Reference documentation and code samples for the Cloud KMS V1 Client class EkmServiceClient.
Service Description: Google Cloud Key Management EKM Service
Manages external cryptographic keys and operations using those keys. Implements a REST model with the following objects:
This class provides the ability to make remote calls to the backing service through method calls that map to API methods.
Many parameters require resource names to be formatted in a particular way. To assist with these names, this class includes a format method for each type of name, and additionally a parseName method to extract the individual identifiers contained within formatted names that are returned by the API.
This class is currently experimental and may be subject to changes. See Google\Cloud\Kms\V1\EkmServiceClient for the stable implementation
Namespace
Google \ Cloud \ Kms \ V1 \ ClientMethods
__construct
Constructor.
Parameters | |
---|---|
Name | Description |
options |
array
Optional. Options for configuring the service API wrapper. |
↳ apiEndpoint |
string
The address of the API remote host. May optionally include the port, formatted as "
|
↳ credentials |
string|array|FetchAuthTokenInterface|CredentialsWrapper
The credentials to be used by the client to authorize API calls. This option accepts either a path to a credentials file, or a decoded credentials file as a PHP array. Advanced usage: In addition, this option can also accept a pre-constructed Google\Auth\FetchAuthTokenInterface object or Google\ApiCore\CredentialsWrapper object. Note that when one of these objects are provided, any settings in $credentialsConfig will be ignored. |
↳ credentialsConfig |
array
Options used to configure credentials, including auth token caching, for the client. For a full list of supporting configuration options, see Google\ApiCore\CredentialsWrapper::build() . |
↳ disableRetries |
bool
Determines whether or not retries defined by the client configuration should be disabled. Defaults to |
↳ clientConfig |
string|array
Client method configuration, including retry settings. This option can be either a path to a JSON file, or a PHP array containing the decoded JSON data. By default this settings points to the default client config file, which is provided in the resources folder. |
↳ transport |
string|TransportInterface
The transport used for executing network requests. May be either the string |
↳ transportConfig |
array
Configuration options that will be used to construct the transport. Options for each supported transport type should be passed in a key for that transport. For example: $transportConfig = [ 'grpc' => [...], 'rest' => [...], ]; See the Google\ApiCore\Transport\GrpcTransport::build() and Google\ApiCore\Transport\RestTransport::build() methods for the supported options. |
↳ clientCertSource |
callable
A callable which returns the client cert as a string. This can be used to provide a certificate and private key to the transport layer for mTLS. |
createEkmConnection
Creates a new EkmConnection in a given Project and Location.
The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::createEkmConnectionAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\CreateEkmConnectionRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Kms\V1\EkmConnection |
getEkmConfig
Returns the EkmConfig singleton resource for a given project and location.
The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::getEkmConfigAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\GetEkmConfigRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Kms\V1\EkmConfig |
getEkmConnection
Returns metadata for a given EkmConnection.
The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::getEkmConnectionAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\GetEkmConnectionRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Kms\V1\EkmConnection |
listEkmConnections
Lists EkmConnections.
The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::listEkmConnectionsAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\ListEkmConnectionsRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\ApiCore\PagedListResponse |
updateEkmConfig
Updates the EkmConfig singleton resource for a given project and location.
The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::updateEkmConfigAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\UpdateEkmConfigRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Kms\V1\EkmConfig |
updateEkmConnection
Updates an EkmConnection's metadata.
The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::updateEkmConnectionAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\UpdateEkmConnectionRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Kms\V1\EkmConnection |
verifyConnectivity
Verifies that Cloud KMS can successfully connect to the external key manager specified by an EkmConnection.
If there is an error connecting to the EKM, this method returns a FAILED_PRECONDITION status containing structured information as described at https://cloud.google.com/kms/docs/reference/ekm_errors.
The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::verifyConnectivityAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\VerifyConnectivityRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Kms\V1\VerifyConnectivityResponse |
getLocation
Gets information about a location.
The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::getLocationAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Location\GetLocationRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Location\Location |
listLocations
Lists information about the supported locations for this service.
The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::listLocationsAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Location\ListLocationsRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\ApiCore\PagedListResponse |
getIamPolicy
Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.
