Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(57)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: discovery/googleapis/cloudkms__v1.json

Issue 2779563003: Api-roll 47: 2017-03-27 (Closed)
Patch Set: Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « discovery/googleapis/cloudfunctions__v1.json ('k') | discovery/googleapis/cloudresourcemanager__v1.json » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 { 1 {
2 "auth": { 2 "auth": {
3 "oauth2": { 3 "oauth2": {
4 "scopes": { 4 "scopes": {
5 "https://www.googleapis.com/auth/cloud-platform": { 5 "https://www.googleapis.com/auth/cloud-platform": {
6 "description": "View and manage your data across Google Clou d Platform services" 6 "description": "View and manage your data across Google Clou d Platform services"
7 } 7 }
8 } 8 }
9 } 9 }
10 }, 10 },
11 "basePath": "", 11 "basePath": "",
12 "baseUrl": "https://cloudkms.googleapis.com/", 12 "baseUrl": "https://cloudkms.googleapis.com/",
13 "batchPath": "batch", 13 "batchPath": "batch",
14 "canonicalName": "Cloud KMS", 14 "canonicalName": "Cloud KMS",
15 "description": "Manages encryption for your cloud services the same way you do on-premise. You can generate, use, rotate, and destroy AES256 encryption keys .", 15 "description": "Manages encryption for your cloud services the same way you do on-premise. You can generate, use, rotate, and destroy AES256 encryption keys .",
16 "discoveryVersion": "v1", 16 "discoveryVersion": "v1",
17 "documentationLink": "https://cloud.google.com/kms/", 17 "documentationLink": "https://cloud.google.com/kms/",
18 "icons": { 18 "icons": {
19 "x16": "http://www.google.com/images/icons/product/search-16.gif", 19 "x16": "http://www.google.com/images/icons/product/search-16.gif",
20 "x32": "http://www.google.com/images/icons/product/search-32.gif" 20 "x32": "http://www.google.com/images/icons/product/search-32.gif"
21 }, 21 },
22 "id": "cloudkms:v1beta1", 22 "id": "cloudkms:v1",
23 "kind": "discovery#restDescription", 23 "kind": "discovery#restDescription",
24 "name": "cloudkms", 24 "name": "cloudkms",
25 "ownerDomain": "google.com", 25 "ownerDomain": "google.com",
26 "ownerName": "Google", 26 "ownerName": "Google",
27 "parameters": { 27 "parameters": {
28 "alt": {
29 "default": "json",
30 "description": "Data format for response.",
31 "enum": [
32 "json",
33 "media",
34 "proto"
35 ],
36 "enumDescriptions": [
37 "Responses with Content-Type of application/json",
38 "Media download with context-dependent Content-Type",
39 "Responses with Content-Type of application/x-protobuf"
40 ],
41 "location": "query",
42 "type": "string"
43 },
44 "key": {
45 "description": "API key. Your API key identifies your project and pr ovides you with API access, quota, and reports. Required unless you provide an O Auth 2.0 token.",
46 "location": "query",
47 "type": "string"
48 },
49 "access_token": {
50 "description": "OAuth access token.",
51 "location": "query",
52 "type": "string"
53 },
54 "quotaUser": { 28 "quotaUser": {
55 "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exc eed 40 characters.", 29 "description": "Available to use for quota purposes for server-side applications. Can be any arbitrary string assigned to a user, but should not exc eed 40 characters.",
56 "location": "query", 30 "location": "query",
57 "type": "string" 31 "type": "string"
58 }, 32 },
59 "pp": { 33 "pp": {
60 "default": "true", 34 "default": "true",
61 "description": "Pretty-print response.", 35 "description": "Pretty-print response.",
62 "location": "query", 36 "location": "query",
63 "type": "boolean" 37 "type": "boolean"
64 }, 38 },
39 "oauth_token": {
40 "description": "OAuth 2.0 token for the current user.",
41 "location": "query",
42 "type": "string"
43 },
65 "bearer_token": { 44 "bearer_token": {
66 "description": "OAuth bearer token.", 45 "description": "OAuth bearer token.",
67 "location": "query", 46 "location": "query",
68 "type": "string" 47 "type": "string"
69 }, 48 },
70 "oauth_token": {
71 "description": "OAuth 2.0 token for the current user.",
72 "location": "query",
73 "type": "string"
74 },
75 "upload_protocol": { 49 "upload_protocol": {
76 "description": "Upload protocol for media (e.g. \"raw\", \"multipart \").", 50 "description": "Upload protocol for media (e.g. \"raw\", \"multipart \").",
77 "location": "query", 51 "location": "query",
78 "type": "string" 52 "type": "string"
79 }, 53 },
80 "prettyPrint": { 54 "prettyPrint": {
81 "default": "true", 55 "default": "true",
82 "description": "Returns response with indentations and line breaks." , 56 "description": "Returns response with indentations and line breaks." ,
83 "location": "query", 57 "location": "query",
84 "type": "boolean" 58 "type": "boolean"
(...skipping 18 matching lines...) Expand all
103 "enum": [ 77 "enum": [
104 "1", 78 "1",
105 "2" 79 "2"
106 ], 80 ],
107 "enumDescriptions": [ 81 "enumDescriptions": [
108 "v1 error format", 82 "v1 error format",
109 "v2 error format" 83 "v2 error format"
110 ], 84 ],
111 "location": "query", 85 "location": "query",
112 "type": "string" 86 "type": "string"
87 },
88 "alt": {
89 "default": "json",
90 "description": "Data format for response.",
91 "enum": [
92 "json",
93 "media",
94 "proto"
95 ],
96 "enumDescriptions": [
97 "Responses with Content-Type of application/json",
98 "Media download with context-dependent Content-Type",
99 "Responses with Content-Type of application/x-protobuf"
100 ],
101 "location": "query",
102 "type": "string"
103 },
104 "access_token": {
105 "description": "OAuth access token.",
106 "location": "query",
107 "type": "string"
108 },
109 "key": {
110 "description": "API key. Your API key identifies your project and pr ovides you with API access, quota, and reports. Required unless you provide an O Auth 2.0 token.",
111 "location": "query",
112 "type": "string"
113 } 113 }
114 }, 114 },
115 "protocol": "rest", 115 "protocol": "rest",
116 "resources": { 116 "resources": {
117 "projects": { 117 "projects": {
118 "resources": { 118 "resources": {
119 "locations": { 119 "locations": {
120 "methods": { 120 "methods": {
121 "list": { 121 "list": {
122 "description": "Lists information about the supporte d locations for this service.", 122 "description": "Lists information about the supporte d locations for this service.",
123 "httpMethod": "GET", 123 "httpMethod": "GET",
124 "id": "cloudkms.projects.locations.list", 124 "id": "cloudkms.projects.locations.list",
125 "parameterOrder": [ 125 "parameterOrder": [
126 "name" 126 "name"
127 ], 127 ],
128 "parameters": { 128 "parameters": {
129 "filter": {
130 "description": "The standard list filter.",
131 "location": "query",
132 "type": "string"
133 },
129 "name": { 134 "name": {
130 "description": "The resource that owns the l ocations collection, if applicable.", 135 "description": "The resource that owns the l ocations collection, if applicable.",
131 "location": "path", 136 "location": "path",
132 "pattern": "^projects/[^/]+$", 137 "pattern": "^projects/[^/]+$",
133 "required": true, 138 "required": true,
134 "type": "string" 139 "type": "string"
135 }, 140 },
136 "pageToken": { 141 "pageToken": {
137 "description": "The standard list page token .", 142 "description": "The standard list page token .",
138 "location": "query", 143 "location": "query",
139 "type": "string" 144 "type": "string"
140 }, 145 },
141 "pageSize": { 146 "pageSize": {
142 "description": "The standard list page size. ", 147 "description": "The standard list page size. ",
143 "format": "int32", 148 "format": "int32",
144 "location": "query", 149 "location": "query",
145 "type": "integer" 150 "type": "integer"
146 },
147 "filter": {
148 "description": "The standard list filter.",
149 "location": "query",
150 "type": "string"
151 } 151 }
152 }, 152 },
153 "path": "v1beta1/{+name}/locations", 153 "path": "v1/{+name}/locations",
154 "response": { 154 "response": {
155 "$ref": "ListLocationsResponse" 155 "$ref": "ListLocationsResponse"
156 }, 156 },
157 "scopes": [ 157 "scopes": [
158 "https://www.googleapis.com/auth/cloud-platform" 158 "https://www.googleapis.com/auth/cloud-platform"
159 ] 159 ]
160 }, 160 },
161 "get": { 161 "get": {
162 "description": "Get information about a location.", 162 "description": "Get information about a location.",
163 "httpMethod": "GET", 163 "httpMethod": "GET",
164 "id": "cloudkms.projects.locations.get", 164 "id": "cloudkms.projects.locations.get",
165 "parameterOrder": [ 165 "parameterOrder": [
166 "name" 166 "name"
167 ], 167 ],
168 "parameters": { 168 "parameters": {
169 "name": { 169 "name": {
170 "description": "Resource name for the locati on.", 170 "description": "Resource name for the locati on.",
171 "location": "path", 171 "location": "path",
172 "pattern": "^projects/[^/]+/locations/[^/]+$ ", 172 "pattern": "^projects/[^/]+/locations/[^/]+$ ",
173 "required": true, 173 "required": true,
174 "type": "string" 174 "type": "string"
175 } 175 }
176 }, 176 },
177 "path": "v1beta1/{+name}", 177 "path": "v1/{+name}",
178 "response": { 178 "response": {
179 "$ref": "Location" 179 "$ref": "Location"
180 }, 180 },
181 "scopes": [ 181 "scopes": [
182 "https://www.googleapis.com/auth/cloud-platform" 182 "https://www.googleapis.com/auth/cloud-platform"
183 ] 183 ]
184 } 184 }
185 }, 185 },
186 "resources": { 186 "resources": {
187 "keyRings": { 187 "keyRings": {
188 "methods": { 188 "methods": {
189 "list": {
190 "description": "Lists KeyRings.",
191 "httpMethod": "GET",
192 "id": "cloudkms.projects.locations.keyRings. list",
193 "parameterOrder": [
194 "parent"
195 ],
196 "parameters": {
197 "pageToken": {
198 "description": "Optional pagination token, returned earlier via\nListKeyRingsResponse.next_page_token.",
199 "location": "query",
200 "type": "string"
201 },
202 "pageSize": {
203 "description": "Optional limit on th e number of KeyRings to include in the\nresponse. Further KeyRings can subseque ntly be obtained by\nincluding the ListKeyRingsResponse.next_page_token in a sub sequent\nrequest. If unspecified, the server will pick an appropriate default." ,
204 "format": "int32",
205 "location": "query",
206 "type": "integer"
207 },
208 "parent": {
209 "description": "Required. The resour ce name of the location associated with the\nKeyRings, in the format `projects/* /locations/*`.",
210 "location": "path",
211 "pattern": "^projects/[^/]+/location s/[^/]+$",
212 "required": true,
213 "type": "string"
214 }
215 },
216 "path": "v1beta1/{+parent}/keyRings",
217 "response": {
218 "$ref": "ListKeyRingsResponse"
219 },
220 "scopes": [
221 "https://www.googleapis.com/auth/cloud-p latform"
222 ]
223 },
224 "create": { 189 "create": {
225 "description": "Create a new KeyRing in a gi ven Project and Location.", 190 "description": "Create a new KeyRing in a gi ven Project and Location.",
226 "httpMethod": "POST", 191 "httpMethod": "POST",
227 "id": "cloudkms.projects.locations.keyRings. create", 192 "id": "cloudkms.projects.locations.keyRings. create",
228 "parameterOrder": [ 193 "parameterOrder": [
229 "parent" 194 "parent"
230 ], 195 ],
231 "parameters": { 196 "parameters": {
232 "parent": { 197 "parent": {
233 "description": "Required. The resour ce name of the location associated with the\nKeyRings, in the format `projects/* /locations/*`.", 198 "description": "Required. The resour ce name of the location associated with the\nKeyRings, in the format `projects/* /locations/*`.",
234 "location": "path", 199 "location": "path",
235 "pattern": "^projects/[^/]+/location s/[^/]+$", 200 "pattern": "^projects/[^/]+/location s/[^/]+$",
236 "required": true, 201 "required": true,
237 "type": "string" 202 "type": "string"
238 }, 203 },
239 "keyRingId": { 204 "keyRingId": {
240 "description": "Required. It must be unique within a location and match the regular\nexpression `[a-zA-Z0-9_-]{1,63} `", 205 "description": "Required. It must be unique within a location and match the regular\nexpression `[a-zA-Z0-9_-]{1,63} `",
241 "location": "query", 206 "location": "query",
242 "type": "string" 207 "type": "string"
243 } 208 }
244 }, 209 },
245 "path": "v1beta1/{+parent}/keyRings", 210 "path": "v1/{+parent}/keyRings",
246 "request": { 211 "request": {
247 "$ref": "KeyRing" 212 "$ref": "KeyRing"
248 }, 213 },
249 "response": { 214 "response": {
250 "$ref": "KeyRing" 215 "$ref": "KeyRing"
251 }, 216 },
252 "scopes": [ 217 "scopes": [
253 "https://www.googleapis.com/auth/cloud-p latform" 218 "https://www.googleapis.com/auth/cloud-p latform"
254 ] 219 ]
255 }, 220 },
256 "setIamPolicy": { 221 "setIamPolicy": {
257 "description": "Sets the access control poli cy on the specified resource. Replaces any\nexisting policy.", 222 "description": "Sets the access control poli cy on the specified resource. Replaces any\nexisting policy.",
258 "httpMethod": "POST", 223 "httpMethod": "POST",
259 "id": "cloudkms.projects.locations.keyRings. setIamPolicy", 224 "id": "cloudkms.projects.locations.keyRings. setIamPolicy",
