Class AutokeyClient (2.29.0-rc)

Provides interfaces for using Cloud KMS Autokey to provision new [CryptoKeys][google.cloud.kms.v1.CryptoKey], ready for Customer Managed Encryption Key (CMEK) use, on-demand.

To support certain client tooling, this feature is modeled around a KeyHandle resource: creating a KeyHandle in a resource project and given location triggers Cloud KMS Autokey to provision a [CryptoKey][google.cloud.kms.v1.CryptoKey] in the configured key project and the same location.

Prior to use in a given resource project, [UpdateAutokeyConfig][google.cloud.kms.v1.AutokeyAdmin.UpdateAutokeyConfig] should have been called on an ancestor folder, setting the key project where Cloud KMS Autokey should create new [CryptoKeys][google.cloud.kms.v1.CryptoKey]. See documentation for additional prerequisites. To check what key project, if any, is currently configured on a resource project's ancestor folder, see [ShowEffectiveAutokeyConfig][google.cloud.kms.v1.AutokeyAdmin.ShowEffectiveAutokeyConfig].

Equality

Instances of this class created via copy-construction or copy-assignment always compare equal. Instances created with equal std::shared_ptr<*Connection> objects compare equal. Objects that compare equal share the same underlying resources.

Performance

Creating a new instance of this class is a relatively expensive operation, new objects establish new connections to the service. In contrast, copy-construction, move-construction, and the corresponding assignment operations are relatively efficient as the copies share all underlying resources.

Thread Safety

Concurrent access to different instances of this class, even if they compare equal, is guaranteed to work. Two or more threads operating on the same instance of this class is not guaranteed to work. Since copy-construction and move-construction is a relatively efficient operation, consider using such a copy when using this class from multiple threads.

Constructors

AutokeyClient(AutokeyClient const &)

Copy and move support

Parameter
Name	Description
	`AutokeyClient const &`

AutokeyClient(AutokeyClient &&)

Copy and move support

Parameter
Name	Description
	`AutokeyClient &&`

AutokeyClient(std::shared_ptr< AutokeyConnection >, Options)

Parameters
Name	Description
`connection`	`std::shared_ptr< AutokeyConnection >`
`opts`	`Options`

Operators

operator=(AutokeyClient const &)

Copy and move support

Parameter
Name	Description
	`AutokeyClient const &`

Returns
Type	Description
`AutokeyClient &`

operator=(AutokeyClient &&)

Copy and move support

Parameter
Name	Description
	`AutokeyClient &&`

Returns
Type	Description
`AutokeyClient &`

Functions

CreateKeyHandle(std::string const &, google::cloud::kms::v1::KeyHandle const &, std::string const &, Options)

Creates a new KeyHandle, triggering the provisioning of a new [CryptoKey][google.cloud.kms.v1.CryptoKey] for CMEK use with the given resource type in the configured key project and the same location.

[GetOperation][Operations.GetOperation] should be used to resolve the resulting long-running operation and get the resulting KeyHandle and [CryptoKey][google.cloud.kms.v1.CryptoKey].

Parameters
Name	Description
`parent`	`std::string const &` Required. Name of the resource project and location to create the KeyHandle in, e.g. `projects/{PROJECT_ID}/locations/{LOCATION}`.
`key_handle`	`google::cloud::kms::v1::KeyHandle const &` Required. KeyHandle to create.
`key_handle_id`	`std::string const &` Optional. Id of the KeyHandle. Must be unique to the resource project and location. If not provided by the caller, a new UUID is used.
`opts`	`Options` Optional. Override the class-level options, such as retry and backoff policies.

Returns

Type Description

future< StatusOr< google::cloud::kms::v1::KeyHandle > >

A future that becomes satisfied when the LRO (Long Running Operation) completes or the polling policy in effect for this call is exhausted. The future is satisfied with an error if the LRO completes with an error or the polling policy is exhausted. In this case the StatusOr returned by the future contains the error. If the LRO completes successfully the value of the future contains the LRO's result. For this RPC the result is a google.cloud.kms.v1.KeyHandle proto message. The C++ class representing this message is created by Protobuf, using the Protobuf mapping rules.

CreateKeyHandle(NoAwaitTag, std::string const &, google::cloud::kms::v1::KeyHandle const &, std::string const &, Options)

Creates a new KeyHandle, triggering the provisioning of a new [CryptoKey][google.cloud.kms.v1.CryptoKey] for CMEK use with the given resource type in the configured key project and the same location.

Specifying the NoAwaitTag immediately returns the [google::longrunning::Operation] that corresponds to the Long Running Operation that has been started. No polling for operation status occurs.

