /// Provides the [Operations][google.longrunning.Operations] service functionality in this service.
705 ///
706 /// [google.longrunning.Operations]: google-cloud-longrunning::client::Operations
707 ///
708 /// # Example
709 /// ```
710 /// # use google_cloud_kms_v1::client::AutokeyAdmin;
711 /// use google_cloud_kms_v1::Result;
712 /// async fn sample(
713 /// client: &AutokeyAdmin
714 /// ) -> Result<()> {
715 /// let response = client.get_operation()
716 /// /* set fields */
717 /// .send().await?;
718 /// println!("response {:?}", response);
719 /// Ok(())
720 /// }
721 /// ```
722 pub fn get_operation(&self) -> super::builder::autokey_admin::GetOperation {
723 super::builder::autokey_admin::GetOperation::new(self.inner.clone())
724 }
725}
726
727/// Implements a client for the Cloud Key Management Service (KMS) API.
728///
729/// # Example
730/// ```
731/// # use google_cloud_kms_v1::client::EkmService;
732/// use google_cloud_gax::paginator::ItemPaginator as _;
733/// # async fn sample() -> Result<(), Box<dyn std::error::Error>> {
734/// let client = EkmService::builder().build().await?;
735/// let parent = "parent_value";
736/// let mut list = client.list_ekm_connections()
737/// .set_parent(parent)
738/// .by_item();
739/// while let Some(item) = list.next().await.transpose()? {
740/// println!("{:?}", item);
741/// }
742/// # Ok(()) }
743/// ```
744///
745/// # Service Description
746///
747/// Google Cloud Key Management EKM Service
748///
749/// Manages external cryptographic keys and operations using those keys.
750/// Implements a REST model with the following objects:
751///
752/// * [EkmConnection][google.cloud.kms.v1.EkmConnection]
753///
754/// [google.cloud.kms.v1.EkmConnection]: crate::model::EkmConnection
755///
756/// # Configuration
757///
758/// To configure `EkmService` use the `with_*` methods in the type returned
759/// by [builder()][EkmService::builder]. The default configuration should
760/// work for most applications. Common configuration changes include
761///
762/// * [with_endpoint()]: by default this client uses the global default endpoint
763/// (`https://cloudkms.googleapis.com`). Applications using regional
764/// endpoints or running in restricted networks (e.g. a network configured
765// with [Private Google Access with VPC Service Controls]) may want to
766/// override this default.
767/// * [with_credentials()]: by default this client uses
768/// [Application Default Credentials]. Applications using custom
769/// authentication may need to override this default.
770///
771/// [with_endpoint()]: super::builder::ekm_service::ClientBuilder::with_endpoint
772/// [with_credentials()]: super::builder::ekm_service::ClientBuilder::with_credentials
773/// [Private Google Access with VPC Service Controls]: https://cloud.google.com/vpc-service-controls/docs/private-connectivity
774/// [Application Default Credentials]: https://cloud.google.com/docs/authentication#adc
775///
776/// # Pooling and Cloning
777///
778/// `EkmService` holds a connection pool internally, it is advised to
779/// create one and reuse it. You do not need to wrap `EkmService` in
780/// an [Rc](std::rc::Rc) or [Arc](std::sync::Arc) to reuse it, because it
781/// already uses an `Arc` internally.
782#[derive(Clone, Debug)]
783pub struct EkmService {
784 inner: std::sync::Arc<dyn super::stub::dynamic::EkmService>,
785}
786
787impl EkmService {
788 /// Returns a builder for [EkmService].
789 ///
790 /// ```
791 /// # async fn sample() -> google_cloud_gax::client_builder::Result<()> {
792 /// # use google_cloud_kms_v1::client::EkmService;
793 /// let client = EkmService::builder().build().await?;
794 /// # Ok(()) }
795 /// ```
796 pub fn builder() -> super::builder::ekm_service::ClientBuilder {
797 crate::new_client_builder(super::builder::ekm_service::client::Factory)
798 }
799
800 /// Creates a new client from the provided stub.
801 ///
802 /// The most common case for calling this function is in tests mocking the
803 /// client's behavior.
804 pub fn from_stub<T>(stub: T) -> Self
805 where
806 T: super::stub::EkmService + 'static,
807 {
808 Self {
809 inner: std::sync::Arc::new(stub),
810 }
811 }
812
813 pub(crate) async fn new(
814 config: gaxi::options::ClientConfig,
815 ) -> crate::ClientBuilderResult<Self> {
816 let inner = Self::build_inner(config).await?;
817 Ok(Self { inner })
818 }
819
820 async fn build_inner(
821 conf: gaxi::options::ClientConfig,
822 ) -> crate::ClientBuilderResult<std::sync::Arc<dyn super::stub::dynamic::EkmService>> {
823 if gaxi::options::tracing_enabled(&conf) {
824 return Ok(std::sync::Arc::new(Self::build_with_tracing(conf).await?));
825 }
826 Ok(std::sync::Arc::new(Self::build_transport(conf).await?))
827 }
828
829 async fn build_transport(
830 conf: gaxi::options::ClientConfig,
831 ) -> crate::ClientBuilderResult<impl super::stub::EkmService> {
832 super::transport::EkmService::new(conf).await
833 }
834
835 async fn build_with_tracing(
836 conf: gaxi::options::ClientConfig,
837 ) -> crate::ClientBuilderResult<impl super::stub::EkmService> {
838 Self::build_transport(conf)
839 .await
840 .map(super::tracing::EkmService::new)
841 }
842
843 /// Lists [EkmConnections][google.cloud.kms.v1.EkmConnection].
844 ///
845 /// [google.cloud.kms.v1.EkmConnection]: crate::model::EkmConnection
846 ///
847 /// # Example
848 /// ```
849 /// # use google_cloud_kms_v1::client::EkmService;
850 /// use google_cloud_gax::paginator::ItemPaginator as _;
851 /// use google_cloud_kms_v1::Result;
852 /// async fn sample(
853 /// client: &EkmService, parent: &str
854 /// ) -> Result<()> {
855 /// let mut list = client.list_ekm_connections()
856 /// .set_parent(parent)
857 /// .by_item();
858 /// while let Some(item) = list.next().await.transpose()? {
859 /// println!("{:?}", item);
860 /// }
861 /// Ok(())
862 /// }
863 /// ```
864 pub fn list_ekm_connections(&self) -> super::builder::ekm_service::ListEkmConnections {
865 super::builder::ekm_service::ListEkmConnections::new(self.inner.clone())
866 }
867
868 /// Returns metadata for a given
869 /// [EkmConnection][google.cloud.kms.v1.EkmConnection].
870 ///
871 /// [google.cloud.kms.v1.EkmConnection]: crate::model::EkmConnection
872 ///
873 /// # Example
874 /// ```
875 /// # use google_cloud_kms_v1::client::EkmService;
876 /// use google_cloud_kms_v1::Result;
877 /// async fn sample(
878 /// client: &EkmService, name: &str
879 /// ) -> Result<()> {
880 /// let response = client.get_ekm_connection()
881 /// .set_name(name)
882 /// .send().await?;
883 /// println!("response {:?}", response);
884 /// Ok(())
885 /// }
886 /// ```
887 pub fn get_ekm_connection(&self) -> super::builder::ekm_service::GetEkmConnection {
888 super::builder::ekm_service::GetEkmConnection::new(self.inner.clone())
889 }
890
891 /// Creates a new [EkmConnection][google.cloud.kms.v1.EkmConnection] in a given
892 /// Project and Location.
893 ///
894 /// [google.cloud.kms.v1.EkmConnection]: crate::model::EkmConnection
895 ///
896 /// # Example
897 /// ```
898 /// # use google_cloud_kms_v1::client::EkmService;
899 /// use google_cloud_kms_v1::model::EkmConnection;
900 /// use google_cloud_kms_v1::Result;
901 /// async fn sample(
902 /// client: &EkmService, parent: &str
903 /// ) -> Result<()> {
904 /// let response = client.create_ekm_connection()
905 /// .set_parent(parent)
906 /// .set_ekm_connection(
907 /// EkmConnection::new()/* set fields */
908 /// )
909 /// .send().await?;
910 /// println!("response {:?}", response);
911 /// Ok(())
912 /// }
913 /// ```
914 pub fn create_ekm_connection(&self) -> super::builder::ekm_service::CreateEkmConnection {
915 super::builder::ekm_service::CreateEkmConnection::new(self.inner.clone())
916 }
917
918 /// Updates an [EkmConnection][google.cloud.kms.v1.EkmConnection]'s metadata.
919 ///
920 /// [google.cloud.kms.v1.EkmConnection]: crate::model::EkmConnection
921 ///
922 /// # Example
923 /// ```
924 /// # use google_cloud_kms_v1::client::EkmService;
925 /// # extern crate wkt as google_cloud_wkt;
926 /// use google_cloud_wkt::FieldMask;
927 /// use google_cloud_kms_v1::model::EkmConnection;
928 /// use google_cloud_kms_v1::Result;
929 /// async fn sample(
930 /// client: &EkmService, name: &str
931 /// ) -> Result<()> {
932 /// let response = client.update_ekm_connection()
933 /// .set_ekm_connection(
934 /// EkmConnection::new().set_name(name)/* set fields */
935 /// )
936 /// .set_update_mask(FieldMask::default().set_paths(["updated.field.path1", "updated.field.path2"]))
937 /// .send().await?;
938 /// println!("response {:?}", response);
939 /// Ok(())
940 /// }
941 /// ```
942 pub fn update_ekm_connection(&self) -> super::builder::ekm_service::UpdateEkmConnection {
943 super::builder::ekm_service::UpdateEkmConnection::new(self.inner.clone())
944 }
945
946 /// Returns the [EkmConfig][google.cloud.kms.v1.EkmConfig] singleton resource
947 /// for a given project and location.
948 ///
949 /// [google.cloud.kms.v1.EkmConfig]: crate::model::EkmConfig
950 ///
951 /// # Example
952 /// ```
953 /// # use google_cloud_kms_v1::client::EkmService;
954 /// use google_cloud_kms_v1::Result;
955 /// async fn sample(
956 /// client: &EkmService, name: &str
957 /// ) -> Result<()> {
958 /// let response = client.get_ekm_config()
959 /// .set_name(name)
960 /// .send().await?;
961 /// println!("response {:?}", response);
962 /// Ok(())
963 /// }
964 /// ```
965 pub fn get_ekm_config(&self) -> super::builder::ekm_service::GetEkmConfig {
966 super::builder::ekm_service::GetEkmConfig::new(self.inner.clone())
967 }
968
969 /// Updates the [EkmConfig][google.cloud.kms.v1.EkmConfig] singleton resource
970 /// for a given project and location.
971 ///
972 /// [google.cloud.kms.v1.EkmConfig]: crate::model::EkmConfig
973 ///
974 /// # Example
975 /// ```
976 /// # use google_cloud_kms_v1::client::EkmService;
977 /// # extern crate wkt as google_cloud_wkt;
978 /// use google_cloud_wkt::FieldMask;
979 /// use google_cloud_kms_v1::model::EkmConfig;
980 /// use google_cloud_kms_v1::Result;
981 /// async fn sample(
982 /// client: &EkmService, name: &str
983 /// ) -> Result<()> {
984 /// let response = client.update_ekm_config()
985 /// .set_ekm_config(
986 /// EkmConfig::new().set_name(name)/* set fields */
987 /// )
988 /// .set_update_mask(FieldMask::default().set_paths(["updated.field.path1", "updated.field.path2"]))
989 /// .send().await?;
990 /// println!("response {:?}", response);
991 /// Ok(())
992 /// }
993 /// ```
994 pub fn update_ekm_config(&self) -> super::builder::ekm_service::UpdateEkmConfig {
995 super::builder::ekm_service::UpdateEkmConfig::new(self.inner.clone())
996 }
997
998 /// Verifies that Cloud KMS can successfully connect to the external key
999 /// manager specified by an [EkmConnection][google.cloud.kms.v1.EkmConnection].
1000 /// If there is an error connecting to the EKM, this method returns a
1001 /// FAILED_PRECONDITION status containing structured information as described
1002 /// at <https://cloud.google.com/kms/docs/reference/ekm_errors>.
