• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1<html><body>
2<style>
3
4body, h1, h2, h3, div, span, p, pre, a {
5  margin: 0;
6  padding: 0;
7  border: 0;
8  font-weight: inherit;
9  font-style: inherit;
10  font-size: 100%;
11  font-family: inherit;
12  vertical-align: baseline;
13}
14
15body {
16  font-size: 13px;
17  padding: 1em;
18}
19
20h1 {
21  font-size: 26px;
22  margin-bottom: 1em;
23}
24
25h2 {
26  font-size: 24px;
27  margin-bottom: 1em;
28}
29
30h3 {
31  font-size: 20px;
32  margin-bottom: 1em;
33  margin-top: 1em;
34}
35
36pre, code {
37  line-height: 1.5;
38  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
39}
40
41pre {
42  margin-top: 0.5em;
43}
44
45h1, h2, h3, p {
46  font-family: Arial, sans serif;
47}
48
49h1, h2, h3 {
50  border-bottom: solid #CCC 1px;
51}
52
53.toc_element {
54  margin-top: 0.5em;
55}
56
57.firstline {
58  margin-left: 2 em;
59}
60
61.method  {
62  margin-top: 1em;
63  border: solid 1px #CCC;
64  padding: 1em;
65  background: #EEE;
66}
67
68.details {
69  font-weight: bold;
70  font-size: 14px;
71}
72
73</style>
74
75<h1><a href="cloudkms_v1.html">Cloud Key Management Service (KMS) API</a> . <a href="cloudkms_v1.projects.html">projects</a> . <a href="cloudkms_v1.projects.locations.html">locations</a> . <a href="cloudkms_v1.projects.locations.keyRings.html">keyRings</a> . <a href="cloudkms_v1.projects.locations.keyRings.cryptoKeys.html">cryptoKeys</a> . <a href="cloudkms_v1.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.html">cryptoKeyVersions</a></h1>
76<h2>Instance Methods</h2>
77<p class="toc_element">
78  <code><a href="#asymmetricDecrypt">asymmetricDecrypt(name, body, x__xgafv=None)</a></code></p>
79<p class="firstline">Decrypts data that was encrypted with a public key retrieved from</p>
80<p class="toc_element">
81  <code><a href="#asymmetricSign">asymmetricSign(name, body, x__xgafv=None)</a></code></p>
82<p class="firstline">Signs data using a CryptoKeyVersion with CryptoKey.purpose</p>
83<p class="toc_element">
84  <code><a href="#create">create(parent, body, x__xgafv=None)</a></code></p>
85<p class="firstline">Create a new CryptoKeyVersion in a CryptoKey.</p>
86<p class="toc_element">
87  <code><a href="#destroy">destroy(name, body=None, x__xgafv=None)</a></code></p>
88<p class="firstline">Schedule a CryptoKeyVersion for destruction.</p>
89<p class="toc_element">
90  <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
91<p class="firstline">Returns metadata for a given CryptoKeyVersion.</p>
92<p class="toc_element">
93  <code><a href="#getPublicKey">getPublicKey(name, x__xgafv=None)</a></code></p>
94<p class="firstline">Returns the public key for the given CryptoKeyVersion. The</p>
95<p class="toc_element">
96  <code><a href="#list">list(parent, pageSize=None, pageToken=None, x__xgafv=None, view=None)</a></code></p>
97<p class="firstline">Lists CryptoKeyVersions.</p>
98<p class="toc_element">
99  <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
100<p class="firstline">Retrieves the next page of results.</p>
101<p class="toc_element">
102  <code><a href="#patch">patch(name, body, updateMask=None, x__xgafv=None)</a></code></p>
103<p class="firstline">Update a CryptoKeyVersion's metadata.</p>
104<p class="toc_element">
105  <code><a href="#restore">restore(name, body=None, x__xgafv=None)</a></code></p>
106<p class="firstline">Restore a CryptoKeyVersion in the</p>
107<h3>Method Details</h3>
108<div class="method">
109    <code class="details" id="asymmetricDecrypt">asymmetricDecrypt(name, body, x__xgafv=None)</code>
110  <pre>Decrypts data that was encrypted with a public key retrieved from
111GetPublicKey corresponding to a CryptoKeyVersion with
112CryptoKey.purpose ASYMMETRIC_DECRYPT.
