Struct google_api_proto::google::cloud::kms::v1::key_management_service_client::KeyManagementServiceClient

source · 
pub struct KeyManagementServiceClient<T> { /* private fields */ }
Expand description

Google Cloud Key Management Service

Manages cryptographic keys and operations using those keys. Implements a REST model with the following objects:

  • [KeyRing][google.cloud.kms.v1.KeyRing]
  • [CryptoKey][google.cloud.kms.v1.CryptoKey]
  • [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
  • [ImportJob][google.cloud.kms.v1.ImportJob]

If you are using manual gRPC libraries, see Using gRPC with Cloud KMS.

Implementations§

source§

impl<T> KeyManagementServiceClient<T>
where T: GrpcService<BoxBody>, T::Error: Into<StdError>, T::ResponseBody: Body<Data = Bytes> + Send + 'static, <T::ResponseBody as Body>::Error: Into<StdError> + Send,

source

pub fn new(inner: T) -> Self

source

pub fn with_origin(inner: T, origin: Uri) -> Self

source

pub fn with_interceptor<F>( inner: T, interceptor: F ) -> KeyManagementServiceClient<InterceptedService<T, F>>
where F: Interceptor, T::ResponseBody: Default, T: Service<Request<BoxBody>, Response = Response<<T as GrpcService<BoxBody>>::ResponseBody>>, <T as Service<Request<BoxBody>>>::Error: Into<StdError> + Send + Sync,

source

pub fn send_compressed(self, encoding: CompressionEncoding) -> Self

Compress requests with the given encoding.

This requires the server to support it otherwise it might respond with an error.

source

pub fn accept_compressed(self, encoding: CompressionEncoding) -> Self

Enable decompressing responses.

source

pub fn max_decoding_message_size(self, limit: usize) -> Self

Limits the maximum size of a decoded message.

Default: 4MB

source

pub fn max_encoding_message_size(self, limit: usize) -> Self

Limits the maximum size of an encoded message.

Default: usize::MAX

source

pub async fn list_key_rings( &mut self, request: impl IntoRequest<ListKeyRingsRequest> ) -> Result<Response<ListKeyRingsResponse>, Status>

Lists [KeyRings][google.cloud.kms.v1.KeyRing].

source

pub async fn list_crypto_keys( &mut self, request: impl IntoRequest<ListCryptoKeysRequest> ) -> Result<Response<ListCryptoKeysResponse>, Status>

Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey].

source

pub async fn list_crypto_key_versions( &mut self, request: impl IntoRequest<ListCryptoKeyVersionsRequest> ) -> Result<Response<ListCryptoKeyVersionsResponse>, Status>

Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].

source

pub async fn list_import_jobs( &mut self, request: impl IntoRequest<ListImportJobsRequest> ) -> Result<Response<ListImportJobsResponse>, Status>

Lists [ImportJobs][google.cloud.kms.v1.ImportJob].

source

pub async fn get_key_ring( &mut self, request: impl IntoRequest<GetKeyRingRequest> ) -> Result<Response<KeyRing>, Status>

Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing].

source

pub async fn get_crypto_key( &mut self, request: impl IntoRequest<GetCryptoKeyRequest> ) -> Result<Response<CryptoKey>, Status>

Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as well as its [primary][google.cloud.kms.v1.CryptoKey.primary] [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].

source

pub async fn get_crypto_key_version( &mut self, request: impl IntoRequest<GetCryptoKeyVersionRequest> ) -> Result<Response<CryptoKeyVersion>, Status>

Returns metadata for a given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].

source

pub async fn get_public_key( &mut self, request: impl IntoRequest<GetPublicKeyRequest> ) -> Result<Response<PublicKey>, Status>

Returns the public key for the given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN] or [ASYMMETRIC_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT].

source

pub async fn get_import_job( &mut self, request: impl IntoRequest<GetImportJobRequest> ) -> Result<Response<ImportJob>, Status>

Returns metadata for a given [ImportJob][google.cloud.kms.v1.ImportJob].

source

pub async fn create_key_ring( &mut self, request: impl IntoRequest<CreateKeyRingRequest> ) -> Result<Response<KeyRing>, Status>

Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and Location.

source

pub async fn create_crypto_key( &mut self, request: impl IntoRequest<CreateCryptoKeyRequest> ) -> Result<Response<CryptoKey>, Status>

Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a [KeyRing][google.cloud.kms.v1.KeyRing].

[CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm] are required.

source

pub async fn create_crypto_key_version( &mut self, request: impl IntoRequest<CreateCryptoKeyVersionRequest> ) -> Result<Response<CryptoKeyVersion>, Status>

Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a [CryptoKey][google.cloud.kms.v1.CryptoKey].

The server will assign the next sequential id. If unset, [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED].

source

pub async fn import_crypto_key_version( &mut self, request: impl IntoRequest<ImportCryptoKeyVersionRequest> ) -> Result<Response<CryptoKeyVersion>, Status>

Import wrapped key material into a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].