1003 ///
1004 /// [google.cloud.kms.v1.EkmConnection]: crate::model::EkmConnection
1005 ///
1006 /// # Example
1007 /// ```
1008 /// # use google_cloud_kms_v1::client::EkmService;
1009 /// use google_cloud_kms_v1::Result;
1010 /// async fn sample(
1011 /// client: &EkmService
1012 /// ) -> Result<()> {
1013 /// let response = client.verify_connectivity()
1014 /// /* set fields */
1015 /// .send().await?;
1016 /// println!("response {:?}", response);
1017 /// Ok(())
1018 /// }
1019 /// ```
1020 pub fn verify_connectivity(&self) -> super::builder::ekm_service::VerifyConnectivity {
1021 super::builder::ekm_service::VerifyConnectivity::new(self.inner.clone())
1022 }
1023
1024 /// Lists information about the supported locations for this service.
1025 /// This method can be called in two ways:
1026 ///
1027 /// * **List all public locations:** Use the path `GET /v1/locations`.
1028 /// * **List project-visible locations:** Use the path
1029 /// `GET /v1/projects/{project_id}/locations`. This may include public
1030 /// locations as well as private or other locations specifically visible
1031 /// to the project.
1032 ///
1033 /// # Example
1034 /// ```
1035 /// # use google_cloud_kms_v1::client::EkmService;
1036 /// use google_cloud_gax::paginator::ItemPaginator as _;
1037 /// use google_cloud_kms_v1::Result;
1038 /// async fn sample(
1039 /// client: &EkmService
1040 /// ) -> Result<()> {
1041 /// let mut list = client.list_locations()
1042 /// /* set fields */
1043 /// .by_item();
1044 /// while let Some(item) = list.next().await.transpose()? {
1045 /// println!("{:?}", item);
1046 /// }
1047 /// Ok(())
1048 /// }
1049 /// ```
1050 pub fn list_locations(&self) -> super::builder::ekm_service::ListLocations {
1051 super::builder::ekm_service::ListLocations::new(self.inner.clone())
1052 }
1053
1054 /// Gets information about a location.
1055 ///
1056 /// # Example
1057 /// ```
1058 /// # use google_cloud_kms_v1::client::EkmService;
1059 /// use google_cloud_kms_v1::Result;
1060 /// async fn sample(
1061 /// client: &EkmService
1062 /// ) -> Result<()> {
1063 /// let response = client.get_location()
1064 /// /* set fields */
1065 /// .send().await?;
1066 /// println!("response {:?}", response);
1067 /// Ok(())
1068 /// }
1069 /// ```
1070 pub fn get_location(&self) -> super::builder::ekm_service::GetLocation {
1071 super::builder::ekm_service::GetLocation::new(self.inner.clone())
1072 }
1073
1074 /// Sets the access control policy on the specified resource. Replaces
1075 /// any existing policy.
1076 ///
1077 /// Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED`
1078 /// errors.
1079 ///
1080 /// # Example
1081 /// ```
1082 /// # use google_cloud_kms_v1::client::EkmService;
1083 /// use google_cloud_kms_v1::Result;
1084 /// async fn sample(
1085 /// client: &EkmService
1086 /// ) -> Result<()> {
1087 /// let response = client.set_iam_policy()
1088 /// /* set fields */
1089 /// .send().await?;
1090 /// println!("response {:?}", response);
1091 /// Ok(())
1092 /// }
1093 /// ```
1094 pub fn set_iam_policy(&self) -> super::builder::ekm_service::SetIamPolicy {
1095 super::builder::ekm_service::SetIamPolicy::new(self.inner.clone())
1096 }
1097
1098 /// Gets the access control policy for a resource. Returns an empty policy
1099 /// if the resource exists and does not have a policy set.
1100 ///
1101 /// # Example
1102 /// ```
1103 /// # use google_cloud_kms_v1::client::EkmService;
1104 /// use google_cloud_kms_v1::Result;
1105 /// async fn sample(
1106 /// client: &EkmService
1107 /// ) -> Result<()> {
1108 /// let response = client.get_iam_policy()
1109 /// /* set fields */
1110 /// .send().await?;
1111 /// println!("response {:?}", response);
1112 /// Ok(())
1113 /// }
1114 /// ```
1115 pub fn get_iam_policy(&self) -> super::builder::ekm_service::GetIamPolicy {
1116 super::builder::ekm_service::GetIamPolicy::new(self.inner.clone())
1117 }
1118
1119 /// Returns permissions that a caller has on the specified resource. If the
1120 /// resource does not exist, this will return an empty set of
1121 /// permissions, not a `NOT_FOUND` error.
1122 ///
1123 /// Note: This operation is designed to be used for building
1124 /// permission-aware UIs and command-line tools, not for authorization
1125 /// checking. This operation may "fail open" without warning.
1126 ///
1127 /// # Example
1128 /// ```
1129 /// # use google_cloud_kms_v1::client::EkmService;
1130 /// use google_cloud_kms_v1::Result;
1131 /// async fn sample(
1132 /// client: &EkmService
1133 /// ) -> Result<()> {
1134 /// let response = client.test_iam_permissions()
1135 /// /* set fields */
1136 /// .send().await?;
1137 /// println!("response {:?}", response);
1138 /// Ok(())
1139 /// }
1140 /// ```
1141 pub fn test_iam_permissions(&self) -> super::builder::ekm_service::TestIamPermissions {
1142 super::builder::ekm_service::TestIamPermissions::new(self.inner.clone())
1143 }
1144
1145 /// Provides the [Operations][google.longrunning.Operations] service functionality in this service.
1146 ///
1147 /// [google.longrunning.Operations]: google-cloud-longrunning::client::Operations
1148 ///
1149 /// # Example
1150 /// ```
1151 /// # use google_cloud_kms_v1::client::EkmService;
1152 /// use google_cloud_kms_v1::Result;
1153 /// async fn sample(
1154 /// client: &EkmService
1155 /// ) -> Result<()> {
1156 /// let response = client.get_operation()
1157 /// /* set fields */
1158 /// .send().await?;
1159 /// println!("response {:?}", response);
1160 /// Ok(())
1161 /// }
1162 /// ```
1163 pub fn get_operation(&self) -> super::builder::ekm_service::GetOperation {
1164 super::builder::ekm_service::GetOperation::new(self.inner.clone())
1165 }
1166}
1167
1168/// Implements a client for the Cloud Key Management Service (KMS) API.
1169///
1170/// # Example
1171/// ```
1172/// # use google_cloud_kms_v1::client::HsmManagement;
1173/// use google_cloud_gax::paginator::ItemPaginator as _;
1174/// # async fn sample() -> Result<(), Box<dyn std::error::Error>> {
1175/// let client = HsmManagement::builder().build().await?;
1176/// let parent = "parent_value";
1177/// let mut list = client.list_single_tenant_hsm_instances()
1178/// .set_parent(parent)
1179/// .by_item();
1180/// while let Some(item) = list.next().await.transpose()? {
1181/// println!("{:?}", item);
1182/// }
1183/// # Ok(()) }
1184/// ```
1185///
1186/// # Service Description
1187///
1188/// Google Cloud HSM Management Service
1189///
1190/// Provides interfaces for managing HSM instances.
1191///
1192/// Implements a REST model with the following objects:
1193///
1194/// * [SingleTenantHsmInstance][google.cloud.kms.v1.SingleTenantHsmInstance]
1195/// * [SingleTenantHsmInstanceProposal][google.cloud.kms.v1.SingleTenantHsmInstanceProposal]
1196///
1197/// [google.cloud.kms.v1.SingleTenantHsmInstance]: crate::model::SingleTenantHsmInstance
1198/// [google.cloud.kms.v1.SingleTenantHsmInstanceProposal]: crate::model::SingleTenantHsmInstanceProposal
1199///
1200/// # Configuration
1201///
1202/// To configure `HsmManagement` use the `with_*` methods in the type returned
1203/// by [builder()][HsmManagement::builder]. The default configuration should
1204/// work for most applications. Common configuration changes include
1205///
1206/// * [with_endpoint()]: by default this client uses the global default endpoint
1207/// (`https://cloudkms.googleapis.com`). Applications using regional
1208/// endpoints or running in restricted networks (e.g. a network configured
1209// with [Private Google Access with VPC Service Controls]) may want to
1210/// override this default.
1211/// * [with_credentials()]: by default this client uses
1212/// [Application Default Credentials]. Applications using custom
1213/// authentication may need to override this default.
1214///
1215/// [with_endpoint()]: super::builder::hsm_management::ClientBuilder::with_endpoint
1216/// [with_credentials()]: super::builder::hsm_management::ClientBuilder::with_credentials
1217/// [Private Google Access with VPC Service Controls]: https://cloud.google.com/vpc-service-controls/docs/private-connectivity
1218/// [Application Default Credentials]: https://cloud.google.com/docs/authentication#adc
1219///
1220/// # Pooling and Cloning
1221///
1222/// `HsmManagement` holds a connection pool internally, it is advised to
1223/// create one and reuse it. You do not need to wrap `HsmManagement` in
1224/// an [Rc](std::rc::Rc) or [Arc](std::sync::Arc) to reuse it, because it
1225/// already uses an `Arc` internally.
1226#[derive(Clone, Debug)]
1227pub struct HsmManagement {
1228 inner: std::sync::Arc<dyn super::stub::dynamic::HsmManagement>,
1229}
1230
1231impl HsmManagement {
1232 /// Returns a builder for [HsmManagement].
1233 ///
1234 /// ```
1235 /// # async fn sample() -> google_cloud_gax::client_builder::Result<()> {
1236 /// # use google_cloud_kms_v1::client::HsmManagement;
1237 /// let client = HsmManagement::builder().build().await?;
1238 /// # Ok(()) }
1239 /// ```
1240 pub fn builder() -> super::builder::hsm_management::ClientBuilder {
1241 crate::new_client_builder(super::builder::hsm_management::client::Factory)
1242 }
1243
1244 /// Creates a new client from the provided stub.
1245 ///
1246 /// The most common case for calling this function is in tests mocking the
1247 /// client's behavior.
1248 pub fn from_stub<T>(stub: T) -> Self
1249 where
1250 T: super::stub::HsmManagement + 'static,
1251 {
1252 Self {
1253 inner: std::sync::Arc::new(stub),
1254 }
1255 }
1256
1257 pub(crate) async fn new(
1258 config: gaxi::options::ClientConfig,
1259 ) -> crate::ClientBuilderResult<Self> {
1260 let inner = Self::build_inner(config).await?;
1261 Ok(Self { inner })
1262 }
1263
1264 async fn build_inner(
1265 conf: gaxi::options::ClientConfig,
1266 ) -> crate::ClientBuilderResult<std::sync::Arc<dyn super::stub::dynamic::HsmManagement>> {
1267 if gaxi::options::tracing_enabled(&conf) {
1268 return Ok(std::sync::Arc::new(Self::build_with_tracing(conf).await?));
1269 }
1270 Ok(std::sync::Arc::new(Self::build_transport(conf).await?))
1271 }
1272
1273 async fn build_transport(
1274 conf: gaxi::options::ClientConfig,
1275 ) -> crate::ClientBuilderResult<impl super::stub::HsmManagement> {
1276 super::transport::HsmManagement::new(conf).await
1277 }
1278
1279 async fn build_with_tracing(
1280 conf: gaxi::options::ClientConfig,
1281 ) -> crate::ClientBuilderResult<impl super::stub::HsmManagement> {
1282 Self::build_transport(conf)
1283 .await
1284 .map(super::tracing::HsmManagement::new)
1285 }
1286
1287 /// Lists
1288 /// [SingleTenantHsmInstances][google.cloud.kms.v1.SingleTenantHsmInstance].
1289 ///
1290 /// [google.cloud.kms.v1.SingleTenantHsmInstance]: crate::model::SingleTenantHsmInstance
1291 ///
1292 /// # Example
1293 /// ```
1294 /// # use google_cloud_kms_v1::client::HsmManagement;
1295 /// use google_cloud_gax::paginator::ItemPaginator as _;
1296 /// use google_cloud_kms_v1::Result;
1297 /// async fn sample(
1298 /// client: &HsmManagement, parent: &str
1299 /// ) -> Result<()> {
1300 /// let mut list = client.list_single_tenant_hsm_instances()
1301 /// .set_parent(parent)
1302 /// .by_item();
1303 /// while let Some(item) = list.next().await.transpose()? {
1304 /// println!("{:?}", item);
1305 /// }
1306 /// Ok(())
1307 /// }
1308 /// ```
1309 pub fn list_single_tenant_hsm_instances(
1310 &self,
1311 ) -> super::builder::hsm_management::ListSingleTenantHsmInstances {
1312 super::builder::hsm_management::ListSingleTenantHsmInstances::new(self.inner.clone())
1313 }
1314
1315 /// Returns metadata for a given
1316 /// [SingleTenantHsmInstance][google.cloud.kms.v1.SingleTenantHsmInstance].