260 "parameterOrder": [ 225 "parameterOrder": [
261 "resource" 226 "resource"
262 ], 227 ],
263 "parameters": { 228 "parameters": {
264 "resource": { 229 "resource": {
265 "description": "REQUIRED: The resour ce for which the policy is being specified.\n`resource` is usually specified as a path. For example, a Project\nresource is specified as `projects/{project}`.", 230 "description": "REQUIRED: The resour ce for which the policy is being specified.\nSee the operation documentation for the appropriate value for this field.",
266 "location": "path", 231 "location": "path",
267 "pattern": "^projects/[^/]+/location s/[^/]+/keyRings/[^/]+$", 232 "pattern": "^projects/[^/]+/location s/[^/]+/keyRings/[^/]+$",
268 "required": true, 233 "required": true,
269 "type": "string" 234 "type": "string"
270 } 235 }
271 }, 236 },
272 "path": "v1beta1/{+resource}:setIamPolicy", 237 "path": "v1/{+resource}:setIamPolicy",
273 "request": { 238 "request": {
274 "$ref": "SetIamPolicyRequest" 239 "$ref": "SetIamPolicyRequest"
275 }, 240 },
276 "response": { 241 "response": {
277 "$ref": "Policy" 242 "$ref": "Policy"
278 }, 243 },
279 "scopes": [ 244 "scopes": [
280 "https://www.googleapis.com/auth/cloud-p latform" 245 "https://www.googleapis.com/auth/cloud-p latform"
281 ] 246 ]
282 }, 247 },
283 "getIamPolicy": { 248 "getIamPolicy": {
284 "description": "Gets the access control poli cy for a resource.\nReturns an empty policy if the resource exists and does not have a policy\nset.", 249 "description": "Gets the access control poli cy for a resource.\nReturns an empty policy if the resource exists and does not have a policy\nset.",
285 "httpMethod": "GET", 250 "httpMethod": "GET",
286 "id": "cloudkms.projects.locations.keyRings. getIamPolicy", 251 "id": "cloudkms.projects.locations.keyRings. getIamPolicy",
287 "parameterOrder": [ 252 "parameterOrder": [
288 "resource" 253 "resource"
289 ], 254 ],
290 "parameters": { 255 "parameters": {
291 "resource": { 256 "resource": {
292 "description": "REQUIRED: The resour ce for which the policy is being requested.\n`resource` is usually specified as a path. For example, a Project\nresource is specified as `projects/{project}`.", 257 "description": "REQUIRED: The resour ce for which the policy is being requested.\nSee the operation documentation for the appropriate value for this field.",
293 "location": "path", 258 "location": "path",
294 "pattern": "^projects/[^/]+/location s/[^/]+/keyRings/[^/]+$", 259 "pattern": "^projects/[^/]+/location s/[^/]+/keyRings/[^/]+$",
295 "required": true, 260 "required": true,
296 "type": "string" 261 "type": "string"
297 } 262 }
298 }, 263 },
299 "path": "v1beta1/{+resource}:getIamPolicy", 264 "path": "v1/{+resource}:getIamPolicy",
300 "response": { 265 "response": {
301 "$ref": "Policy" 266 "$ref": "Policy"
302 }, 267 },
303 "scopes": [ 268 "scopes": [
304 "https://www.googleapis.com/auth/cloud-p latform" 269 "https://www.googleapis.com/auth/cloud-p latform"
305 ] 270 ]
306 }, 271 },
307 "get": { 272 "get": {
308 "description": "Returns metadata for a given KeyRing.", 273 "description": "Returns metadata for a given KeyRing.",
309 "httpMethod": "GET", 274 "httpMethod": "GET",
310 "id": "cloudkms.projects.locations.keyRings. get", 275 "id": "cloudkms.projects.locations.keyRings. get",
311 "parameterOrder": [ 276 "parameterOrder": [
312 "name" 277 "name"
313 ], 278 ],
314 "parameters": { 279 "parameters": {
315 "name": { 280 "name": {
316 "description": "The name of the KeyR ing to get.", 281 "description": "The name of the KeyR ing to get.",
317 "location": "path", 282 "location": "path",
318 "pattern": "^projects/[^/]+/location s/[^/]+/keyRings/[^/]+$", 283 "pattern": "^projects/[^/]+/location s/[^/]+/keyRings/[^/]+$",
319 "required": true, 284 "required": true,
320 "type": "string" 285 "type": "string"
321 } 286 }
322 }, 287 },
323 "path": "v1beta1/{+name}", 288 "path": "v1/{+name}",
324 "response": { 289 "response": {
325 "$ref": "KeyRing" 290 "$ref": "KeyRing"
326 }, 291 },
327 "scopes": [ 292 "scopes": [
328 "https://www.googleapis.com/auth/cloud-p latform" 293 "https://www.googleapis.com/auth/cloud-p latform"
329 ] 294 ]
330 }, 295 },
331 "testIamPermissions": { 296 "testIamPermissions": {
332 "description": "Returns permissions that a c aller has on the specified resource.\nIf the resource does not exist, this will return an empty set of\npermissions, not a NOT_FOUND error.\n\nNote: This operat ion is designed to be used for building permission-aware\nUIs and command-line t ools, not for authorization checking. This operation\nmay \"fail open\" without warning.", 297 "description": "Returns permissions that a c aller has on the specified resource.\nIf the resource does not exist, this will return an empty set of\npermissions, not a NOT_FOUND error.\n\nNote: This operat ion is designed to be used for building permission-aware\nUIs and command-line t ools, not for authorization checking. This operation\nmay \"fail open\" without warning.",
333 "httpMethod": "POST", 298 "httpMethod": "POST",
334 "id": "cloudkms.projects.locations.keyRings. testIamPermissions", 299 "id": "cloudkms.projects.locations.keyRings. testIamPermissions",
335 "parameterOrder": [ 300 "parameterOrder": [
336 "resource" 301 "resource"
337 ], 302 ],
338 "parameters": { 303 "parameters": {
339 "resource": { 304 "resource": {
340 "description": "REQUIRED: The resour ce for which the policy detail is being requested.\n`resource` is usually specif ied as a path. For example, a Project\nresource is specified as `projects/{proje ct}`.", 305 "description": "REQUIRED: The resour ce for which the policy detail is being requested.\nSee the operation documentat ion for the appropriate value for this field.",
341 "location": "path", 306 "location": "path",
342 "pattern": "^projects/[^/]+/location s/[^/]+/keyRings/[^/]+$", 307 "pattern": "^projects/[^/]+/location s/[^/]+/keyRings/[^/]+$",
343 "required": true, 308 "required": true,
344 "type": "string" 309 "type": "string"
345 } 310 }
346 }, 311 },
347 "path": "v1beta1/{+resource}:testIamPermissi ons", 312 "path": "v1/{+resource}:testIamPermissions",
348 "request": { 313 "request": {
349 "$ref": "TestIamPermissionsRequest" 314 "$ref": "TestIamPermissionsRequest"
350 }, 315 },
351 "response": { 316 "response": {
352 "$ref": "TestIamPermissionsResponse" 317 "$ref": "TestIamPermissionsResponse"
353 }, 318 },
354 "scopes": [ 319 "scopes": [
355 "https://www.googleapis.com/auth/cloud-p latform" 320 "https://www.googleapis.com/auth/cloud-p latform"
356 ] 321 ]
322 },
323 "list": {
324 "description": "Lists KeyRings.",
325 "httpMethod": "GET",
326 "id": "cloudkms.projects.locations.keyRings. list",
327 "parameterOrder": [
328 "parent"
329 ],
330 "parameters": {
331 "pageSize": {
332 "description": "Optional limit on th e number of KeyRings to include in the\nresponse. Further KeyRings can subseque ntly be obtained by\nincluding the ListKeyRingsResponse.next_page_token in a sub sequent\nrequest. If unspecified, the server will pick an appropriate default." ,
333 "format": "int32",
334 "location": "query",
335 "type": "integer"
336 },
337 "parent": {
338 "description": "Required. The resour ce name of the location associated with the\nKeyRings, in the format `projects/* /locations/*`.",
339 "location": "path",
340 "pattern": "^projects/[^/]+/location s/[^/]+$",
341 "required": true,
342 "type": "string"
343 },
344 "pageToken": {
345 "description": "Optional pagination token, returned earlier via\nListKeyRingsResponse.next_page_token.",
346 "location": "query",
347 "type": "string"
348 }
349 },
350 "path": "v1/{+parent}/keyRings",
351 "response": {
352 "$ref": "ListKeyRingsResponse"
353 },
354 "scopes": [
355 "https://www.googleapis.com/auth/cloud-p latform"
356 ]
357 } 357 }
358 }, 358 },
359 "resources": { 359 "resources": {
360 "cryptoKeys": { 360 "cryptoKeys": {
361 "methods": { 361 "methods": {
362 "updatePrimaryVersion": { 362 "patch": {
363 "description": "Update the version o f a CryptoKey that will be used in Encrypt", 363 "description": "Update a CryptoKey." ,
364 "httpMethod": "POST", 364 "httpMethod": "PATCH",
365 "id": "cloudkms.projects.locations.k eyRings.cryptoKeys.updatePrimaryVersion", 365 "id": "cloudkms.projects.locations.k eyRings.cryptoKeys.patch",
366 "parameterOrder": [ 366 "parameterOrder": [
367 "name" 367 "name"
368 ], 368 ],
369 "parameters": { 369 "parameters": {
370 "updateMask": {
371 "description": "Required lis t of fields to be updated in this request.",
372 "format": "google-fieldmask" ,
373 "location": "query",
374 "type": "string"
375 },
370 "name": { 376 "name": {
371 "description": "The resource name of the CryptoKey to update.", 377 "description": "Output only. The resource name for this CryptoKey in the format\n`projects/*/locations/*/key Rings/*/cryptoKeys/*`.",
372 "location": "path", 378 "location": "path",
373 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+$", 379 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+$",
374 "required": true, 380 "required": true,
375 "type": "string" 381 "type": "string"
376 } 382 }
377 }, 383 },
378 "path": "v1beta1/{+name}:updatePrima ryVersion", 384 "path": "v1/{+name}",
379 "request": { 385 "request": {
380 "$ref": "UpdateCryptoKeyPrimaryV ersionRequest" 386 "$ref": "CryptoKey"
381 }, 387 },
382 "response": { 388 "response": {
383 "$ref": "CryptoKey" 389 "$ref": "CryptoKey"
384 }, 390 },
385 "scopes": [ 391 "scopes": [
386 "https://www.googleapis.com/auth /cloud-platform" 392 "https://www.googleapis.com/auth /cloud-platform"
387 ]
388 },
389 "getIamPolicy": {
390 "description": "Gets the access cont rol policy for a resource.\nReturns an empty policy if the resource exists and d oes not have a policy\nset.",
391 "httpMethod": "GET",
392 "id": "cloudkms.projects.locations.k eyRings.cryptoKeys.getIamPolicy",
393 "parameterOrder": [
394 "resource"
395 ],
396 "parameters": {
397 "resource": {
398 "description": "REQUIRED: Th e resource for which the policy is being requested.\n`resource` is usually speci fied as a path. For example, a Project\nresource is specified as `projects/{proj ect}`.",
399 "location": "path",
400 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+$",
401 "required": true,
402 "type": "string"
403 }
404 },
405 "path": "v1beta1/{+resource}:getIamP olicy",
406 "response": {
407 "$ref": "Policy"
408 },
409 "scopes": [
410 "https://www.googleapis.com/auth /cloud-platform"
411 ] 393 ]
412 }, 394 },
413 "get": { 395 "get": {
414 "description": "Returns metadata for a given CryptoKey, as well as its\nprimary CryptoKeyVersion.", 396 "description": "Returns metadata for a given CryptoKey, as well as its\nprimary CryptoKeyVersion.",
415 "httpMethod": "GET", 397 "httpMethod": "GET",
416 "id": "cloudkms.projects.locations.k eyRings.cryptoKeys.get", 398 "id": "cloudkms.projects.locations.k eyRings.cryptoKeys.get",
417 "parameterOrder": [ 399 "parameterOrder": [
418 "name" 400 "name"
419 ], 401 ],
420 "parameters": { 402 "parameters": {
421 "name": { 403 "name": {
422 "description": "The name of the CryptoKey to get.", 404 "description": "The name of the CryptoKey to get.",
423 "location": "path", 405 "location": "path",
424 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+$", 406 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+$",
425 "required": true, 407 "required": true,
426 "type": "string" 408 "type": "string"
427 } 409 }
428 }, 410 },
429 "path": "v1beta1/{+name}", 411 "path": "v1/{+name}",
430 "response": { 412 "response": {
431 "$ref": "CryptoKey" 413 "$ref": "CryptoKey"
432 }, 414 },
433 "scopes": [
434 "https://www.googleapis.com/auth /cloud-platform"
435 ]
436 },
437 "patch": {
438 "description": "Update a CryptoKey." ,
439 "httpMethod": "PATCH",
440 "id": "cloudkms.projects.locations.k eyRings.cryptoKeys.patch",
441 "parameterOrder": [
442 "name"
443 ],
444 "parameters": {
445 "updateMask": {
446 "description": "Required lis t of fields to be updated in this request.",
447 "format": "google-fieldmask" ,
448 "location": "query",
449 "type": "string"
450 },
451 "name": {
452 "description": "Output only. The resource name for this CryptoKey in the format\n`projects/*/locations/*/key Rings/*/cryptoKeys/*`.",
453 "location": "path",
454 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+$",
455 "required": true,
456 "type": "string"
457 }
458 },
459 "path": "v1beta1/{+name}",
460 "request": {
461 "$ref": "CryptoKey"
462 },
463 "response": {
464 "$ref": "CryptoKey"
465 },
466 "scopes": [ 415 "scopes": [
467 "https://www.googleapis.com/auth /cloud-platform" 416 "https://www.googleapis.com/auth /cloud-platform"
468 ] 417 ]
469 }, 418 },
470 "testIamPermissions": { 419 "testIamPermissions": {
