# -*- coding: utf-8 -*-
# Generated by the protocol buffer compiler. DO NOT EDIT!
# source: google/cloud/kms_v1/proto/resources.proto
import sys
_b = sys.version_info[0] < 3 and (lambda x: x) or (lambda x: x.encode("latin1"))
from google.protobuf.internal import enum_type_wrapper
from google.protobuf import descriptor as _descriptor
from google.protobuf import message as _message
from google.protobuf import reflection as _reflection
from google.protobuf import symbol_database as _symbol_database
# @@protoc_insertion_point(imports)
_sym_db = _symbol_database.Default()
from google.api import annotations_pb2 as google_dot_api_dot_annotations__pb2
from google.protobuf import duration_pb2 as google_dot_protobuf_dot_duration__pb2
from google.protobuf import timestamp_pb2 as google_dot_protobuf_dot_timestamp__pb2
DESCRIPTOR = _descriptor.FileDescriptor(
name="google/cloud/kms_v1/proto/resources.proto",
package="google.cloud.kms.v1",
syntax="proto3",
serialized_options=_b(
"\n\027com.google.cloud.kms.v1B\021KmsResourcesProtoP\001Z6google.golang.org/genproto/googleapis/cloud/kms/v1;kms\370\001\001\252\002\023Google.Cloud.Kms.V1\312\002\023Google\\Cloud\\Kms\\V1"
),
serialized_pb=_b(
'\n)google/cloud/kms_v1/proto/resources.proto\x12\x13google.cloud.kms.v1\x1a\x1cgoogle/api/annotations.proto\x1a\x1egoogle/protobuf/duration.proto\x1a\x1fgoogle/protobuf/timestamp.proto"H\n\x07KeyRing\x12\x0c\n\x04name\x18\x01 \x01(\t\x12/\n\x0b\x63reate_time\x18\x02 \x01(\x0b\x32\x1a.google.protobuf.Timestamp"\xf5\x04\n\tCryptoKey\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x36\n\x07primary\x18\x02 \x01(\x0b\x32%.google.cloud.kms.v1.CryptoKeyVersion\x12@\n\x07purpose\x18\x03 \x01(\x0e\x32/.google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose\x12/\n\x0b\x63reate_time\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x36\n\x12next_rotation_time\x18\x07 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x34\n\x0frotation_period\x18\x08 \x01(\x0b\x32\x19.google.protobuf.DurationH\x00\x12G\n\x10version_template\x18\x0b \x01(\x0b\x32-.google.cloud.kms.v1.CryptoKeyVersionTemplate\x12:\n\x06labels\x18\n \x03(\x0b\x32*.google.cloud.kms.v1.CryptoKey.LabelsEntry\x1a-\n\x0bLabelsEntry\x12\x0b\n\x03key\x18\x01 \x01(\t\x12\r\n\x05value\x18\x02 \x01(\t:\x02\x38\x01"x\n\x10\x43ryptoKeyPurpose\x12"\n\x1e\x43RYPTO_KEY_PURPOSE_UNSPECIFIED\x10\x00\x12\x13\n\x0f\x45NCRYPT_DECRYPT\x10\x01\x12\x13\n\x0f\x41SYMMETRIC_SIGN\x10\x05\x12\x16\n\x12\x41SYMMETRIC_DECRYPT\x10\x06\x42\x13\n\x11rotation_schedule"\xae\x01\n\x18\x43ryptoKeyVersionTemplate\x12>\n\x10protection_level\x18\x01 \x01(\x0e\x32$.google.cloud.kms.v1.ProtectionLevel\x12R\n\talgorithm\x18\x03 \x01(\x0e\x32?.google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm"\xe7\x01\n\x17KeyOperationAttestation\x12N\n\x06\x66ormat\x18\x04 \x01(\x0e\x32>.google.cloud.kms.v1.KeyOperationAttestation.AttestationFormat\x12\x0f\n\x07\x63ontent\x18\x05 \x01(\x0c"k\n\x11\x41ttestationFormat\x12"\n\x1e\x41TTESTATION_FORMAT_UNSPECIFIED\x10\x00\x12\x18\n\x14\x43\x41VIUM_V1_COMPRESSED\x10\x03\x12\x18\n\x14\x43\x41VIUM_V2_COMPRESSED\x10\x04"\xa3\x0b\n\x10\x43ryptoKeyVersion\x12\x0c\n\x04name\x18\x01 \x01(\t\x12J\n\x05state\x18\x03 \x01(\x0e\x32;.google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState\x12>\n\x10protection_level\x18\x07 \x01(\x0e\x32$.google.cloud.kms.v1.ProtectionLevel\x12R\n\talgorithm\x18\n \x01(\x0e\x32?.google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm\x12\x41\n\x0b\x61ttestation\x18\x08 \x01(\x0b\x32,.google.cloud.kms.v1.KeyOperationAttestation\x12/\n\x0b\x63reate_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x31\n\rgenerate_time\x18\x0b \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x30\n\x0c\x64\x65stroy_time\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x36\n\x12\x64\x65stroy_event_time\x18\x06 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x12\n\nimport_job\x18\x0e \x01(\t\x12/\n\x0bimport_time\x18\x0f \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x1d\n\x15import_failure_reason\x18\x10 \x01(\t"\x9c\x04\n\x19\x43ryptoKeyVersionAlgorithm\x12,\n(CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED\x10\x00\x12\x1f\n\x1bGOOGLE_SYMMETRIC_ENCRYPTION\x10\x01\x12\x1c\n\x18RSA_SIGN_PSS_2048_SHA256\x10\x02\x12\x1c\n\x18RSA_SIGN_PSS_3072_SHA256\x10\x03\x12\x1c\n\x18RSA_SIGN_PSS_4096_SHA256\x10\x04\x12\x1c\n\x18RSA_SIGN_PSS_4096_SHA512\x10\x0f\x12\x1e\n\x1aRSA_SIGN_PKCS1_2048_SHA256\x10\x05\x12\x1e\n\x1aRSA_SIGN_PKCS1_3072_SHA256\x10\x06\x12\x1e\n\x1aRSA_SIGN_PKCS1_4096_SHA256\x10\x07\x12\x1e\n\x1aRSA_SIGN_PKCS1_4096_SHA512\x10\x10\x12 \n\x1cRSA_DECRYPT_OAEP_2048_SHA256\x10\x08\x12 \n\x1cRSA_DECRYPT_OAEP_3072_SHA256\x10\t\x12 \n\x1cRSA_DECRYPT_OAEP_4096_SHA256\x10\n\x12 \n\x1cRSA_DECRYPT_OAEP_4096_SHA512\x10\x11\x12\x17\n\x13\x45\x43_SIGN_P256_SHA256\x10\x0c\x12\x17\n\x13\x45\x43_SIGN_P384_SHA384\x10\r"\xc1\x01\n\x15\x43ryptoKeyVersionState\x12(\n$CRYPTO_KEY_VERSION_STATE_UNSPECIFIED\x10\x00\x12\x16\n\x12PENDING_GENERATION\x10\x05\x12\x0b\n\x07\x45NABLED\x10\x01\x12\x0c\n\x08\x44ISABLED\x10\x02\x12\r\n\tDESTROYED\x10\x03\x12\x15\n\x11\x44\x45STROY_SCHEDULED\x10\x04\x12\x12\n\x0ePENDING_IMPORT\x10\x06\x12\x11\n\rIMPORT_FAILED\x10\x07"I\n\x14\x43ryptoKeyVersionView\x12\'\n#CRYPTO_KEY_VERSION_VIEW_UNSPECIFIED\x10\x00\x12\x08\n\x04\x46ULL\x10\x01"l\n\tPublicKey\x12\x0b\n\x03pem\x18\x01 \x01(\t\x12R\n\talgorithm\x18\x02 \x01(\x0e\x32?.google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm"\xa6\x06\n\tImportJob\x12\x0c\n\x04name\x18\x01 \x01(\t\x12\x42\n\rimport_method\x18\x02 \x01(\x0e\x32+.google.cloud.kms.v1.ImportJob.ImportMethod\x12>\n\x10protection_level\x18\t \x01(\x0e\x32$.google.cloud.kms.v1.ProtectionLevel\x12/\n\x0b\x63reate_time\x18\x03 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x31\n\rgenerate_time\x18\x04 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12/\n\x0b\x65xpire_time\x18\x05 \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12\x35\n\x11\x65xpire_event_time\x18\n \x01(\x0b\x32\x1a.google.protobuf.Timestamp\x12<\n\x05state\x18\x06 \x01(\x0e\x32-.google.cloud.kms.v1.ImportJob.ImportJobState\x12\x44\n\npublic_key\x18\x07 \x01(\x0b\x32\x30.google.cloud.kms.v1.ImportJob.WrappingPublicKey\x12\x41\n\x0b\x61ttestation\x18\x08 \x01(\x0b\x32,.google.cloud.kms.v1.KeyOperationAttestation\x1a \n\x11WrappingPublicKey\x12\x0b\n\x03pem\x18\x01 \x01(\t"m\n\x0cImportMethod\x12\x1d\n\x19IMPORT_METHOD_UNSPECIFIED\x10\x00\x12\x1e\n\x1aRSA_OAEP_3072_SHA1_AES_256\x10\x01\x12\x1e\n\x1aRSA_OAEP_4096_SHA1_AES_256\x10\x02"c\n\x0eImportJobState\x12 \n\x1cIMPORT_JOB_STATE_UNSPECIFIED\x10\x00\x12\x16\n\x12PENDING_GENERATION\x10\x01\x12\n\n\x06\x41\x43TIVE\x10\x02\x12\x0b\n\x07\x45XPIRED\x10\x03*J\n\x0fProtectionLevel\x12 \n\x1cPROTECTION_LEVEL_UNSPECIFIED\x10\x00\x12\x0c\n\x08SOFTWARE\x10\x01\x12\x07\n\x03HSM\x10\x02\x42\x95\x01\n\x17\x63om.google.cloud.kms.v1B\x11KmsResourcesProtoP\x01Z6google.golang.org/genproto/googleapis/cloud/kms/v1;kms\xf8\x01\x01\xaa\x02\x13Google.Cloud.Kms.V1\xca\x02\x13Google\\Cloud\\Kms\\V1b\x06proto3'
),
dependencies=[
google_dot_api_dot_annotations__pb2.DESCRIPTOR,
google_dot_protobuf_dot_duration__pb2.DESCRIPTOR,
google_dot_protobuf_dot_timestamp__pb2.DESCRIPTOR,
],
)
_PROTECTIONLEVEL = _descriptor.EnumDescriptor(
name="ProtectionLevel",
full_name="google.cloud.kms.v1.ProtectionLevel",
filename=None,
file=DESCRIPTOR,
values=[
_descriptor.EnumValueDescriptor(
name="PROTECTION_LEVEL_UNSPECIFIED",
index=0,
number=0,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="SOFTWARE", index=1, number=1, serialized_options=None, type=None
),
_descriptor.EnumValueDescriptor(
name="HSM", index=2, number=2, serialized_options=None, type=None
),
],
containing_type=None,
serialized_options=None,
serialized_start=3643,
serialized_end=3717,
)
_sym_db.RegisterEnumDescriptor(_PROTECTIONLEVEL)
ProtectionLevel = enum_type_wrapper.EnumTypeWrapper(_PROTECTIONLEVEL)
PROTECTION_LEVEL_UNSPECIFIED = 0
SOFTWARE = 1
HSM = 2
_CRYPTOKEY_CRYPTOKEYPURPOSE = _descriptor.EnumDescriptor(
name="CryptoKeyPurpose",
full_name="google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose",
filename=None,
file=DESCRIPTOR,
values=[
_descriptor.EnumValueDescriptor(
name="CRYPTO_KEY_PURPOSE_UNSPECIFIED",
index=0,
number=0,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="ENCRYPT_DECRYPT",
index=1,
number=1,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="ASYMMETRIC_SIGN",
index=2,
number=5,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="ASYMMETRIC_DECRYPT",
index=3,
number=6,
serialized_options=None,
type=None,
),
],
containing_type=None,
serialized_options=None,
serialized_start=724,
serialized_end=844,
)
_sym_db.RegisterEnumDescriptor(_CRYPTOKEY_CRYPTOKEYPURPOSE)
_KEYOPERATIONATTESTATION_ATTESTATIONFORMAT = _descriptor.EnumDescriptor(
name="AttestationFormat",
full_name="google.cloud.kms.v1.KeyOperationAttestation.AttestationFormat",
filename=None,
file=DESCRIPTOR,
values=[
_descriptor.EnumValueDescriptor(
name="ATTESTATION_FORMAT_UNSPECIFIED",
index=0,
number=0,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="CAVIUM_V1_COMPRESSED",
index=1,
number=3,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="CAVIUM_V2_COMPRESSED",
index=2,
number=4,
serialized_options=None,
type=None,
),
],
containing_type=None,
serialized_options=None,
serialized_start=1169,
serialized_end=1276,
)
_sym_db.RegisterEnumDescriptor(_KEYOPERATIONATTESTATION_ATTESTATIONFORMAT)
_CRYPTOKEYVERSION_CRYPTOKEYVERSIONALGORITHM = _descriptor.EnumDescriptor(
name="CryptoKeyVersionAlgorithm",
full_name="google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm",
filename=None,
file=DESCRIPTOR,
values=[
_descriptor.EnumValueDescriptor(
name="CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED",
index=0,
number=0,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="GOOGLE_SYMMETRIC_ENCRYPTION",
index=1,
number=1,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="RSA_SIGN_PSS_2048_SHA256",
index=2,
number=2,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="RSA_SIGN_PSS_3072_SHA256",
index=3,
number=3,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="RSA_SIGN_PSS_4096_SHA256",
index=4,
number=4,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="RSA_SIGN_PSS_4096_SHA512",
index=5,
number=15,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="RSA_SIGN_PKCS1_2048_SHA256",
index=6,
number=5,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="RSA_SIGN_PKCS1_3072_SHA256",
index=7,
number=6,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="RSA_SIGN_PKCS1_4096_SHA256",
index=8,
number=7,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="RSA_SIGN_PKCS1_4096_SHA512",
index=9,
number=16,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="RSA_DECRYPT_OAEP_2048_SHA256",
index=10,
number=8,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="RSA_DECRYPT_OAEP_3072_SHA256",
index=11,
number=9,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="RSA_DECRYPT_OAEP_4096_SHA256",
index=12,
number=10,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="RSA_DECRYPT_OAEP_4096_SHA512",
index=13,
number=17,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="EC_SIGN_P256_SHA256",
index=14,
number=12,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="EC_SIGN_P384_SHA384",
index=15,
number=13,
serialized_options=None,
type=None,
),
],
containing_type=None,
serialized_options=None,
serialized_start=1911,
serialized_end=2451,
)
_sym_db.RegisterEnumDescriptor(_CRYPTOKEYVERSION_CRYPTOKEYVERSIONALGORITHM)
_CRYPTOKEYVERSION_CRYPTOKEYVERSIONSTATE = _descriptor.EnumDescriptor(
name="CryptoKeyVersionState",
full_name="google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState",
filename=None,
file=DESCRIPTOR,