1317 ///
1318 /// [google.cloud.kms.v1.SingleTenantHsmInstance]: crate::model::SingleTenantHsmInstance
1319 ///
1320 /// # Example
1321 /// ```
1322 /// # use google_cloud_kms_v1::client::HsmManagement;
1323 /// use google_cloud_kms_v1::Result;
1324 /// async fn sample(
1325 /// client: &HsmManagement, name: &str
1326 /// ) -> Result<()> {
1327 /// let response = client.get_single_tenant_hsm_instance()
1328 /// .set_name(name)
1329 /// .send().await?;
1330 /// println!("response {:?}", response);
1331 /// Ok(())
1332 /// }
1333 /// ```
1334 pub fn get_single_tenant_hsm_instance(
1335 &self,
1336 ) -> super::builder::hsm_management::GetSingleTenantHsmInstance {
1337 super::builder::hsm_management::GetSingleTenantHsmInstance::new(self.inner.clone())
1338 }
1339
1340 /// Creates a new
1341 /// [SingleTenantHsmInstance][google.cloud.kms.v1.SingleTenantHsmInstance] in a
1342 /// given Project and Location. User must create a RegisterTwoFactorAuthKeys
1343 /// proposal with this single-tenant HSM instance to finish setup of the
1344 /// instance.
1345 ///
1346 /// [google.cloud.kms.v1.SingleTenantHsmInstance]: crate::model::SingleTenantHsmInstance
1347 ///
1348 /// # Long running operations
1349 ///
1350 /// This method is used to start, and/or poll a [long-running Operation].
1351 /// The [Working with long-running operations] chapter in the [user guide]
1352 /// covers these operations in detail.
1353 ///
1354 /// [long-running operation]: https://google.aip.dev/151
1355 /// [user guide]: https://googleapis.github.io/google-cloud-rust/
1356 /// [working with long-running operations]: https://googleapis.github.io/google-cloud-rust/working_with_long_running_operations.html
1357 ///
1358 /// # Example
1359 /// ```
1360 /// # use google_cloud_kms_v1::client::HsmManagement;
1361 /// use google_cloud_lro::Poller;
1362 /// use google_cloud_kms_v1::model::SingleTenantHsmInstance;
1363 /// use google_cloud_kms_v1::Result;
1364 /// async fn sample(
1365 /// client: &HsmManagement, parent: &str
1366 /// ) -> Result<()> {
1367 /// let response = client.create_single_tenant_hsm_instance()
1368 /// .set_parent(parent)
1369 /// .set_single_tenant_hsm_instance(
1370 /// SingleTenantHsmInstance::new()/* set fields */
1371 /// )
1372 /// .poller().until_done().await?;
1373 /// println!("response {:?}", response);
1374 /// Ok(())
1375 /// }
1376 /// ```
1377 pub fn create_single_tenant_hsm_instance(
1378 &self,
1379 ) -> super::builder::hsm_management::CreateSingleTenantHsmInstance {
1380 super::builder::hsm_management::CreateSingleTenantHsmInstance::new(self.inner.clone())
1381 }
1382
1383 /// Creates a new
1384 /// [SingleTenantHsmInstanceProposal][google.cloud.kms.v1.SingleTenantHsmInstanceProposal]
1385 /// for a given
1386 /// [SingleTenantHsmInstance][google.cloud.kms.v1.SingleTenantHsmInstance].
1387 ///
1388 /// [google.cloud.kms.v1.SingleTenantHsmInstance]: crate::model::SingleTenantHsmInstance
1389 /// [google.cloud.kms.v1.SingleTenantHsmInstanceProposal]: crate::model::SingleTenantHsmInstanceProposal
1390 ///
1391 /// # Long running operations
1392 ///
1393 /// This method is used to start, and/or poll a [long-running Operation].
1394 /// The [Working with long-running operations] chapter in the [user guide]
1395 /// covers these operations in detail.
1396 ///
1397 /// [long-running operation]: https://google.aip.dev/151
1398 /// [user guide]: https://googleapis.github.io/google-cloud-rust/
1399 /// [working with long-running operations]: https://googleapis.github.io/google-cloud-rust/working_with_long_running_operations.html
1400 ///
1401 /// # Example
1402 /// ```
1403 /// # use google_cloud_kms_v1::client::HsmManagement;
1404 /// use google_cloud_lro::Poller;
1405 /// use google_cloud_kms_v1::model::SingleTenantHsmInstanceProposal;
1406 /// use google_cloud_kms_v1::Result;
1407 /// async fn sample(
1408 /// client: &HsmManagement, parent: &str
1409 /// ) -> Result<()> {
1410 /// let response = client.create_single_tenant_hsm_instance_proposal()
1411 /// .set_parent(parent)
1412 /// .set_single_tenant_hsm_instance_proposal(
1413 /// SingleTenantHsmInstanceProposal::new()/* set fields */
1414 /// )
1415 /// .poller().until_done().await?;
1416 /// println!("response {:?}", response);
1417 /// Ok(())
1418 /// }
1419 /// ```
1420 pub fn create_single_tenant_hsm_instance_proposal(
1421 &self,
1422 ) -> super::builder::hsm_management::CreateSingleTenantHsmInstanceProposal {
1423 super::builder::hsm_management::CreateSingleTenantHsmInstanceProposal::new(
1424 self.inner.clone(),
1425 )
1426 }
1427
1428 /// Approves a
1429 /// [SingleTenantHsmInstanceProposal][google.cloud.kms.v1.SingleTenantHsmInstanceProposal]
1430 /// for a given
1431 /// [SingleTenantHsmInstance][google.cloud.kms.v1.SingleTenantHsmInstance]. The
1432 /// proposal must be in the
1433 /// [PENDING][google.cloud.kms.v1.SingleTenantHsmInstanceProposal.State.PENDING]
1434 /// state.
1435 ///
1436 /// [google.cloud.kms.v1.SingleTenantHsmInstance]: crate::model::SingleTenantHsmInstance
1437 /// [google.cloud.kms.v1.SingleTenantHsmInstanceProposal]: crate::model::SingleTenantHsmInstanceProposal
1438 /// [google.cloud.kms.v1.SingleTenantHsmInstanceProposal.State.PENDING]: crate::model::single_tenant_hsm_instance_proposal::State::Pending
1439 ///
1440 /// # Example
1441 /// ```
1442 /// # use google_cloud_kms_v1::client::HsmManagement;
1443 /// use google_cloud_kms_v1::Result;
1444 /// async fn sample(
1445 /// client: &HsmManagement
1446 /// ) -> Result<()> {
1447 /// let response = client.approve_single_tenant_hsm_instance_proposal()
1448 /// /* set fields */
1449 /// .send().await?;
1450 /// println!("response {:?}", response);
1451 /// Ok(())
1452 /// }
1453 /// ```
1454 pub fn approve_single_tenant_hsm_instance_proposal(
1455 &self,
1456 ) -> super::builder::hsm_management::ApproveSingleTenantHsmInstanceProposal {
1457 super::builder::hsm_management::ApproveSingleTenantHsmInstanceProposal::new(
1458 self.inner.clone(),
1459 )
1460 }
1461
1462 /// Executes a
1463 /// [SingleTenantHsmInstanceProposal][google.cloud.kms.v1.SingleTenantHsmInstanceProposal]
1464 /// for a given
1465 /// [SingleTenantHsmInstance][google.cloud.kms.v1.SingleTenantHsmInstance]. The
1466 /// proposal must be in the
1467 /// [APPROVED][google.cloud.kms.v1.SingleTenantHsmInstanceProposal.State.APPROVED]
1468 /// state.
1469 ///
1470 /// [google.cloud.kms.v1.SingleTenantHsmInstance]: crate::model::SingleTenantHsmInstance
1471 /// [google.cloud.kms.v1.SingleTenantHsmInstanceProposal]: crate::model::SingleTenantHsmInstanceProposal
1472 /// [google.cloud.kms.v1.SingleTenantHsmInstanceProposal.State.APPROVED]: crate::model::single_tenant_hsm_instance_proposal::State::Approved
1473 ///
1474 /// # Long running operations
1475 ///
1476 /// This method is used to start, and/or poll a [long-running Operation].
1477 /// The [Working with long-running operations] chapter in the [user guide]
1478 /// covers these operations in detail.
1479 ///
1480 /// [long-running operation]: https://google.aip.dev/151
1481 /// [user guide]: https://googleapis.github.io/google-cloud-rust/
1482 /// [working with long-running operations]: https://googleapis.github.io/google-cloud-rust/working_with_long_running_operations.html
1483 ///
1484 /// # Example
1485 /// ```
1486 /// # use google_cloud_kms_v1::client::HsmManagement;
1487 /// use google_cloud_lro::Poller;
1488 /// use google_cloud_kms_v1::Result;
1489 /// async fn sample(
1490 /// client: &HsmManagement
1491 /// ) -> Result<()> {
1492 /// let response = client.execute_single_tenant_hsm_instance_proposal()
1493 /// /* set fields */
1494 /// .poller().until_done().await?;
1495 /// println!("response {:?}", response);
1496 /// Ok(())
1497 /// }
1498 /// ```
1499 pub fn execute_single_tenant_hsm_instance_proposal(
1500 &self,
1501 ) -> super::builder::hsm_management::ExecuteSingleTenantHsmInstanceProposal {
1502 super::builder::hsm_management::ExecuteSingleTenantHsmInstanceProposal::new(
1503 self.inner.clone(),
1504 )
1505 }
1506
1507 /// Returns metadata for a given
1508 /// [SingleTenantHsmInstanceProposal][google.cloud.kms.v1.SingleTenantHsmInstanceProposal].
1509 ///
1510 /// [google.cloud.kms.v1.SingleTenantHsmInstanceProposal]: crate::model::SingleTenantHsmInstanceProposal
1511 ///
1512 /// # Example
1513 /// ```
1514 /// # use google_cloud_kms_v1::client::HsmManagement;
1515 /// use google_cloud_kms_v1::Result;
1516 /// async fn sample(
1517 /// client: &HsmManagement, name: &str
1518 /// ) -> Result<()> {
1519 /// let response = client.get_single_tenant_hsm_instance_proposal()
1520 /// .set_name(name)
1521 /// .send().await?;
1522 /// println!("response {:?}", response);
1523 /// Ok(())
1524 /// }
1525 /// ```
1526 pub fn get_single_tenant_hsm_instance_proposal(
1527 &self,
1528 ) -> super::builder::hsm_management::GetSingleTenantHsmInstanceProposal {
1529 super::builder::hsm_management::GetSingleTenantHsmInstanceProposal::new(self.inner.clone())
1530 }
1531
1532 /// Lists
1533 /// [SingleTenantHsmInstanceProposals][google.cloud.kms.v1.SingleTenantHsmInstanceProposal].
1534 ///
1535 /// [google.cloud.kms.v1.SingleTenantHsmInstanceProposal]: crate::model::SingleTenantHsmInstanceProposal
1536 ///
1537 /// # Example
1538 /// ```
1539 /// # use google_cloud_kms_v1::client::HsmManagement;
1540 /// use google_cloud_gax::paginator::ItemPaginator as _;
1541 /// use google_cloud_kms_v1::Result;
1542 /// async fn sample(
1543 /// client: &HsmManagement, parent: &str
1544 /// ) -> Result<()> {
1545 /// let mut list = client.list_single_tenant_hsm_instance_proposals()
1546 /// .set_parent(parent)
1547 /// .by_item();
1548 /// while let Some(item) = list.next().await.transpose()? {
1549 /// println!("{:?}", item);
1550 /// }
1551 /// Ok(())
1552 /// }
1553 /// ```
1554 pub fn list_single_tenant_hsm_instance_proposals(
1555 &self,
1556 ) -> super::builder::hsm_management::ListSingleTenantHsmInstanceProposals {
1557 super::builder::hsm_management::ListSingleTenantHsmInstanceProposals::new(
1558 self.inner.clone(),
1559 )
1560 }
1561
1562 /// Deletes a
1563 /// [SingleTenantHsmInstanceProposal][google.cloud.kms.v1.SingleTenantHsmInstanceProposal].
