KeyManagementService

google_cloud_kms_v1::client

Struct KeyManagementService 

Source 
pub struct KeyManagementService { /* private fields */ }
Expand description

Implements a client for the Cloud Key Management Service (KMS) API.

§Example

let client = KeyManagementService::builder().build().await?;
// use `client` to make requests to the Cloud Key Management Service (KMS) API.

§Service Description

Google Cloud Key Management Service

Manages cryptographic keys and operations using those keys. Implements a REST model with the following objects:

If you are using manual gRPC libraries, see Using gRPC with Cloud KMS.

§Configuration

To configure KeyManagementService use the with_* methods in the type returned by builder(). The default configuration should work for most applications. Common configuration changes include

  • with_endpoint(): by default this client uses the global default endpoint (https://cloudkms.googleapis.com). Applications using regional endpoints or running in restricted networks (e.g. a network configured override this default.
  • with_credentials(): by default this client uses Application Default Credentials. Applications using custom authentication may need to override this default.

§Pooling and Cloning

KeyManagementService holds a connection pool internally, it is advised to create one and the reuse it. You do not need to wrap KeyManagementService in an Rc or Arc to reuse it, because it already uses an Arc internally.

Implementations§

Source§

impl KeyManagementService

Source

pub fn builder() -> ClientBuilder

Returns a builder for KeyManagementService.

let client = KeyManagementService::builder().build().await?;
Source

pub fn from_stub<T>(stub: T) -> Self
where T: KeyManagementService + 'static,

Creates a new client from the provided stub.

The most common case for calling this function is in tests mocking the client’s behavior.

Source

pub fn list_key_rings(&self) -> ListKeyRings

Lists KeyRings.

Source

pub fn list_crypto_keys(&self) -> ListCryptoKeys

Lists CryptoKeys.

Source

pub fn list_crypto_key_versions(&self) -> ListCryptoKeyVersions

Lists CryptoKeyVersions.

Source

pub fn list_import_jobs(&self) -> ListImportJobs

Lists ImportJobs.

Source

pub fn get_key_ring(&self) -> GetKeyRing

Returns metadata for a given KeyRing.

Source

pub fn get_crypto_key(&self) -> GetCryptoKey

Returns metadata for a given CryptoKey, as well as its primary CryptoKeyVersion.

Source

pub fn get_crypto_key_version(&self) -> GetCryptoKeyVersion

Returns metadata for a given CryptoKeyVersion.

Source

pub fn get_public_key(&self) -> GetPublicKey

Returns the public key for the given CryptoKeyVersion. The CryptoKey.purpose must be ASYMMETRIC_SIGN or ASYMMETRIC_DECRYPT.

Source

pub fn get_import_job(&self) -> GetImportJob

Returns metadata for a given ImportJob.

Source

pub fn create_key_ring(&self) -> CreateKeyRing

Create a new KeyRing in a given Project and Location.

Source

pub fn create_crypto_key(&self) -> CreateCryptoKey

Create a new CryptoKey within a KeyRing.

CryptoKey.purpose and CryptoKey.version_template.algorithm are required.

Source

pub fn create_crypto_key_version(&self) -> CreateCryptoKeyVersion

Create a new CryptoKeyVersion in a CryptoKey.

The server will assign the next sequential id. If unset, state will be set to ENABLED.

Source

pub fn import_crypto_key_version(&self) -> ImportCryptoKeyVersion

Import wrapped key material into a CryptoKeyVersion.

All requests must specify a CryptoKey. If a CryptoKeyVersion is additionally specified in the request, key material will be reimported into that version. Otherwise, a new version will be created, and will be assigned the next sequential id within the CryptoKey.

Source

pub fn create_import_job(&self) -> CreateImportJob

Create a new ImportJob within a KeyRing.

ImportJob.import_method is required.

Source

pub fn update_crypto_key(&self) -> UpdateCryptoKey

Update a CryptoKey.

Source

pub fn update_crypto_key_version(&self) -> UpdateCryptoKeyVersion

Update a CryptoKeyVersion’s metadata.

state may be changed between ENABLED and DISABLED using this method. See DestroyCryptoKeyVersion and RestoreCryptoKeyVersion to move between other states.

Source

pub fn update_crypto_key_primary_version(&self) -> UpdateCryptoKeyPrimaryVersion

Update the version of a CryptoKey that will be used in Encrypt.

Returns an error if called on a key whose purpose is not ENCRYPT_DECRYPT.

Source

pub fn destroy_crypto_key_version(&self) -> DestroyCryptoKeyVersion

Schedule a CryptoKeyVersion for destruction.

Upon calling this method, CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and destroy_time will be set to the time destroy_scheduled_duration in the future. At that time, the state will automatically change to DESTROYED, and the key material will be irrevocably destroyed.

Before the destroy_time is reached, RestoreCryptoKeyVersion may be called to reverse the process.

Source

pub fn restore_crypto_key_version(&self) -> RestoreCryptoKeyVersion

Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state.

Upon restoration of the CryptoKeyVersion, state will be set to DISABLED, and destroy_time will be cleared.

Source

pub fn encrypt(&self) -> Encrypt

Encrypts data, so that it can only be recovered by a call to Decrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Source

pub fn decrypt(&self) -> Decrypt

Decrypts data that was protected by Encrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Source

pub fn raw_encrypt(&self) -> RawEncrypt

Encrypts data using portable cryptographic primitives. Most users should choose Encrypt and Decrypt rather than their raw counterparts. The CryptoKey.purpose must be RAW_ENCRYPT_DECRYPT.

Source

pub fn raw_decrypt(&self) -> RawDecrypt

Decrypts data that was originally encrypted using a raw cryptographic mechanism. The CryptoKey.purpose must be RAW_ENCRYPT_DECRYPT.

Source

pub fn asymmetric_sign(&self) -> AsymmetricSign

Signs data using a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from GetPublicKey.

Source

pub fn asymmetric_decrypt(&self) -> AsymmetricDecrypt

Decrypts data that was encrypted with a public key retrieved from GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_DECRYPT.

Source

pub fn mac_sign(&self) -> MacSign

Signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, producing a tag that can be verified by another source with the same key.

Source

pub fn mac_verify(&self) -> MacVerify

Verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, and returns a response that indicates whether or not the verification was successful.

Source

pub fn decapsulate(&self) -> Decapsulate

Decapsulates data that was encapsulated with a public key retrieved from GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose KEY_ENCAPSULATION.

Source

pub fn generate_random_bytes(&self) -> GenerateRandomBytes

Generate random bytes using the Cloud KMS randomness source in the provided location.

Source

pub fn list_locations(&self) -> ListLocations

Lists information about the supported locations for this service.

Source

pub fn get_location(&self) -> GetLocation

Gets information about a location.

Source

pub fn set_iam_policy(&self) -> SetIamPolicy

Sets the access control policy on the specified resource. Replaces any existing policy.

Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIED errors.

Source

pub fn get_iam_policy(&self) -> GetIamPolicy

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

Source

pub fn test_iam_permissions(&self) -> TestIamPermissions

Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.

Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may “fail open” without warning.

Source

pub fn get_operation(&self) -> GetOperation

Provides the Operations service functionality in this service.

Trait Implementations§

Source§

impl Clone for KeyManagementService

Source§

fn clone(&self) -> KeyManagementService

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for KeyManagementService

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more