471 "description": "Returns permissions that a caller has on the specified resource.\nIf the resource does not exist, th is will return an empty set of\npermissions, not a NOT_FOUND error.\n\nNote: Thi s operation is designed to be used for building permission-aware\nUIs and comman d-line tools, not for authorization checking. This operation\nmay \"fail open\" without warning.", 420 "description": "Returns permissions that a caller has on the specified resource.\nIf the resource does not exist, th is will return an empty set of\npermissions, not a NOT_FOUND error.\n\nNote: Thi s operation is designed to be used for building permission-aware\nUIs and comman d-line tools, not for authorization checking. This operation\nmay \"fail open\" without warning.",
472 "httpMethod": "POST", 421 "httpMethod": "POST",
473 "id": "cloudkms.projects.locations.k eyRings.cryptoKeys.testIamPermissions", 422 "id": "cloudkms.projects.locations.k eyRings.cryptoKeys.testIamPermissions",
474 "parameterOrder": [ 423 "parameterOrder": [
475 "resource" 424 "resource"
476 ], 425 ],
477 "parameters": { 426 "parameters": {
478 "resource": { 427 "resource": {
479 "description": "REQUIRED: Th e resource for which the policy detail is being requested.\n`resource` is usuall y specified as a path. For example, a Project\nresource is specified as `project s/{project}`.", 428 "description": "REQUIRED: Th e resource for which the policy detail is being requested.\nSee the operation do cumentation for the appropriate value for this field.",
480 "location": "path", 429 "location": "path",
481 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+$", 430 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+$",
482 "required": true, 431 "required": true,
483 "type": "string" 432 "type": "string"
484 } 433 }
485 }, 434 },
486 "path": "v1beta1/{+resource}:testIam Permissions", 435 "path": "v1/{+resource}:testIamPermi ssions",
487 "request": { 436 "request": {
488 "$ref": "TestIamPermissionsReque st" 437 "$ref": "TestIamPermissionsReque st"
489 }, 438 },
490 "response": { 439 "response": {
491 "$ref": "TestIamPermissionsRespo nse" 440 "$ref": "TestIamPermissionsRespo nse"
492 }, 441 },
493 "scopes": [ 442 "scopes": [
494 "https://www.googleapis.com/auth /cloud-platform" 443 "https://www.googleapis.com/auth /cloud-platform"
495 ] 444 ]
496 }, 445 },
497 "decrypt": { 446 "decrypt": {
498 "description": "Decrypt data that wa s protected by Encrypt.", 447 "description": "Decrypt data that wa s protected by Encrypt.",
499 "httpMethod": "POST", 448 "httpMethod": "POST",
500 "id": "cloudkms.projects.locations.k eyRings.cryptoKeys.decrypt", 449 "id": "cloudkms.projects.locations.k eyRings.cryptoKeys.decrypt",
501 "parameterOrder": [ 450 "parameterOrder": [
502 "name" 451 "name"
503 ], 452 ],
504 "parameters": { 453 "parameters": {
505 "name": { 454 "name": {
506 "description": "Required. Th e resource name of the CryptoKey to use for decryption.\nThe server will choose the appropriate version.", 455 "description": "Required. Th e resource name of the CryptoKey to use for decryption.\nThe server will choose the appropriate version.",
507 "location": "path", 456 "location": "path",
508 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+$", 457 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+$",
509 "required": true, 458 "required": true,
510 "type": "string" 459 "type": "string"
511 } 460 }
512 }, 461 },
513 "path": "v1beta1/{+name}:decrypt", 462 "path": "v1/{+name}:decrypt",
514 "request": { 463 "request": {
515 "$ref": "DecryptRequest" 464 "$ref": "DecryptRequest"
516 }, 465 },
517 "response": { 466 "response": {
518 "$ref": "DecryptResponse" 467 "$ref": "DecryptResponse"
519 }, 468 },
520 "scopes": [ 469 "scopes": [
521 "https://www.googleapis.com/auth /cloud-platform" 470 "https://www.googleapis.com/auth /cloud-platform"
522 ] 471 ]
523 }, 472 },
524 "list": { 473 "list": {
525 "description": "Lists CryptoKeys.", 474 "description": "Lists CryptoKeys.",
526 "httpMethod": "GET", 475 "httpMethod": "GET",
527 "id": "cloudkms.projects.locations.k eyRings.cryptoKeys.list", 476 "id": "cloudkms.projects.locations.k eyRings.cryptoKeys.list",
528 "parameterOrder": [ 477 "parameterOrder": [
529 "parent" 478 "parent"
530 ], 479 ],
531 "parameters": { 480 "parameters": {
481 "pageSize": {
482 "description": "Optional lim it on the number of CryptoKeys to include in the\nresponse. Further CryptoKeys can subsequently be obtained by\nincluding the ListCryptoKeysResponse.next_page_ token in a subsequent\nrequest. If unspecified, the server will pick an appropr iate default.",
483 "format": "int32",
484 "location": "query",
485 "type": "integer"
486 },
532 "parent": { 487 "parent": {
533 "description": "Required. Th e resource name of the KeyRing to list, in the format\n`projects/*/locations/*/k eyRings/*`.", 488 "description": "Required. Th e resource name of the KeyRing to list, in the format\n`projects/*/locations/*/k eyRings/*`.",
534 "location": "path", 489 "location": "path",
535 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+$", 490 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+$",
536 "required": true, 491 "required": true,
537 "type": "string" 492 "type": "string"
538 }, 493 },
539 "pageToken": { 494 "pageToken": {
540 "description": "Optional pag ination token, returned earlier via\nListCryptoKeysResponse.next_page_token.", 495 "description": "Optional pag ination token, returned earlier via\nListCryptoKeysResponse.next_page_token.",
541 "location": "query", 496 "location": "query",
542 "type": "string" 497 "type": "string"
543 },
544 "pageSize": {
545 "description": "Optional lim it on the number of CryptoKeys to include in the\nresponse. Further CryptoKeys can subsequently be obtained by\nincluding the ListCryptoKeysResponse.next_page_ token in a subsequent\nrequest. If unspecified, the server will pick an appropr iate default.",
546 "format": "int32",
547 "location": "query",
548 "type": "integer"
549 } 498 }
550 }, 499 },
551 "path": "v1beta1/{+parent}/cryptoKey s", 500 "path": "v1/{+parent}/cryptoKeys",
552 "response": { 501 "response": {
553 "$ref": "ListCryptoKeysResponse" 502 "$ref": "ListCryptoKeysResponse"
554 }, 503 },
555 "scopes": [ 504 "scopes": [
556 "https://www.googleapis.com/auth /cloud-platform" 505 "https://www.googleapis.com/auth /cloud-platform"
557 ] 506 ]
558 }, 507 },
559 "encrypt": { 508 "encrypt": {
560 "description": "Encrypt data, so tha t it can only be recovered by a call to Decrypt.", 509 "description": "Encrypt data, so tha t it can only be recovered by a call to Decrypt.",
561 "httpMethod": "POST", 510 "httpMethod": "POST",
562 "id": "cloudkms.projects.locations.k eyRings.cryptoKeys.encrypt", 511 "id": "cloudkms.projects.locations.k eyRings.cryptoKeys.encrypt",
563 "parameterOrder": [ 512 "parameterOrder": [
564 "name" 513 "name"
565 ], 514 ],
566 "parameters": { 515 "parameters": {
567 "name": { 516 "name": {
568 "description": "Required. Th e resource name of the CryptoKey or CryptoKeyVersion\nto use for encryption.\n\n If a CryptoKey is specified, the server will use its\nprimary version.", 517 "description": "Required. Th e resource name of the CryptoKey or CryptoKeyVersion\nto use for encryption.\n\n If a CryptoKey is specified, the server will use its\nprimary version.",
569 "location": "path", 518 "location": "path",
570 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+/cryptoKeys/.+$", 519 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+/cryptoKeys/.+$",
571 "required": true, 520 "required": true,
572 "type": "string" 521 "type": "string"
573 } 522 }
574 }, 523 },
575 "path": "v1beta1/{+name}:encrypt", 524 "path": "v1/{+name}:encrypt",
576 "request": { 525 "request": {
577 "$ref": "EncryptRequest" 526 "$ref": "EncryptRequest"
578 }, 527 },
579 "response": { 528 "response": {
580 "$ref": "EncryptResponse" 529 "$ref": "EncryptResponse"
581 }, 530 },
582 "scopes": [ 531 "scopes": [
583 "https://www.googleapis.com/auth /cloud-platform" 532 "https://www.googleapis.com/auth /cloud-platform"
584 ] 533 ]
585 }, 534 },
(...skipping 11 matching lines...) Expand all
597 "type": "string" 546 "type": "string"
598 }, 547 },
599 "parent": { 548 "parent": {
600 "description": "Required. Th e name of the KeyRing associated with the\nCryptoKeys.", 549 "description": "Required. Th e name of the KeyRing associated with the\nCryptoKeys.",
601 "location": "path", 550 "location": "path",
602 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+$", 551 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+$",
603 "required": true, 552 "required": true,
604 "type": "string" 553 "type": "string"
605 } 554 }
606 }, 555 },
607 "path": "v1beta1/{+parent}/cryptoKey s", 556 "path": "v1/{+parent}/cryptoKeys",
608 "request": { 557 "request": {
609 "$ref": "CryptoKey" 558 "$ref": "CryptoKey"
610 }, 559 },
611 "response": { 560 "response": {
612 "$ref": "CryptoKey" 561 "$ref": "CryptoKey"
613 }, 562 },
614 "scopes": [ 563 "scopes": [
615 "https://www.googleapis.com/auth /cloud-platform" 564 "https://www.googleapis.com/auth /cloud-platform"
616 ] 565 ]
617 }, 566 },
618 "setIamPolicy": { 567 "setIamPolicy": {
619 "description": "Sets the access cont rol policy on the specified resource. Replaces any\nexisting policy.", 568 "description": "Sets the access cont rol policy on the specified resource. Replaces any\nexisting policy.",
620 "httpMethod": "POST", 569 "httpMethod": "POST",
621 "id": "cloudkms.projects.locations.k eyRings.cryptoKeys.setIamPolicy", 570 "id": "cloudkms.projects.locations.k eyRings.cryptoKeys.setIamPolicy",
622 "parameterOrder": [ 571 "parameterOrder": [
623 "resource" 572 "resource"
624 ], 573 ],
625 "parameters": { 574 "parameters": {
626 "resource": { 575 "resource": {
627 "description": "REQUIRED: Th e resource for which the policy is being specified.\n`resource` is usually speci fied as a path. For example, a Project\nresource is specified as `projects/{proj ect}`.", 576 "description": "REQUIRED: Th e resource for which the policy is being specified.\nSee the operation documenta tion for the appropriate value for this field.",
628 "location": "path", 577 "location": "path",
629 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+$", 578 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+$",
630 "required": true, 579 "required": true,
631 "type": "string" 580 "type": "string"
632 } 581 }
633 }, 582 },
634 "path": "v1beta1/{+resource}:setIamP olicy", 583 "path": "v1/{+resource}:setIamPolicy ",
635 "request": { 584 "request": {
636 "$ref": "SetIamPolicyRequest" 585 "$ref": "SetIamPolicyRequest"
637 }, 586 },
638 "response": { 587 "response": {
639 "$ref": "Policy" 588 "$ref": "Policy"
640 }, 589 },
641 "scopes": [ 590 "scopes": [
642 "https://www.googleapis.com/auth /cloud-platform" 591 "https://www.googleapis.com/auth /cloud-platform"
643 ] 592 ]
593 },
594 "updatePrimaryVersion": {
595 "description": "Update the version o f a CryptoKey that will be used in Encrypt",
596 "httpMethod": "POST",
597 "id": "cloudkms.projects.locations.k eyRings.cryptoKeys.updatePrimaryVersion",
598 "parameterOrder": [
599 "name"
600 ],
601 "parameters": {
602 "name": {
603 "description": "The resource name of the CryptoKey to update.",
604 "location": "path",
605 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+$",
606 "required": true,
607 "type": "string"
608 }
609 },
610 "path": "v1/{+name}:updatePrimaryVer sion",
611 "request": {
612 "$ref": "UpdateCryptoKeyPrimaryV ersionRequest"
613 },
614 "response": {
615 "$ref": "CryptoKey"
616 },
617 "scopes": [
618 "https://www.googleapis.com/auth /cloud-platform"
619 ]
620 },
621 "getIamPolicy": {
622 "description": "Gets the access cont rol policy for a resource.\nReturns an empty policy if the resource exists and d oes not have a policy\nset.",
623 "httpMethod": "GET",
624 "id": "cloudkms.projects.locations.k eyRings.cryptoKeys.getIamPolicy",
625 "parameterOrder": [
626 "resource"
627 ],
628 "parameters": {
629 "resource": {
630 "description": "REQUIRED: Th e resource for which the policy is being requested.\nSee the operation documenta tion for the appropriate value for this field.",
631 "location": "path",
632 "pattern": "^projects/[^/]+/ locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+$",
633 "required": true,
634 "type": "string"
635 }
636 },
637 "path": "v1/{+resource}:getIamPolicy ",
638 "response": {
639 "$ref": "Policy"
640 },
641 "scopes": [
642 "https://www.googleapis.com/auth /cloud-platform"
643 ]
644 } 644 }
645 }, 645 },
646 "resources": { 646 "resources": {
647 "cryptoKeyVersions": { 647 "cryptoKeyVersions": {
648 "methods": { 648 "methods": {
649 "list": { 649 "get": {
650 "description": "Lists Crypto KeyVersions.", 650 "description": "Returns meta data for a given CryptoKeyVersion.",
651 "httpMethod": "GET", 651 "httpMethod": "GET",
652 "id": "cloudkms.projects.loc ations.keyRings.cryptoKeys.cryptoKeyVersions.list", 652 "id": "cloudkms.projects.loc ations.keyRings.cryptoKeys.cryptoKeyVersions.get",
653 "parameterOrder": [ 653 "parameterOrder": [
654 "parent" 654 "name"
655 ], 655 ],
656 "parameters": { 656 "parameters": {
657 "parent": { 657 "name": {