1564 ///
1565 /// [google.cloud.kms.v1.SingleTenantHsmInstanceProposal]: crate::model::SingleTenantHsmInstanceProposal
1566 ///
1567 /// # Example
1568 /// ```
1569 /// # use google_cloud_kms_v1::client::HsmManagement;
1570 /// use google_cloud_kms_v1::Result;
1571 /// async fn sample(
1572 /// client: &HsmManagement, name: &str
1573 /// ) -> Result<()> {
1574 /// client.delete_single_tenant_hsm_instance_proposal()
1575 /// .set_name(name)
1576 /// .send().await?;
1577 /// Ok(())
1578 /// }
1579 /// ```
1580 pub fn delete_single_tenant_hsm_instance_proposal(
1581 &self,
1582 ) -> super::builder::hsm_management::DeleteSingleTenantHsmInstanceProposal {
1583 super::builder::hsm_management::DeleteSingleTenantHsmInstanceProposal::new(
1584 self.inner.clone(),
1585 )
1586 }
1587
1588 /// Lists information about the supported locations for this service.
1589 /// This method can be called in two ways:
1590 ///
1591 /// * **List all public locations:** Use the path `GET /v1/locations`.
1592 /// * **List project-visible locations:** Use the path
1593 /// `GET /v1/projects/{project_id}/locations`. This may include public
1594 /// locations as well as private or other locations specifically visible
1595 /// to the project.
1596 ///
1597 /// # Example
1598 /// ```
1599 /// # use google_cloud_kms_v1::client::HsmManagement;
1600 /// use google_cloud_gax::paginator::ItemPaginator as _;
1601 /// use google_cloud_kms_v1::Result;
1602 /// async fn sample(
1603 /// client: &HsmManagement
1604 /// ) -> Result<()> {
1605 /// let mut list = client.list_locations()
1606 /// /* set fields */
1607 /// .by_item();
1608 /// while let Some(item) = list.next().await.transpose()? {
1609 /// println!("{:?}", item);
1610 /// }
1611 /// Ok(())
1612 /// }
1613 /// ```
1614 pub fn list_locations(&self) -> super::builder::hsm_management::ListLocations {
1615 super::builder::hsm_management::ListLocations::new(self.inner.clone())
1616 }
1617
1618 /// Gets information about a location.
1619 ///
1620 /// # Example
1621 /// ```
1622 /// # use google_cloud_kms_v1::client::HsmManagement;
1623 /// use google_cloud_kms_v1::Result;
1624 /// async fn sample(
1625 /// client: &HsmManagement
1626 /// ) -> Result<()> {
1627 /// let response = client.get_location()
1628 /// /* set fields */
1629 /// .send().await?;
1630 /// println!("response {:?}", response);
1631 /// Ok(())
1632 /// }
1633 /// ```
1634 pub fn get_location(&self) -> super::builder::hsm_management::GetLocation {
1635 super::builder::hsm_management::GetLocation::new(self.inner.clone())
1636 }
1637
1638 /// Sets the access control policy on the specified resource. Replaces
1639 /// any existing policy.
1640 ///
1641 /// Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED`
1642 /// errors.
1643 ///
1644 /// # Example
1645 /// ```
1646 /// # use google_cloud_kms_v1::client::HsmManagement;
1647 /// use google_cloud_kms_v1::Result;
1648 /// async fn sample(
1649 /// client: &HsmManagement
1650 /// ) -> Result<()> {
1651 /// let response = client.set_iam_policy()
1652 /// /* set fields */
1653 /// .send().await?;
1654 /// println!("response {:?}", response);
1655 /// Ok(())
1656 /// }
1657 /// ```
1658 pub fn set_iam_policy(&self) -> super::builder::hsm_management::SetIamPolicy {
1659 super::builder::hsm_management::SetIamPolicy::new(self.inner.clone())
1660 }
1661
1662 /// Gets the access control policy for a resource. Returns an empty policy
1663 /// if the resource exists and does not have a policy set.
1664 ///
1665 /// # Example
1666 /// ```
1667 /// # use google_cloud_kms_v1::client::HsmManagement;
1668 /// use google_cloud_kms_v1::Result;
1669 /// async fn sample(
1670 /// client: &HsmManagement
1671 /// ) -> Result<()> {
1672 /// let response = client.get_iam_policy()
1673 /// /* set fields */
1674 /// .send().await?;
1675 /// println!("response {:?}", response);
1676 /// Ok(())
1677 /// }
1678 /// ```
1679 pub fn get_iam_policy(&self) -> super::builder::hsm_management::GetIamPolicy {
1680 super::builder::hsm_management::GetIamPolicy::new(self.inner.clone())
1681 }
1682
1683 /// Returns permissions that a caller has on the specified resource. If the
1684 /// resource does not exist, this will return an empty set of
1685 /// permissions, not a `NOT_FOUND` error.
1686 ///
1687 /// Note: This operation is designed to be used for building
1688 /// permission-aware UIs and command-line tools, not for authorization
1689 /// checking. This operation may "fail open" without warning.
1690 ///
1691 /// # Example
1692 /// ```
1693 /// # use google_cloud_kms_v1::client::HsmManagement;
1694 /// use google_cloud_kms_v1::Result;
1695 /// async fn sample(
1696 /// client: &HsmManagement
1697 /// ) -> Result<()> {
1698 /// let response = client.test_iam_permissions()
1699 /// /* set fields */
1700 /// .send().await?;
1701 /// println!("response {:?}", response);
1702 /// Ok(())
1703 /// }
1704 /// ```
1705 pub fn test_iam_permissions(&self) -> super::builder::hsm_management::TestIamPermissions {
1706 super::builder::hsm_management::TestIamPermissions::new(self.inner.clone())
1707 }
1708
1709 /// Provides the [Operations][google.longrunning.Operations] service functionality in this service.
1710 ///
1711 /// [google.longrunning.Operations]: google-cloud-longrunning::client::Operations
1712 ///
1713 /// # Example
1714 /// ```
1715 /// # use google_cloud_kms_v1::client::HsmManagement;
1716 /// use google_cloud_kms_v1::Result;
1717 /// async fn sample(
1718 /// client: &HsmManagement
1719 /// ) -> Result<()> {
1720 /// let response = client.get_operation()
1721 /// /* set fields */
1722 /// .send().await?;
1723 /// println!("response {:?}", response);
1724 /// Ok(())
1725 /// }
1726 /// ```
1727 pub fn get_operation(&self) -> super::builder::hsm_management::GetOperation {
1728 super::builder::hsm_management::GetOperation::new(self.inner.clone())
1729 }
1730}
1731
1732/// Implements a client for the Cloud Key Management Service (KMS) API.
1733///
1734/// # Example
1735/// ```
1736/// # use google_cloud_kms_v1::client::KeyManagementService;
1737/// use google_cloud_gax::paginator::ItemPaginator as _;
1738/// # async fn sample() -> Result<(), Box<dyn std::error::Error>> {
1739/// let client = KeyManagementService::builder().build().await?;
1740/// let parent = "parent_value";
1741/// let mut list = client.list_key_rings()
1742/// .set_parent(parent)
1743/// .by_item();
1744/// while let Some(item) = list.next().await.transpose()? {
1745/// println!("{:?}", item);
1746/// }
1747/// # Ok(()) }
1748/// ```
1749///
1750/// # Service Description
1751///
1752/// Google Cloud Key Management Service
1753///
1754/// Manages cryptographic keys and operations using those keys. Implements a REST
1755/// model with the following objects:
1756///
1757/// * [KeyRing][google.cloud.kms.v1.KeyRing]
1758/// * [CryptoKey][google.cloud.kms.v1.CryptoKey]
1759/// * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
1760/// * [ImportJob][google.cloud.kms.v1.ImportJob]
1761///
1762/// If you are using manual gRPC libraries, see
1763/// [Using gRPC with Cloud KMS](https://cloud.google.com/kms/docs/grpc).
1764///
1765/// [google.cloud.kms.v1.CryptoKey]: crate::model::CryptoKey
1766/// [google.cloud.kms.v1.CryptoKeyVersion]: crate::model::CryptoKeyVersion
1767/// [google.cloud.kms.v1.ImportJob]: crate::model::ImportJob
1768/// [google.cloud.kms.v1.KeyRing]: crate::model::KeyRing
1769///
1770/// # Configuration
1771///
1772/// To configure `KeyManagementService` use the `with_*` methods in the type returned
1773/// by [builder()][KeyManagementService::builder]. The default configuration should
1774/// work for most applications. Common configuration changes include
1775///
1776/// * [with_endpoint()]: by default this client uses the global default endpoint
1777/// (`https://cloudkms.googleapis.com`). Applications using regional
1778/// endpoints or running in restricted networks (e.g. a network configured
1779// with [Private Google Access with VPC Service Controls]) may want to
1780/// override this default.
1781/// * [with_credentials()]: by default this client uses
1782/// [Application Default Credentials]. Applications using custom
1783/// authentication may need to override this default.
1784///
1785/// [with_endpoint()]: super::builder::key_management_service::ClientBuilder::with_endpoint
1786/// [with_credentials()]: super::builder::key_management_service::ClientBuilder::with_credentials
1787/// [Private Google Access with VPC Service Controls]: https://cloud.google.com/vpc-service-controls/docs/private-connectivity
1788/// [Application Default Credentials]: https://cloud.google.com/docs/authentication#adc
1789///
1790/// # Pooling and Cloning
1791///
1792/// `KeyManagementService` holds a connection pool internally, it is advised to
1793/// create one and reuse it. You do not need to wrap `KeyManagementService` in
1794/// an [Rc](std::rc::Rc) or [Arc](std::sync::Arc) to reuse it, because it
1795/// already uses an `Arc` internally.
1796#[derive(Clone, Debug)]
1797pub struct KeyManagementService {
1798 inner: std::sync::Arc<dyn super::stub::dynamic::KeyManagementService>,
1799}
1800
1801impl KeyManagementService {
1802 /// Returns a builder for [KeyManagementService].
1803 ///
1804 /// ```
1805 /// # async fn sample() -> google_cloud_gax::client_builder::Result<()> {
1806 /// # use google_cloud_kms_v1::client::KeyManagementService;
1807 /// let client = KeyManagementService::builder().build().await?;
1808 /// # Ok(()) }
1809 /// ```
1810 pub fn builder() -> super::builder::key_management_service::ClientBuilder {
1811 crate::new_client_builder(super::builder::key_management_service::client::Factory)
1812 }
1813
1814 /// Creates a new client from the provided stub.
1815 ///
1816 /// The most common case for calling this function is in tests mocking the
1817 /// client's behavior.
1818 pub fn from_stub<T>(stub: T) -> Self
1819 where
1820 T: super::stub::KeyManagementService + 'static,
1821 {
1822 Self {
1823 inner: std::sync::Arc::new(stub),
1824 }
1825 }
1826
1827 pub(crate) async fn new(
1828 config: gaxi::options::ClientConfig,
1829 ) -> crate::ClientBuilderResult<Self> {
1830 let inner = Self::build_inner(config).await?;
1831 Ok(Self { inner })
1832 }
1833
1834 async fn build_inner(
1835 conf: gaxi::options::ClientConfig,
1836 ) -> crate::ClientBuilderResult<std::sync::Arc<dyn super::stub::dynamic::KeyManagementService>>
1837 {
1838 if gaxi::options::tracing_enabled(&conf) {
1839 return Ok(std::sync::Arc::new(Self::build_with_tracing(conf).await?));
1840 }
1841 Ok(std::sync::Arc::new(Self::build_transport(conf).await?))
1842 }
1843
1844 async fn build_transport(
1845 conf: gaxi::options::ClientConfig,
1846 ) -> crate::ClientBuilderResult<impl super::stub::KeyManagementService> {
1847 super::transport::KeyManagementService::new(conf).await
1848 }
1849
1850 async fn build_with_tracing(
1851 conf: gaxi::options::ClientConfig,
1852 ) -> crate::ClientBuilderResult<impl super::stub::KeyManagementService> {
1853 Self::build_transport(conf)
1854 .await
1855 .map(super::tracing::KeyManagementService::new)
1856 }
1857
1858 /// Lists [KeyRings][google.cloud.kms.v1.KeyRing].