113
114Args:
115  name: string, Required. The resource name of the CryptoKeyVersion to use for
116decryption. (required)
117  body: object, The request body. (required)
118    The object takes the form of:
119
120{ # Request message for KeyManagementService.AsymmetricDecrypt.
121    "ciphertext": "A String", # Required. The data encrypted with the named CryptoKeyVersion's public
122        # key using OAEP.
123  }
124
125  x__xgafv: string, V1 error format.
126    Allowed values
127      1 - v1 error format
128      2 - v2 error format
129
130Returns:
131  An object of the form:
132
133    { # Response message for KeyManagementService.AsymmetricDecrypt.
134    "plaintext": "A String", # The decrypted data originally encrypted with the matching public key.
135  }</pre>
136</div>
137
138<div class="method">
139    <code class="details" id="asymmetricSign">asymmetricSign(name, body, x__xgafv=None)</code>
140  <pre>Signs data using a CryptoKeyVersion with CryptoKey.purpose
141ASYMMETRIC_SIGN, producing a signature that can be verified with the public
142key retrieved from GetPublicKey.
143
144Args:
145  name: string, Required. The resource name of the CryptoKeyVersion to use for signing. (required)
146  body: object, The request body. (required)
147    The object takes the form of:
148
149{ # Request message for KeyManagementService.AsymmetricSign.
150    "digest": { # A Digest holds a cryptographic message digest. # Required. The digest of the data to sign. The digest must be produced with
151        # the same digest algorithm as specified by the key version's
152        # algorithm.
153      "sha256": "A String", # A message digest produced with the SHA-256 algorithm.
154      "sha512": "A String", # A message digest produced with the SHA-512 algorithm.
155      "sha384": "A String", # A message digest produced with the SHA-384 algorithm.
156    },
157  }
158
159  x__xgafv: string, V1 error format.
160    Allowed values
161      1 - v1 error format
162      2 - v2 error format
163
164Returns:
165  An object of the form:
166
167    { # Response message for KeyManagementService.AsymmetricSign.
168    "signature": "A String", # The created signature.
169  }</pre>
170</div>
171
172<div class="method">
173    <code class="details" id="create">create(parent, body, x__xgafv=None)</code>
174  <pre>Create a new CryptoKeyVersion in a CryptoKey.
175
176The server will assign the next sequential id. If unset,
177state will be set to
178ENABLED.
179
180Args:
181  parent: string, Required. The name of the CryptoKey associated with
182the CryptoKeyVersions. (required)
183  body: object, The request body. (required)
184    The object takes the form of:
185
186{ # A CryptoKeyVersion represents an individual cryptographic key, and the
187    # associated key material.
188    #
189    # An ENABLED version can be
190    # used for cryptographic operations.
191    #
192    # For security reasons, the raw cryptographic key material represented by a
193    # CryptoKeyVersion can never be viewed or exported. It can only be used to
194    # encrypt, decrypt, or sign data when an authorized user or application invokes
195    # Cloud KMS.
196  "destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
197      # for destruction. Only present if state is
198      # DESTROY_SCHEDULED.
199  "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
200      # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
201  "algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
202      # CryptoKeyVersion supports.
203  "protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
204      # performed with this CryptoKeyVersion.
205  "attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
206      # creation time. Use this statement to verify attributes of the key as stored
207      # on the HSM, independently of Google. Only provided for key versions with
208      # protection_level HSM.
209      # information, see [Verifying attestations]
210      # (https://cloud.google.com/kms/docs/attest-key).
211    "content": "A String", # Output only. The attestation data provided by the HSM when the key
212        # operation was performed.