658 "description": "Requ ired. The resource name of the CryptoKey to list, in the format\n`projects/*/loc ations/*/keyRings/*/cryptoKeys/*`.", 658 "description": "The name of the CryptoKeyVersion to get.",
659 "location": "path", 659 "location": "path",
660 "pattern": "^project s/[^/]+/locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+$", 660 "pattern": "^project s/[^/]+/locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+/cryptoKeyVersions/[^/]+$ ",
661 "required": true, 661 "required": true,
662 "type": "string" 662 "type": "string"
663 },
664 "pageToken": {
665 "description": "Opti onal pagination token, returned earlier via\nListCryptoKeyVersionsResponse.next_ page_token.",
666 "location": "query",
667 "type": "string"
668 },
669 "pageSize": {
670 "description": "Opti onal limit on the number of CryptoKeyVersions to\ninclude in the response. Furth er CryptoKeyVersions can\nsubsequently be obtained by including the\nListCryptoK eyVersionsResponse.next_page_token in a subsequent request.\nIf unspecified, the server will pick an appropriate default.",
671 "format": "int32",
672 "location": "query",
673 "type": "integer"
674 } 663 }
675 }, 664 },
676 "path": "v1beta1/{+parent}/c ryptoKeyVersions", 665 "path": "v1/{+name}",
677 "response": { 666 "response": {
678 "$ref": "ListCryptoKeyVe rsionsResponse" 667 "$ref": "CryptoKeyVersio n"
679 }, 668 },
680 "scopes": [ 669 "scopes": [
681 "https://www.googleapis. com/auth/cloud-platform" 670 "https://www.googleapis. com/auth/cloud-platform"
682 ] 671 ]
683 }, 672 },
684 "create": { 673 "patch": {
685 "description": "Create a new CryptoKeyVersion in a CryptoKey.\n\nThe server will assign the next sequential id. If unset,\nstate will be set to\nENABLED.", 674 "description": "Update a Cry ptoKeyVersion's metadata.\n\nstate may be changed between\nENABLED and\nDISABLED using this\nmethod. See DestroyCryptoKeyVersion and RestoreCryptoKeyVersion to\ nmove between other states.",
686 "httpMethod": "POST", 675 "httpMethod": "PATCH",
687 "id": "cloudkms.projects.loc ations.keyRings.cryptoKeys.cryptoKeyVersions.create", 676 "id": "cloudkms.projects.loc ations.keyRings.cryptoKeys.cryptoKeyVersions.patch",
688 "parameterOrder": [ 677 "parameterOrder": [
689 "parent" 678 "name"
690 ], 679 ],
691 "parameters": { 680 "parameters": {
692 "parent": { 681 "updateMask": {
693 "description": "Requ ired. The name of the CryptoKey associated with\nthe CryptoKeyVersions.", 682 "description": "Requ ired list of fields to be updated in this request.",
683 "format": "google-fi eldmask",
684 "location": "query",
685 "type": "string"
686 },
687 "name": {
688 "description": "Outp ut only. The resource name for this CryptoKeyVersion in the format\n`projects/*/ locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.",
694 "location": "path", 689 "location": "path",
695 "pattern": "^project s/[^/]+/locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+$", 690 "pattern": "^project s/[^/]+/locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+/cryptoKeyVersions/[^/]+$ ",
696 "required": true, 691 "required": true,
697 "type": "string" 692 "type": "string"
698 } 693 }
699 }, 694 },
700 "path": "v1beta1/{+parent}/c ryptoKeyVersions", 695 "path": "v1/{+name}",
701 "request": { 696 "request": {
702 "$ref": "CryptoKeyVersio n" 697 "$ref": "CryptoKeyVersio n"
703 }, 698 },
704 "response": { 699 "response": {
705 "$ref": "CryptoKeyVersio n" 700 "$ref": "CryptoKeyVersio n"
706 }, 701 },
707 "scopes": [ 702 "scopes": [
708 "https://www.googleapis. com/auth/cloud-platform" 703 "https://www.googleapis. com/auth/cloud-platform"
709 ] 704 ]
710 }, 705 },
711 "destroy": { 706 "list": {
712 "description": "Schedule a C ryptoKeyVersion for destruction.\n\nUpon calling this method, CryptoKeyVersion.s tate will be set to\nDESTROY_SCHEDULED\nand destroy_time will be set to a time 2 4\nhours in the future, at which point the state\nwill be changed to\nDESTROYED, and the key\nmaterial will be irrevocably destroyed.\n\nBefore the destroy_time is reached,\nRestoreCryptoKeyVersion may be called to reverse the process.", 707 "description": "Lists Crypto KeyVersions.",
713 "httpMethod": "POST", 708 "httpMethod": "GET",
714 "id": "cloudkms.projects.loc ations.keyRings.cryptoKeys.cryptoKeyVersions.destroy", 709 "id": "cloudkms.projects.loc ations.keyRings.cryptoKeys.cryptoKeyVersions.list",
715 "parameterOrder": [ 710 "parameterOrder": [
716 "name" 711 "parent"
717 ], 712 ],
718 "parameters": { 713 "parameters": {
719 "name": { 714 "parent": {
720 "description": "The resource name of the CryptoKeyVersion to destroy.", 715 "description": "Requ ired. The resource name of the CryptoKey to list, in the format\n`projects/*/loc ations/*/keyRings/*/cryptoKeys/*`.",
721 "location": "path", 716 "location": "path",
722 "pattern": "^project s/[^/]+/locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+/cryptoKeyVersions/[^/]+$ ", 717 "pattern": "^project s/[^/]+/locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+$",
723 "required": true, 718 "required": true,
724 "type": "string" 719 "type": "string"
720 },
721 "pageToken": {
722 "description": "Opti onal pagination token, returned earlier via\nListCryptoKeyVersionsResponse.next_ page_token.",
723 "location": "query",
724 "type": "string"
725 },
726 "pageSize": {
727 "description": "Opti onal limit on the number of CryptoKeyVersions to\ninclude in the response. Furth er CryptoKeyVersions can\nsubsequently be obtained by including the\nListCryptoK eyVersionsResponse.next_page_token in a subsequent request.\nIf unspecified, the server will pick an appropriate default.",
728 "format": "int32",
729 "location": "query",
730 "type": "integer"
725 } 731 }
726 }, 732 },
727 "path": "v1beta1/{+name}:des troy", 733 "path": "v1/{+parent}/crypto KeyVersions",
728 "request": {
729 "$ref": "DestroyCryptoKe yVersionRequest"
730 },
731 "response": { 734 "response": {
732 "$ref": "CryptoKeyVersio n" 735 "$ref": "ListCryptoKeyVe rsionsResponse"
733 }, 736 },
734 "scopes": [ 737 "scopes": [
735 "https://www.googleapis. com/auth/cloud-platform" 738 "https://www.googleapis. com/auth/cloud-platform"
736 ] 739 ]
737 }, 740 },
738 "restore": { 741 "create": {
739 "description": "Restore a Cr yptoKeyVersion in the\nDESTROY_SCHEDULED,\nstate.\n\nUpon restoration of the Cry ptoKeyVersion, state\nwill be set to DISABLED,\nand destroy_time will be cleared .", 742 "description": "Create a new CryptoKeyVersion in a CryptoKey.\n\nThe server will assign the next sequential id. If unset,\nstate will be set to\nENABLED.",
740 "httpMethod": "POST", 743 "httpMethod": "POST",
741 "id": "cloudkms.projects.loc ations.keyRings.cryptoKeys.cryptoKeyVersions.restore", 744 "id": "cloudkms.projects.loc ations.keyRings.cryptoKeys.cryptoKeyVersions.create",
742 "parameterOrder": [ 745 "parameterOrder": [
743 "name" 746 "parent"
744 ], 747 ],
745 "parameters": { 748 "parameters": {
746 "name": { 749 "parent": {
747 "description": "The resource name of the CryptoKeyVersion to restore.", 750 "description": "Requ ired. The name of the CryptoKey associated with\nthe CryptoKeyVersions.",
748 "location": "path", 751 "location": "path",
749 "pattern": "^project s/[^/]+/locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+/cryptoKeyVersions/[^/]+$ ", 752 "pattern": "^project s/[^/]+/locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+$",
750 "required": true, 753 "required": true,
751 "type": "string" 754 "type": "string"
752 } 755 }
753 }, 756 },
754 "path": "v1beta1/{+name}:res tore", 757 "path": "v1/{+parent}/crypto KeyVersions",
755 "request": { 758 "request": {
756 "$ref": "RestoreCryptoKe yVersionRequest" 759 "$ref": "CryptoKeyVersio n"
757 }, 760 },
758 "response": { 761 "response": {
759 "$ref": "CryptoKeyVersio n" 762 "$ref": "CryptoKeyVersio n"
760 }, 763 },
761 "scopes": [ 764 "scopes": [
762 "https://www.googleapis. com/auth/cloud-platform" 765 "https://www.googleapis. com/auth/cloud-platform"
763 ] 766 ]
764 }, 767 },
765 "get": { 768 "destroy": {
766 "description": "Returns meta data for a given CryptoKeyVersion.", 769 "description": "Schedule a C ryptoKeyVersion for destruction.\n\nUpon calling this method, CryptoKeyVersion.s tate will be set to\nDESTROY_SCHEDULED\nand destroy_time will be set to a time 2 4\nhours in the future, at which point the state\nwill be changed to\nDESTROYED, and the key\nmaterial will be irrevocably destroyed.\n\nBefore the destroy_time is reached,\nRestoreCryptoKeyVersion may be called to reverse the process.",
767 "httpMethod": "GET", 770 "httpMethod": "POST",
768 "id": "cloudkms.projects.loc ations.keyRings.cryptoKeys.cryptoKeyVersions.get", 771 "id": "cloudkms.projects.loc ations.keyRings.cryptoKeys.cryptoKeyVersions.destroy",
769 "parameterOrder": [ 772 "parameterOrder": [
770 "name" 773 "name"
771 ], 774 ],
772 "parameters": { 775 "parameters": {
773 "name": { 776 "name": {
774 "description": "The name of the CryptoKeyVersion to get.", 777 "description": "The resource name of the CryptoKeyVersion to destroy.",
775 "location": "path", 778 "location": "path",
776 "pattern": "^project s/[^/]+/locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+/cryptoKeyVersions/[^/]+$ ", 779 "pattern": "^project s/[^/]+/locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+/cryptoKeyVersions/[^/]+$ ",
777 "required": true, 780 "required": true,
778 "type": "string" 781 "type": "string"
779 } 782 }
780 }, 783 },
781 "path": "v1beta1/{+name}", 784 "path": "v1/{+name}:destroy" ,
785 "request": {
786 "$ref": "DestroyCryptoKe yVersionRequest"
787 },
782 "response": { 788 "response": {
783 "$ref": "CryptoKeyVersio n" 789 "$ref": "CryptoKeyVersio n"
784 }, 790 },
785 "scopes": [ 791 "scopes": [
786 "https://www.googleapis. com/auth/cloud-platform" 792 "https://www.googleapis. com/auth/cloud-platform"
787 ] 793 ]
788 }, 794 },
789 "patch": { 795 "restore": {
790 "description": "Update a Cry ptoKeyVersion's metadata.\n\nstate may be changed between\nENABLED and\nDISABLED using this\nmethod. See DestroyCryptoKeyVersion and RestoreCryptoKeyVersion to\ nmove between other states.", 796 "description": "Restore a Cr yptoKeyVersion in the\nDESTROY_SCHEDULED,\nstate.\n\nUpon restoration of the Cry ptoKeyVersion, state\nwill be set to DISABLED,\nand destroy_time will be cleared .",
791 "httpMethod": "PATCH", 797 "httpMethod": "POST",
792 "id": "cloudkms.projects.loc ations.keyRings.cryptoKeys.cryptoKeyVersions.patch", 798 "id": "cloudkms.projects.loc ations.keyRings.cryptoKeys.cryptoKeyVersions.restore",
793 "parameterOrder": [ 799 "parameterOrder": [
794 "name" 800 "name"
795 ], 801 ],
796 "parameters": { 802 "parameters": {
797 "updateMask": {
798 "description": "Requ ired list of fields to be updated in this request.",
799 "format": "google-fi eldmask",
800 "location": "query",
801 "type": "string"
802 },
803 "name": { 803 "name": {
804 "description": "Outp ut only. The resource name for this CryptoKeyVersion in the format\n`projects/*/ locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.", 804 "description": "The resource name of the CryptoKeyVersion to restore.",
805 "location": "path", 805 "location": "path",
806 "pattern": "^project s/[^/]+/locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+/cryptoKeyVersions/[^/]+$ ", 806 "pattern": "^project s/[^/]+/locations/[^/]+/keyRings/[^/]+/cryptoKeys/[^/]+/cryptoKeyVersions/[^/]+$ ",
807 "required": true, 807 "required": true,
808 "type": "string" 808 "type": "string"
809 } 809 }
810 }, 810 },
811 "path": "v1beta1/{+name}", 811 "path": "v1/{+name}:restore" ,
812 "request": { 812 "request": {
813 "$ref": "CryptoKeyVersio n" 813 "$ref": "RestoreCryptoKe yVersionRequest"
814 }, 814 },
815 "response": { 815 "response": {
816 "$ref": "CryptoKeyVersio n" 816 "$ref": "CryptoKeyVersio n"
817 }, 817 },
818 "scopes": [ 818 "scopes": [
819 "https://www.googleapis. com/auth/cloud-platform" 819 "https://www.googleapis. com/auth/cloud-platform"
820 ] 820 ]
821 } 821 }
822 } 822 }
823 } 823 }
824 } 824 }
825 } 825 }
826 } 826 }
827 } 827 }
828 } 828 }
829 } 829 }
830 } 830 }
831 } 831 }
832 }, 832 },
833 "revision": "20170222", 833 "revision": "20170320",
834 "rootUrl": "https://cloudkms.googleapis.com/", 834 "rootUrl": "https://cloudkms.googleapis.com/",
835 "schemas": { 835 "schemas": {
836 "CryptoKey": {
837 "description": "A CryptoKey represents a logical key that can be use d for cryptographic\noperations.\n\nA CryptoKey is made up of one or more versio ns, which\nrepresent the actual key material used in cryptographic operations.",
838 "id": "CryptoKey",
839 "properties": {
840 "purpose": {
841 "description": "The immutable purpose of this CryptoKey. Cur rently, the only acceptable\npurpose is ENCRYPT_DECRYPT.",
842 "enum": [
843 "CRYPTO_KEY_PURPOSE_UNSPECIFIED",
844 "ENCRYPT_DECRYPT"
845 ],
846 "enumDescriptions": [
847 "Not specified.",
848 "CryptoKeys with this purpose may be used with\nEncrypt and\nDecrypt."