Parameters
Name	Description
	`NoAwaitTag`
`parent`	`std::string const &`
`key_handle`	`google::cloud::kms::v1::KeyHandle const &`
`key_handle_id`	`std::string const &`
`opts`	`Options`

Returns
Type	Description
`StatusOr< google::longrunning::Operation >`

CreateKeyHandle(google::cloud::kms::v1::CreateKeyHandleRequest const &, Options)

Creates a new KeyHandle, triggering the provisioning of a new [CryptoKey][google.cloud.kms.v1.CryptoKey] for CMEK use with the given resource type in the configured key project and the same location.

[GetOperation][Operations.GetOperation] should be used to resolve the resulting long-running operation and get the resulting KeyHandle and [CryptoKey][google.cloud.kms.v1.CryptoKey].

Parameters
Name	Description
`request`	`google::cloud::kms::v1::CreateKeyHandleRequest const &` Unary RPCs, such as the one wrapped by this function, receive a single `request` proto message which includes all the inputs for the RPC. In this case, the proto message is a google.cloud.kms.v1.CreateKeyHandleRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.
`opts`	`Options` Optional. Override the class-level options, such as retry and backoff policies.

Returns

Type Description

future< StatusOr< google::cloud::kms::v1::KeyHandle > >

CreateKeyHandle(NoAwaitTag, google::cloud::kms::v1::CreateKeyHandleRequest const &, Options)

Creates a new KeyHandle, triggering the provisioning of a new [CryptoKey][google.cloud.kms.v1.CryptoKey] for CMEK use with the given resource type in the configured key project and the same location.

Specifying the NoAwaitTag immediately returns the [google::longrunning::Operation] that corresponds to the Long Running Operation that has been started. No polling for operation status occurs.

Parameters
Name	Description
	`NoAwaitTag`
`request`	`google::cloud::kms::v1::CreateKeyHandleRequest const &`
`opts`	`Options`

Returns
Type	Description
`StatusOr< google::longrunning::Operation >`

CreateKeyHandle(google::longrunning::Operation const &, Options)

Creates a new KeyHandle, triggering the provisioning of a new [CryptoKey][google.cloud.kms.v1.CryptoKey] for CMEK use with the given resource type in the configured key project and the same location.

This method accepts a google::longrunning::Operation that corresponds to a previously started Long Running Operation (LRO) and polls the status of the LRO in the background.

Parameters
Name	Description
`operation`	`google::longrunning::Operation const &`
`opts`	`Options`

Returns
Type	Description
`future< StatusOr< google::cloud::kms::v1::KeyHandle > >`

GetKeyHandle(std::string const &, Options)

Returns the KeyHandle.

Parameters
Name	Description
`name`	`std::string const &` Required. Name of the KeyHandle resource, e.g. `projects/{PROJECT_ID}/locations/{LOCATION}/keyHandles/{KEY_HANDLE_ID}`.
`opts`	`Options` Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type	Description
`StatusOr< google::cloud::kms::v1::KeyHandle >`	the result of the RPC. The response message type (google.cloud.kms.v1.KeyHandle) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the `StatusOr` contains the error details.

GetKeyHandle(google::cloud::kms::v1::GetKeyHandleRequest const &, Options)

Returns the KeyHandle.

Parameters
Name	Description
`request`	`google::cloud::kms::v1::GetKeyHandleRequest const &` Unary RPCs, such as the one wrapped by this function, receive a single `request` proto message which includes all the inputs for the RPC. In this case, the proto message is a google.cloud.kms.v1.GetKeyHandleRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.
`opts`	`Options` Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type	Description
`StatusOr< google::cloud::kms::v1::KeyHandle >`	the result of the RPC. The response message type (google.cloud.kms.v1.KeyHandle) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the `StatusOr` contains the error details.

ListKeyHandles(std::string const &, Options)

Lists KeyHandles.

Parameters
Name	Description
`parent`	`std::string const &` Required. Name of the resource project and location from which to list KeyHandles, e.g. `projects/{PROJECT_ID}/locations/{LOCATION}`.
`opts`	`Options` Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type	Description
`StatusOr< google::cloud::kms::v1::ListKeyHandlesResponse >`	the result of the RPC. The response message type (google.cloud.kms.v1.ListKeyHandlesResponse) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the `StatusOr` contains the error details.

ListKeyHandles(google::cloud::kms::v1::ListKeyHandlesRequest const &, Options)

Lists KeyHandles.

Parameters
Name	Description
`request`	`google::cloud::kms::v1::ListKeyHandlesRequest const &` Unary RPCs, such as the one wrapped by this function, receive a single `request` proto message which includes all the inputs for the RPC. In this case, the proto message is a google.cloud.kms.v1.ListKeyHandlesRequest. Proto messages are converted to C++ classes by Protobuf, using the Protobuf mapping rules.
`opts`	`Options` Optional. Override the class-level options, such as retry and backoff policies.

Returns
Type	Description
`StatusOr< google::cloud::kms::v1::ListKeyHandlesResponse >`	the result of the RPC. The response message type (google.cloud.kms.v1.ListKeyHandlesResponse) is mapped to a C++ class using the Protobuf mapping rules. If the request fails, the `StatusOr` contains the error details.