1859 ///
1860 /// [google.cloud.kms.v1.KeyRing]: crate::model::KeyRing
1861 ///
1862 /// # Example
1863 /// ```
1864 /// # use google_cloud_kms_v1::client::KeyManagementService;
1865 /// use google_cloud_gax::paginator::ItemPaginator as _;
1866 /// use google_cloud_kms_v1::Result;
1867 /// async fn sample(
1868 /// client: &KeyManagementService, parent: &str
1869 /// ) -> Result<()> {
1870 /// let mut list = client.list_key_rings()
1871 /// .set_parent(parent)
1872 /// .by_item();
1873 /// while let Some(item) = list.next().await.transpose()? {
1874 /// println!("{:?}", item);
1875 /// }
1876 /// Ok(())
1877 /// }
1878 /// ```
1879 pub fn list_key_rings(&self) -> super::builder::key_management_service::ListKeyRings {
1880 super::builder::key_management_service::ListKeyRings::new(self.inner.clone())
1881 }
1882
1883 /// Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey].
1884 ///
1885 /// [google.cloud.kms.v1.CryptoKey]: crate::model::CryptoKey
1886 ///
1887 /// # Example
1888 /// ```
1889 /// # use google_cloud_kms_v1::client::KeyManagementService;
1890 /// use google_cloud_gax::paginator::ItemPaginator as _;
1891 /// use google_cloud_kms_v1::Result;
1892 /// async fn sample(
1893 /// client: &KeyManagementService, parent: &str
1894 /// ) -> Result<()> {
1895 /// let mut list = client.list_crypto_keys()
1896 /// .set_parent(parent)
1897 /// .by_item();
1898 /// while let Some(item) = list.next().await.transpose()? {
1899 /// println!("{:?}", item);
1900 /// }
1901 /// Ok(())
1902 /// }
1903 /// ```
1904 pub fn list_crypto_keys(&self) -> super::builder::key_management_service::ListCryptoKeys {
1905 super::builder::key_management_service::ListCryptoKeys::new(self.inner.clone())
1906 }
1907
1908 /// Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
1909 ///
1910 /// [google.cloud.kms.v1.CryptoKeyVersion]: crate::model::CryptoKeyVersion
1911 ///
1912 /// # Example
1913 /// ```
1914 /// # use google_cloud_kms_v1::client::KeyManagementService;
1915 /// use google_cloud_gax::paginator::ItemPaginator as _;
1916 /// use google_cloud_kms_v1::Result;
1917 /// async fn sample(
1918 /// client: &KeyManagementService, parent: &str
1919 /// ) -> Result<()> {
1920 /// let mut list = client.list_crypto_key_versions()
1921 /// .set_parent(parent)
1922 /// .by_item();
1923 /// while let Some(item) = list.next().await.transpose()? {
1924 /// println!("{:?}", item);
1925 /// }
1926 /// Ok(())
1927 /// }
1928 /// ```
1929 pub fn list_crypto_key_versions(
1930 &self,
1931 ) -> super::builder::key_management_service::ListCryptoKeyVersions {
1932 super::builder::key_management_service::ListCryptoKeyVersions::new(self.inner.clone())
1933 }
1934
1935 /// Lists [ImportJobs][google.cloud.kms.v1.ImportJob].
1936 ///
1937 /// [google.cloud.kms.v1.ImportJob]: crate::model::ImportJob
1938 ///
1939 /// # Example
1940 /// ```
1941 /// # use google_cloud_kms_v1::client::KeyManagementService;
1942 /// use google_cloud_gax::paginator::ItemPaginator as _;
1943 /// use google_cloud_kms_v1::Result;
1944 /// async fn sample(
1945 /// client: &KeyManagementService, parent: &str
1946 /// ) -> Result<()> {
1947 /// let mut list = client.list_import_jobs()
1948 /// .set_parent(parent)
1949 /// .by_item();
1950 /// while let Some(item) = list.next().await.transpose()? {
1951 /// println!("{:?}", item);
1952 /// }
1953 /// Ok(())
1954 /// }
1955 /// ```
1956 pub fn list_import_jobs(&self) -> super::builder::key_management_service::ListImportJobs {
1957 super::builder::key_management_service::ListImportJobs::new(self.inner.clone())
1958 }
1959
1960 /// Lists the [RetiredResources][google.cloud.kms.v1.RetiredResource] which are
1961 /// the records of deleted [CryptoKeys][google.cloud.kms.v1.CryptoKey].
1962 /// RetiredResources prevent the reuse of these resource names after deletion.
1963 ///
1964 /// [google.cloud.kms.v1.CryptoKey]: crate::model::CryptoKey
1965 /// [google.cloud.kms.v1.RetiredResource]: crate::model::RetiredResource
1966 ///
1967 /// # Example
1968 /// ```
1969 /// # use google_cloud_kms_v1::client::KeyManagementService;
1970 /// use google_cloud_gax::paginator::ItemPaginator as _;
1971 /// use google_cloud_kms_v1::Result;
1972 /// async fn sample(
1973 /// client: &KeyManagementService, parent: &str
1974 /// ) -> Result<()> {
1975 /// let mut list = client.list_retired_resources()
1976 /// .set_parent(parent)
1977 /// .by_item();
1978 /// while let Some(item) = list.next().await.transpose()? {
1979 /// println!("{:?}", item);
1980 /// }
1981 /// Ok(())
1982 /// }
1983 /// ```
1984 pub fn list_retired_resources(
1985 &self,
1986 ) -> super::builder::key_management_service::ListRetiredResources {
1987 super::builder::key_management_service::ListRetiredResources::new(self.inner.clone())
1988 }
1989
1990 /// Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing].
1991 ///
1992 /// [google.cloud.kms.v1.KeyRing]: crate::model::KeyRing
1993 ///
1994 /// # Example
1995 /// ```
1996 /// # use google_cloud_kms_v1::client::KeyManagementService;
1997 /// use google_cloud_kms_v1::Result;
1998 /// async fn sample(
1999 /// client: &KeyManagementService, name: &str
2000 /// ) -> Result<()> {
2001 /// let response = client.get_key_ring()
2002 /// .set_name(name)
2003 /// .send().await?;
2004 /// println!("response {:?}", response);
2005 /// Ok(())
2006 /// }
2007 /// ```
2008 pub fn get_key_ring(&self) -> super::builder::key_management_service::GetKeyRing {
2009 super::builder::key_management_service::GetKeyRing::new(self.inner.clone())
2010 }
2011
2012 /// Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as
2013 /// well as its [primary][google.cloud.kms.v1.CryptoKey.primary]
2014 /// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
2015 ///
2016 /// [google.cloud.kms.v1.CryptoKey]: crate::model::CryptoKey
2017 /// [google.cloud.kms.v1.CryptoKey.primary]: crate::model::CryptoKey::primary
2018 /// [google.cloud.kms.v1.CryptoKeyVersion]: crate::model::CryptoKeyVersion
2019 ///
2020 /// # Example
2021 /// ```
2022 /// # use google_cloud_kms_v1::client::KeyManagementService;
2023 /// use google_cloud_kms_v1::Result;
2024 /// async fn sample(
2025 /// client: &KeyManagementService, name: &str
2026 /// ) -> Result<()> {
2027 /// let response = client.get_crypto_key()
2028 /// .set_name(name)
2029 /// .send().await?;
2030 /// println!("response {:?}", response);
2031 /// Ok(())
2032 /// }
2033 /// ```
2034 pub fn get_crypto_key(&self) -> super::builder::key_management_service::GetCryptoKey {
2035 super::builder::key_management_service::GetCryptoKey::new(self.inner.clone())
2036 }
2037
2038 /// Returns metadata for a given
2039 /// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
2040 ///
2041 /// [google.cloud.kms.v1.CryptoKeyVersion]: crate::model::CryptoKeyVersion
2042 ///
2043 /// # Example
2044 /// ```
2045 /// # use google_cloud_kms_v1::client::KeyManagementService;
2046 /// use google_cloud_kms_v1::Result;
2047 /// async fn sample(
2048 /// client: &KeyManagementService, name: &str
2049 /// ) -> Result<()> {
2050 /// let response = client.get_crypto_key_version()
2051 /// .set_name(name)
2052 /// .send().await?;
2053 /// println!("response {:?}", response);
2054 /// Ok(())
2055 /// }
2056 /// ```
2057 pub fn get_crypto_key_version(
2058 &self,
2059 ) -> super::builder::key_management_service::GetCryptoKeyVersion {
2060 super::builder::key_management_service::GetCryptoKeyVersion::new(self.inner.clone())
2061 }
2062
2063 /// Returns the public key for the given
2064 /// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. The
2065 /// [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
2066 /// [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN]
2067 /// or
2068 /// [ASYMMETRIC_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT].
2069 ///
2070 /// [google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT]: crate::model::crypto_key::CryptoKeyPurpose::AsymmetricDecrypt
2071 /// [google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN]: crate::model::crypto_key::CryptoKeyPurpose::AsymmetricSign
2072 /// [google.cloud.kms.v1.CryptoKey.purpose]: crate::model::CryptoKey::purpose
2073 /// [google.cloud.kms.v1.CryptoKeyVersion]: crate::model::CryptoKeyVersion
2074 ///
2075 /// # Example
2076 /// ```
2077 /// # use google_cloud_kms_v1::client::KeyManagementService;
2078 /// use google_cloud_kms_v1::Result;
2079 /// async fn sample(
2080 /// client: &KeyManagementService
2081 /// ) -> Result<()> {
2082 /// let response = client.get_public_key()
2083 /// /* set fields */
2084 /// .send().await?;
2085 /// println!("response {:?}", response);
2086 /// Ok(())
2087 /// }
2088 /// ```
2089 pub fn get_public_key(&self) -> super::builder::key_management_service::GetPublicKey {
2090 super::builder::key_management_service::GetPublicKey::new(self.inner.clone())
2091 }
2092
2093 /// Returns metadata for a given [ImportJob][google.cloud.kms.v1.ImportJob].
2094 ///
2095 /// [google.cloud.kms.v1.ImportJob]: crate::model::ImportJob
2096 ///
2097 /// # Example
2098 /// ```
2099 /// # use google_cloud_kms_v1::client::KeyManagementService;
2100 /// use google_cloud_kms_v1::Result;
2101 /// async fn sample(
2102 /// client: &KeyManagementService, name: &str
2103 /// ) -> Result<()> {
2104 /// let response = client.get_import_job()
2105 /// .set_name(name)
2106 /// .send().await?;
2107 /// println!("response {:?}", response);
2108 /// Ok(())
2109 /// }
2110 /// ```
2111 pub fn get_import_job(&self) -> super::builder::key_management_service::GetImportJob {
2112 super::builder::key_management_service::GetImportJob::new(self.inner.clone())
2113 }
2114
2115 /// Retrieves a specific [RetiredResource][google.cloud.kms.v1.RetiredResource]
2116 /// resource, which represents the record of a deleted
2117 /// [CryptoKey][google.cloud.kms.v1.CryptoKey].
2118 ///
2119 /// [google.cloud.kms.v1.CryptoKey]: crate::model::CryptoKey
2120 /// [google.cloud.kms.v1.RetiredResource]: crate::model::RetiredResource
2121 ///
2122 /// # Example
2123 /// ```
2124 /// # use google_cloud_kms_v1::client::KeyManagementService;
2125 /// use google_cloud_kms_v1::Result;
2126 /// async fn sample(
2127 /// client: &KeyManagementService, name: &str
2128 /// ) -> Result<()> {
2129 /// let response = client.get_retired_resource()
2130 /// .set_name(name)
2131 /// .send().await?;
2132 /// println!("response {:?}", response);
2133 /// Ok(())
2134 /// }
2135 /// ```
2136 pub fn get_retired_resource(
2137 &self,
2138 ) -> super::builder::key_management_service::GetRetiredResource {
2139 super::builder::key_management_service::GetRetiredResource::new(self.inner.clone())
2140 }
2141
2142 /// Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and
2143 /// Location.