213    "format": "A String", # Output only. The format of the attestation data.
214  },
215  "state": "A String", # The current state of the CryptoKeyVersion.
216  "destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
217      # destroyed. Only present if state is
218      # DESTROYED.
219  "generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
220      # generated.
221  "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
222}
223
224  x__xgafv: string, V1 error format.
225    Allowed values
226      1 - v1 error format
227      2 - v2 error format
228
229Returns:
230  An object of the form:
231
232    { # A CryptoKeyVersion represents an individual cryptographic key, and the
233      # associated key material.
234      #
235      # An ENABLED version can be
236      # used for cryptographic operations.
237      #
238      # For security reasons, the raw cryptographic key material represented by a
239      # CryptoKeyVersion can never be viewed or exported. It can only be used to
240      # encrypt, decrypt, or sign data when an authorized user or application invokes
241      # Cloud KMS.
242    "destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
243        # for destruction. Only present if state is
244        # DESTROY_SCHEDULED.
245    "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
246        # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
247    "algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
248        # CryptoKeyVersion supports.
249    "protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
250        # performed with this CryptoKeyVersion.
251    "attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
252        # creation time. Use this statement to verify attributes of the key as stored
253        # on the HSM, independently of Google. Only provided for key versions with
254        # protection_level HSM.
255        # information, see [Verifying attestations]
256        # (https://cloud.google.com/kms/docs/attest-key).
257      "content": "A String", # Output only. The attestation data provided by the HSM when the key
258          # operation was performed.
259      "format": "A String", # Output only. The format of the attestation data.
260    },
261    "state": "A String", # The current state of the CryptoKeyVersion.
262    "destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
263        # destroyed. Only present if state is
264        # DESTROYED.
265    "generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
266        # generated.
267    "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
268  }</pre>
269</div>
270
271<div class="method">
272    <code class="details" id="destroy">destroy(name, body=None, x__xgafv=None)</code>
273  <pre>Schedule a CryptoKeyVersion for destruction.
274
275Upon calling this method, CryptoKeyVersion.state will be set to
276DESTROY_SCHEDULED
277and destroy_time will be set to a time 24
278hours in the future, at which point the state
279will be changed to
280DESTROYED, and the key
281material will be irrevocably destroyed.
282
283Before the destroy_time is reached,
284RestoreCryptoKeyVersion may be called to reverse the process.
285
286Args:
287  name: string, The resource name of the CryptoKeyVersion to destroy. (required)
288  body: object, The request body.
289    The object takes the form of:
290
291{ # Request message for KeyManagementService.DestroyCryptoKeyVersion.
292  }
293
294  x__xgafv: string, V1 error format.
295    Allowed values
296      1 - v1 error format
297      2 - v2 error format
298
299Returns:
300  An object of the form:
301
302    { # A CryptoKeyVersion represents an individual cryptographic key, and the
303      # associated key material.
304      #
305      # An ENABLED version can be
306      # used for cryptographic operations.
307      #
308      # For security reasons, the raw cryptographic key material represented by a
309      # CryptoKeyVersion can never be viewed or exported. It can only be used to
310      # encrypt, decrypt, or sign data when an authorized user or application invokes
311      # Cloud KMS.
312    "destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
313        # for destruction. Only present if state is
314        # DESTROY_SCHEDULED.
315    "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
316        # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
317    "algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
318        # CryptoKeyVersion supports.
319    "protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
320        # performed with this CryptoKeyVersion.
321    "attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
322        # creation time. Use this statement to verify attributes of the key as stored
323        # on the HSM, independently of Google. Only provided for key versions with
324        # protection_level HSM.
325        # information, see [Verifying attestations]
326        # (https://cloud.google.com/kms/docs/attest-key).
327      "content": "A String", # Output only. The attestation data provided by the HSM when the key
328          # operation was performed.
329      "format": "A String", # Output only. The format of the attestation data.
330    },
331    "state": "A String", # The current state of the CryptoKeyVersion.