The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::getIamPolicyAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Iam\V1\GetIamPolicyRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Iam\V1\Policy |
setIamPolicy
Sets the access control policy on the specified resource. Replaces any existing policy.
Can return NOT_FOUND
, INVALID_ARGUMENT
, and PERMISSION_DENIED
errors.
The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::setIamPolicyAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Iam\V1\SetIamPolicyRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Iam\V1\Policy |
testIamPermissions
Returns permissions that a caller has on the specified resource. If the
resource does not exist, this will return an empty set of
permissions, not a NOT_FOUND
error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.
The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::testIamPermissionsAsync() .
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Iam\V1\TestIamPermissionsRequest
A request to house fields associated with the call. |
callOptions |
array
Optional. |
↳ retrySettings |
RetrySettings|array
Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage. |
Returns | |
---|---|
Type | Description |
Google\Cloud\Iam\V1\TestIamPermissionsResponse |
createEkmConnectionAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\CreateEkmConnectionRequest
|
optionalArgs = [] |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface |
getEkmConfigAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\GetEkmConfigRequest
|
optionalArgs = [] |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface |
getEkmConnectionAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\GetEkmConnectionRequest
|
optionalArgs = [] |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface |
listEkmConnectionsAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\ListEkmConnectionsRequest
|
optionalArgs = [] |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface |
updateEkmConfigAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\UpdateEkmConfigRequest
|
optionalArgs = [] |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface |
updateEkmConnectionAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\UpdateEkmConnectionRequest
|
optionalArgs = [] |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface |
verifyConnectivityAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Kms\V1\VerifyConnectivityRequest
|
optionalArgs = [] |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface |
getLocationAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Location\GetLocationRequest
|
optionalArgs = [] |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface |
listLocationsAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Location\ListLocationsRequest
|
optionalArgs = [] |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface |
getIamPolicyAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Iam\V1\GetIamPolicyRequest
|
optionalArgs = [] |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface |
setIamPolicyAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Iam\V1\SetIamPolicyRequest
|
optionalArgs = [] |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface |
testIamPermissionsAsync
Parameters | |
---|---|
Name | Description |
request |
Google\Cloud\Iam\V1\TestIamPermissionsRequest
|
optionalArgs = [] |
array
|
Returns | |
---|---|
Type | Description |
GuzzleHttp\Promise\PromiseInterface |
static::ekmConfigName
Formats a string containing the fully-qualified path to represent a ekm_config resource.
Parameters | |
---|---|
Name | Description |
project |
string
|
location |
string
|
Returns | |
---|---|
Type | Description |
string | The formatted ekm_config resource. |
static::ekmConnectionName
Formats a string containing the fully-qualified path to represent a ekm_connection resource.
Parameters | |
---|---|
Name | Description |
project |
string
|
location |
string
|
ekmConnection |
string
|
Returns | |
---|---|
Type | Description |
string | The formatted ekm_connection resource. |
static::locationName
Formats a string containing the fully-qualified path to represent a location resource.
Parameters | |
---|---|
Name | Description |
project |
string
|
location |
string
|
Returns | |
---|---|
Type | Description |
string | The formatted location resource. |
static::serviceName
Formats a string containing the fully-qualified path to represent a service resource.
Parameters | |
---|---|
Name | Description |
project |
string
|
location |
string
|
namespace |
string
|
service |
string
|
Returns | |
---|---|
Type | Description |
string | The formatted service resource. |
static::parseName
Parses a formatted name string and returns an associative array of the components in the name.
The following name formats are supported: Template: Pattern
- ekmConfig: projects/{project}/locations/{location}/ekmConfig
- ekmConnection: projects/{project}/locations/{location}/ekmConnections/{ekm_connection}
- location: projects/{project}/locations/{location}
- service: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}
The optional $template argument can be supplied to specify a particular pattern, and must match one of the templates listed above. If no $template argument is provided, or if the $template argument does not match one of the templates listed, then parseName will check each of the supported templates, and return the first match.
Parameters | |
---|---|
Name | Description |
formattedName |
string
The formatted name string |
template |
string
Optional name of template to match |
Returns | |
---|---|
Type | Description |
array | An associative array from name component IDs to component values. |