849 ],
850 "type": "string"
851 },
852 "nextRotationTime": {
853 "description": "At next_rotation_time, the Key Management Se rvice will automatically:\n\n1. Create a new version of this CryptoKey.\n2. Mark the new version as primary.\n\nKey rotations performed manually via\nCreateCryp toKeyVersion and\nUpdateCryptoKeyPrimaryVersion\ndo not affect next_rotation_tim e.",
854 "format": "google-datetime",
855 "type": "string"
856 },
857 "createTime": {
858 "description": "Output only. The time at which this CryptoKe y was created.",
859 "format": "google-datetime",
860 "type": "string"
861 },
862 "rotationPeriod": {
863 "description": "next_rotation_time will be advanced by this period when the service\nautomatically rotates a key. Must be at least one day.\ n\nIf rotation_period is set, next_rotation_time must also be set.",
864 "format": "google-duration",
865 "type": "string"
866 },
867 "primary": {
868 "$ref": "CryptoKeyVersion",
869 "description": "Output only. A copy of the \"primary\" Crypt oKeyVersion that will be used\nby Encrypt when this CryptoKey is given\nin Encry ptRequest.name.\n\nThe CryptoKey's primary version can be updated via\nUpdateCry ptoKeyPrimaryVersion."
870 },
871 "name": {
872 "description": "Output only. The resource name for this Cryp toKey in the format\n`projects/*/locations/*/keyRings/*/cryptoKeys/*`.",
873 "type": "string"
874 }
875 },
876 "type": "object"
877 },
878 "Rule": {
879 "description": "A rule to be applied in a Policy.",
880 "id": "Rule",
881 "properties": {
882 "in": {
883 "description": "If one or more 'in' clauses are specified, t he rule matches if\nthe PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.",
884 "items": {
885 "type": "string"
886 },
887 "type": "array"
888 },
889 "permissions": {
890 "description": "A permission is a string of form '<service>. <resource type>.<verb>'\n(e.g., 'storage.buckets.list'). A value of '*' matches all permissions,\nand a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.",
891 "items": {
892 "type": "string"
893 },
894 "type": "array"
895 },
896 "action": {
897 "description": "Required",
898 "enum": [
899 "NO_ACTION",
900 "ALLOW",
901 "ALLOW_WITH_LOG",
902 "DENY",
903 "DENY_WITH_LOG",
904 "LOG"
905 ],
906 "enumDescriptions": [
907 "Default no action.",
908 "Matching 'Entries' grant access.",
909 "Matching 'Entries' grant access and the caller promises to log\nthe request per the returned log_configs.",
910 "Matching 'Entries' deny access.",
911 "Matching 'Entries' deny access and the caller promises to log\nthe request per the returned log_configs.",
912 "Matching 'Entries' tell IAM.Check callers to generate l ogs."
913 ],
914 "type": "string"
915 },
916 "notIn": {
917 "description": "If one or more 'not_in' clauses are specifie d, the rule matches\nif the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entri es.\nThe format for in and not_in entries is the same as for members in a\nBindi ng (see google/iam/v1/policy.proto).",
918 "items": {
919 "type": "string"
920 },
921 "type": "array"
922 },
923 "description": {
924 "description": "Human-readable description of the rule.",
925 "type": "string"
926 },
927 "conditions": {
928 "description": "Additional restrictions that must be met",
929 "items": {
930 "$ref": "Condition"
931 },
932 "type": "array"
933 },
934 "logConfig": {
935 "description": "The config returned to callers of tech.iam.I AM.CheckPolicy for any entries\nthat match the LOG action.",
936 "items": {
937 "$ref": "LogConfig"
938 },
939 "type": "array"
940 }
941 },
942 "type": "object"
943 },
944 "LogConfig": { 836 "LogConfig": {
945 "description": "Specifies what kind of log the caller must write\nIn crement a streamz counter with the specified metric and field names.\n\nMetric n ames should start with a '/', generally be lowercase-only,\nand end in \"_count\ ". Field names should not contain an initial slash.\nThe actual exported metric names will have \"/iam/policy\" prepended.\n\nField names correspond to IAM requ est parameters and field values are\ntheir respective values.\n\nAt present the only supported field names are\n - \"iam_principal\", corresponding to IAMCont ext.principal;\n - \"\" (empty string), resulting in one aggretated counter wi th no field.\n\nExamples:\n counter { metric: \"/debug_access_count\" field: \ "iam_principal\" }\n ==> increment counter /iam/policy/backend_debug_access_cou nt\n {iam_principal=[value of IAMContext.principal]}\n\nA t this time we do not support:\n* multiple field names (though this may be suppo rted in the future)\n* decrementing the counter\n* incrementing it by anything o ther than 1", 837 "description": "Specifies what kind of log the caller must write",
946 "id": "LogConfig", 838 "id": "LogConfig",
947 "properties": { 839 "properties": {
948 "counter": {
949 "$ref": "CounterOptions",
950 "description": "Counter options."
951 },
952 "dataAccess": { 840 "dataAccess": {
953 "$ref": "DataAccessOptions", 841 "$ref": "DataAccessOptions",
954 "description": "Data access options." 842 "description": "Data access options."
955 }, 843 },
956 "cloudAudit": { 844 "cloudAudit": {
957 "$ref": "CloudAuditOptions", 845 "$ref": "CloudAuditOptions",
958 "description": "Cloud audit options." 846 "description": "Cloud audit options."
847 },
848 "counter": {
849 "$ref": "CounterOptions",
850 "description": "Counter options."
959 } 851 }
960 }, 852 },
961 "type": "object" 853 "type": "object"
962 }, 854 },
963 "SetIamPolicyRequest": { 855 "SetIamPolicyRequest": {
964 "description": "Request message for `SetIamPolicy` method.", 856 "description": "Request message for `SetIamPolicy` method.",
965 "id": "SetIamPolicyRequest", 857 "id": "SetIamPolicyRequest",
966 "properties": { 858 "properties": {
859 "updateMask": {
860 "description": "OPTIONAL: A FieldMask specifying which field s of the policy to modify. Only\nthe fields in the mask will be modified. If no mask is provided, the\nfollowing default mask is used:\npaths: \"bindings, etag\ "\nThis field is only used by Cloud IAM.",
861 "format": "google-fieldmask",
862 "type": "string"
863 },
967 "policy": { 864 "policy": {
968 "$ref": "Policy", 865 "$ref": "Policy",
969 "description": "REQUIRED: The complete policy to be applied to the `resource`. The size of\nthe policy is limited to a few 10s of KB. An emp ty policy is a\nvalid policy but certain Cloud Platform services (such as Projec ts)\nmight reject them." 866 "description": "REQUIRED: The complete policy to be applied to the `resource`. The size of\nthe policy is limited to a few 10s of KB. An emp ty policy is a\nvalid policy but certain Cloud Platform services (such as Projec ts)\nmight reject them."