2144 ///
2145 /// [google.cloud.kms.v1.KeyRing]: crate::model::KeyRing
2146 ///
2147 /// # Example
2148 /// ```
2149 /// # use google_cloud_kms_v1::client::KeyManagementService;
2150 /// use google_cloud_kms_v1::model::KeyRing;
2151 /// use google_cloud_kms_v1::Result;
2152 /// async fn sample(
2153 /// client: &KeyManagementService, parent: &str
2154 /// ) -> Result<()> {
2155 /// let response = client.create_key_ring()
2156 /// .set_parent(parent)
2157 /// .set_key_ring(
2158 /// KeyRing::new()/* set fields */
2159 /// )
2160 /// .send().await?;
2161 /// println!("response {:?}", response);
2162 /// Ok(())
2163 /// }
2164 /// ```
2165 pub fn create_key_ring(&self) -> super::builder::key_management_service::CreateKeyRing {
2166 super::builder::key_management_service::CreateKeyRing::new(self.inner.clone())
2167 }
2168
2169 /// Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a
2170 /// [KeyRing][google.cloud.kms.v1.KeyRing].
2171 ///
2172 /// [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and
2173 /// [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm]
2174 /// are required.
2175 ///
2176 /// [google.cloud.kms.v1.CryptoKey]: crate::model::CryptoKey
2177 /// [google.cloud.kms.v1.CryptoKey.purpose]: crate::model::CryptoKey::purpose
2178 /// [google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm]: crate::model::CryptoKeyVersionTemplate::algorithm
2179 /// [google.cloud.kms.v1.KeyRing]: crate::model::KeyRing
2180 ///
2181 /// # Example
2182 /// ```
2183 /// # use google_cloud_kms_v1::client::KeyManagementService;
2184 /// use google_cloud_kms_v1::model::CryptoKey;
2185 /// use google_cloud_kms_v1::Result;
2186 /// async fn sample(
2187 /// client: &KeyManagementService, parent: &str
2188 /// ) -> Result<()> {
2189 /// let response = client.create_crypto_key()
2190 /// .set_parent(parent)
2191 /// .set_crypto_key(
2192 /// CryptoKey::new()/* set fields */
2193 /// )
2194 /// .send().await?;
2195 /// println!("response {:?}", response);
2196 /// Ok(())
2197 /// }
2198 /// ```
2199 pub fn create_crypto_key(&self) -> super::builder::key_management_service::CreateCryptoKey {
2200 super::builder::key_management_service::CreateCryptoKey::new(self.inner.clone())
2201 }
2202
2203 /// Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a
2204 /// [CryptoKey][google.cloud.kms.v1.CryptoKey].
2205 ///
2206 /// The server will assign the next sequential id. If unset,
2207 /// [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to
2208 /// [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED].
2209 ///
2210 /// [google.cloud.kms.v1.CryptoKey]: crate::model::CryptoKey
2211 /// [google.cloud.kms.v1.CryptoKeyVersion]: crate::model::CryptoKeyVersion
2212 /// [google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]: crate::model::crypto_key_version::CryptoKeyVersionState::Enabled
2213 /// [google.cloud.kms.v1.CryptoKeyVersion.state]: crate::model::CryptoKeyVersion::state
2214 ///
2215 /// # Example
2216 /// ```
2217 /// # use google_cloud_kms_v1::client::KeyManagementService;
2218 /// use google_cloud_kms_v1::model::CryptoKeyVersion;
2219 /// use google_cloud_kms_v1::Result;
2220 /// async fn sample(
2221 /// client: &KeyManagementService, parent: &str
2222 /// ) -> Result<()> {
2223 /// let response = client.create_crypto_key_version()
2224 /// .set_parent(parent)
2225 /// .set_crypto_key_version(
2226 /// CryptoKeyVersion::new()/* set fields */
2227 /// )
2228 /// .send().await?;
2229 /// println!("response {:?}", response);
2230 /// Ok(())
2231 /// }
2232 /// ```
2233 pub fn create_crypto_key_version(
2234 &self,
2235 ) -> super::builder::key_management_service::CreateCryptoKeyVersion {
2236 super::builder::key_management_service::CreateCryptoKeyVersion::new(self.inner.clone())
2237 }
2238
2239 /// Permanently deletes the given [CryptoKey][google.cloud.kms.v1.CryptoKey].
2240 /// All child [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] must
2241 /// have been previously deleted using
2242 /// [KeyManagementService.DeleteCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DeleteCryptoKeyVersion].
2243 /// The specified crypto key will be immediately and permanently deleted upon
2244 /// calling this method. This action cannot be undone.
2245 ///
2246 /// [google.cloud.kms.v1.CryptoKey]: crate::model::CryptoKey
2247 /// [google.cloud.kms.v1.CryptoKeyVersion]: crate::model::CryptoKeyVersion
2248 /// [google.cloud.kms.v1.KeyManagementService.DeleteCryptoKeyVersion]: crate::client::KeyManagementService::delete_crypto_key_version
2249 ///
2250 /// # Long running operations
2251 ///
2252 /// This method is used to start, and/or poll a [long-running Operation].
2253 /// The [Working with long-running operations] chapter in the [user guide]
2254 /// covers these operations in detail.
2255 ///
2256 /// [long-running operation]: https://google.aip.dev/151
2257 /// [user guide]: https://googleapis.github.io/google-cloud-rust/
2258 /// [working with long-running operations]: https://googleapis.github.io/google-cloud-rust/working_with_long_running_operations.html
2259 ///
2260 /// # Example
2261 /// ```
2262 /// # use google_cloud_kms_v1::client::KeyManagementService;
2263 /// use google_cloud_lro::Poller;
2264 /// use google_cloud_kms_v1::Result;
2265 /// async fn sample(
2266 /// client: &KeyManagementService, name: &str
2267 /// ) -> Result<()> {
2268 /// client.delete_crypto_key()
2269 /// .set_name(name)
2270 /// .poller().until_done().await?;
2271 /// Ok(())
2272 /// }
2273 /// ```
2274 pub fn delete_crypto_key(&self) -> super::builder::key_management_service::DeleteCryptoKey {
2275 super::builder::key_management_service::DeleteCryptoKey::new(self.inner.clone())
2276 }
2277
2278 /// Permanently deletes the given
2279 /// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. Only possible if
2280 /// the version has not been previously imported and if its
2281 /// [state][google.cloud.kms.v1.CryptoKeyVersion.state] is one of
2282 /// [DESTROYED][CryptoKeyVersionState.DESTROYED],
2283 /// [IMPORT_FAILED][CryptoKeyVersionState.IMPORT_FAILED], or
2284 /// [GENERATION_FAILED][CryptoKeyVersionState.GENERATION_FAILED].
2285 /// Successfully imported
2286 /// [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] cannot be deleted
2287 /// at this time. The specified version will be immediately and permanently
2288 /// deleted upon calling this method. This action cannot be undone.
2289 ///
2290 /// [google.cloud.kms.v1.CryptoKeyVersion]: crate::model::CryptoKeyVersion
2291 /// [google.cloud.kms.v1.CryptoKeyVersion.state]: crate::model::CryptoKeyVersion::state
2292 ///
2293 /// # Long running operations
2294 ///
2295 /// This method is used to start, and/or poll a [long-running Operation].
2296 /// The [Working with long-running operations] chapter in the [user guide]
2297 /// covers these operations in detail.
2298 ///
2299 /// [long-running operation]: https://google.aip.dev/151
2300 /// [user guide]: https://googleapis.github.io/google-cloud-rust/
2301 /// [working with long-running operations]: https://googleapis.github.io/google-cloud-rust/working_with_long_running_operations.html
2302 ///
2303 /// # Example
2304 /// ```
2305 /// # use google_cloud_kms_v1::client::KeyManagementService;
2306 /// use google_cloud_lro::Poller;
2307 /// use google_cloud_kms_v1::Result;
2308 /// async fn sample(
2309 /// client: &KeyManagementService, name: &str
2310 /// ) -> Result<()> {
2311 /// client.delete_crypto_key_version()
2312 /// .set_name(name)
2313 /// .poller().until_done().await?;
2314 /// Ok(())
2315 /// }
2316 /// ```
2317 pub fn delete_crypto_key_version(
2318 &self,
2319 ) -> super::builder::key_management_service::DeleteCryptoKeyVersion {
2320 super::builder::key_management_service::DeleteCryptoKeyVersion::new(self.inner.clone())
2321 }
2322
2323 /// Import wrapped key material into a
2324 /// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
2325 ///
2326 /// All requests must specify a [CryptoKey][google.cloud.kms.v1.CryptoKey]. If
2327 /// a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] is additionally
2328 /// specified in the request, key material will be reimported into that
2329 /// version. Otherwise, a new version will be created, and will be assigned the
2330 /// next sequential id within the [CryptoKey][google.cloud.kms.v1.CryptoKey].
2331 ///
2332 /// [google.cloud.kms.v1.CryptoKey]: crate::model::CryptoKey
2333 /// [google.cloud.kms.v1.CryptoKeyVersion]: crate::model::CryptoKeyVersion
2334 ///
2335 /// # Example
2336 /// ```
2337 /// # use google_cloud_kms_v1::client::KeyManagementService;
2338 /// use google_cloud_kms_v1::Result;
2339 /// async fn sample(
2340 /// client: &KeyManagementService
2341 /// ) -> Result<()> {
2342 /// let response = client.import_crypto_key_version()
2343 /// /* set fields */
2344 /// .send().await?;
2345 /// println!("response {:?}", response);
2346 /// Ok(())
2347 /// }
2348 /// ```
2349 pub fn import_crypto_key_version(
2350 &self,
2351 ) -> super::builder::key_management_service::ImportCryptoKeyVersion {
2352 super::builder::key_management_service::ImportCryptoKeyVersion::new(self.inner.clone())
2353 }
2354
2355 /// Create a new [ImportJob][google.cloud.kms.v1.ImportJob] within a
2356 /// [KeyRing][google.cloud.kms.v1.KeyRing].
2357 ///
2358 /// [ImportJob.import_method][google.cloud.kms.v1.ImportJob.import_method] is
2359 /// required.
2360 ///
2361 /// [google.cloud.kms.v1.ImportJob]: crate::model::ImportJob
2362 /// [google.cloud.kms.v1.ImportJob.import_method]: crate::model::ImportJob::import_method
2363 /// [google.cloud.kms.v1.KeyRing]: crate::model::KeyRing
2364 ///
2365 /// # Example
2366 /// ```
2367 /// # use google_cloud_kms_v1::client::KeyManagementService;
2368 /// use google_cloud_kms_v1::model::ImportJob;
2369 /// use google_cloud_kms_v1::Result;
2370 /// async fn sample(
2371 /// client: &KeyManagementService, parent: &str
2372 /// ) -> Result<()> {
2373 /// let response = client.create_import_job()
2374 /// .set_parent(parent)
2375 /// .set_import_job(
2376 /// ImportJob::new()/* set fields */
2377 /// )
2378 /// .send().await?;
2379 /// println!("response {:?}", response);
2380 /// Ok(())
2381 /// }
2382 /// ```
2383 pub fn create_import_job(&self) -> super::builder::key_management_service::CreateImportJob {
2384 super::builder::key_management_service::CreateImportJob::new(self.inner.clone())
2385 }
2386
2387 /// Update a [CryptoKey][google.cloud.kms.v1.CryptoKey].
2388 ///
2389 /// [google.cloud.kms.v1.CryptoKey]: crate::model::CryptoKey
2390 ///
2391 /// # Example
2392 /// ```
2393 /// # use google_cloud_kms_v1::client::KeyManagementService;
2394 /// # extern crate wkt as google_cloud_wkt;
2395 /// use google_cloud_wkt::FieldMask;
2396 /// use google_cloud_kms_v1::model::CryptoKey;
2397 /// use google_cloud_kms_v1::Result;
2398 /// async fn sample(
2399 /// client: &KeyManagementService, name: &str
2400 /// ) -> Result<()> {
2401 /// let response = client.update_crypto_key()
2402 /// .set_crypto_key(
2403 /// CryptoKey::new().set_name(name)/* set fields */
2404 /// )
2405 /// .set_update_mask(FieldMask::default().set_paths(["updated.field.path1", "updated.field.path2"]))
2406 /// .send().await?;
2407 /// println!("response {:?}", response);
2408 /// Ok(())
2409 /// }
2410 /// ```
2411 pub fn update_crypto_key(&self) -> super::builder::key_management_service::UpdateCryptoKey {
2412 super::builder::key_management_service::UpdateCryptoKey::new(self.inner.clone())
2413 }
2414
2415 /// Update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s
2416 /// metadata.