values=[
_descriptor.EnumValueDescriptor(
name="CRYPTO_KEY_VERSION_STATE_UNSPECIFIED",
index=0,
number=0,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="PENDING_GENERATION",
index=1,
number=5,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="ENABLED", index=2, number=1, serialized_options=None, type=None
),
_descriptor.EnumValueDescriptor(
name="DISABLED", index=3, number=2, serialized_options=None, type=None
),
_descriptor.EnumValueDescriptor(
name="DESTROYED", index=4, number=3, serialized_options=None, type=None
),
_descriptor.EnumValueDescriptor(
name="DESTROY_SCHEDULED",
index=5,
number=4,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="PENDING_IMPORT", index=6, number=6, serialized_options=None, type=None
),
_descriptor.EnumValueDescriptor(
name="IMPORT_FAILED", index=7, number=7, serialized_options=None, type=None
),
],
containing_type=None,
serialized_options=None,
serialized_start=2454,
serialized_end=2647,
)
_sym_db.RegisterEnumDescriptor(_CRYPTOKEYVERSION_CRYPTOKEYVERSIONSTATE)
_CRYPTOKEYVERSION_CRYPTOKEYVERSIONVIEW = _descriptor.EnumDescriptor(
name="CryptoKeyVersionView",
full_name="google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionView",
filename=None,
file=DESCRIPTOR,
values=[
_descriptor.EnumValueDescriptor(
name="CRYPTO_KEY_VERSION_VIEW_UNSPECIFIED",
index=0,
number=0,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="FULL", index=1, number=1, serialized_options=None, type=None
),
],
containing_type=None,
serialized_options=None,
serialized_start=2649,
serialized_end=2722,
)
_sym_db.RegisterEnumDescriptor(_CRYPTOKEYVERSION_CRYPTOKEYVERSIONVIEW)
_IMPORTJOB_IMPORTMETHOD = _descriptor.EnumDescriptor(
name="ImportMethod",
full_name="google.cloud.kms.v1.ImportJob.ImportMethod",
filename=None,
file=DESCRIPTOR,
values=[
_descriptor.EnumValueDescriptor(
name="IMPORT_METHOD_UNSPECIFIED",
index=0,
number=0,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="RSA_OAEP_3072_SHA1_AES_256",
index=1,
number=1,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="RSA_OAEP_4096_SHA1_AES_256",
index=2,
number=2,
serialized_options=None,
type=None,
),
],
containing_type=None,
serialized_options=None,
serialized_start=3431,
serialized_end=3540,
)
_sym_db.RegisterEnumDescriptor(_IMPORTJOB_IMPORTMETHOD)
_IMPORTJOB_IMPORTJOBSTATE = _descriptor.EnumDescriptor(
name="ImportJobState",
full_name="google.cloud.kms.v1.ImportJob.ImportJobState",
filename=None,
file=DESCRIPTOR,
values=[
_descriptor.EnumValueDescriptor(
name="IMPORT_JOB_STATE_UNSPECIFIED",
index=0,
number=0,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="PENDING_GENERATION",
index=1,
number=1,
serialized_options=None,
type=None,
),
_descriptor.EnumValueDescriptor(
name="ACTIVE", index=2, number=2, serialized_options=None, type=None
),
_descriptor.EnumValueDescriptor(
name="EXPIRED", index=3, number=3, serialized_options=None, type=None
),
],
containing_type=None,
serialized_options=None,
serialized_start=3542,
serialized_end=3641,
)
_sym_db.RegisterEnumDescriptor(_IMPORTJOB_IMPORTJOBSTATE)
_KEYRING = _descriptor.Descriptor(
name="KeyRing",
full_name="google.cloud.kms.v1.KeyRing",
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
_descriptor.FieldDescriptor(
name="name",
full_name="google.cloud.kms.v1.KeyRing.name",
index=0,
number=1,
type=9,
cpp_type=9,
label=1,
has_default_value=False,
default_value=_b("").decode("utf-8"),
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="create_time",
full_name="google.cloud.kms.v1.KeyRing.create_time",
index=1,
number=2,
type=11,
cpp_type=10,
label=1,
has_default_value=False,
default_value=None,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
],
extensions=[],
nested_types=[],
enum_types=[],
serialized_options=None,
is_extendable=False,
syntax="proto3",
extension_ranges=[],
oneofs=[],
serialized_start=161,
serialized_end=233,
)
_CRYPTOKEY_LABELSENTRY = _descriptor.Descriptor(
name="LabelsEntry",
full_name="google.cloud.kms.v1.CryptoKey.LabelsEntry",
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
_descriptor.FieldDescriptor(
name="key",
full_name="google.cloud.kms.v1.CryptoKey.LabelsEntry.key",
index=0,
number=1,
type=9,
cpp_type=9,
label=1,
has_default_value=False,
default_value=_b("").decode("utf-8"),
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="value",
full_name="google.cloud.kms.v1.CryptoKey.LabelsEntry.value",
index=1,
number=2,
type=9,
cpp_type=9,
label=1,
has_default_value=False,
default_value=_b("").decode("utf-8"),
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
],
extensions=[],
nested_types=[],
enum_types=[],
serialized_options=_b("8\001"),
is_extendable=False,
syntax="proto3",
extension_ranges=[],
oneofs=[],
serialized_start=677,
serialized_end=722,
)
_CRYPTOKEY = _descriptor.Descriptor(
name="CryptoKey",
full_name="google.cloud.kms.v1.CryptoKey",
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
_descriptor.FieldDescriptor(
name="name",
full_name="google.cloud.kms.v1.CryptoKey.name",
index=0,
number=1,
type=9,
cpp_type=9,
label=1,
has_default_value=False,
default_value=_b("").decode("utf-8"),
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="primary",
full_name="google.cloud.kms.v1.CryptoKey.primary",
index=1,
number=2,
type=11,
cpp_type=10,
label=1,
has_default_value=False,
default_value=None,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="purpose",
full_name="google.cloud.kms.v1.CryptoKey.purpose",
index=2,
number=3,
type=14,
cpp_type=8,
label=1,
has_default_value=False,
default_value=0,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="create_time",
full_name="google.cloud.kms.v1.CryptoKey.create_time",
index=3,
number=5,
type=11,
cpp_type=10,
label=1,
has_default_value=False,
default_value=None,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="next_rotation_time",
full_name="google.cloud.kms.v1.CryptoKey.next_rotation_time",
index=4,
number=7,
type=11,