970 },
971 "updateMask": {
972 "description": "OPTIONAL: A FieldMask specifying which field s of the policy to modify. Only\nthe fields in the mask will be modified. If no mask is provided, a default\nmask is used:\npaths: \"bindings, etag\"\nThis fiel d is only used by Cloud IAM.",
973 "format": "google-fieldmask",
974 "type": "string"
975 } 867 }
976 }, 868 },
977 "type": "object" 869 "type": "object"
978 }, 870 },
979 "DecryptRequest": { 871 "DecryptRequest": {
980 "description": "Request message for KeyManagementService.Decrypt.", 872 "description": "Request message for KeyManagementService.Decrypt.",
981 "id": "DecryptRequest", 873 "id": "DecryptRequest",
982 "properties": { 874 "properties": {
983 "ciphertext": { 875 "ciphertext": {
984 "description": "Required. The encrypted data originally retu rned in\nEncryptResponse.ciphertext.", 876 "description": "Required. The encrypted data originally retu rned in\nEncryptResponse.ciphertext.",
(...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after
1043 "format": "int32", 935 "format": "int32",
1044 "type": "integer" 936 "type": "integer"
1045 } 937 }
1046 }, 938 },
1047 "type": "object" 939 "type": "object"
1048 }, 940 },
1049 "Condition": { 941 "Condition": {
1050 "description": "A condition to be met.", 942 "description": "A condition to be met.",
1051 "id": "Condition", 943 "id": "Condition",
1052 "properties": { 944 "properties": {
945 "sys": {
946 "description": "Trusted attributes supplied by any service t hat owns resources and uses\nthe IAM system for access control.",
947 "enum": [
948 "NO_ATTR",
949 "REGION",
950 "SERVICE",
951 "NAME",
952 "IP"
953 ],
954 "enumDescriptions": [
955 "Default non-attribute type",
956 "Region of the resource",
957 "Service name",
958 "Resource name",
959 "IP address of the caller"
960 ],
961 "type": "string"
962 },
963 "value": {
964 "description": "DEPRECATED. Use 'values' instead.",
965 "type": "string"
966 },
1053 "iam": { 967 "iam": {
1054 "description": "Trusted attributes supplied by the IAM syste m.", 968 "description": "Trusted attributes supplied by the IAM syste m.",
1055 "enum": [ 969 "enum": [
1056 "NO_ATTR", 970 "NO_ATTR",
1057 "AUTHORITY", 971 "AUTHORITY",
1058 "ATTRIBUTION", 972 "ATTRIBUTION",
1059 "APPROVER" 973 "APPROVER",
974 "JUSTIFICATION_TYPE"
1060 ], 975 ],
1061 "enumDescriptions": [ 976 "enumDescriptions": [
1062 "Default non-attribute.", 977 "Default non-attribute.",
1063 "Either principal or (if present) authority selector.", 978 "Either principal or (if present) authority selector.",
1064 "The principal (even if an authority selector is present ), which\nmust only be used for attribution, not authorization.", 979 "The principal (even if an authority selector is present ), which\nmust only be used for attribution, not authorization.",
1065 "An approver (distinct from the requester) that has auth orized this\nrequest.\nWhen used with IN, the condition indicates that one of th e approvers\nassociated with the request matches the specified principal, or is a\nmember of the specified group. Approvers can only grant additional\naccess, a nd are thus only used in a strictly positive context\n(e.g. ALLOW/IN or DENY/NOT _IN).\nSee: go/rpc-security-policy-dynamicauth." 980 "An approver (distinct from the requester) that has auth orized this\nrequest.\nWhen used with IN, the condition indicates that one of th e approvers\nassociated with the request matches the specified principal, or is a\nmember of the specified group. Approvers can only grant additional\naccess, a nd are thus only used in a strictly positive context\n(e.g. ALLOW/IN or DENY/NOT _IN).\nSee: go/rpc-security-policy-dynamicauth.",
981 "What types of justifications have been supplied with th is request.\nString values should match enum names from tech.iam.JustificationTy pe,\ne.g. \"MANUAL_STRING\". It is not permitted to grant access based on\nthe * absence* of a justification, so justification conditions can only\nbe used in a \"positive\" context (e.g., ALLOW/IN or DENY/NOT_IN).\n\nMultiple justifications , e.g., a Buganizer ID and a manually-entered\nreason, are normal and supported. "
1066 ], 982 ],
1067 "type": "string" 983 "type": "string"
1068 }, 984 },
1069 "values": { 985 "values": {
1070 "description": "The objects of the condition. This is mutual ly exclusive with 'value'.", 986 "description": "The objects of the condition. This is mutual ly exclusive with 'value'.",
1071 "items": { 987 "items": {
1072 "type": "string" 988 "type": "string"
1073 }, 989 },
1074 "type": "array" 990 "type": "array"
1075 }, 991 },
1076 "op": { 992 "op": {
1077 "description": "An operator to apply the subject with.", 993 "description": "An operator to apply the subject with.",
1078 "enum": [ 994 "enum": [
1079 "NO_OP", 995 "NO_OP",
1080 "EQUALS", 996 "EQUALS",
1081 "NOT_EQUALS", 997 "NOT_EQUALS",
1082 "IN", 998 "IN",
1083 "NOT_IN", 999 "NOT_IN",
1084 "DISCHARGED" 1000 "DISCHARGED"
1085 ], 1001 ],
1086 "enumDescriptions": [ 1002 "enumDescriptions": [
1087 "Default no-op.", 1003 "Default no-op.",
1088 "DEPRECATED. Use IN instead.", 1004 "DEPRECATED. Use IN instead.",
1089 "DEPRECATED. Use NOT_IN instead.", 1005 "DEPRECATED. Use NOT_IN instead.",
1090 "Set-inclusion check.", 1006 "The condition is true if the subject (or any element of it if it is\na set) matches any of the supplied values.",
1091 "Set-exclusion check.", 1007 "The condition is true if the subject (or every element of it if it is\na set) matches none of the supplied values.",
1092 "Subject is discharged" 1008 "Subject is discharged"
1093 ], 1009 ],
1094 "type": "string" 1010 "type": "string"
1095 }, 1011 },
1096 "svc": { 1012 "svc": {
1097 "description": "Trusted attributes discharged by the service .", 1013 "description": "Trusted attributes discharged by the service .",
1098 "type": "string" 1014 "type": "string"
1099 },
1100 "value": {
1101 "description": "DEPRECATED. Use 'values' instead.",
1102 "type": "string"
1103 },
1104 "sys": {
1105 "description": "Trusted attributes supplied by any service t hat owns resources and uses\nthe IAM system for access control.",
1106 "enum": [
1107 "NO_ATTR",
1108 "REGION",
1109 "SERVICE",
1110 "NAME",
1111 "IP"
1112 ],
1113 "enumDescriptions": [
1114 "Default non-attribute type",
1115 "Region of the resource",
1116 "Service name",
1117 "Resource name",
1118 "IP address of the caller"
1119 ],
1120 "type": "string"
1121 } 1015 }
1122 }, 1016 },
1123 "type": "object" 1017 "type": "object"
1124 }, 1018 },
1125 "CounterOptions": { 1019 "CounterOptions": {
1126 "description": "Options for counters", 1020 "description": "Options for counters",
1127 "id": "CounterOptions", 1021 "id": "CounterOptions",
1128 "properties": { 1022 "properties": {
1129 "metric": { 1023 "metric": {
1130 "description": "The metric to update.", 1024 "description": "The metric to update.",
1131 "type": "string" 1025 "type": "string"
1132 }, 1026 },
1133 "field": { 1027 "field": {
1134 "description": "The field value to attribute.", 1028 "description": "The field value to attribute.",
1135 "type": "string" 1029 "type": "string"
1136 } 1030 }
1137 }, 1031 },
1138 "type": "object" 1032 "type": "object"
1139 }, 1033 },
1140 "AuditLogConfig": { 1034 "AuditLogConfig": {
1141 "description": "Provides the configuration for logging a type of per missions.\nExample:\n\n {\n \"audit_log_configs\": [\n {\n \"log_type\": \"DATA_READ\",\n \"exempted_members\": [\n \"user:foo@gmail.com\"\n ]\n },\n {\n \"log_type \": \"DATA_WRITE\",\n }\n ]\n }\n\nThis enables 'DATA_READ' and ' DATA_WRITE' logging, while exempting\nfoo@gmail.com from DATA_READ logging.", 1035 "description": "Provides the configuration for logging a type of per missions.\nExample:\n\n {\n \"audit_log_configs\": [\n {\n \"log_type\": \"DATA_READ\",\n \"exempted_members\": [\n \"user:foo@gmail.com\"\n ]\n },\n {\n \"log_type \": \"DATA_WRITE\",\n }\n ]\n }\n\nThis enables 'DATA_READ' and ' DATA_WRITE' logging, while exempting\nfoo@gmail.com from DATA_READ logging.",
1142 "id": "AuditLogConfig", 1036 "id": "AuditLogConfig",
1143 "properties": { 1037 "properties": {
1038 "exemptedMembers": {
1039 "description": "Specifies the identities that do not cause l ogging for this type of\npermission.\nFollows the same format of Binding.members .",
1040 "items": {
1041 "type": "string"
1042 },
1043 "type": "array"
1044 },
1144 "logType": { 1045 "logType": {
1145 "description": "The log type that this config enables.", 1046 "description": "The log type that this config enables.",
1146 "enum": [ 1047 "enum": [
1147 "LOG_TYPE_UNSPECIFIED", 1048 "LOG_TYPE_UNSPECIFIED",
1148 "ADMIN_READ", 1049 "ADMIN_READ",
1149 "DATA_WRITE", 1050 "DATA_WRITE",
1150 "DATA_READ" 1051 "DATA_READ"
1151 ], 1052 ],
1152 "enumDescriptions": [ 1053 "enumDescriptions": [
1153 "Default case. Should never be this.", 1054 "Default case. Should never be this.",
1154 "Admin reads. Example: CloudIAM getIamPolicy", 1055 "Admin reads. Example: CloudIAM getIamPolicy",
1155 "Data writes. Example: CloudSQL Users create", 1056 "Data writes. Example: CloudSQL Users create",
1156 "Data reads. Example: CloudSQL Users list" 1057 "Data reads. Example: CloudSQL Users list"
1157 ], 1058 ],
1158 "type": "string" 1059 "type": "string"
1159 },
1160 "exemptedMembers": {
1161 "description": "Specifies the identities that do not cause l ogging for this type of\npermission.\nFollows the same format of Binding.members .",
1162 "items": {
1163 "type": "string"
1164 },
1165 "type": "array"
1166 } 1060 }
1167 }, 1061 },
1168 "type": "object" 1062 "type": "object"
1169 }, 1063 },
1170 "DecryptResponse": { 1064 "DecryptResponse": {
1171 "description": "Response message for KeyManagementService.Decrypt.", 1065 "description": "Response message for KeyManagementService.Decrypt.",
1172 "id": "DecryptResponse", 1066 "id": "DecryptResponse",
1173 "properties": { 1067 "properties": {
1174 "plaintext": { 1068 "plaintext": {
1175 "description": "The decrypted data originally supplied in En cryptRequest.plaintext.", 1069 "description": "The decrypted data originally supplied in En cryptRequest.plaintext.",
(...skipping 14 matching lines...) Expand all
1190 }, 1084 },
1191 "type": "array" 1085 "type": "array"
1192 } 1086 }
1193 }, 1087 },
1194 "type": "object" 1088 "type": "object"
1195 }, 1089 },
1196 "Policy": { 1090 "Policy": {
1197 "description": "Defines an Identity and Access Management (IAM) poli cy. It is used to\nspecify access control policies for Cloud Platform resources. \n\n\nA `Policy` consists of a list of `bindings`. A `Binding` binds a list of\n `members` to a `role`, where the members can be user accounts, Google groups,\nG oogle domains, and service accounts. A `role` is a named list of permissions\nde fined by IAM.\n\n**Example**\n\n {\n \"bindings\": [\n {\n \"role\": \"roles/owner\",\n \"members\": [\n \"user:mike @example.com\",\n \"group:admins@example.com\",\n \"domain :google.com\",\n \"serviceAccount:my-other-app@appspot.gserviceaccoun t.com\",\n ]\n },\n {\n \"role\": \"roles/viewer \",\n \"members\": [\"user:sean@example.com\"]\n }\n ]\n }\n\nFor a description of IAM and its features, see the\n[IAM developer's guide ](https://cloud.google.com/iam).", 1091 "description": "Defines an Identity and Access Management (IAM) poli cy. It is used to\nspecify access control policies for Cloud Platform resources. \n\n\nA `Policy` consists of a list of `bindings`. A `Binding` binds a list of\n `members` to a `role`, where the members can be user accounts, Google groups,\nG oogle domains, and service accounts. A `role` is a named list of permissions\nde fined by IAM.\n\n**Example**\n\n {\n \"bindings\": [\n {\n \"role\": \"roles/owner\",\n \"members\": [\n \"user:mike @example.com\",\n \"group:admins@example.com\",\n \"domain :google.com\",\n \"serviceAccount:my-other-app@appspot.gserviceaccoun t.com\",\n ]\n },\n {\n \"role\": \"roles/viewer \",\n \"members\": [\"user:sean@example.com\"]\n }\n ]\n }\n\nFor a description of IAM and its features, see the\n[IAM developer's guide ](https://cloud.google.com/iam).",
1198 "id": "Policy", 1092 "id": "Policy",
1199 "properties": { 1093 "properties": {
1200 "version": {
1201 "description": "Version of the `Policy`. The default version is 0.",
1202 "format": "int32",
1203 "type": "integer"
1204 },
1205 "auditConfigs": { 1094 "auditConfigs": {
1206 "description": "Specifies cloud audit logging configuration for this policy.", 1095 "description": "Specifies cloud audit logging configuration for this policy.",
1207 "items": { 1096 "items": {
1208 "$ref": "AuditConfig" 1097 "$ref": "AuditConfig"
1209 }, 1098 },
1210 "type": "array" 1099 "type": "array"
1211 }, 1100 },
1212 "bindings": { 1101 "bindings": {
1213 "description": "Associates a list of `members` to a `role`.\ nMultiple `bindings` must not be specified for the same `role`.\n`bindings` with no members will result in an error.", 1102 "description": "Associates a list of `members` to a `role`.\ nMultiple `bindings` must not be specified for the same `role`.\n`bindings` with no members will result in an error.",
1214 "items": { 1103 "items": {
1215 "$ref": "Binding" 1104 "$ref": "Binding"
1216 }, 1105 },
1217 "type": "array" 1106 "type": "array"
1218 }, 1107 },
1219 "etag": { 1108 "etag": {
1220 "description": "`etag` is used for optimistic concurrency co ntrol as a way to help\nprevent simultaneous updates of a policy from overwritin g each other.\nIt is strongly suggested that systems make use of the `etag` in t he\nread-modify-write cycle to perform policy updates in order to avoid race\nco nditions: An `etag` is returned in the response to `getIamPolicy`, and\nsystems are expected to put that etag in the request to `setIamPolicy` to\nensure that t heir change will be applied to the same version of the policy.\n\nIf no `etag` i s provided in the call to `setIamPolicy`, then the existing\npolicy is overwritt en blindly.", 1109 "description": "`etag` is used for optimistic concurrency co ntrol as a way to help\nprevent simultaneous updates of a policy from overwritin g each other.\nIt is strongly suggested that systems make use of the `etag` in t he\nread-modify-write cycle to perform policy updates in order to avoid race\nco nditions: An `etag` is returned in the response to `getIamPolicy`, and\nsystems are expected to put that etag in the request to `setIamPolicy` to\nensure that t heir change will be applied to the same version of the policy.\n\nIf no `etag` i s provided in the call to `setIamPolicy`, then the existing\npolicy is overwritt en blindly.",
