Google Git
Sign in
android / platform / external / python / google-api-python-client / 11b8407a166207f8799a2fc422796d663b199d9d / . / docs / dyn / cloudkms_v1.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.html
blob: 579400a7795fe67e8f3d0a360b884840153337d3 [file] [log] [blame]
<html><body>
<style>
body, h1, h2, h3, div, span, p, pre, a {
margin: 0;
padding: 0;
border: 0;
font-weight: inherit;
font-style: inherit;
font-size: 100%;
font-family: inherit;
vertical-align: baseline;
}
body {
font-size: 13px;
padding: 1em;
}
h1 {
font-size: 26px;
margin-bottom: 1em;
}
h2 {
font-size: 24px;
margin-bottom: 1em;
}
h3 {
font-size: 20px;
margin-bottom: 1em;
margin-top: 1em;
}
pre, code {
line-height: 1.5;
font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
}
pre {
margin-top: 0.5em;
}
h1, h2, h3, p {
font-family: Arial, sans serif;
}
h1, h2, h3 {
border-bottom: solid #CCC 1px;
}
.toc_element {
margin-top: 0.5em;
}
.firstline {
margin-left: 2 em;
}
.method {
margin-top: 1em;
border: solid 1px #CCC;
padding: 1em;
background: #EEE;
}
.details {
font-weight: bold;
font-size: 14px;
}
</style>
<h1><a href="cloudkms_v1.html">Cloud Key Management Service (KMS) API</a> . <a href="cloudkms_v1.projects.html">projects</a> . <a href="cloudkms_v1.projects.locations.html">locations</a> . <a href="cloudkms_v1.projects.locations.keyRings.html">keyRings</a> . <a href="cloudkms_v1.projects.locations.keyRings.cryptoKeys.html">cryptoKeys</a> . <a href="cloudkms_v1.projects.locations.keyRings.cryptoKeys.cryptoKeyVersions.html">cryptoKeyVersions</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
<code><a href="#asymmetricDecrypt">asymmetricDecrypt(name, body, x__xgafv=None)</a></code></p>
<p class="firstline">Decrypts data that was encrypted with a public key retrieved from</p>
<p class="toc_element">
<code><a href="#asymmetricSign">asymmetricSign(name, body, x__xgafv=None)</a></code></p>
<p class="firstline">Signs data using a CryptoKeyVersion with CryptoKey.purpose</p>
<p class="toc_element">
<code><a href="#create">create(parent, body, x__xgafv=None)</a></code></p>
<p class="firstline">Create a new CryptoKeyVersion in a CryptoKey.</p>
<p class="toc_element">
<code><a href="#destroy">destroy(name, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Schedule a CryptoKeyVersion for destruction.</p>
<p class="toc_element">
<code><a href="#get">get(name, x__xgafv=None)</a></code></p>
<p class="firstline">Returns metadata for a given CryptoKeyVersion.</p>
<p class="toc_element">
<code><a href="#getPublicKey">getPublicKey(name, x__xgafv=None)</a></code></p>
<p class="firstline">Returns the public key for the given CryptoKeyVersion. The</p>
<p class="toc_element">
<code><a href="#list">list(parent, pageSize=None, pageToken=None, x__xgafv=None, view=None)</a></code></p>
<p class="firstline">Lists CryptoKeyVersions.</p>
<p class="toc_element">
<code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
<p class="firstline">Retrieves the next page of results.</p>
<p class="toc_element">
<code><a href="#patch">patch(name, body, updateMask=None, x__xgafv=None)</a></code></p>
<p class="firstline">Update a CryptoKeyVersion's metadata.</p>
<p class="toc_element">
<code><a href="#restore">restore(name, body=None, x__xgafv=None)</a></code></p>
<p class="firstline">Restore a CryptoKeyVersion in the</p>
<h3>Method Details</h3>
<div class="method">
<code class="details" id="asymmetricDecrypt">asymmetricDecrypt(name, body, x__xgafv=None)</code>
<pre>Decrypts data that was encrypted with a public key retrieved from
GetPublicKey corresponding to a CryptoKeyVersion with
CryptoKey.purpose ASYMMETRIC_DECRYPT.