cpp_type=10,
label=1,
has_default_value=False,
default_value=None,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="rotation_period",
full_name="google.cloud.kms.v1.CryptoKey.rotation_period",
index=5,
number=8,
type=11,
cpp_type=10,
label=1,
has_default_value=False,
default_value=None,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="version_template",
full_name="google.cloud.kms.v1.CryptoKey.version_template",
index=6,
number=11,
type=11,
cpp_type=10,
label=1,
has_default_value=False,
default_value=None,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="labels",
full_name="google.cloud.kms.v1.CryptoKey.labels",
index=7,
number=10,
type=11,
cpp_type=10,
label=3,
has_default_value=False,
default_value=[],
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
],
extensions=[],
nested_types=[_CRYPTOKEY_LABELSENTRY],
enum_types=[_CRYPTOKEY_CRYPTOKEYPURPOSE],
serialized_options=None,
is_extendable=False,
syntax="proto3",
extension_ranges=[],
oneofs=[
_descriptor.OneofDescriptor(
name="rotation_schedule",
full_name="google.cloud.kms.v1.CryptoKey.rotation_schedule",
index=0,
containing_type=None,
fields=[],
)
],
serialized_start=236,
serialized_end=865,
)
_CRYPTOKEYVERSIONTEMPLATE = _descriptor.Descriptor(
name="CryptoKeyVersionTemplate",
full_name="google.cloud.kms.v1.CryptoKeyVersionTemplate",
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
_descriptor.FieldDescriptor(
name="protection_level",
full_name="google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level",
index=0,
number=1,
type=14,
cpp_type=8,
label=1,
has_default_value=False,
default_value=0,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="algorithm",
full_name="google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm",
index=1,
number=3,
type=14,
cpp_type=8,
label=1,
has_default_value=False,
default_value=0,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
],
extensions=[],
nested_types=[],
enum_types=[],
serialized_options=None,
is_extendable=False,
syntax="proto3",
extension_ranges=[],
oneofs=[],
serialized_start=868,
serialized_end=1042,
)
_KEYOPERATIONATTESTATION = _descriptor.Descriptor(
name="KeyOperationAttestation",
full_name="google.cloud.kms.v1.KeyOperationAttestation",
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
_descriptor.FieldDescriptor(
name="format",
full_name="google.cloud.kms.v1.KeyOperationAttestation.format",
index=0,
number=4,
type=14,
cpp_type=8,
label=1,
has_default_value=False,
default_value=0,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="content",
full_name="google.cloud.kms.v1.KeyOperationAttestation.content",
index=1,
number=5,
type=12,
cpp_type=9,
label=1,
has_default_value=False,
default_value=_b(""),
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
],
extensions=[],
nested_types=[],
enum_types=[_KEYOPERATIONATTESTATION_ATTESTATIONFORMAT],
serialized_options=None,
is_extendable=False,
syntax="proto3",
extension_ranges=[],
oneofs=[],
serialized_start=1045,
serialized_end=1276,
)
_CRYPTOKEYVERSION = _descriptor.Descriptor(
name="CryptoKeyVersion",
full_name="google.cloud.kms.v1.CryptoKeyVersion",
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
_descriptor.FieldDescriptor(
name="name",
full_name="google.cloud.kms.v1.CryptoKeyVersion.name",
index=0,
number=1,
type=9,
cpp_type=9,
label=1,
has_default_value=False,
default_value=_b("").decode("utf-8"),
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="state",
full_name="google.cloud.kms.v1.CryptoKeyVersion.state",
index=1,
number=3,
type=14,
cpp_type=8,
label=1,
has_default_value=False,
default_value=0,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="protection_level",
full_name="google.cloud.kms.v1.CryptoKeyVersion.protection_level",
index=2,
number=7,
type=14,
cpp_type=8,
label=1,
has_default_value=False,
default_value=0,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="algorithm",
full_name="google.cloud.kms.v1.CryptoKeyVersion.algorithm",
index=3,
number=10,
type=14,
cpp_type=8,
label=1,
has_default_value=False,
default_value=0,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="attestation",
full_name="google.cloud.kms.v1.CryptoKeyVersion.attestation",
index=4,
number=8,
type=11,
cpp_type=10,
label=1,
has_default_value=False,
default_value=None,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="create_time",
full_name="google.cloud.kms.v1.CryptoKeyVersion.create_time",
index=5,
number=4,
type=11,
cpp_type=10,
label=1,
has_default_value=False,
default_value=None,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="generate_time",
full_name="google.cloud.kms.v1.CryptoKeyVersion.generate_time",
index=6,
number=11,
type=11,
cpp_type=10,
label=1,
has_default_value=False,
default_value=None,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="destroy_time",
full_name="google.cloud.kms.v1.CryptoKeyVersion.destroy_time",
index=7,
number=5,
type=11,
cpp_type=10,
label=1,
has_default_value=False,
default_value=None,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="destroy_event_time",
full_name="google.cloud.kms.v1.CryptoKeyVersion.destroy_event_time",
index=8,
number=6,
type=11,
cpp_type=10,
label=1,
has_default_value=False,
default_value=None,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="import_job",
full_name="google.cloud.kms.v1.CryptoKeyVersion.import_job",
index=9,
number=14,
type=9,
cpp_type=9,
label=1,
has_default_value=False,
default_value=_b("").decode("utf-8"),
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="import_time",
full_name="google.cloud.kms.v1.CryptoKeyVersion.import_time",
index=10,
number=15,
type=11,
cpp_type=10,
label=1,
has_default_value=False,
default_value=None,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="import_failure_reason",
full_name="google.cloud.kms.v1.CryptoKeyVersion.import_failure_reason",
index=11,
number=16,
type=9,
cpp_type=9,
label=1,
has_default_value=False,