2417 ///
2418 /// [state][google.cloud.kms.v1.CryptoKeyVersion.state] may be changed between
2419 /// [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]
2420 /// and
2421 /// [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED]
2422 /// using this method. See
2423 /// [DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion]
2424 /// and
2425 /// [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion]
2426 /// to move between other states.
2427 ///
2428 /// [google.cloud.kms.v1.CryptoKeyVersion]: crate::model::CryptoKeyVersion
2429 /// [google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED]: crate::model::crypto_key_version::CryptoKeyVersionState::Disabled
2430 /// [google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]: crate::model::crypto_key_version::CryptoKeyVersionState::Enabled
2431 /// [google.cloud.kms.v1.CryptoKeyVersion.state]: crate::model::CryptoKeyVersion::state
2432 /// [google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion]: crate::client::KeyManagementService::destroy_crypto_key_version
2433 /// [google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion]: crate::client::KeyManagementService::restore_crypto_key_version
2434 ///
2435 /// # Example
2436 /// ```
2437 /// # use google_cloud_kms_v1::client::KeyManagementService;
2438 /// # extern crate wkt as google_cloud_wkt;
2439 /// use google_cloud_wkt::FieldMask;
2440 /// use google_cloud_kms_v1::model::CryptoKeyVersion;
2441 /// use google_cloud_kms_v1::Result;
2442 /// async fn sample(
2443 /// client: &KeyManagementService, name: &str
2444 /// ) -> Result<()> {
2445 /// let response = client.update_crypto_key_version()
2446 /// .set_crypto_key_version(
2447 /// CryptoKeyVersion::new().set_name(name)/* set fields */
2448 /// )
2449 /// .set_update_mask(FieldMask::default().set_paths(["updated.field.path1", "updated.field.path2"]))
2450 /// .send().await?;
2451 /// println!("response {:?}", response);
2452 /// Ok(())
2453 /// }
2454 /// ```
2455 pub fn update_crypto_key_version(
2456 &self,
2457 ) -> super::builder::key_management_service::UpdateCryptoKeyVersion {
2458 super::builder::key_management_service::UpdateCryptoKeyVersion::new(self.inner.clone())
2459 }
2460
2461 /// Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that
2462 /// will be used in
2463 /// [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
2464 ///
2465 /// Returns an error if called on a key whose purpose is not
2466 /// [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
2467 ///
2468 /// [google.cloud.kms.v1.CryptoKey]: crate::model::CryptoKey
2469 /// [google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT]: crate::model::crypto_key::CryptoKeyPurpose::EncryptDecrypt
2470 /// [google.cloud.kms.v1.KeyManagementService.Encrypt]: crate::client::KeyManagementService::encrypt
2471 ///
2472 /// # Example
2473 /// ```
2474 /// # use google_cloud_kms_v1::client::KeyManagementService;
2475 /// use google_cloud_kms_v1::Result;
2476 /// async fn sample(
2477 /// client: &KeyManagementService
2478 /// ) -> Result<()> {
2479 /// let response = client.update_crypto_key_primary_version()
2480 /// /* set fields */
2481 /// .send().await?;
2482 /// println!("response {:?}", response);
2483 /// Ok(())
2484 /// }
2485 /// ```
2486 pub fn update_crypto_key_primary_version(
2487 &self,
2488 ) -> super::builder::key_management_service::UpdateCryptoKeyPrimaryVersion {
2489 super::builder::key_management_service::UpdateCryptoKeyPrimaryVersion::new(
2490 self.inner.clone(),
2491 )
2492 }
2493
2494 /// Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for
2495 /// destruction.
2496 ///
2497 /// Upon calling this method,
2498 /// [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will
2499 /// be set to
2500 /// [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED],
2501 /// and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will
2502 /// be set to the time
2503 /// [destroy_scheduled_duration][google.cloud.kms.v1.CryptoKey.destroy_scheduled_duration]
2504 /// in the future. At that time, the
2505 /// [state][google.cloud.kms.v1.CryptoKeyVersion.state] will automatically
2506 /// change to
2507 /// [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED],
2508 /// and the key material will be irrevocably destroyed.
2509 ///
2510 /// Before the
2511 /// [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is
2512 /// reached,
2513 /// [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion]
2514 /// may be called to reverse the process.
2515 ///
2516 /// [google.cloud.kms.v1.CryptoKey.destroy_scheduled_duration]: crate::model::CryptoKey::destroy_scheduled_duration
2517 /// [google.cloud.kms.v1.CryptoKeyVersion]: crate::model::CryptoKeyVersion
2518 /// [google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED]: crate::model::crypto_key_version::CryptoKeyVersionState::Destroyed
2519 /// [google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]: crate::model::crypto_key_version::CryptoKeyVersionState::DestroyScheduled
2520 /// [google.cloud.kms.v1.CryptoKeyVersion.destroy_time]: crate::model::CryptoKeyVersion::destroy_time
2521 /// [google.cloud.kms.v1.CryptoKeyVersion.state]: crate::model::CryptoKeyVersion::state
2522 /// [google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion]: crate::client::KeyManagementService::restore_crypto_key_version
2523 ///
2524 /// # Example
2525 /// ```
2526 /// # use google_cloud_kms_v1::client::KeyManagementService;
2527 /// use google_cloud_kms_v1::Result;
2528 /// async fn sample(
2529 /// client: &KeyManagementService
2530 /// ) -> Result<()> {
2531 /// let response = client.destroy_crypto_key_version()
2532 /// /* set fields */
2533 /// .send().await?;
2534 /// println!("response {:?}", response);
2535 /// Ok(())
2536 /// }
2537 /// ```
2538 pub fn destroy_crypto_key_version(
2539 &self,
2540 ) -> super::builder::key_management_service::DestroyCryptoKeyVersion {
2541 super::builder::key_management_service::DestroyCryptoKeyVersion::new(self.inner.clone())
2542 }
2543
2544 /// Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the
2545 /// [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]
2546 /// state.
2547 ///
2548 /// Upon restoration of the CryptoKeyVersion,
2549 /// [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to
2550 /// [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED],
2551 /// and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will
2552 /// be cleared.
2553 ///
2554 /// [google.cloud.kms.v1.CryptoKeyVersion]: crate::model::CryptoKeyVersion
2555 /// [google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]: crate::model::crypto_key_version::CryptoKeyVersionState::DestroyScheduled
2556 /// [google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED]: crate::model::crypto_key_version::CryptoKeyVersionState::Disabled
2557 /// [google.cloud.kms.v1.CryptoKeyVersion.destroy_time]: crate::model::CryptoKeyVersion::destroy_time
2558 /// [google.cloud.kms.v1.CryptoKeyVersion.state]: crate::model::CryptoKeyVersion::state
2559 ///
2560 /// # Example
2561 /// ```
2562 /// # use google_cloud_kms_v1::client::KeyManagementService;
2563 /// use google_cloud_kms_v1::Result;
2564 /// async fn sample(
2565 /// client: &KeyManagementService
2566 /// ) -> Result<()> {
2567 /// let response = client.restore_crypto_key_version()
2568 /// /* set fields */
2569 /// .send().await?;
2570 /// println!("response {:?}", response);
2571 /// Ok(())
2572 /// }
2573 /// ```
2574 pub fn restore_crypto_key_version(
2575 &self,
2576 ) -> super::builder::key_management_service::RestoreCryptoKeyVersion {
2577 super::builder::key_management_service::RestoreCryptoKeyVersion::new(self.inner.clone())
2578 }
2579
2580 /// Encrypts data, so that it can only be recovered by a call to
2581 /// [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt]. The
2582 /// [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
2583 /// [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
2584 ///
2585 /// [google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT]: crate::model::crypto_key::CryptoKeyPurpose::EncryptDecrypt
2586 /// [google.cloud.kms.v1.CryptoKey.purpose]: crate::model::CryptoKey::purpose
2587 /// [google.cloud.kms.v1.KeyManagementService.Decrypt]: crate::client::KeyManagementService::decrypt
2588 ///
2589 /// # Example
2590 /// ```
2591 /// # use google_cloud_kms_v1::client::KeyManagementService;
2592 /// use google_cloud_kms_v1::Result;
2593 /// async fn sample(
2594 /// client: &KeyManagementService
2595 /// ) -> Result<()> {
2596 /// let response = client.encrypt()
2597 /// /* set fields */
2598 /// .send().await?;
2599 /// println!("response {:?}", response);
2600 /// Ok(())
2601 /// }
2602 /// ```
2603 pub fn encrypt(&self) -> super::builder::key_management_service::Encrypt {
2604 super::builder::key_management_service::Encrypt::new(self.inner.clone())
2605 }
2606
2607 /// Decrypts data that was protected by
2608 /// [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. The
2609 /// [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
2610 /// [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
2611 ///
2612 /// [google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT]: crate::model::crypto_key::CryptoKeyPurpose::EncryptDecrypt
2613 /// [google.cloud.kms.v1.CryptoKey.purpose]: crate::model::CryptoKey::purpose
2614 /// [google.cloud.kms.v1.KeyManagementService.Encrypt]: crate::client::KeyManagementService::encrypt
2615 ///
2616 /// # Example
2617 /// ```
2618 /// # use google_cloud_kms_v1::client::KeyManagementService;
2619 /// use google_cloud_kms_v1::Result;
2620 /// async fn sample(
2621 /// client: &KeyManagementService
2622 /// ) -> Result<()> {
2623 /// let response = client.decrypt()
2624 /// /* set fields */
2625 /// .send().await?;
2626 /// println!("response {:?}", response);
2627 /// Ok(())
2628 /// }
2629 /// ```
2630 pub fn decrypt(&self) -> super::builder::key_management_service::Decrypt {
2631 super::builder::key_management_service::Decrypt::new(self.inner.clone())
2632 }
2633
2634 /// Encrypts data using portable cryptographic primitives. Most users should
2635 /// choose [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and
2636 /// [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt] rather than
2637 /// their raw counterparts. The
2638 /// [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be
2639 /// [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].
2640 ///
2641 /// [google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT]: crate::model::crypto_key::CryptoKeyPurpose::RawEncryptDecrypt
2642 /// [google.cloud.kms.v1.CryptoKey.purpose]: crate::model::CryptoKey::purpose
2643 /// [google.cloud.kms.v1.KeyManagementService.Decrypt]: crate::client::KeyManagementService::decrypt
2644 /// [google.cloud.kms.v1.KeyManagementService.Encrypt]: crate::client::KeyManagementService::encrypt
2645 ///
2646 /// # Example
2647 /// ```
2648 /// # use google_cloud_kms_v1::client::KeyManagementService;
2649 /// use google_cloud_kms_v1::Result;
2650 /// async fn sample(
2651 /// client: &KeyManagementService
2652 /// ) -> Result<()> {
2653 /// let response = client.raw_encrypt()
2654 /// /* set fields */
2655 /// .send().await?;
2656 /// println!("response {:?}", response);
2657 /// Ok(())
2658 /// }
2659 /// ```
2660 pub fn raw_encrypt(&self) -> super::builder::key_management_service::RawEncrypt {
2661 super::builder::key_management_service::RawEncrypt::new(self.inner.clone())
2662 }
2663
2664 /// Decrypts data that was originally encrypted using a raw cryptographic
2665 /// mechanism. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
2666 /// must be
2667 /// [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].