332    "destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
333        # destroyed. Only present if state is
334        # DESTROYED.
335    "generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
336        # generated.
337    "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
338  }</pre>
339</div>
340
341<div class="method">
342    <code class="details" id="get">get(name, x__xgafv=None)</code>
343  <pre>Returns metadata for a given CryptoKeyVersion.
344
345Args:
346  name: string, The name of the CryptoKeyVersion to get. (required)
347  x__xgafv: string, V1 error format.
348    Allowed values
349      1 - v1 error format
350      2 - v2 error format
351
352Returns:
353  An object of the form:
354
355    { # A CryptoKeyVersion represents an individual cryptographic key, and the
356      # associated key material.
357      #
358      # An ENABLED version can be
359      # used for cryptographic operations.
360      #
361      # For security reasons, the raw cryptographic key material represented by a
362      # CryptoKeyVersion can never be viewed or exported. It can only be used to
363      # encrypt, decrypt, or sign data when an authorized user or application invokes
364      # Cloud KMS.
365    "destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
366        # for destruction. Only present if state is
367        # DESTROY_SCHEDULED.
368    "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
369        # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
370    "algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
371        # CryptoKeyVersion supports.
372    "protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
373        # performed with this CryptoKeyVersion.
374    "attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
375        # creation time. Use this statement to verify attributes of the key as stored
376        # on the HSM, independently of Google. Only provided for key versions with
377        # protection_level HSM.
378        # information, see [Verifying attestations]
379        # (https://cloud.google.com/kms/docs/attest-key).
380      "content": "A String", # Output only. The attestation data provided by the HSM when the key
381          # operation was performed.
382      "format": "A String", # Output only. The format of the attestation data.
383    },
384    "state": "A String", # The current state of the CryptoKeyVersion.
385    "destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
386        # destroyed. Only present if state is
387        # DESTROYED.
388    "generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
389        # generated.
390    "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
391  }</pre>
392</div>
393
394<div class="method">
395    <code class="details" id="getPublicKey">getPublicKey(name, x__xgafv=None)</code>
396  <pre>Returns the public key for the given CryptoKeyVersion. The
397CryptoKey.purpose must be
398ASYMMETRIC_SIGN or
399ASYMMETRIC_DECRYPT.
400
401Args:
402  name: string, The name of the CryptoKeyVersion public key to
403get. (required)
404  x__xgafv: string, V1 error format.
405    Allowed values
406      1 - v1 error format
407      2 - v2 error format
408
409Returns:
410  An object of the form:
411
412    { # The public key for a given CryptoKeyVersion. Obtained via
413      # GetPublicKey.
414    "pem": "A String", # The public key, encoded in PEM format. For more information, see the
415        # [RFC 7468](https://tools.ietf.org/html/rfc7468) sections for
416        # [General Considerations](https://tools.ietf.org/html/rfc7468#section-2) and
417        # [Textual Encoding of Subject Public Key Info]
418        # (https://tools.ietf.org/html/rfc7468#section-13).
419    "algorithm": "A String", # The Algorithm associated
420        # with this key.
421  }</pre>
422</div>
423
424<div class="method">
425    <code class="details" id="list">list(parent, pageSize=None, pageToken=None, x__xgafv=None, view=None)</code>
426  <pre>Lists CryptoKeyVersions.
427
428Args:
429  parent: string, Required. The resource name of the CryptoKey to list, in the format
430`projects/*/locations/*/keyRings/*/cryptoKeys/*`. (required)
431  pageSize: integer, Optional limit on the number of CryptoKeyVersions to
432include in the response. Further CryptoKeyVersions can
433subsequently be obtained by including the
434ListCryptoKeyVersionsResponse.next_page_token in a subsequent request.
435If unspecified, the server will pick an appropriate default.
436  pageToken: string, Optional pagination token, returned earlier via
437ListCryptoKeyVersionsResponse.next_page_token.
438  x__xgafv: string, V1 error format.