default_value=_b("").decode("utf-8"),
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
],
extensions=[],
nested_types=[],
enum_types=[
_CRYPTOKEYVERSION_CRYPTOKEYVERSIONALGORITHM,
_CRYPTOKEYVERSION_CRYPTOKEYVERSIONSTATE,
_CRYPTOKEYVERSION_CRYPTOKEYVERSIONVIEW,
],
serialized_options=None,
is_extendable=False,
syntax="proto3",
extension_ranges=[],
oneofs=[],
serialized_start=1279,
serialized_end=2722,
)
_PUBLICKEY = _descriptor.Descriptor(
name="PublicKey",
full_name="google.cloud.kms.v1.PublicKey",
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
_descriptor.FieldDescriptor(
name="pem",
full_name="google.cloud.kms.v1.PublicKey.pem",
index=0,
number=1,
type=9,
cpp_type=9,
label=1,
has_default_value=False,
default_value=_b("").decode("utf-8"),
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="algorithm",
full_name="google.cloud.kms.v1.PublicKey.algorithm",
index=1,
number=2,
type=14,
cpp_type=8,
label=1,
has_default_value=False,
default_value=0,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
],
extensions=[],
nested_types=[],
enum_types=[],
serialized_options=None,
is_extendable=False,
syntax="proto3",
extension_ranges=[],
oneofs=[],
serialized_start=2724,
serialized_end=2832,
)
_IMPORTJOB_WRAPPINGPUBLICKEY = _descriptor.Descriptor(
name="WrappingPublicKey",
full_name="google.cloud.kms.v1.ImportJob.WrappingPublicKey",
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
_descriptor.FieldDescriptor(
name="pem",
full_name="google.cloud.kms.v1.ImportJob.WrappingPublicKey.pem",
index=0,
number=1,
type=9,
cpp_type=9,
label=1,
has_default_value=False,
default_value=_b("").decode("utf-8"),
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
)
],
extensions=[],
nested_types=[],
enum_types=[],
serialized_options=None,
is_extendable=False,
syntax="proto3",
extension_ranges=[],
oneofs=[],
serialized_start=3397,
serialized_end=3429,
)
_IMPORTJOB = _descriptor.Descriptor(
name="ImportJob",
full_name="google.cloud.kms.v1.ImportJob",
filename=None,
file=DESCRIPTOR,
containing_type=None,
fields=[
_descriptor.FieldDescriptor(
name="name",
full_name="google.cloud.kms.v1.ImportJob.name",
index=0,
number=1,
type=9,
cpp_type=9,
label=1,
has_default_value=False,
default_value=_b("").decode("utf-8"),
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="import_method",
full_name="google.cloud.kms.v1.ImportJob.import_method",
index=1,
number=2,
type=14,
cpp_type=8,
label=1,
has_default_value=False,
default_value=0,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="protection_level",
full_name="google.cloud.kms.v1.ImportJob.protection_level",
index=2,
number=9,
type=14,
cpp_type=8,
label=1,
has_default_value=False,
default_value=0,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="create_time",
full_name="google.cloud.kms.v1.ImportJob.create_time",
index=3,
number=3,
type=11,
cpp_type=10,
label=1,
has_default_value=False,
default_value=None,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="generate_time",
full_name="google.cloud.kms.v1.ImportJob.generate_time",
index=4,
number=4,
type=11,
cpp_type=10,
label=1,
has_default_value=False,
default_value=None,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="expire_time",
full_name="google.cloud.kms.v1.ImportJob.expire_time",
index=5,
number=5,
type=11,
cpp_type=10,
label=1,
has_default_value=False,
default_value=None,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="expire_event_time",
full_name="google.cloud.kms.v1.ImportJob.expire_event_time",
index=6,
number=10,
type=11,
cpp_type=10,
label=1,
has_default_value=False,
default_value=None,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="state",
full_name="google.cloud.kms.v1.ImportJob.state",
index=7,
number=6,
type=14,
cpp_type=8,
label=1,
has_default_value=False,
default_value=0,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="public_key",
full_name="google.cloud.kms.v1.ImportJob.public_key",
index=8,
number=7,
type=11,
cpp_type=10,
label=1,
has_default_value=False,
default_value=None,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
_descriptor.FieldDescriptor(
name="attestation",
full_name="google.cloud.kms.v1.ImportJob.attestation",
index=9,
number=8,
type=11,
cpp_type=10,
label=1,
has_default_value=False,
default_value=None,
message_type=None,
enum_type=None,
containing_type=None,
is_extension=False,
extension_scope=None,
serialized_options=None,
file=DESCRIPTOR,
),
],
extensions=[],
nested_types=[_IMPORTJOB_WRAPPINGPUBLICKEY],
enum_types=[_IMPORTJOB_IMPORTMETHOD, _IMPORTJOB_IMPORTJOBSTATE],
serialized_options=None,
is_extendable=False,
syntax="proto3",
extension_ranges=[],
oneofs=[],
serialized_start=2835,
serialized_end=3641,
)
_KEYRING.fields_by_name[
"create_time"
].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP
_CRYPTOKEY_LABELSENTRY.containing_type = _CRYPTOKEY
_CRYPTOKEY.fields_by_name["primary"].message_type = _CRYPTOKEYVERSION
_CRYPTOKEY.fields_by_name["purpose"].enum_type = _CRYPTOKEY_CRYPTOKEYPURPOSE
_CRYPTOKEY.fields_by_name[
"create_time"
].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP
_CRYPTOKEY.fields_by_name[
"next_rotation_time"
].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP
_CRYPTOKEY.fields_by_name[
"rotation_period"
].message_type = google_dot_protobuf_dot_duration__pb2._DURATION
_CRYPTOKEY.fields_by_name["version_template"].message_type = _CRYPTOKEYVERSIONTEMPLATE
_CRYPTOKEY.fields_by_name["labels"].message_type = _CRYPTOKEY_LABELSENTRY
_CRYPTOKEY_CRYPTOKEYPURPOSE.containing_type = _CRYPTOKEY
_CRYPTOKEY.oneofs_by_name["rotation_schedule"].fields.append(
_CRYPTOKEY.fields_by_name["rotation_period"]
)
_CRYPTOKEY.fields_by_name[
"rotation_period"
].containing_oneof = _CRYPTOKEY.oneofs_by_name["rotation_schedule"]
_CRYPTOKEYVERSIONTEMPLATE.fields_by_name[
"protection_level"
].enum_type = _PROTECTIONLEVEL
_CRYPTOKEYVERSIONTEMPLATE.fields_by_name[
"algorithm"