Args:
name: string, Required. The resource name of the CryptoKeyVersion to use for
decryption. (required)
body: object, The request body. (required)
The object takes the form of:
{ # Request message for KeyManagementService.AsymmetricDecrypt.
"ciphertext": "A String", # Required. The data encrypted with the named CryptoKeyVersion's public
# key using OAEP.
}
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # Response message for KeyManagementService.AsymmetricDecrypt.
"plaintext": "A String", # The decrypted data originally encrypted with the matching public key.
}</pre>
</div>
<div class="method">
<code class="details" id="asymmetricSign">asymmetricSign(name, body, x__xgafv=None)</code>
<pre>Signs data using a CryptoKeyVersion with CryptoKey.purpose
ASYMMETRIC_SIGN, producing a signature that can be verified with the public
key retrieved from GetPublicKey.
Args:
name: string, Required. The resource name of the CryptoKeyVersion to use for signing. (required)
body: object, The request body. (required)
The object takes the form of:
{ # Request message for KeyManagementService.AsymmetricSign.
"digest": { # A Digest holds a cryptographic message digest. # Required. The digest of the data to sign. The digest must be produced with
# the same digest algorithm as specified by the key version's
# algorithm.
"sha256": "A String", # A message digest produced with the SHA-256 algorithm.
"sha512": "A String", # A message digest produced with the SHA-512 algorithm.
"sha384": "A String", # A message digest produced with the SHA-384 algorithm.
},
}
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # Response message for KeyManagementService.AsymmetricSign.
"signature": "A String", # The created signature.
}</pre>
</div>
<div class="method">
<code class="details" id="create">create(parent, body, x__xgafv=None)</code>
<pre>Create a new CryptoKeyVersion in a CryptoKey.
The server will assign the next sequential id. If unset,
state will be set to
ENABLED.
Args:
parent: string, Required. The name of the CryptoKey associated with
the CryptoKeyVersions. (required)
body: object, The request body. (required)
The object takes the form of:
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
# associated key material.
#
# An ENABLED version can be
# used for cryptographic operations.
#
# For security reasons, the raw cryptographic key material represented by a
# CryptoKeyVersion can never be viewed or exported. It can only be used to
# encrypt, decrypt, or sign data when an authorized user or application invokes
# Cloud KMS.
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
# for destruction. Only present if state is
# DESTROY_SCHEDULED.
"name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
"algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
# CryptoKeyVersion supports.
"protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
# performed with this CryptoKeyVersion.
"attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
# creation time. Use this statement to verify attributes of the key as stored
# on the HSM, independently of Google. Only provided for key versions with
# protection_level HSM.
# information, see [Verifying attestations]
# (https://cloud.google.com/kms/docs/attest-key).
"content": "A String", # Output only. The attestation data provided by the HSM when the key
# operation was performed.
"format": "A String", # Output only. The format of the attestation data.
},
"state": "A String", # The current state of the CryptoKeyVersion.
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# destroyed. Only present if state is
# DESTROYED.
"generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# generated.
"createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
}
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
# associated key material.
#
# An ENABLED version can be
# used for cryptographic operations.
#
# For security reasons, the raw cryptographic key material represented by a
# CryptoKeyVersion can never be viewed or exported. It can only be used to
# encrypt, decrypt, or sign data when an authorized user or application invokes
# Cloud KMS.
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
# for destruction. Only present if state is
# DESTROY_SCHEDULED.
"name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
"algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
# CryptoKeyVersion supports.
"protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
# performed with this CryptoKeyVersion.
"attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
# creation time. Use this statement to verify attributes of the key as stored
# on the HSM, independently of Google. Only provided for key versions with
# protection_level HSM.
# information, see [Verifying attestations]
# (https://cloud.google.com/kms/docs/attest-key).
"content": "A String", # Output only. The attestation data provided by the HSM when the key
# operation was performed.
"format": "A String", # Output only. The format of the attestation data.