439    Allowed values
440      1 - v1 error format
441      2 - v2 error format
442  view: string, The fields to include in the response.
443
444Returns:
445  An object of the form:
446
447    { # Response message for KeyManagementService.ListCryptoKeyVersions.
448    "nextPageToken": "A String", # A token to retrieve next page of results. Pass this value in
449        # ListCryptoKeyVersionsRequest.page_token to retrieve the next page of
450        # results.
451    "totalSize": 42, # The total number of CryptoKeyVersions that matched the
452        # query.
453    "cryptoKeyVersions": [ # The list of CryptoKeyVersions.
454      { # A CryptoKeyVersion represents an individual cryptographic key, and the
455          # associated key material.
456          #
457          # An ENABLED version can be
458          # used for cryptographic operations.
459          #
460          # For security reasons, the raw cryptographic key material represented by a
461          # CryptoKeyVersion can never be viewed or exported. It can only be used to
462          # encrypt, decrypt, or sign data when an authorized user or application invokes
463          # Cloud KMS.
464        "destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
465            # for destruction. Only present if state is
466            # DESTROY_SCHEDULED.
467        "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
468            # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
469        "algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
470            # CryptoKeyVersion supports.
471        "protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
472            # performed with this CryptoKeyVersion.
473        "attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
474            # creation time. Use this statement to verify attributes of the key as stored
475            # on the HSM, independently of Google. Only provided for key versions with
476            # protection_level HSM.
477            # information, see [Verifying attestations]
478            # (https://cloud.google.com/kms/docs/attest-key).
479          "content": "A String", # Output only. The attestation data provided by the HSM when the key
480              # operation was performed.
481          "format": "A String", # Output only. The format of the attestation data.
482        },
483        "state": "A String", # The current state of the CryptoKeyVersion.
484        "destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
485            # destroyed. Only present if state is
486            # DESTROYED.
487        "generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
488            # generated.
489        "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
490      },
491    ],
492  }</pre>
493</div>
494
495<div class="method">
496    <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
497  <pre>Retrieves the next page of results.
498
499Args:
500  previous_request: The request for the previous page. (required)
501  previous_response: The response from the request for the previous page. (required)
502
503Returns:
504  A request object that you can call 'execute()' on to request the next
505  page. Returns None if there are no more items in the collection.
506    </pre>
507</div>
508
509<div class="method">
510    <code class="details" id="patch">patch(name, body, updateMask=None, x__xgafv=None)</code>
511  <pre>Update a CryptoKeyVersion's metadata.
512
513state may be changed between
514ENABLED and
515DISABLED using this
516method. See DestroyCryptoKeyVersion and RestoreCryptoKeyVersion to
517move between other states.
518
519Args:
520  name: string, Output only. The resource name for this CryptoKeyVersion in the format
521`projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. (required)
522  body: object, The request body. (required)
523    The object takes the form of:
524
525{ # A CryptoKeyVersion represents an individual cryptographic key, and the
526    # associated key material.
527    #
528    # An ENABLED version can be
529    # used for cryptographic operations.
530    #
531    # For security reasons, the raw cryptographic key material represented by a
532    # CryptoKeyVersion can never be viewed or exported. It can only be used to
533    # encrypt, decrypt, or sign data when an authorized user or application invokes
534    # Cloud KMS.
535  "destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
536      # for destruction. Only present if state is
537      # DESTROY_SCHEDULED.
538  "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
539      # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
540  "algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
541      # CryptoKeyVersion supports.
542  "protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
543      # performed with this CryptoKeyVersion.
544  "attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
545      # creation time. Use this statement to verify attributes of the key as stored
546      # on the HSM, independently of Google. Only provided for key versions with
547      # protection_level HSM.
548      # information, see [Verifying attestations]
549      # (https://cloud.google.com/kms/docs/attest-key).
550    "content": "A String", # Output only. The attestation data provided by the HSM when the key
551        # operation was performed.
552    "format": "A String", # Output only. The format of the attestation data.