].enum_type = _CRYPTOKEYVERSION_CRYPTOKEYVERSIONALGORITHM
_KEYOPERATIONATTESTATION.fields_by_name[
"format"
].enum_type = _KEYOPERATIONATTESTATION_ATTESTATIONFORMAT
_KEYOPERATIONATTESTATION_ATTESTATIONFORMAT.containing_type = _KEYOPERATIONATTESTATION
_CRYPTOKEYVERSION.fields_by_name[
"state"
].enum_type = _CRYPTOKEYVERSION_CRYPTOKEYVERSIONSTATE
_CRYPTOKEYVERSION.fields_by_name["protection_level"].enum_type = _PROTECTIONLEVEL
_CRYPTOKEYVERSION.fields_by_name[
"algorithm"
].enum_type = _CRYPTOKEYVERSION_CRYPTOKEYVERSIONALGORITHM
_CRYPTOKEYVERSION.fields_by_name["attestation"].message_type = _KEYOPERATIONATTESTATION
_CRYPTOKEYVERSION.fields_by_name[
"create_time"
].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP
_CRYPTOKEYVERSION.fields_by_name[
"generate_time"
].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP
_CRYPTOKEYVERSION.fields_by_name[
"destroy_time"
].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP
_CRYPTOKEYVERSION.fields_by_name[
"destroy_event_time"
].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP
_CRYPTOKEYVERSION.fields_by_name[
"import_time"
].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP
_CRYPTOKEYVERSION_CRYPTOKEYVERSIONALGORITHM.containing_type = _CRYPTOKEYVERSION
_CRYPTOKEYVERSION_CRYPTOKEYVERSIONSTATE.containing_type = _CRYPTOKEYVERSION
_CRYPTOKEYVERSION_CRYPTOKEYVERSIONVIEW.containing_type = _CRYPTOKEYVERSION
_PUBLICKEY.fields_by_name[
"algorithm"
].enum_type = _CRYPTOKEYVERSION_CRYPTOKEYVERSIONALGORITHM
_IMPORTJOB_WRAPPINGPUBLICKEY.containing_type = _IMPORTJOB
_IMPORTJOB.fields_by_name["import_method"].enum_type = _IMPORTJOB_IMPORTMETHOD
_IMPORTJOB.fields_by_name["protection_level"].enum_type = _PROTECTIONLEVEL
_IMPORTJOB.fields_by_name[
"create_time"
].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP
_IMPORTJOB.fields_by_name[
"generate_time"
].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP
_IMPORTJOB.fields_by_name[
"expire_time"
].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP
_IMPORTJOB.fields_by_name[
"expire_event_time"
].message_type = google_dot_protobuf_dot_timestamp__pb2._TIMESTAMP
_IMPORTJOB.fields_by_name["state"].enum_type = _IMPORTJOB_IMPORTJOBSTATE
_IMPORTJOB.fields_by_name["public_key"].message_type = _IMPORTJOB_WRAPPINGPUBLICKEY
_IMPORTJOB.fields_by_name["attestation"].message_type = _KEYOPERATIONATTESTATION
_IMPORTJOB_IMPORTMETHOD.containing_type = _IMPORTJOB
_IMPORTJOB_IMPORTJOBSTATE.containing_type = _IMPORTJOB
DESCRIPTOR.message_types_by_name["KeyRing"] = _KEYRING
DESCRIPTOR.message_types_by_name["CryptoKey"] = _CRYPTOKEY
DESCRIPTOR.message_types_by_name["CryptoKeyVersionTemplate"] = _CRYPTOKEYVERSIONTEMPLATE
DESCRIPTOR.message_types_by_name["KeyOperationAttestation"] = _KEYOPERATIONATTESTATION
DESCRIPTOR.message_types_by_name["CryptoKeyVersion"] = _CRYPTOKEYVERSION
DESCRIPTOR.message_types_by_name["PublicKey"] = _PUBLICKEY
DESCRIPTOR.message_types_by_name["ImportJob"] = _IMPORTJOB
DESCRIPTOR.enum_types_by_name["ProtectionLevel"] = _PROTECTIONLEVEL
_sym_db.RegisterFileDescriptor(DESCRIPTOR)
KeyRing = _reflection.GeneratedProtocolMessageType(
"KeyRing",
(_message.Message,),
dict(
DESCRIPTOR=_KEYRING,
__module__="google.cloud.kms_v1.proto.resources_pb2",
__doc__="""A [KeyRing][google.cloud.kms.v1.KeyRing] is a toplevel logical grouping
of [CryptoKeys][google.cloud.kms.v1.CryptoKey].
Attributes:
name:
Output only. The resource name for the
[KeyRing][google.cloud.kms.v1.KeyRing] in the format
``projects/*/locations/*/keyRings/*``.
create_time:
Output only. The time at which this
[KeyRing][google.cloud.kms.v1.KeyRing] was created.
""",
# @@protoc_insertion_point(class_scope:google.cloud.kms.v1.KeyRing)
),
)
_sym_db.RegisterMessage(KeyRing)
CryptoKey = _reflection.GeneratedProtocolMessageType(
"CryptoKey",
(_message.Message,),
dict(
LabelsEntry=_reflection.GeneratedProtocolMessageType(
"LabelsEntry",
(_message.Message,),
dict(
DESCRIPTOR=_CRYPTOKEY_LABELSENTRY,
__module__="google.cloud.kms_v1.proto.resources_pb2"
# @@protoc_insertion_point(class_scope:google.cloud.kms.v1.CryptoKey.LabelsEntry)
),
),
DESCRIPTOR=_CRYPTOKEY,
__module__="google.cloud.kms_v1.proto.resources_pb2",
__doc__="""A [CryptoKey][google.cloud.kms.v1.CryptoKey] represents a logical key
that can be used for cryptographic operations.
A [CryptoKey][google.cloud.kms.v1.CryptoKey] is made up of one or more
[versions][google.cloud.kms.v1.CryptoKeyVersion], which represent the
actual key material used in cryptographic operations.
Attributes:
name:
Output only. The resource name for this
[CryptoKey][google.cloud.kms.v1.CryptoKey] in the format
``projects/*/locations/*/keyRings/*/cryptoKeys/*``.
primary:
Output only. A copy of the "primary"
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] that
will be used by
[Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]
when this [CryptoKey][google.cloud.kms.v1.CryptoKey] is given
in [EncryptRequest.name][google.cloud.kms.v1.EncryptRequest.na
me]. The [CryptoKey][google.cloud.kms.v1.CryptoKey]'s primary
version can be updated via [UpdateCryptoKeyPrimaryVersion][goo
gle.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyPrimaryVe
rsion]. All keys with
[purpose][google.cloud.kms.v1.CryptoKey.purpose] [ENCRYPT\_DEC
RYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT\_
DECRYPT] have a primary. For other keys, this field will be
omitted.
purpose:
The immutable purpose of this
[CryptoKey][google.cloud.kms.v1.CryptoKey].
create_time:
Output only. The time at which this
[CryptoKey][google.cloud.kms.v1.CryptoKey] was created.
next_rotation_time:
At [next\_rotation\_time][google.cloud.kms.v1.CryptoKey.next\_
rotation\_time], the Key Management Service will
automatically: 1. Create a new version of this
[CryptoKey][google.cloud.kms.v1.CryptoKey]. 2. Mark the new
version as primary. Key rotations performed manually via [Cre
ateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.