},
"state": "A String", # The current state of the CryptoKeyVersion.
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# destroyed. Only present if state is
# DESTROYED.
"generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# generated.
"createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
}</pre>
</div>
<div class="method">
<code class="details" id="destroy">destroy(name, body=None, x__xgafv=None)</code>
<pre>Schedule a CryptoKeyVersion for destruction.
Upon calling this method, CryptoKeyVersion.state will be set to
DESTROY_SCHEDULED
and destroy_time will be set to a time 24
hours in the future, at which point the state
will be changed to
DESTROYED, and the key
material will be irrevocably destroyed.
Before the destroy_time is reached,
RestoreCryptoKeyVersion may be called to reverse the process.
Args:
name: string, The resource name of the CryptoKeyVersion to destroy. (required)
body: object, The request body.
The object takes the form of:
{ # Request message for KeyManagementService.DestroyCryptoKeyVersion.
}
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
# associated key material.
#
# An ENABLED version can be
# used for cryptographic operations.
#
# For security reasons, the raw cryptographic key material represented by a
# CryptoKeyVersion can never be viewed or exported. It can only be used to
# encrypt, decrypt, or sign data when an authorized user or application invokes
# Cloud KMS.
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
# for destruction. Only present if state is
# DESTROY_SCHEDULED.
"name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
"algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
# CryptoKeyVersion supports.
"protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
# performed with this CryptoKeyVersion.
"attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
# creation time. Use this statement to verify attributes of the key as stored
# on the HSM, independently of Google. Only provided for key versions with
# protection_level HSM.
# information, see [Verifying attestations]
# (https://cloud.google.com/kms/docs/attest-key).
"content": "A String", # Output only. The attestation data provided by the HSM when the key
# operation was performed.
"format": "A String", # Output only. The format of the attestation data.
},
"state": "A String", # The current state of the CryptoKeyVersion.
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# destroyed. Only present if state is
# DESTROYED.
"generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# generated.
"createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
}</pre>
</div>
<div class="method">
<code class="details" id="get">get(name, x__xgafv=None)</code>
<pre>Returns metadata for a given CryptoKeyVersion.
Args:
name: string, The name of the CryptoKeyVersion to get. (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
# associated key material.
#
# An ENABLED version can be
# used for cryptographic operations.
#
# For security reasons, the raw cryptographic key material represented by a
# CryptoKeyVersion can never be viewed or exported. It can only be used to
# encrypt, decrypt, or sign data when an authorized user or application invokes
# Cloud KMS.
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
# for destruction. Only present if state is
# DESTROY_SCHEDULED.
"name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
"algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
# CryptoKeyVersion supports.
"protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
# performed with this CryptoKeyVersion.
"attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
# creation time. Use this statement to verify attributes of the key as stored
# on the HSM, independently of Google. Only provided for key versions with
# protection_level HSM.
# information, see [Verifying attestations]
# (https://cloud.google.com/kms/docs/attest-key).
"content": "A String", # Output only. The attestation data provided by the HSM when the key
# operation was performed.
"format": "A String", # Output only. The format of the attestation data.
},
"state": "A String", # The current state of the CryptoKeyVersion.
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# destroyed. Only present if state is
# DESTROYED.
"generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# generated.
"createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
}</pre>
</div>
<div class="method">
<code class="details" id="getPublicKey">getPublicKey(name, x__xgafv=None)</code>
<pre>Returns the public key for the given CryptoKeyVersion. The
CryptoKey.purpose must be
ASYMMETRIC_SIGN or
ASYMMETRIC_DECRYPT.
