Cloud KMS V1 Client - Class EkmServiceClient (1.20.3)

Reference documentation and code samples for the Cloud KMS V1 Client class EkmServiceClient.

Service Description: Google Cloud Key Management EKM Service

Manages external cryptographic keys and operations using those keys. Implements a REST model with the following objects:

EkmConnection

This class provides the ability to make remote calls to the backing service through method calls that map to API methods.

Many parameters require resource names to be formatted in a particular way. To assist with these names, this class includes a format method for each type of name, and additionally a parseName method to extract the individual identifiers contained within formatted names that are returned by the API.

This class is currently experimental and may be subject to changes. See Google\Cloud\Kms\V1\EkmServiceClient for the stable implementation

Namespace

Google \ Cloud \ Kms \ V1 \ Client

Methods

__construct

Constructor.

Parameters
Name	Description
`options`	`array` Optional. Options for configuring the service API wrapper.
`↳ apiEndpoint`	`string` The address of the API remote host. May optionally include the port, formatted as "
`↳ credentials`	`string\|array\|FetchAuthTokenInterface\|CredentialsWrapper` The credentials to be used by the client to authorize API calls. This option accepts either a path to a credentials file, or a decoded credentials file as a PHP array. Advanced usage: In addition, this option can also accept a pre-constructed Google\Auth\FetchAuthTokenInterface object or Google\ApiCore\CredentialsWrapper object. Note that when one of these objects are provided, any settings in $credentialsConfig will be ignored.
`↳ credentialsConfig`	`array` Options used to configure credentials, including auth token caching, for the client. For a full list of supporting configuration options, see Google\ApiCore\CredentialsWrapper::build() .
`↳ disableRetries`	`bool` Determines whether or not retries defined by the client configuration should be disabled. Defaults to `false`.
`↳ clientConfig`	`string\|array` Client method configuration, including retry settings. This option can be either a path to a JSON file, or a PHP array containing the decoded JSON data. By default this settings points to the default client config file, which is provided in the resources folder.
`↳ transport`	`string\|TransportInterface` The transport used for executing network requests. May be either the string `rest` or `grpc`. Defaults to `grpc` if gRPC support is detected on the system. Advanced usage: Additionally, it is possible to pass in an already instantiated Google\ApiCore\Transport\TransportInterface object. Note that when this object is provided, any settings in $transportConfig, and any $apiEndpoint setting, will be ignored.
`↳ transportConfig`	`array` Configuration options that will be used to construct the transport. Options for each supported transport type should be passed in a key for that transport. For example: $transportConfig = [ 'grpc' => [...], 'rest' => [...], ]; See the Google\ApiCore\Transport\GrpcTransport::build() and Google\ApiCore\Transport\RestTransport::build() methods for the supported options.
`↳ clientCertSource`	`callable` A callable which returns the client cert as a string. This can be used to provide a certificate and private key to the transport layer for mTLS.

createEkmConnection

Creates a new EkmConnection in a given Project and Location.

The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::createEkmConnectionAsync() .

Parameters
Name	Description
`request`	`Google\Cloud\Kms\V1\CreateEkmConnectionRequest` A request to house fields associated with the call.
`callOptions`	`array` Optional.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\Cloud\Kms\V1\EkmConnection`

getEkmConfig

Returns the EkmConfig singleton resource for a given project and location.

The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::getEkmConfigAsync() .

Parameters
Name	Description
`request`	`Google\Cloud\Kms\V1\GetEkmConfigRequest` A request to house fields associated with the call.
`callOptions`	`array` Optional.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\Cloud\Kms\V1\EkmConfig`

getEkmConnection

Returns metadata for a given EkmConnection.

The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::getEkmConnectionAsync() .

Parameters
Name	Description
`request`	`Google\Cloud\Kms\V1\GetEkmConnectionRequest` A request to house fields associated with the call.
`callOptions`	`array` Optional.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\Cloud\Kms\V1\EkmConnection`

listEkmConnections

Lists EkmConnections.

The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::listEkmConnectionsAsync() .