CreateCryptoKeyVersion] and [UpdateCryptoKeyPrimaryVersion][go
ogle.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyPrimaryV
ersion] do not affect [next\_rotation\_time][google.cloud.kms.
v1.CryptoKey.next\_rotation\_time]. Keys with
[purpose][google.cloud.kms.v1.CryptoKey.purpose] [ENCRYPT\_DEC
RYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT\_
DECRYPT] support automatic rotation. For other keys, this
field must be omitted.
rotation_schedule:
Controls the rate of automatic rotation.
rotation_period:
[next\_rotation\_time][google.cloud.kms.v1.CryptoKey.next\_rot
ation\_time] will be advanced by this period when the service
automatically rotates a key. Must be at least one day. If [ro
tation\_period][google.cloud.kms.v1.CryptoKey.rotation\_period
] is set, [next\_rotation\_time][google.cloud.kms.v1.CryptoKey
.next\_rotation\_time] must also be set. Keys with
[purpose][google.cloud.kms.v1.CryptoKey.purpose] [ENCRYPT\_DEC
RYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT\_
DECRYPT] support automatic rotation. For other keys, this
field must be omitted.
version_template:
A template describing settings for new
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
instances. The properties of new
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
instances created by either [CreateCryptoKeyVersion][google.cl
oud.kms.v1.KeyManagementService.CreateCryptoKeyVersion] or
auto-rotation are controlled by this template.
labels:
Labels with user-defined metadata. For more information, see
`Labeling Keys </kms/docs/labeling-keys>`__.
""",
# @@protoc_insertion_point(class_scope:google.cloud.kms.v1.CryptoKey)
),
)
_sym_db.RegisterMessage(CryptoKey)
_sym_db.RegisterMessage(CryptoKey.LabelsEntry)
CryptoKeyVersionTemplate = _reflection.GeneratedProtocolMessageType(
"CryptoKeyVersionTemplate",
(_message.Message,),
dict(
DESCRIPTOR=_CRYPTOKEYVERSIONTEMPLATE,
__module__="google.cloud.kms_v1.proto.resources_pb2",
__doc__="""A
[CryptoKeyVersionTemplate][google.cloud.kms.v1.CryptoKeyVersionTemplate]
specifies the properties to use when creating a new
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion], either
manually with
[CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion]
or automatically as a result of auto-rotation.
Attributes:
protection_level:
[ProtectionLevel][google.cloud.kms.v1.ProtectionLevel] to use
when creating a
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] based
on this template. Immutable. Defaults to
[SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE].
algorithm:
Required. [Algorithm][google.cloud.kms.v1.CryptoKeyVersion.Cry
ptoKeyVersionAlgorithm] to use when creating a
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] based
on this template. For backwards compatibility,
GOOGLE\_SYMMETRIC\_ENCRYPTION is implied if both this field is
omitted and
[CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] is
[ENCRYPT\_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurp
ose.ENCRYPT\_DECRYPT].
""",
# @@protoc_insertion_point(class_scope:google.cloud.kms.v1.CryptoKeyVersionTemplate)
),
)
_sym_db.RegisterMessage(CryptoKeyVersionTemplate)
KeyOperationAttestation = _reflection.GeneratedProtocolMessageType(
"KeyOperationAttestation",
(_message.Message,),
dict(
DESCRIPTOR=_KEYOPERATIONATTESTATION,
__module__="google.cloud.kms_v1.proto.resources_pb2",
__doc__="""Contains an HSM-generated attestation about a key operation. For more
information, see [Verifying attestations]
(https://cloud.google.com/kms/docs/attest-key).
Attributes:
format:
Output only. The format of the attestation data.
content:
Output only. The attestation data provided by the HSM when the
key operation was performed.
""",
# @@protoc_insertion_point(class_scope:google.cloud.kms.v1.KeyOperationAttestation)
),
)
_sym_db.RegisterMessage(KeyOperationAttestation)
CryptoKeyVersion = _reflection.GeneratedProtocolMessageType(
"CryptoKeyVersion",
(_message.Message,),
dict(
DESCRIPTOR=_CRYPTOKEYVERSION,
__module__="google.cloud.kms_v1.proto.resources_pb2",
__doc__="""A [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] represents an
individual cryptographic key, and the associated key material.
An
[ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED]
version can be used for cryptographic operations.
For security reasons, the raw cryptographic key material represented by
a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] can never be
viewed or exported. It can only be used to encrypt, decrypt, or sign
data when an authorized user or application invokes Cloud KMS.
Attributes:
name:
Output only. The resource name for this
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in
the format ``projects/*/locations/*/keyRings/*/cryptoKeys/*/cr
yptoKeyVersions/*``.
state:
The current state of the
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
protection_level:
Output only. The
[ProtectionLevel][google.cloud.kms.v1.ProtectionLevel]
describing how crypto operations are performed with this
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
algorithm:
Output only. The [CryptoKeyVersionAlgorithm][google.cloud.kms.
v1.CryptoKeyVersion.CryptoKeyVersionAlgorithm] that this
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
supports.
attestation:
Output only. Statement that was generated and signed by the
HSM at key creation time. Use this statement to verify
attributes of the key as stored on the HSM, independently of
Google. Only provided for key versions with [protection\_level
][google.cloud.kms.v1.CryptoKeyVersion.protection\_level]
[HSM][google.cloud.kms.v1.ProtectionLevel.HSM].
create_time:
Output only. The time at which this
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] was
created.
generate_time:
Output only. The time this
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s key
material was generated.
destroy_time:
Output only. The time this
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s key
material is scheduled for destruction. Only present if
[state][google.cloud.kms.v1.CryptoKeyVersion.state] is [DESTRO
Y\_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVe
rsionState.DESTROY\_SCHEDULED].
destroy_event_time:
Output only. The time this CryptoKeyVersion's key material was
destroyed. Only present if
[state][google.cloud.kms.v1.CryptoKeyVersion.state] is [DESTRO
YED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionStat
e.DESTROYED].
import_job:
Output only. The name of the
[ImportJob][google.cloud.kms.v1.ImportJob] used to import this
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. Only
present if the underlying key material was imported.
import_time:
Output only. The time at which this
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s key
material was imported.
import_failure_reason:
Output only. The root cause of an import failure. Only present
if [state][google.cloud.kms.v1.CryptoKeyVersion.state] is [IMP
ORT\_FAILED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVer
sionState.IMPORT\_FAILED].