1221 "format": "byte", 1110 "format": "byte",
1222 "type": "string" 1111 "type": "string"
1223 }, 1112 },
1224 "iamOwned": { 1113 "iamOwned": {
1225 "type": "boolean" 1114 "type": "boolean"
1226 }, 1115 },
1227 "rules": { 1116 "rules": {
1228 "description": "If more than one rule is specified, the rule s are applied in the following\nmanner:\n- All matching LOG rules are always app lied.\n- If any DENY/DENY_WITH_LOG rule matches, permission is denied.\n Loggin g will be applied if one or more matching rule requires logging.\n- Otherwise, i f any ALLOW/ALLOW_WITH_LOG rule matches, permission is\n granted.\n Logging wi ll be applied if one or more matching rule requires logging.\n- Otherwise, if no rule applies, permission is denied.", 1117 "description": "If more than one rule is specified, the rule s are applied in the following\nmanner:\n- All matching LOG rules are always app lied.\n- If any DENY/DENY_WITH_LOG rule matches, permission is denied.\n Loggin g will be applied if one or more matching rule requires logging.\n- Otherwise, i f any ALLOW/ALLOW_WITH_LOG rule matches, permission is\n granted.\n Logging wi ll be applied if one or more matching rule requires logging.\n- Otherwise, if no rule applies, permission is denied.",
1229 "items": { 1118 "items": {
1230 "$ref": "Rule" 1119 "$ref": "Rule"
1231 }, 1120 },
1232 "type": "array" 1121 "type": "array"
1122 },
1123 "version": {
1124 "description": "Version of the `Policy`. The default version is 0.",
1125 "format": "int32",
1126 "type": "integer"
1233 } 1127 }
1234 }, 1128 },
1235 "type": "object" 1129 "type": "object"
1130 },
1131 "ListLocationsResponse": {
1132 "description": "The response message for Locations.ListLocations.",
1133 "id": "ListLocationsResponse",
1134 "properties": {
1135 "locations": {
1136 "description": "A list of locations that matches the specifi ed filter in the request.",
1137 "items": {
1138 "$ref": "Location"
1139 },
1140 "type": "array"
1141 },
1142 "nextPageToken": {
1143 "description": "The standard List next-page token.",
1144 "type": "string"
1145 }
1146 },
1147 "type": "object"
1236 }, 1148 },
1237 "EncryptResponse": { 1149 "EncryptResponse": {
1238 "description": "Response message for KeyManagementService.Encrypt.", 1150 "description": "Response message for KeyManagementService.Encrypt.",
1239 "id": "EncryptResponse", 1151 "id": "EncryptResponse",
1240 "properties": { 1152 "properties": {
1241 "ciphertext": { 1153 "ciphertext": {
1242 "description": "The encrypted data.", 1154 "description": "The encrypted data.",
1243 "format": "byte", 1155 "format": "byte",
1244 "type": "string" 1156 "type": "string"
1245 }, 1157 },
1246 "name": { 1158 "name": {
1247 "description": "The resource name of the CryptoKeyVersion us ed in encryption.", 1159 "description": "The resource name of the CryptoKeyVersion us ed in encryption.",
1248 "type": "string" 1160 "type": "string"
1249 } 1161 }
1250 }, 1162 },
1251 "type": "object" 1163 "type": "object"
1252 }, 1164 },
1253 "ListLocationsResponse": {
1254 "description": "The response message for Locations.ListLocations.",
1255 "id": "ListLocationsResponse",
1256 "properties": {
1257 "nextPageToken": {
1258 "description": "The standard List next-page token.",
1259 "type": "string"
1260 },
1261 "locations": {
1262 "description": "A list of locations that matches the specifi ed filter in the request.",
1263 "items": {
1264 "$ref": "Location"
1265 },
1266 "type": "array"
1267 }
1268 },
1269 "type": "object"
1270 },
1271 "KeyRing": { 1165 "KeyRing": {
1272 "description": "A KeyRing is a toplevel logical grouping of CryptoKe ys.", 1166 "description": "A KeyRing is a toplevel logical grouping of CryptoKe ys.",
1273 "id": "KeyRing", 1167 "id": "KeyRing",
1274 "properties": { 1168 "properties": {
1169 "name": {
1170 "description": "Output only. The resource name for the KeyRi ng in the format\n`projects/*/locations/*/keyRings/*`.",
1171 "type": "string"
1172 },
1275 "createTime": { 1173 "createTime": {
1276 "description": "Output only. The time at which this KeyRing was created.", 1174 "description": "Output only. The time at which this KeyRing was created.",
1277 "format": "google-datetime", 1175 "format": "google-datetime",
1278 "type": "string" 1176 "type": "string"
1279 },
1280 "name": {
1281 "description": "Output only. The resource name for the KeyRi ng in the format\n`projects/*/locations/*/keyRings/*`.",
1282 "type": "string"
1283 } 1177 }
1284 }, 1178 },
1285 "type": "object" 1179 "type": "object"
1286 }, 1180 },
1287 "RestoreCryptoKeyVersionRequest": {
1288 "description": "Request message for KeyManagementService.RestoreCryp toKeyVersion.",
1289 "id": "RestoreCryptoKeyVersionRequest",
1290 "properties": {},
1291 "type": "object"
1292 },
1293 "UpdateCryptoKeyPrimaryVersionRequest": { 1181 "UpdateCryptoKeyPrimaryVersionRequest": {
1294 "description": "Request message for KeyManagementService.UpdateCrypt oKeyPrimaryVersion.", 1182 "description": "Request message for KeyManagementService.UpdateCrypt oKeyPrimaryVersion.",
1295 "id": "UpdateCryptoKeyPrimaryVersionRequest", 1183 "id": "UpdateCryptoKeyPrimaryVersionRequest",
1296 "properties": { 1184 "properties": {
1297 "cryptoKeyVersionId": { 1185 "cryptoKeyVersionId": {
1298 "description": "The id of the child CryptoKeyVersion to use as primary.", 1186 "description": "The id of the child CryptoKeyVersion to use as primary.",
1299 "type": "string" 1187 "type": "string"
1300 } 1188 }
1301 }, 1189 },
1302 "type": "object" 1190 "type": "object"
1303 }, 1191 },
1304 "DataAccessOptions": { 1192 "RestoreCryptoKeyVersionRequest": {
1305 "description": "Write a Data Access (Gin) log", 1193 "description": "Request message for KeyManagementService.RestoreCryp toKeyVersion.",
1306 "id": "DataAccessOptions", 1194 "id": "RestoreCryptoKeyVersionRequest",
1307 "properties": {}, 1195 "properties": {},
1308 "type": "object" 1196 "type": "object"
1309 }, 1197 },
1310 "ListKeyRingsResponse": { 1198 "ListKeyRingsResponse": {
1311 "description": "Response message for KeyManagementService.ListKeyRin gs.", 1199 "description": "Response message for KeyManagementService.ListKeyRin gs.",
1312 "id": "ListKeyRingsResponse", 1200 "id": "ListKeyRingsResponse",
1313 "properties": { 1201 "properties": {
1314 "nextPageToken": { 1202 "nextPageToken": {
1315 "description": "A token to retrieve next page of results. Pa ss this value in\nListKeyRingsRequest.page_token to retrieve the next page of re sults.", 1203 "description": "A token to retrieve next page of results. Pa ss this value in\nListKeyRingsRequest.page_token to retrieve the next page of re sults.",
1316 "type": "string" 1204 "type": "string"
1317 }, 1205 },
1318 "totalSize": { 1206 "totalSize": {
1319 "description": "The total number of KeyRings that matched th e query.", 1207 "description": "The total number of KeyRings that matched th e query.",
1320 "format": "int32", 1208 "format": "int32",
1321 "type": "integer" 1209 "type": "integer"
1322 }, 1210 },
1323 "keyRings": { 1211 "keyRings": {
1324 "description": "The list of KeyRings.", 1212 "description": "The list of KeyRings.",
1325 "items": { 1213 "items": {
1326 "$ref": "KeyRing" 1214 "$ref": "KeyRing"
1327 }, 1215 },
1328 "type": "array" 1216 "type": "array"
1329 } 1217 }
1330 }, 1218 },
1331 "type": "object" 1219 "type": "object"
1332 }, 1220 },
1221 "DataAccessOptions": {
1222 "description": "Write a Data Access (Gin) log",
1223 "id": "DataAccessOptions",
1224 "properties": {},
1225 "type": "object"
1226 },
1333 "AuditConfig": { 1227 "AuditConfig": {
1334 "description": "Specifies the audit configuration for a service.\nIt consists of which permission types are logged, and what identities, if\nany, ar e exempted from logging.\nAn AuditConifg must have one or more AuditLogConfigs.\ n\nIf there are AuditConfigs for both `allServices` and a specific service,\nthe union of the two AuditConfigs is used for that service: the log_types\nspecifie d in each AuditConfig are enabled, and the exempted_members in each\nAuditConfig are exempted.\nExample Policy with multiple AuditConfigs:\n{\n \"audit_configs \": [\n {\n \"service\": \"allServices\"\n \"audit_log_configs\": [ \n {\n \"log_type\": \"DATA_READ\",\n \"exempted_member s\": [\n \"user:foo@gmail.com\"\n ]\n },\n {\n \"log_type\": \"DATA_WRITE\",\n },\n {\n \"log_ type\": \"ADMIN_READ\",\n }\n ]\n },\n {\n \"service\": \ "fooservice@googleapis.com\"\n \"audit_log_configs\": [\n {\n \"log_type\": \"DATA_READ\",\n },\n {\n \"log_type\": \"DATA_WRITE\",\n \"exempted_members\": [\n \"user:bar@gmail .com\"\n ]\n }\n ]\n }\n ]\n}\nFor fooservice, this pol icy enables DATA_READ, DATA_WRITE and ADMIN_READ\nlogging. It also exempts foo@g mail.com from DATA_READ logging, and\nbar@gmail.com from DATA_WRITE logging.", 1228 "description": "Specifies the audit configuration for a service.\nTh e configuration determines which permission types are logged, and what\nidentiti es, if any, are exempted from logging.\nAn AuditConifg must have one or more Aud itLogConfigs.\n\nIf there are AuditConfigs for both `allServices` and a specific service,\nthe union of the two AuditConfigs is used for that service: the log_t ypes\nspecified in each AuditConfig are enabled, and the exempted_members in eac h\nAuditConfig are exempted.\nExample Policy with multiple AuditConfigs:\n{\n \ "audit_configs\": [\n {\n \"service\": \"allServices\"\n \"audit_lo g_configs\": [\n {\n \"log_type\": \"DATA_READ\",\n \"e xempted_members\": [\n \"user:foo@gmail.com\"\n ]\n } ,\n {\n \"log_type\": \"DATA_WRITE\",\n },\n {\n \"log_type\": \"ADMIN_READ\",\n }\n ]\n },\n {\n \"service\": \"fooservice@googleapis.com\"\n \"audit_log_configs\": [\n {\n \"log_type\": \"DATA_READ\",\n },\n {\n \"log_type\": \"DATA_WRITE\",\n \"exempted_members\": [\n \" user:bar@gmail.com\"\n ]\n }\n ]\n }\n ]\n}\nFor fooser vice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ\nlogging. It also exempts foo@gmail.com from DATA_READ logging, and\nbar@gmail.com from DATA_WRIT E logging.",
1335 "id": "AuditConfig", 1229 "id": "AuditConfig",
1336 "properties": { 1230 "properties": {
1337 "exemptedMembers": {
1338 "items": {
1339 "type": "string"
1340 },
1341 "type": "array"
1342 },
1343 "service": { 1231 "service": {
1344 "description": "Specifies a service that will be enabled for audit logging.\nFor example, `resourcemanager`, `storage`, `compute`.\n`allServ ices` is a special value that covers all services.", 1232 "description": "Specifies a service that will be enabled for audit logging.\nFor example, `storage.googleapis.com`, `cloudsql.googleapis.com `.\n`allServices` is a special value that covers all services.",
1345 "type": "string" 1233 "type": "string"
1346 }, 1234 },
1347 "auditLogConfigs": { 1235 "auditLogConfigs": {
1348 "description": "The configuration for logging of each type o f permission.\nNext ID: 4", 1236 "description": "The configuration for logging of each type o f permission.\nNext ID: 4",
1349 "items": { 1237 "items": {
1350 "$ref": "AuditLogConfig" 1238 "$ref": "AuditLogConfig"
1351 }, 1239 },
1352 "type": "array" 1240 "type": "array"
1241 },
1242 "exemptedMembers": {
1243 "items": {
1244 "type": "string"
1245 },
1246 "type": "array"
1353 } 1247 }
1354 }, 1248 },
1355 "type": "object" 1249 "type": "object"
1356 }, 1250 },
1357 "CryptoKeyVersion": { 1251 "CryptoKeyVersion": {
1358 "description": "A CryptoKeyVersion represents an individual cryptogr aphic key, and the\nassociated key material.\n\nIt can be used for cryptographic operations either directly, or via its\nparent CryptoKey, in which case the ser ver will choose the appropriate\nversion for the operation.", 1252 "description": "A CryptoKeyVersion represents an individual cryptogr aphic key, and the\nassociated key material.\n\nIt can be used for cryptographic operations either directly, or via its\nparent CryptoKey, in which case the ser ver will choose the appropriate\nversion for the operation.",
1359 "id": "CryptoKeyVersion", 1253 "id": "CryptoKeyVersion",
1360 "properties": { 1254 "properties": {
1255 "destroyTime": {
1256 "description": "Output only. The time this CryptoKeyVersion' s key material is scheduled\nfor destruction. Only present if state is\nDESTROY_ SCHEDULED.",
1257 "format": "google-datetime",
1258 "type": "string"
1259 },
1260 "createTime": {
1261 "description": "Output only. The time at which this CryptoKe yVersion was created.",
1262 "format": "google-datetime",
1263 "type": "string"
1264 },
1361 "state": { 1265 "state": {
1362 "description": "The current state of the CryptoKeyVersion.", 1266 "description": "The current state of the CryptoKeyVersion.",
1363 "enum": [ 1267 "enum": [
1364 "CRYPTO_KEY_VERSION_STATE_UNSPECIFIED", 1268 "CRYPTO_KEY_VERSION_STATE_UNSPECIFIED",
1365 "ENABLED", 1269 "ENABLED",
1366 "DISABLED", 1270 "DISABLED",
1367 "DESTROYED", 1271 "DESTROYED",
1368 "DESTROY_SCHEDULED" 1272 "DESTROY_SCHEDULED"
1369 ], 1273 ],
1370 "enumDescriptions": [ 1274 "enumDescriptions": [
1371 "Not specified.", 1275 "Not specified.",
1372 "This version may be used in Encrypt and\nDecrypt reques ts.", 1276 "This version may be used in Encrypt and\nDecrypt reques ts.",
1373 "This version may not be used, but the key material is s till available,\nand the version can be placed back into the ENABLED state.", 1277 "This version may not be used, but the key material is s till available,\nand the version can be placed back into the ENABLED state.",
1374 "This version is destroyed, and the key material is no l onger stored.\nA version may not leave this state once entered.", 1278 "This version is destroyed, and the key material is no l onger stored.\nA version may not leave this state once entered.",
1375 "This version is scheduled for destruction, and will be destroyed soon.\nCall\nRestoreCryptoKeyVersion\nto put it back into the DISABLED state." 1279 "This version is scheduled for destruction, and will be destroyed soon.\nCall\nRestoreCryptoKeyVersion\nto put it back into the DISABLED state."