All requests must specify a [CryptoKey][google.cloud.kms.v1.CryptoKey]. If a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] is additionally specified in the request, key material will be reimported into that version. Otherwise, a new version will be created, and will be assigned the next sequential id within the [CryptoKey][google.cloud.kms.v1.CryptoKey].

source

pub async fn create_import_job( &mut self, request: impl IntoRequest<CreateImportJobRequest> ) -> Result<Response<ImportJob>, Status>

Create a new [ImportJob][google.cloud.kms.v1.ImportJob] within a [KeyRing][google.cloud.kms.v1.KeyRing].

[ImportJob.import_method][google.cloud.kms.v1.ImportJob.import_method] is required.

source

pub async fn update_crypto_key( &mut self, request: impl IntoRequest<UpdateCryptoKeyRequest> ) -> Result<Response<CryptoKey>, Status>

Update a [CryptoKey][google.cloud.kms.v1.CryptoKey].

source

pub async fn update_crypto_key_version( &mut self, request: impl IntoRequest<UpdateCryptoKeyVersionRequest> ) -> Result<Response<CryptoKeyVersion>, Status>

Update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]’s metadata.

[state][google.cloud.kms.v1.CryptoKeyVersion.state] may be changed between [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] and [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED] using this method. See [DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion] and [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] to move between other states.

source

pub async fn update_crypto_key_primary_version( &mut self, request: impl IntoRequest<UpdateCryptoKeyPrimaryVersionRequest> ) -> Result<Response<CryptoKey>, Status>

Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that will be used in [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].

Returns an error if called on a key whose purpose is not [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].

source

pub async fn destroy_crypto_key_version( &mut self, request: impl IntoRequest<DestroyCryptoKeyVersionRequest> ) -> Result<Response<CryptoKeyVersion>, Status>

Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for destruction.

Upon calling this method, [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED], and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be set to the time [destroy_scheduled_duration][google.cloud.kms.v1.CryptoKey.destroy_scheduled_duration] in the future. At that time, the [state][google.cloud.kms.v1.CryptoKeyVersion.state] will automatically change to [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED], and the key material will be irrevocably destroyed.

Before the [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is reached, [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] may be called to reverse the process.

source

pub async fn restore_crypto_key_version( &mut self, request: impl IntoRequest<RestoreCryptoKeyVersionRequest> ) -> Result<Response<CryptoKeyVersion>, Status>

Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED] state.

Upon restoration of the CryptoKeyVersion, [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED], and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be cleared.

source

pub async fn encrypt( &mut self, request: impl IntoRequest<EncryptRequest> ) -> Result<Response<EncryptResponse>, Status>

Encrypts data, so that it can only be recovered by a call to [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].

source

pub async fn decrypt( &mut self, request: impl IntoRequest<DecryptRequest> ) -> Result<Response<DecryptResponse>, Status>

Decrypts data that was protected by [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].

source

pub async fn raw_encrypt( &mut self, request: impl IntoRequest<RawEncryptRequest> ) -> Result<Response<RawEncryptResponse>, Status>

Encrypts data using portable cryptographic primitives. Most users should choose [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] and [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt] rather than their raw counterparts. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].

source

pub async fn raw_decrypt( &mut self, request: impl IntoRequest<RawDecryptRequest> ) -> Result<Response<RawDecryptResponse>, Status>

Decrypts data that was originally encrypted using a raw cryptographic mechanism. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [RAW_ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.RAW_ENCRYPT_DECRYPT].

source

pub async fn asymmetric_sign( &mut self, request: impl IntoRequest<AsymmetricSignRequest> ) -> Result<Response<AsymmetricSignResponse>, Status>

Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].

source

pub async fn asymmetric_decrypt( &mut self, request: impl IntoRequest<AsymmetricDecryptRequest> ) -> Result<Response<AsymmetricDecryptResponse>, Status>

Decrypts data that was encrypted with a public key retrieved from [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey] corresponding to a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_DECRYPT.

source

pub async fn mac_sign( &mut self, request: impl IntoRequest<MacSignRequest> ) -> Result<Response<MacSignResponse>, Status>

Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] MAC, producing a tag that can be verified by another source with the same key.

source

pub async fn mac_verify( &mut self, request: impl IntoRequest<MacVerifyRequest> ) -> Result<Response<MacVerifyResponse>, Status>

Verifies MAC tag using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] MAC, and returns a response that indicates whether or not the verification was successful.

source

pub async fn generate_random_bytes( &mut self, request: impl IntoRequest<GenerateRandomBytesRequest> ) -> Result<Response<GenerateRandomBytesResponse>, Status>

Generate random bytes using the Cloud KMS randomness source in the provided location.

Trait Implementations§

source§

impl<T: Clone> Clone for KeyManagementServiceClient<T>

source§

fn clone(&self) -> KeyManagementServiceClient<T>

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl<T: Debug> Debug for KeyManagementServiceClient<T>

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> FromRef<T> for T
where T: Clone,

§

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.
§

impl<T> Instrument for T

§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided [Span], returning an Instrumented wrapper. Read more
§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> IntoRequest<T> for T

source§

fn into_request(self) -> Request<T>

Wrap the input message T in a tonic::Request
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> WithSubscriber for T

§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a [WithDispatch] wrapper. Read more
§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a [WithDispatch] wrapper. Read more