Args:
name: string, The name of the CryptoKeyVersion public key to
get. (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # The public key for a given CryptoKeyVersion. Obtained via
# GetPublicKey.
"pem": "A String", # The public key, encoded in PEM format. For more information, see the
# [RFC 7468](https://tools.ietf.org/html/rfc7468) sections for
# [General Considerations](https://tools.ietf.org/html/rfc7468#section-2) and
# [Textual Encoding of Subject Public Key Info]
# (https://tools.ietf.org/html/rfc7468#section-13).
"algorithm": "A String", # The Algorithm associated
# with this key.
}</pre>
</div>
<div class="method">
<code class="details" id="list">list(parent, pageSize=None, pageToken=None, x__xgafv=None, view=None)</code>
<pre>Lists CryptoKeyVersions.
Args:
parent: string, Required. The resource name of the CryptoKey to list, in the format
`projects/*/locations/*/keyRings/*/cryptoKeys/*`. (required)
pageSize: integer, Optional limit on the number of CryptoKeyVersions to
include in the response. Further CryptoKeyVersions can
subsequently be obtained by including the
ListCryptoKeyVersionsResponse.next_page_token in a subsequent request.
If unspecified, the server will pick an appropriate default.
pageToken: string, Optional pagination token, returned earlier via
ListCryptoKeyVersionsResponse.next_page_token.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
view: string, The fields to include in the response.
Returns:
An object of the form:
{ # Response message for KeyManagementService.ListCryptoKeyVersions.
"nextPageToken": "A String", # A token to retrieve next page of results. Pass this value in
# ListCryptoKeyVersionsRequest.page_token to retrieve the next page of
# results.
"totalSize": 42, # The total number of CryptoKeyVersions that matched the
# query.
"cryptoKeyVersions": [ # The list of CryptoKeyVersions.
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
# associated key material.
#
# An ENABLED version can be
# used for cryptographic operations.
#
# For security reasons, the raw cryptographic key material represented by a
# CryptoKeyVersion can never be viewed or exported. It can only be used to
# encrypt, decrypt, or sign data when an authorized user or application invokes
# Cloud KMS.
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
# for destruction. Only present if state is
# DESTROY_SCHEDULED.
"name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
"algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
# CryptoKeyVersion supports.
"protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
# performed with this CryptoKeyVersion.
"attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
# creation time. Use this statement to verify attributes of the key as stored
# on the HSM, independently of Google. Only provided for key versions with
# protection_level HSM.
# information, see [Verifying attestations]
# (https://cloud.google.com/kms/docs/attest-key).
"content": "A String", # Output only. The attestation data provided by the HSM when the key
# operation was performed.
"format": "A String", # Output only. The format of the attestation data.
},
"state": "A String", # The current state of the CryptoKeyVersion.
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# destroyed. Only present if state is
# DESTROYED.
"generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# generated.
"createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
},
],
}</pre>
</div>
<div class="method">
<code class="details" id="list_next">list_next(previous_request, previous_response)</code>
<pre>Retrieves the next page of results.
Args:
previous_request: The request for the previous page. (required)
previous_response: The response from the request for the previous page. (required)
Returns:
A request object that you can call 'execute()' on to request the next
page. Returns None if there are no more items in the collection.
</pre>
</div>
<div class="method">
<code class="details" id="patch">patch(name, body, updateMask=None, x__xgafv=None)</code>
<pre>Update a CryptoKeyVersion's metadata.
state may be changed between
ENABLED and
DISABLED using this
method. See DestroyCryptoKeyVersion and RestoreCryptoKeyVersion to
move between other states.
Args:
name: string, Output only. The resource name for this CryptoKeyVersion in the format
`projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`. (required)
body: object, The request body. (required)
The object takes the form of:
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
# associated key material.
#
# An ENABLED version can be
# used for cryptographic operations.
#
# For security reasons, the raw cryptographic key material represented by a
# CryptoKeyVersion can never be viewed or exported. It can only be used to
# encrypt, decrypt, or sign data when an authorized user or application invokes
# Cloud KMS.
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
# for destruction. Only present if state is
# DESTROY_SCHEDULED.
"name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
"algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
# CryptoKeyVersion supports.
"protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
# performed with this CryptoKeyVersion.
"attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
# creation time. Use this statement to verify attributes of the key as stored
# on the HSM, independently of Google. Only provided for key versions with
# protection_level HSM.
# information, see [Verifying attestations]
# (https://cloud.google.com/kms/docs/attest-key).
"content": "A String", # Output only. The attestation data provided by the HSM when the key
# operation was performed.
"format": "A String", # Output only. The format of the attestation data.