2668 ///
2669 /// [google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT]: crate::model::crypto_key::CryptoKeyPurpose::RawEncryptDecrypt
2670 /// [google.cloud.kms.v1.CryptoKey.purpose]: crate::model::CryptoKey::purpose
2671 ///
2672 /// # Example
2673 /// ```
2674 /// # use google_cloud_kms_v1::client::KeyManagementService;
2675 /// use google_cloud_kms_v1::Result;
2676 /// async fn sample(
2677 /// client: &KeyManagementService
2678 /// ) -> Result<()> {
2679 /// let response = client.raw_decrypt()
2680 /// /* set fields */
2681 /// .send().await?;
2682 /// println!("response {:?}", response);
2683 /// Ok(())
2684 /// }
2685 /// ```
2686 pub fn raw_decrypt(&self) -> super::builder::key_management_service::RawDecrypt {
2687 super::builder::key_management_service::RawDecrypt::new(self.inner.clone())
2688 }
2689
2690 /// Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
2691 /// with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
2692 /// ASYMMETRIC_SIGN, producing a signature that can be verified with the public
2693 /// key retrieved from
2694 /// [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
2695 ///
2696 /// [google.cloud.kms.v1.CryptoKey.purpose]: crate::model::CryptoKey::purpose
2697 /// [google.cloud.kms.v1.CryptoKeyVersion]: crate::model::CryptoKeyVersion
2698 /// [google.cloud.kms.v1.KeyManagementService.GetPublicKey]: crate::client::KeyManagementService::get_public_key
2699 ///
2700 /// # Example
2701 /// ```
2702 /// # use google_cloud_kms_v1::client::KeyManagementService;
2703 /// use google_cloud_kms_v1::Result;
2704 /// async fn sample(
2705 /// client: &KeyManagementService
2706 /// ) -> Result<()> {
2707 /// let response = client.asymmetric_sign()
2708 /// /* set fields */
2709 /// .send().await?;
2710 /// println!("response {:?}", response);
2711 /// Ok(())
2712 /// }
2713 /// ```
2714 pub fn asymmetric_sign(&self) -> super::builder::key_management_service::AsymmetricSign {
2715 super::builder::key_management_service::AsymmetricSign::new(self.inner.clone())
2716 }
2717
2718 /// Decrypts data that was encrypted with a public key retrieved from
2719 /// [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey]
2720 /// corresponding to a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
2721 /// with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
2722 /// ASYMMETRIC_DECRYPT.
2723 ///
2724 /// [google.cloud.kms.v1.CryptoKey.purpose]: crate::model::CryptoKey::purpose
2725 /// [google.cloud.kms.v1.CryptoKeyVersion]: crate::model::CryptoKeyVersion
2726 /// [google.cloud.kms.v1.KeyManagementService.GetPublicKey]: crate::client::KeyManagementService::get_public_key
2727 ///
2728 /// # Example
2729 /// ```
2730 /// # use google_cloud_kms_v1::client::KeyManagementService;
2731 /// use google_cloud_kms_v1::Result;
2732 /// async fn sample(
2733 /// client: &KeyManagementService
2734 /// ) -> Result<()> {
2735 /// let response = client.asymmetric_decrypt()
2736 /// /* set fields */
2737 /// .send().await?;
2738 /// println!("response {:?}", response);
2739 /// Ok(())
2740 /// }
2741 /// ```
2742 pub fn asymmetric_decrypt(&self) -> super::builder::key_management_service::AsymmetricDecrypt {
2743 super::builder::key_management_service::AsymmetricDecrypt::new(self.inner.clone())
2744 }
2745
2746 /// Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
2747 /// with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] MAC,
2748 /// producing a tag that can be verified by another source with the same key.
2749 ///
2750 /// [google.cloud.kms.v1.CryptoKey.purpose]: crate::model::CryptoKey::purpose
2751 /// [google.cloud.kms.v1.CryptoKeyVersion]: crate::model::CryptoKeyVersion
2752 ///
2753 /// # Example
2754 /// ```
2755 /// # use google_cloud_kms_v1::client::KeyManagementService;
2756 /// use google_cloud_kms_v1::Result;
2757 /// async fn sample(
2758 /// client: &KeyManagementService
2759 /// ) -> Result<()> {
2760 /// let response = client.mac_sign()
2761 /// /* set fields */
2762 /// .send().await?;
2763 /// println!("response {:?}", response);
2764 /// Ok(())
2765 /// }
2766 /// ```
2767 pub fn mac_sign(&self) -> super::builder::key_management_service::MacSign {
2768 super::builder::key_management_service::MacSign::new(self.inner.clone())
2769 }
2770
2771 /// Verifies MAC tag using a
2772 /// [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
2773 /// [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] MAC, and returns
2774 /// a response that indicates whether or not the verification was successful.
2775 ///
2776 /// [google.cloud.kms.v1.CryptoKey.purpose]: crate::model::CryptoKey::purpose
2777 /// [google.cloud.kms.v1.CryptoKeyVersion]: crate::model::CryptoKeyVersion
2778 ///
2779 /// # Example
2780 /// ```
2781 /// # use google_cloud_kms_v1::client::KeyManagementService;
2782 /// use google_cloud_kms_v1::Result;
2783 /// async fn sample(
2784 /// client: &KeyManagementService
2785 /// ) -> Result<()> {
2786 /// let response = client.mac_verify()
2787 /// /* set fields */
2788 /// .send().await?;
2789 /// println!("response {:?}", response);
2790 /// Ok(())
2791 /// }
2792 /// ```
2793 pub fn mac_verify(&self) -> super::builder::key_management_service::MacVerify {
2794 super::builder::key_management_service::MacVerify::new(self.inner.clone())
2795 }
2796
2797 /// Decapsulates data that was encapsulated with a public key retrieved from
2798 /// [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey]
2799 /// corresponding to a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
2800 /// with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose]
2801 /// KEY_ENCAPSULATION.
2802 ///
2803 /// [google.cloud.kms.v1.CryptoKey.purpose]: crate::model::CryptoKey::purpose
2804 /// [google.cloud.kms.v1.CryptoKeyVersion]: crate::model::CryptoKeyVersion
2805 /// [google.cloud.kms.v1.KeyManagementService.GetPublicKey]: crate::client::KeyManagementService::get_public_key
2806 ///
2807 /// # Example
2808 /// ```
2809 /// # use google_cloud_kms_v1::client::KeyManagementService;
2810 /// use google_cloud_kms_v1::Result;
2811 /// async fn sample(
2812 /// client: &KeyManagementService
2813 /// ) -> Result<()> {
2814 /// let response = client.decapsulate()
2815 /// /* set fields */
2816 /// .send().await?;
2817 /// println!("response {:?}", response);
2818 /// Ok(())
2819 /// }
2820 /// ```
2821 pub fn decapsulate(&self) -> super::builder::key_management_service::Decapsulate {
2822 super::builder::key_management_service::Decapsulate::new(self.inner.clone())
2823 }
2824
2825 /// Generate random bytes using the Cloud KMS randomness source in the provided
2826 /// location.
2827 ///
2828 /// # Example
2829 /// ```
2830 /// # use google_cloud_kms_v1::client::KeyManagementService;
2831 /// use google_cloud_kms_v1::Result;
2832 /// async fn sample(
2833 /// client: &KeyManagementService
2834 /// ) -> Result<()> {
2835 /// let response = client.generate_random_bytes()
2836 /// /* set fields */
2837 /// .send().await?;
2838 /// println!("response {:?}", response);
2839 /// Ok(())
2840 /// }
2841 /// ```
2842 pub fn generate_random_bytes(
2843 &self,
2844 ) -> super::builder::key_management_service::GenerateRandomBytes {
2845 super::builder::key_management_service::GenerateRandomBytes::new(self.inner.clone())
2846 }
2847
2848 /// Lists information about the supported locations for this service.
2849 /// This method can be called in two ways:
2850 ///
2851 /// * **List all public locations:** Use the path `GET /v1/locations`.
2852 /// * **List project-visible locations:** Use the path
2853 /// `GET /v1/projects/{project_id}/locations`. This may include public
2854 /// locations as well as private or other locations specifically visible
2855 /// to the project.
2856 ///
2857 /// # Example
2858 /// ```
2859 /// # use google_cloud_kms_v1::client::KeyManagementService;
2860 /// use google_cloud_gax::paginator::ItemPaginator as _;
2861 /// use google_cloud_kms_v1::Result;
2862 /// async fn sample(
2863 /// client: &KeyManagementService
2864 /// ) -> Result<()> {
2865 /// let mut list = client.list_locations()
2866 /// /* set fields */
2867 /// .by_item();
2868 /// while let Some(item) = list.next().await.transpose()? {
2869 /// println!("{:?}", item);
2870 /// }
2871 /// Ok(())
2872 /// }
2873 /// ```
2874 pub fn list_locations(&self) -> super::builder::key_management_service::ListLocations {
2875 super::builder::key_management_service::ListLocations::new(self.inner.clone())
2876 }
2877
2878 /// Gets information about a location.
2879 ///
2880 /// # Example
2881 /// ```
2882 /// # use google_cloud_kms_v1::client::KeyManagementService;
2883 /// use google_cloud_kms_v1::Result;
2884 /// async fn sample(
2885 /// client: &KeyManagementService
2886 /// ) -> Result<()> {
2887 /// let response = client.get_location()
2888 /// /* set fields */
2889 /// .send().await?;
2890 /// println!("response {:?}", response);
2891 /// Ok(())
2892 /// }
2893 /// ```
2894 pub fn get_location(&self) -> super::builder::key_management_service::GetLocation {
2895 super::builder::key_management_service::GetLocation::new(self.inner.clone())
2896 }
2897
2898 /// Sets the access control policy on the specified resource. Replaces
2899 /// any existing policy.
2900 ///
2901 /// Can return `NOT_FOUND`, `INVALID_ARGUMENT`, and `PERMISSION_DENIED`
2902 /// errors.
2903 ///
2904 /// # Example
2905 /// ```
2906 /// # use google_cloud_kms_v1::client::KeyManagementService;
2907 /// use google_cloud_kms_v1::Result;
2908 /// async fn sample(
2909 /// client: &KeyManagementService
2910 /// ) -> Result<()> {
2911 /// let response = client.set_iam_policy()
2912 /// /* set fields */
2913 /// .send().await?;
2914 /// println!("response {:?}", response);
2915 /// Ok(())
2916 /// }
2917 /// ```
2918 pub fn set_iam_policy(&self) -> super::builder::key_management_service::SetIamPolicy {
2919 super::builder::key_management_service::SetIamPolicy::new(self.inner.clone())
2920 }
2921
2922 /// Gets the access control policy for a resource. Returns an empty policy
2923 /// if the resource exists and does not have a policy set.
2924 ///
2925 /// # Example
2926 /// ```
2927 /// # use google_cloud_kms_v1::client::KeyManagementService;
2928 /// use google_cloud_kms_v1::Result;
2929 /// async fn sample(
2930 /// client: &KeyManagementService
2931 /// ) -> Result<()> {
2932 /// let response = client.get_iam_policy()
2933 /// /* set fields */
2934 /// .send().await?;
2935 /// println!("response {:?}", response);
2936 /// Ok(())
2937 /// }
2938 /// ```
2939 pub fn get_iam_policy(&self) -> super::builder::key_management_service::GetIamPolicy {
2940 super::builder::key_management_service::GetIamPolicy::new(self.inner.clone())
2941 }
2942
2943 /// Returns permissions that a caller has on the specified resource. If the
2944 /// resource does not exist, this will return an empty set of
2945 /// permissions, not a `NOT_FOUND` error.
2946 ///
2947 /// Note: This operation is designed to be used for building
2948 /// permission-aware UIs and command-line tools, not for authorization
2949 /// checking. This operation may "fail open" without warning.
2950 ///
2951 /// # Example
2952 /// ```
2953 /// # use google_cloud_kms_v1::client::KeyManagementService;
2954 /// use google_cloud_kms_v1::Result;
2955 /// async fn sample(
2956 /// client: &KeyManagementService
2957 /// ) -> Result<()> {
2958 /// let response = client.test_iam_permissions()
2959 /// /* set fields */
2960 /// .send().await?;
2961 /// println!("response {:?}", response);
2962 /// Ok(())
2963 /// }
2964 /// ```
2965 pub fn test_iam_permissions(
2966 &self,
2967 ) -> super::builder::key_management_service::TestIamPermissions {
2968 super::builder::key_management_service::TestIamPermissions::new(self.inner.clone())
2969 }
2970
2971 /// Provides the [Operations][google.longrunning.Operations] service functionality in this service.
2972 ///
2973 /// [google.longrunning.Operations]: google-cloud-longrunning::client::Operations
2974 ///
2975 /// # Example
2976 /// ```
2977 /// # use google_cloud_kms_v1::client::KeyManagementService;
2978 /// use google_cloud_kms_v1::Result;
2979 /// async fn sample(
2980 /// client: &KeyManagementService
2981 /// ) -> Result<()> {
2982 /// let response = client.get_operation()
2983 /// /* set fields */
2984 /// .send().await?;
2985 /// println!("response {:?}", response);
2986 /// Ok(())
2987 /// }
2988 /// ```
2989 pub fn get_operation(&self) -> super::builder::key_management_service::GetOperation {
2990 super::builder::key_management_service::GetOperation::new(self.inner.clone())
2991 }
2992}