Parameters
Name	Description
`request`	`Google\Cloud\Kms\V1\ListEkmConnectionsRequest` A request to house fields associated with the call.
`callOptions`	`array` Optional.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\ApiCore\PagedListResponse`

updateEkmConfig

Updates the EkmConfig singleton resource for a given project and location.

The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::updateEkmConfigAsync() .

Parameters
Name	Description
`request`	`Google\Cloud\Kms\V1\UpdateEkmConfigRequest` A request to house fields associated with the call.
`callOptions`	`array` Optional.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\Cloud\Kms\V1\EkmConfig`

updateEkmConnection

Updates an EkmConnection's metadata.

The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::updateEkmConnectionAsync() .

Parameters
Name	Description
`request`	`Google\Cloud\Kms\V1\UpdateEkmConnectionRequest` A request to house fields associated with the call.
`callOptions`	`array` Optional.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\Cloud\Kms\V1\EkmConnection`

verifyConnectivity

Verifies that Cloud KMS can successfully connect to the external key manager specified by an EkmConnection.

If there is an error connecting to the EKM, this method returns a FAILED_PRECONDITION status containing structured information as described at https://cloud.google.com/kms/docs/reference/ekm_errors.

The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::verifyConnectivityAsync() .

Parameters
Name	Description
`request`	`Google\Cloud\Kms\V1\VerifyConnectivityRequest` A request to house fields associated with the call.
`callOptions`	`array` Optional.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\Cloud\Kms\V1\VerifyConnectivityResponse`

getLocation

Gets information about a location.

The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::getLocationAsync() .

Parameters
Name	Description
`request`	`Google\Cloud\Location\GetLocationRequest` A request to house fields associated with the call.
`callOptions`	`array` Optional.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\Cloud\Location\Location`

listLocations

Lists information about the supported locations for this service.

The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::listLocationsAsync() .

Parameters
Name	Description
`request`	`Google\Cloud\Location\ListLocationsRequest` A request to house fields associated with the call.
`callOptions`	`array` Optional.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\ApiCore\PagedListResponse`

getIamPolicy

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::getIamPolicyAsync() .

Parameters
Name	Description
`request`	`Google\Cloud\Iam\V1\GetIamPolicyRequest` A request to house fields associated with the call.
`callOptions`	`array` Optional.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\Cloud\Iam\V1\Policy`

setIamPolicy

Sets the access control policy on the specified resource. Replaces any existing policy.

Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIED errors.

The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::setIamPolicyAsync() .

Parameters
Name	Description
`request`	`Google\Cloud\Iam\V1\SetIamPolicyRequest` A request to house fields associated with the call.
`callOptions`	`array` Optional.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\Cloud\Iam\V1\Policy`

testIamPermissions

Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.

Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.

The async variant is Google\Cloud\Kms\V1\Client\EkmServiceClient::testIamPermissionsAsync() .

Parameters
Name	Description
`request`	`Google\Cloud\Iam\V1\TestIamPermissionsRequest` A request to house fields associated with the call.
`callOptions`	`array` Optional.
`↳ retrySettings`	`RetrySettings\|array` Retry settings to use for this call. Can be a Google\ApiCore\RetrySettings object, or an associative array of retry settings parameters. See the documentation on Google\ApiCore\RetrySettings for example usage.

Returns
Type	Description
`Google\Cloud\Iam\V1\TestIamPermissionsResponse`

createEkmConnectionAsync

Parameters
Name	Description
`request`	`Google\Cloud\Kms\V1\CreateEkmConnectionRequest`
`optionalArgs = []`	`array`

Returns
Type	Description
`GuzzleHttp\Promise\PromiseInterface`

getEkmConfigAsync

Parameters
Name	Description
`request`	`Google\Cloud\Kms\V1\GetEkmConfigRequest`
`optionalArgs = []`	`array`

Returns
Type	Description
`GuzzleHttp\Promise\PromiseInterface`

getEkmConnectionAsync

Parameters
Name	Description
`request`	`Google\Cloud\Kms\V1\GetEkmConnectionRequest`
`optionalArgs = []`	`array`