""",
# @@protoc_insertion_point(class_scope:google.cloud.kms.v1.CryptoKeyVersion)
),
)
_sym_db.RegisterMessage(CryptoKeyVersion)
PublicKey = _reflection.GeneratedProtocolMessageType(
"PublicKey",
(_message.Message,),
dict(
DESCRIPTOR=_PUBLICKEY,
__module__="google.cloud.kms_v1.proto.resources_pb2",
__doc__="""The public key for a given
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. Obtained via
[GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
Attributes:
pem:
The public key, encoded in PEM format. For more information,
see the `RFC 7468 <https://tools.ietf.org/html/rfc7468>`__
sections for `General Considerations
<https://tools.ietf.org/html/rfc7468#section-2>`__ and
[Textual Encoding of Subject Public Key Info]
(https://tools.ietf.org/html/rfc7468#section-13).
algorithm:
The [Algorithm][google.cloud.kms.v1.CryptoKeyVersion.CryptoKey
VersionAlgorithm] associated with this key.
""",
# @@protoc_insertion_point(class_scope:google.cloud.kms.v1.PublicKey)
),
)
_sym_db.RegisterMessage(PublicKey)
ImportJob = _reflection.GeneratedProtocolMessageType(
"ImportJob",
(_message.Message,),
dict(
WrappingPublicKey=_reflection.GeneratedProtocolMessageType(
"WrappingPublicKey",
(_message.Message,),
dict(
DESCRIPTOR=_IMPORTJOB_WRAPPINGPUBLICKEY,
__module__="google.cloud.kms_v1.proto.resources_pb2",
__doc__="""The public key component of the wrapping key. For details of the type of
key this public key corresponds to, see the
[ImportMethod][google.cloud.kms.v1.ImportJob.ImportMethod].
Attributes:
pem:
The public key, encoded in PEM format. For more information,
see the `RFC 7468 <https://tools.ietf.org/html/rfc7468>`__
sections for `General Considerations
<https://tools.ietf.org/html/rfc7468#section-2>`__ and
[Textual Encoding of Subject Public Key Info]
(https://tools.ietf.org/html/rfc7468#section-13).
""",
# @@protoc_insertion_point(class_scope:google.cloud.kms.v1.ImportJob.WrappingPublicKey)
),
),
DESCRIPTOR=_IMPORTJOB,
__module__="google.cloud.kms_v1.proto.resources_pb2",
__doc__="""An [ImportJob][google.cloud.kms.v1.ImportJob] can be used to create
[CryptoKeys][google.cloud.kms.v1.CryptoKey] and
[CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] using
pre-existing key material, generated outside of Cloud KMS.
When an [ImportJob][google.cloud.kms.v1.ImportJob] is created, Cloud KMS
will generate a "wrapping key", which is a public/private key pair. You
use the wrapping key to encrypt (also known as wrap) the pre-existing
key material to protect it during the import process. The nature of the
wrapping key depends on the choice of
[import\_method][google.cloud.kms.v1.ImportJob.import\_method]. When the
wrapping key generation is complete, the
[state][google.cloud.kms.v1.ImportJob.state] will be set to
[ACTIVE][google.cloud.kms.v1.ImportJob.ImportJobState.ACTIVE] and the
[public\_key][google.cloud.kms.v1.ImportJob.public\_key] can be fetched.
The fetched public key can then be used to wrap your pre-existing key
material.
Once the key material is wrapped, it can be imported into a new
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in an existing
[CryptoKey][google.cloud.kms.v1.CryptoKey] by calling
[ImportCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.ImportCryptoKeyVersion].
Multiple [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion] can
be imported with a single [ImportJob][google.cloud.kms.v1.ImportJob].
Cloud KMS uses the private key portion of the wrapping key to unwrap the
key material. Only Cloud KMS has access to the private key.
An [ImportJob][google.cloud.kms.v1.ImportJob] expires 3 days after it is
created. Once expired, Cloud KMS will no longer be able to import or
unwrap any key material that was wrapped with the
[ImportJob][google.cloud.kms.v1.ImportJob]'s public key.
For more information, see `Importing a
key <https://cloud.google.com/kms/docs/importing-a-key>`__.
Attributes:
name:
Output only. The resource name for this
[ImportJob][google.cloud.kms.v1.ImportJob] in the format
``projects/*/locations/*/keyRings/*/importJobs/*``.
import_method:
Required and immutable. The wrapping method to be used for
incoming key material.
protection_level:
Required and immutable. The protection level of the
[ImportJob][google.cloud.kms.v1.ImportJob]. This must match
the [protection\_level][google.cloud.kms.v1.CryptoKeyVersionTe
mplate.protection\_level] of the [version\_template][google.cl
oud.kms.v1.CryptoKey.version\_template] on the
[CryptoKey][google.cloud.kms.v1.CryptoKey] you attempt to
import into.
create_time:
Output only. The time at which this
[ImportJob][google.cloud.kms.v1.ImportJob] was created.
generate_time:
Output only. The time this
[ImportJob][google.cloud.kms.v1.ImportJob]'s key material was
generated.
expire_time:
Output only. The time at which this
[ImportJob][google.cloud.kms.v1.ImportJob] is scheduled for
expiration and can no longer be used to import key material.
expire_event_time:
Output only. The time this
[ImportJob][google.cloud.kms.v1.ImportJob] expired. Only
present if [state][google.cloud.kms.v1.ImportJob.state] is [EX
PIRED][google.cloud.kms.v1.ImportJob.ImportJobState.EXPIRED].
state:
Output only. The current state of the
[ImportJob][google.cloud.kms.v1.ImportJob], indicating if it
can be used.
public_key:
Output only. The public key with which to wrap key material
prior to import. Only returned if
[state][google.cloud.kms.v1.ImportJob.state] is
[ACTIVE][google.cloud.kms.v1.ImportJob.ImportJobState.ACTIVE].
attestation:
Output only. Statement that was generated and signed by the
key creator (for example, an HSM) at key creation time. Use
this statement to verify attributes of the key as stored on
the HSM, independently of Google. Only present if the chosen
[ImportMethod][google.cloud.kms.v1.ImportJob.ImportMethod] is
one with a protection level of
[HSM][google.cloud.kms.v1.ProtectionLevel.HSM].
""",
# @@protoc_insertion_point(class_scope:google.cloud.kms.v1.ImportJob)
),
)
_sym_db.RegisterMessage(ImportJob)
_sym_db.RegisterMessage(ImportJob.WrappingPublicKey)
DESCRIPTOR._options = None
_CRYPTOKEY_LABELSENTRY._options = None
# @@protoc_insertion_point(module_scope)