1376 ], 1280 ],
1377 "type": "string" 1281 "type": "string"
1378 }, 1282 },
1379 "name": { 1283 "name": {
1380 "description": "Output only. The resource name for this Cryp toKeyVersion in the format\n`projects/*/locations/*/keyRings/*/cryptoKeys/*/cryp toKeyVersions/*`.", 1284 "description": "Output only. The resource name for this Cryp toKeyVersion in the format\n`projects/*/locations/*/keyRings/*/cryptoKeys/*/cryp toKeyVersions/*`.",
1381 "type": "string" 1285 "type": "string"
1382 }, 1286 },
1383 "destroyEventTime": { 1287 "destroyEventTime": {
1384 "description": "Output only. The time this CryptoKeyVersion' s key material was\ndestroyed. Only present if state is\nDESTROYED.", 1288 "description": "Output only. The time this CryptoKeyVersion' s key material was\ndestroyed. Only present if state is\nDESTROYED.",
1385 "format": "google-datetime", 1289 "format": "google-datetime",
1386 "type": "string" 1290 "type": "string"
1387 },
1388 "destroyTime": {
1389 "description": "Output only. The time this CryptoKeyVersion' s key material is scheduled\nfor destruction. Only present if state is\nDESTROY_ SCHEDULED.",
1390 "format": "google-datetime",
1391 "type": "string"
1392 },
1393 "createTime": {
1394 "description": "Output only. The time at which this CryptoKe yVersion was created.",
1395 "format": "google-datetime",
1396 "type": "string"
1397 } 1291 }
1398 }, 1292 },
1399 "type": "object" 1293 "type": "object"
1400 }, 1294 },
1401 "CloudAuditOptions": { 1295 "CloudAuditOptions": {
1402 "description": "Write a Cloud Audit log", 1296 "description": "Write a Cloud Audit log",
1403 "id": "CloudAuditOptions", 1297 "id": "CloudAuditOptions",
1404 "properties": {}, 1298 "properties": {},
1405 "type": "object" 1299 "type": "object"
1406 }, 1300 },
1407 "Binding": { 1301 "Binding": {
1408 "description": "Associates `members` with a `role`.", 1302 "description": "Associates `members` with a `role`.",
1409 "id": "Binding", 1303 "id": "Binding",
1410 "properties": { 1304 "properties": {
1411 "role": {
1412 "description": "Role that is assigned to `members`.\nFor exa mple, `roles/viewer`, `roles/editor`, or `roles/owner`.\nRequired",
1413 "type": "string"
1414 },
1415 "members": { 1305 "members": {
1416 "description": "Specifies the identities requesting access f or a Cloud Platform resource.\n`members` can have the following values:\n\n* `al lUsers`: A special identifier that represents anyone who is\n on the internet; with or without a Google account.\n\n* `allAuthenticatedUsers`: A special ident ifier that represents anyone\n who is authenticated with a Google account or a service account.\n\n* `user:{emailid}`: An email address that represents a spec ific Google\n account. For example, `alice@gmail.com` or `joe@example.com`.\n\ n\n* `serviceAccount:{emailid}`: An email address that represents a service\n account. For example, `my-other-app@appspot.gserviceaccount.com`.\n\n* `group:{e mailid}`: An email address that represents a Google group.\n For example, `adm ins@example.com`.\n\n* `domain:{domain}`: A Google Apps domain name that represe nts all the\n users of that domain. For example, `google.com` or `example.com` .\n\n", 1306 "description": "Specifies the identities requesting access f or a Cloud Platform resource.\n`members` can have the following values:\n\n* `al lUsers`: A special identifier that represents anyone who is\n on the internet; with or without a Google account.\n\n* `allAuthenticatedUsers`: A special ident ifier that represents anyone\n who is authenticated with a Google account or a service account.\n\n* `user:{emailid}`: An email address that represents a spec ific Google\n account. For example, `alice@gmail.com` or `joe@example.com`.\n\ n\n* `serviceAccount:{emailid}`: An email address that represents a service\n account. For example, `my-other-app@appspot.gserviceaccount.com`.\n\n* `group:{e mailid}`: An email address that represents a Google group.\n For example, `adm ins@example.com`.\n\n* `domain:{domain}`: A Google Apps domain name that represe nts all the\n users of that domain. For example, `google.com` or `example.com` .\n\n",
1417 "items": { 1307 "items": {
1418 "type": "string" 1308 "type": "string"
1419 }, 1309 },
1420 "type": "array" 1310 "type": "array"
1311 },
1312 "role": {
1313 "description": "Role that is assigned to `members`.\nFor exa mple, `roles/viewer`, `roles/editor`, or `roles/owner`.\nRequired",
1314 "type": "string"
1421 } 1315 }
1422 }, 1316 },
1423 "type": "object" 1317 "type": "object"
1424 }, 1318 },
1425 "EncryptRequest": { 1319 "EncryptRequest": {
1426 "description": "Request message for KeyManagementService.Encrypt.", 1320 "description": "Request message for KeyManagementService.Encrypt.",
1427 "id": "EncryptRequest", 1321 "id": "EncryptRequest",
1428 "properties": { 1322 "properties": {
1323 "plaintext": {
1324 "description": "Required. The data to encrypt. Must be no la rger than 64KiB.",
1325 "format": "byte",
1326 "type": "string"
1327 },
1429 "additionalAuthenticatedData": { 1328 "additionalAuthenticatedData": {
1430 "description": "Optional data that, if specified, must also be provided during decryption\nthrough DecryptRequest.additional_authenticated_d ata. Must be no\nlarger than 64KiB.", 1329 "description": "Optional data that, if specified, must also be provided during decryption\nthrough DecryptRequest.additional_authenticated_d ata. Must be no\nlarger than 64KiB.",
1431 "format": "byte", 1330 "format": "byte",
1432 "type": "string" 1331 "type": "string"
1433 },
1434 "plaintext": {
1435 "description": "Required. The data to encrypt. Must be no la rger than 64KiB.",
1436 "format": "byte",
1437 "type": "string"
1438 } 1332 }
1439 }, 1333 },
1440 "type": "object" 1334 "type": "object"
1441 }, 1335 },
1442 "ListCryptoKeyVersionsResponse": { 1336 "ListCryptoKeyVersionsResponse": {
1443 "description": "Response message for KeyManagementService.ListCrypto KeyVersions.", 1337 "description": "Response message for KeyManagementService.ListCrypto KeyVersions.",
1444 "id": "ListCryptoKeyVersionsResponse", 1338 "id": "ListCryptoKeyVersionsResponse",
1445 "properties": { 1339 "properties": {
1446 "cryptoKeyVersions": { 1340 "cryptoKeyVersions": {
1447 "description": "The list of CryptoKeyVersions.", 1341 "description": "The list of CryptoKeyVersions.",
(...skipping 26 matching lines...) Expand all
1474 "type": "array" 1368 "type": "array"
1475 } 1369 }
1476 }, 1370 },
1477 "type": "object" 1371 "type": "object"
1478 }, 1372 },
1479 "DestroyCryptoKeyVersionRequest": { 1373 "DestroyCryptoKeyVersionRequest": {
1480 "description": "Request message for KeyManagementService.DestroyCryp toKeyVersion.", 1374 "description": "Request message for KeyManagementService.DestroyCryp toKeyVersion.",
1481 "id": "DestroyCryptoKeyVersionRequest", 1375 "id": "DestroyCryptoKeyVersionRequest",
1482 "properties": {}, 1376 "properties": {},
1483 "type": "object" 1377 "type": "object"
1378 },
1379 "CryptoKey": {
1380 "description": "A CryptoKey represents a logical key that can be use d for cryptographic\noperations.\n\nA CryptoKey is made up of one or more versio ns, which\nrepresent the actual key material used in cryptographic operations.",
1381 "id": "CryptoKey",
1382 "properties": {
1383 "purpose": {
1384 "description": "The immutable purpose of this CryptoKey. Cur rently, the only acceptable\npurpose is ENCRYPT_DECRYPT.",
1385 "enum": [
1386 "CRYPTO_KEY_PURPOSE_UNSPECIFIED",
1387 "ENCRYPT_DECRYPT"
1388 ],
1389 "enumDescriptions": [
1390 "Not specified.",
1391 "CryptoKeys with this purpose may be used with\nEncrypt and\nDecrypt."
1392 ],
1393 "type": "string"
1394 },
1395 "nextRotationTime": {
1396 "description": "At next_rotation_time, the Key Management Se rvice will automatically:\n\n1. Create a new version of this CryptoKey.\n2. Mark the new version as primary.\n\nKey rotations performed manually via\nCreateCryp toKeyVersion and\nUpdateCryptoKeyPrimaryVersion\ndo not affect next_rotation_tim e.",
1397 "format": "google-datetime",
1398 "type": "string"
1399 },
1400 "createTime": {
1401 "description": "Output only. The time at which this CryptoKe y was created.",
1402 "format": "google-datetime",
1403 "type": "string"
1404 },
1405 "rotationPeriod": {
1406 "description": "next_rotation_time will be advanced by this period when the service\nautomatically rotates a key. Must be at least one day.\ n\nIf rotation_period is set, next_rotation_time must also be set.",
1407 "format": "google-duration",
1408 "type": "string"
1409 },
1410 "primary": {
1411 "$ref": "CryptoKeyVersion",
1412 "description": "Output only. A copy of the \"primary\" Crypt oKeyVersion that will be used\nby Encrypt when this CryptoKey is given\nin Encry ptRequest.name.\n\nThe CryptoKey's primary version can be updated via\nUpdateCry ptoKeyPrimaryVersion."
1413 },
1414 "name": {
1415 "description": "Output only. The resource name for this Cryp toKey in the format\n`projects/*/locations/*/keyRings/*/cryptoKeys/*`.",
1416 "type": "string"
1417 }
1418 },
1419 "type": "object"
1420 },
1421 "Rule": {
1422 "description": "A rule to be applied in a Policy.",
1423 "id": "Rule",
1424 "properties": {
1425 "logConfig": {
1426 "description": "The config returned to callers of tech.iam.I AM.CheckPolicy for any entries\nthat match the LOG action.",
1427 "items": {
1428 "$ref": "LogConfig"
1429 },
1430 "type": "array"
1431 },
1432 "in": {
1433 "description": "If one or more 'in' clauses are specified, t he rule matches if\nthe PRINCIPAL/AUTHORITY_SELECTOR is in at least one of these entries.",
1434 "items": {
1435 "type": "string"
1436 },
1437 "type": "array"
1438 },
1439 "permissions": {
1440 "description": "A permission is a string of form '<service>. <resource type>.<verb>'\n(e.g., 'storage.buckets.list'). A value of '*' matches all permissions,\nand a verb part of '*' (e.g., 'storage.buckets.*') matches all verbs.",
1441 "items": {
1442 "type": "string"
1443 },
1444 "type": "array"
1445 },
1446 "action": {
1447 "description": "Required",
1448 "enum": [
1449 "NO_ACTION",
1450 "ALLOW",
1451 "ALLOW_WITH_LOG",
1452 "DENY",
1453 "DENY_WITH_LOG",
1454 "LOG"
1455 ],
1456 "enumDescriptions": [
1457 "Default no action.",
1458 "Matching 'Entries' grant access.",
1459 "Matching 'Entries' grant access and the caller promises to log\nthe request per the returned log_configs.",
1460 "Matching 'Entries' deny access.",
1461 "Matching 'Entries' deny access and the caller promises to log\nthe request per the returned log_configs.",
1462 "Matching 'Entries' tell IAM.Check callers to generate l ogs."
1463 ],
1464 "type": "string"
1465 },
1466 "notIn": {
1467 "description": "If one or more 'not_in' clauses are specifie d, the rule matches\nif the PRINCIPAL/AUTHORITY_SELECTOR is in none of the entri es.\nThe format for in and not_in entries is the same as for members in a\nBindi ng (see google/iam/v1/policy.proto).",
1468 "items": {
1469 "type": "string"
1470 },
1471 "type": "array"
1472 },
1473 "description": {
1474 "description": "Human-readable description of the rule.",
1475 "type": "string"
1476 },
1477 "conditions": {
1478 "description": "Additional restrictions that must be met",
1479 "items": {
1480 "$ref": "Condition"
1481 },
1482 "type": "array"
1483 }
1484 },
1485 "type": "object"
1484 } 1486 }
1485 }, 1487 },
1486 "servicePath": "", 1488 "servicePath": "",
1487 "title": "Google Cloud Key Management Service (KMS) API", 1489 "title": "Google Cloud Key Management Service (KMS) API",
1488 "version": "v1beta1" 1490 "version": "v1"
1489 } 1491 }
OLDNEW
« no previous file with comments | « discovery/googleapis/cloudfunctions__v1.json ('k') | discovery/googleapis/cloudresourcemanager__v1.json » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698