close()

Close httplib2 connections.

getKajPolicyConfig(name, x__xgafv=None)

Gets the KeyAccessJustificationsPolicyConfig for a given organization/folder/projects.

Args:
  name: string, Required. The name of the KeyAccessJustificationsPolicyConfig to get. (required)
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # A singleton configuration for Key Access Justifications policies.
  "defaultKeyAccessJustificationPolicy": { # A KeyAccessJustificationsPolicy specifies zero or more allowed AccessReason values for encrypt, decrypt, and sign operations on a CryptoKey. # Optional. The default key access justification policy used when a CryptoKey is created in this folder. This is only used when a Key Access Justifications policy is not provided in the CreateCryptoKeyRequest. This overrides any default policies in its ancestry.
    "allowedAccessReasons": [ # The list of allowed reasons for access to a CryptoKey. Zero allowed access reasons means all encrypt, decrypt, and sign operations for the CryptoKey associated with this policy will fail.
      "A String",
    ],
  },
  "name": "A String", # Identifier. The resource name for this KeyAccessJustificationsPolicyConfig in the format of "{organizations|folders|projects}/*/kajPolicyConfig".
}

showEffectiveAutokeyConfig(parent, x__xgafv=None)

Returns the effective Cloud KMS Autokey configuration for a given project.

Args:
  parent: string, Required. Name of the resource project to the show effective Cloud KMS Autokey configuration for. This may be helpful for interrogating the effect of nested folder configurations on a given resource project. (required)
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Response message for ShowEffectiveAutokeyConfig.
  "keyProject": "A String", # Name of the key project configured in the resource project's folder ancestry.
}

showEffectiveKeyAccessJustificationsEnrollmentConfig(project, x__xgafv=None)

Returns the KeyAccessJustificationsEnrollmentConfig of the resource closest to the given project in hierarchy.

Args:
project: string, Required. The number or id of the project to get the effective KeyAccessJustificationsEnrollmentConfig for. (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format

Returns:
An object of the form:

{ # Response message for KeyAccessJustificationsConfig.ShowEffectiveKeyAccessJustificationsEnrollmentConfig
"externalConfig": { # The configuration of a protection level for a project's Key Access Justifications enrollment. # The effective KeyAccessJustificationsEnrollmentConfig for external keys.
"auditLogging": True or False, # Whether the project has KAJ logging enabled.
"policyEnforcement": True or False, # Whether the project is enrolled in KAJ policy enforcement.
},
"hardwareConfig": { # The configuration of a protection level for a project's Key Access Justifications enrollment. # The effective KeyAccessJustificationsEnrollmentConfig for hardware keys.
"auditLogging": True or False, # Whether the project has KAJ logging enabled.
"policyEnforcement": True or False, # Whether the project is enrolled in KAJ policy enforcement.
},
"softwareConfig": { # The configuration of a protection level for a project's Key Access Justifications enrollment. # The effective KeyAccessJustificationsEnrollmentConfig for software keys.
"auditLogging": True or False, # Whether the project has KAJ logging enabled.
"policyEnforcement": True or False, # Whether the project is enrolled in KAJ policy enforcement.
},
}

showEffectiveKeyAccessJustificationsPolicyConfig(project, x__xgafv=None)

Returns the KeyAccessJustificationsPolicyConfig of the resource closest to the given project in hierarchy.

Args:
project: string, Required. The number or id of the project to get the effective KeyAccessJustificationsPolicyConfig. In the format of "projects/{|}" (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format

Returns:
An object of the form:

{ # Response message for KeyAccessJustificationsConfig.ShowEffectiveKeyAccessJustificationsPolicyConfig.
"effectiveKajPolicy": { # A singleton configuration for Key Access Justifications policies. # The effective KeyAccessJustificationsPolicyConfig.
"defaultKeyAccessJustificationPolicy": { # A KeyAccessJustificationsPolicy specifies zero or more allowed AccessReason values for encrypt, decrypt, and sign operations on a CryptoKey. # Optional. The default key access justification policy used when a CryptoKey is created in this folder. This is only used when a Key Access Justifications policy is not provided in the CreateCryptoKeyRequest. This overrides any default policies in its ancestry.
"allowedAccessReasons": [ # The list of allowed reasons for access to a CryptoKey. Zero allowed access reasons means all encrypt, decrypt, and sign operations for the CryptoKey associated with this policy will fail.
"A String",
],
},
"name": "A String", # Identifier. The resource name for this KeyAccessJustificationsPolicyConfig in the format of "{organizations|folders|projects}/*/kajPolicyConfig".
},
}

updateKajPolicyConfig(name, body=None, updateMask=None, x__xgafv=None)

Updates the KeyAccessJustificationsPolicyConfig for a given organization/folder/projects.

Args:
name: string, Identifier. The resource name for this KeyAccessJustificationsPolicyConfig in the format of "{organizations|folders|projects}/*/kajPolicyConfig". (required)
body: object, The request body.
The object takes the form of:

{ # A singleton configuration for Key Access Justifications policies.
"defaultKeyAccessJustificationPolicy": { # A KeyAccessJustificationsPolicy specifies zero or more allowed AccessReason values for encrypt, decrypt, and sign operations on a CryptoKey. # Optional. The default key access justification policy used when a CryptoKey is created in this folder. This is only used when a Key Access Justifications policy is not provided in the CreateCryptoKeyRequest. This overrides any default policies in its ancestry.
"allowedAccessReasons": [ # The list of allowed reasons for access to a CryptoKey. Zero allowed access reasons means all encrypt, decrypt, and sign operations for the CryptoKey associated with this policy will fail.
"A String",
],
},
"name": "A String", # Identifier. The resource name for this KeyAccessJustificationsPolicyConfig in the format of "{organizations|folders|projects}/*/kajPolicyConfig".
}

updateMask: string, Optional. The list of fields to update.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format

Returns:
An object of the form:

{ # A singleton configuration for Key Access Justifications policies.
"defaultKeyAccessJustificationPolicy": { # A KeyAccessJustificationsPolicy specifies zero or more allowed AccessReason values for encrypt, decrypt, and sign operations on a CryptoKey. # Optional. The default key access justification policy used when a CryptoKey is created in this folder. This is only used when a Key Access Justifications policy is not provided in the CreateCryptoKeyRequest. This overrides any default policies in its ancestry.
"allowedAccessReasons": [ # The list of allowed reasons for access to a CryptoKey. Zero allowed access reasons means all encrypt, decrypt, and sign operations for the CryptoKey associated with this policy will fail.
"A String",
],
},
"name": "A String", # Identifier. The resource name for this KeyAccessJustificationsPolicyConfig in the format of "{organizations|folders|projects}/*/kajPolicyConfig".
}

Cloud Key Management Service (KMS) API . projects

Instance Methods

Method Details