- HTTP request
- Path parameters
- Request body
- Response body
- Authorization scopes
- IAM Permissions
- CloudKmsConfig
- Try it!
Perform the provisioning steps to enable a user's Google Cloud console project to use Application Integration. If the Google Cloud console project already registered on Application Integration end via Apigee Integration, provisioning will fail.
HTTP request
POST https://integrations.googleapis.com/v1/{parent=projects/*/locations/*}/clients:provision
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters | |
---|---|
parent |
Required. Required: The ID of the Google Cloud console Project to be provisioned. |
Request body
The request body contains data with the following structure:
JSON representation |
---|
{
"cloudKmsConfig": {
object ( |
Fields | |
---|---|
cloud |
Optional. OPTIONAL: Cloud KMS config for AuthModule to encrypt/decrypt credentials. |
create |
Optional. Indicates if sample workflow should be created along with provisioning |
provisionGmek |
Optional. Deprecated. Indicates provision with GMEK or CMEK. This field is deprecated and the provision would always be GMEK if cloudKmsConfig is not present in the request. |
run |
Optional. User input run-as service account, if empty, will bring up a new default service account |
skip |
Optional. Indicates if skip CP provision or not |
Response body
If successful, the response body is empty.
Authorization scopes
Requires the following OAuth scope:
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
IAM Permissions
Requires the following IAM permission on the parent
resource:
integrations.authConfigs.create
For more information, see the IAM documentation.
CloudKmsConfig
Configuration information for Client's Cloud KMS information
JSON representation |
---|
{ "kmsLocation": string, "kmsRing": string, "key": string, "keyVersion": string, "kmsProjectId": string } |
Fields | |
---|---|
kms |
Required. Location name of the key ring, e.g. "us-west1". |
kms |
Required. A key ring organizes keys in a specific Google Cloud location and allows you to manage access control on groups of keys. A key ring's name does not need to be unique across a Google Cloud project, but must be unique within a given location. |
key |
Required. A Cloud KMS key is a named object containing one or more key versions, along with metadata for the key. A key exists on exactly one key ring tied to a specific location. |
key |
Optional. Each version of a key contains key material used for encryption or signing. A key's version is represented by an integer, starting at 1. To decrypt data or verify a signature, you must use the same key version that was used to encrypt or sign the data. |
kms |
Optional. The Google Cloud console project id of the project where the kms key stored. If empty, the kms key is stored at the same project as customer's project and ecrypted with CMEK, otherwise, the kms key is stored in the tenant project and encrypted with GMEK |