Returns
Type	Description
`GuzzleHttp\Promise\PromiseInterface`

listEkmConnectionsAsync

Parameters
Name	Description
`request`	`Google\Cloud\Kms\V1\ListEkmConnectionsRequest`
`optionalArgs = []`	`array`

Returns
Type	Description
`GuzzleHttp\Promise\PromiseInterface`

updateEkmConfigAsync

Parameters
Name	Description
`request`	`Google\Cloud\Kms\V1\UpdateEkmConfigRequest`
`optionalArgs = []`	`array`

Returns
Type	Description
`GuzzleHttp\Promise\PromiseInterface`

updateEkmConnectionAsync

Parameters
Name	Description
`request`	`Google\Cloud\Kms\V1\UpdateEkmConnectionRequest`
`optionalArgs = []`	`array`

Returns
Type	Description
`GuzzleHttp\Promise\PromiseInterface`

verifyConnectivityAsync

Parameters
Name	Description
`request`	`Google\Cloud\Kms\V1\VerifyConnectivityRequest`
`optionalArgs = []`	`array`

Returns
Type	Description
`GuzzleHttp\Promise\PromiseInterface`

getLocationAsync

Parameters
Name	Description
`request`	`Google\Cloud\Location\GetLocationRequest`
`optionalArgs = []`	`array`

Returns
Type	Description
`GuzzleHttp\Promise\PromiseInterface`

listLocationsAsync

Parameters
Name	Description
`request`	`Google\Cloud\Location\ListLocationsRequest`
`optionalArgs = []`	`array`

Returns
Type	Description
`GuzzleHttp\Promise\PromiseInterface`

getIamPolicyAsync

Parameters
Name	Description
`request`	`Google\Cloud\Iam\V1\GetIamPolicyRequest`
`optionalArgs = []`	`array`

Returns
Type	Description
`GuzzleHttp\Promise\PromiseInterface`

setIamPolicyAsync

Parameters
Name	Description
`request`	`Google\Cloud\Iam\V1\SetIamPolicyRequest`
`optionalArgs = []`	`array`

Returns
Type	Description
`GuzzleHttp\Promise\PromiseInterface`

testIamPermissionsAsync

Parameters
Name	Description
`request`	`Google\Cloud\Iam\V1\TestIamPermissionsRequest`
`optionalArgs = []`	`array`

Returns
Type	Description
`GuzzleHttp\Promise\PromiseInterface`

static::ekmConfigName

Formats a string containing the fully-qualified path to represent a ekm_config resource.

Parameters
Name	Description
`project`	`string`
`location`	`string`

Returns
Type	Description
`string`	The formatted ekm_config resource.

static::ekmConnectionName

Formats a string containing the fully-qualified path to represent a ekm_connection resource.

Parameters
Name	Description
`project`	`string`
`location`	`string`
`ekmConnection`	`string`

Returns
Type	Description
`string`	The formatted ekm_connection resource.

static::locationName

Formats a string containing the fully-qualified path to represent a location resource.

Parameters
Name	Description
`project`	`string`
`location`	`string`

Returns
Type	Description
`string`	The formatted location resource.

static::serviceName

Formats a string containing the fully-qualified path to represent a service resource.

Parameters
Name	Description
`project`	`string`
`location`	`string`
`namespace`	`string`
`service`	`string`

Returns
Type	Description
`string`	The formatted service resource.

static::parseName

Parses a formatted name string and returns an associative array of the components in the name.

The following name formats are supported: Template: Pattern

ekmConfig: projects/{project}/locations/{location}/ekmConfig
ekmConnection: projects/{project}/locations/{location}/ekmConnections/{ekm_connection}
location: projects/{project}/locations/{location}
service: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}

The optional $template argument can be supplied to specify a particular pattern, and must match one of the templates listed above. If no $template argument is provided, or if the $template argument does not match one of the templates listed, then parseName will check each of the supported templates, and return the first match.

Parameters
Name	Description
`formattedName`	`string` The formatted name string
`template`	`string` Optional name of template to match

Returns
Type	Description
`array`	An associative array from name component IDs to component values.