},
"state": "A String", # The current state of the CryptoKeyVersion.
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# destroyed. Only present if state is
# DESTROYED.
"generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# generated.
"createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
}
updateMask: string, Required list of fields to be updated in this request.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
# associated key material.
#
# An ENABLED version can be
# used for cryptographic operations.
#
# For security reasons, the raw cryptographic key material represented by a
# CryptoKeyVersion can never be viewed or exported. It can only be used to
# encrypt, decrypt, or sign data when an authorized user or application invokes
# Cloud KMS.
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
# for destruction. Only present if state is
# DESTROY_SCHEDULED.
"name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
"algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
# CryptoKeyVersion supports.
"protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
# performed with this CryptoKeyVersion.
"attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
# creation time. Use this statement to verify attributes of the key as stored
# on the HSM, independently of Google. Only provided for key versions with
# protection_level HSM.
# information, see [Verifying attestations]
# (https://cloud.google.com/kms/docs/attest-key).
"content": "A String", # Output only. The attestation data provided by the HSM when the key
# operation was performed.
"format": "A String", # Output only. The format of the attestation data.
},
"state": "A String", # The current state of the CryptoKeyVersion.
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# destroyed. Only present if state is
# DESTROYED.
"generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# generated.
"createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
}</pre>
</div>
<div class="method">
<code class="details" id="restore">restore(name, body=None, x__xgafv=None)</code>
<pre>Restore a CryptoKeyVersion in the
DESTROY_SCHEDULED
state.
Upon restoration of the CryptoKeyVersion, state
will be set to DISABLED,
and destroy_time will be cleared.
Args:
name: string, The resource name of the CryptoKeyVersion to restore. (required)
body: object, The request body.
The object takes the form of:
{ # Request message for KeyManagementService.RestoreCryptoKeyVersion.
}
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # A CryptoKeyVersion represents an individual cryptographic key, and the
# associated key material.
#
# An ENABLED version can be
# used for cryptographic operations.
#
# For security reasons, the raw cryptographic key material represented by a
# CryptoKeyVersion can never be viewed or exported. It can only be used to
# encrypt, decrypt, or sign data when an authorized user or application invokes
# Cloud KMS.
"destroyTime": "A String", # Output only. The time this CryptoKeyVersion's key material is scheduled
# for destruction. Only present if state is
# DESTROY_SCHEDULED.
"name": "A String", # Output only. The resource name for this CryptoKeyVersion in the format
# `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*`.
"algorithm": "A String", # Output only. The CryptoKeyVersionAlgorithm that this
# CryptoKeyVersion supports.
"protectionLevel": "A String", # Output only. The ProtectionLevel describing how crypto operations are
# performed with this CryptoKeyVersion.
"attestation": { # Contains an HSM-generated attestation about a key operation. For more # Output only. Statement that was generated and signed by the HSM at key
# creation time. Use this statement to verify attributes of the key as stored
# on the HSM, independently of Google. Only provided for key versions with
# protection_level HSM.
# information, see [Verifying attestations]
# (https://cloud.google.com/kms/docs/attest-key).
"content": "A String", # Output only. The attestation data provided by the HSM when the key
# operation was performed.
"format": "A String", # Output only. The format of the attestation data.
},
"state": "A String", # The current state of the CryptoKeyVersion.
"destroyEventTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# destroyed. Only present if state is
# DESTROYED.
"generateTime": "A String", # Output only. The time this CryptoKeyVersion's key material was
# generated.
"createTime": "A String", # Output only. The time at which this CryptoKeyVersion was created.
}</pre>
</div>
</body></html>