553  },
554  "state": "A String", # The current state of the CryptoKeyVersion.
555  "destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
556      # destroyed. Only present if state is
557      # DESTROYED.
558  "generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
559      # generated.
560  "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
561}
562
563  updateMask: string, Required list of fields to be updated in this request.
564  x__xgafv: string, V1 error format.
565    Allowed values
566      1 - v1 error format
567      2 - v2 error format
568
569Returns:
570  An object of the form:
571
572    { # A CryptoKeyVersion represents an individual cryptographic key, and the
573      # associated key material.
574      #
575      # An ENABLED version can be
576      # used for cryptographic operations.
577      #
578      # For security reasons, the raw cryptographic key material represented by a
579      # CryptoKeyVersion can never be viewed or exported. It can only be used to
580      # encrypt, decrypt, or sign data when an authorized user or application invokes
581      # Cloud KMS.
582    "destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
583        # for destruction. Only present if state is
584        # DESTROY_SCHEDULED.
585    "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
586        # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
587    "algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
588        # CryptoKeyVersion supports.
589    "protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
590        # performed with this CryptoKeyVersion.
591    "attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
592        # creation time. Use this statement to verify attributes of the key as stored
593        # on the HSM, independently of Google. Only provided for key versions with
594        # protection_level HSM.
595        # information, see [Verifying attestations]
596        # (https://cloud.google.com/kms/docs/attest-key).
597      "content": "A String", # Output only. The attestation data provided by the HSM when the key
598          # operation was performed.
599      "format": "A String", # Output only. The format of the attestation data.
600    },
601    "state": "A String", # The current state of the CryptoKeyVersion.
602    "destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
603        # destroyed. Only present if state is
604        # DESTROYED.
605    "generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
606        # generated.
607    "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
608  }</pre>
609</div>
610
611<div class="method">
612    <code class="details" id="restore">restore(name, body=None, x__xgafv=None)</code>
613  <pre>Restore a CryptoKeyVersion in the
614DESTROY_SCHEDULED
615state.
616
617Upon restoration of the CryptoKeyVersion, state
618will be set to DISABLED,
619and destroy_time will be cleared.
620
621Args:
622  name: string, The resource name of the CryptoKeyVersion to restore. (required)
623  body: object, The request body.
624    The object takes the form of:
625
626{ # Request message for KeyManagementService.RestoreCryptoKeyVersion.
627  }
628
629  x__xgafv: string, V1 error format.
630    Allowed values
631      1 - v1 error format
632      2 - v2 error format
633
634Returns:
635  An object of the form:
636
637    { # A CryptoKeyVersion represents an individual cryptographic key, and the
638      # associated key material.
639      #
640      # An ENABLED version can be
641      # used for cryptographic operations.
642      #
643      # For security reasons, the raw cryptographic key material represented by a
644      # CryptoKeyVersion can never be viewed or exported. It can only be used to
645      # encrypt, decrypt, or sign data when an authorized user or application invokes
646      # Cloud KMS.
647    "destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
648        # for destruction. Only present if state is
649        # DESTROY_SCHEDULED.
650    "name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
651        # `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
652    "algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
653        # CryptoKeyVersion supports.
654    "protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
655        # performed with this CryptoKeyVersion.
656    "attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
657        # creation time. Use this statement to verify attributes of the key as stored
658        # on the HSM, independently of Google. Only provided for key versions with
659        # protection_level HSM.
660        # information, see [Verifying attestations]
661        # (https://cloud.google.com/kms/docs/attest-key).
662      "content": "A String", # Output only. The attestation data provided by the HSM when the key
663          # operation was performed.
664      "format": "A String", # Output only. The format of the attestation data.
665    },
666    "state": "A String", # The current state of the CryptoKeyVersion.
667    "destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
668        # destroyed. Only present if state is
669        # DESTROYED.
670    "generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
671        # generated.
672    "createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
673  }</pre>
674</div>
675
676</body></html>