Cloud Key Management Service (KMS) API . organizations

Instance Methods

close()

Close httplib2 connections.

getKajPolicyConfig(name, x__xgafv=None)

Gets the KeyAccessJustificationsPolicyConfig for a given organization, folder, or project.

updateKajPolicyConfig(name, body=None, updateMask=None, x__xgafv=None)

Updates the KeyAccessJustificationsPolicyConfig for a given organization, folder, or project.

Method Details

close() 
Close httplib2 connections.
getKajPolicyConfig(name, x__xgafv=None) 
Gets the KeyAccessJustificationsPolicyConfig for a given organization, folder, or project.

Args:
  name: string, Required. Specifies the name of the KeyAccessJustificationsPolicyConfig to get. (required)
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Represents a singleton configuration for Key Access Justifications policies.
  "defaultKeyAccessJustificationPolicy": { # A KeyAccessJustificationsPolicy specifies zero or more allowed AccessReason values for encrypt, decrypt, and sign operations on a CryptoKey or KeyAccessJustificationsPolicyConfig (the default Key Access Justifications policy). # Optional. Specifies the default key access justifications (KAJ) policy used when a CryptoKey is created in this folder. This is only used when a Key Access Justifications policy is not provided in the CreateCryptoKeyRequest. This overrides any default policies in its ancestry. If this field is unset, or is set but contains an empty allowed_access_reasons list, no default Key Access Justifications (KAJ) policy configuration is active. In this scenario, all newly created keys will default to an "allow-all" policy.
    "allowedAccessReasons": [ # The list of allowed reasons for access to a CryptoKey. Note that empty allowed_access_reasons has a different meaning depending on where this message appears. If this is under KeyAccessJustificationsPolicyConfig, it means allow-all. If this is under CryptoKey, it means deny-all.
      "A String",
    ],
  },
  "name": "A String", # Identifier. Represents the resource name for this KeyAccessJustificationsPolicyConfig in the format of "{organizations|folders|projects}/*/kajPolicyConfig".
}
updateKajPolicyConfig(name, body=None, updateMask=None, x__xgafv=None) 
Updates the KeyAccessJustificationsPolicyConfig for a given organization, folder, or project.

Args:
  name: string, Identifier. Represents the resource name for this KeyAccessJustificationsPolicyConfig in the format of "{organizations|folders|projects}/*/kajPolicyConfig". (required)
  body: object, The request body.
    The object takes the form of:

{ # Represents a singleton configuration for Key Access Justifications policies.
  "defaultKeyAccessJustificationPolicy": { # A KeyAccessJustificationsPolicy specifies zero or more allowed AccessReason values for encrypt, decrypt, and sign operations on a CryptoKey or KeyAccessJustificationsPolicyConfig (the default Key Access Justifications policy). # Optional. Specifies the default key access justifications (KAJ) policy used when a CryptoKey is created in this folder. This is only used when a Key Access Justifications policy is not provided in the CreateCryptoKeyRequest. This overrides any default policies in its ancestry. If this field is unset, or is set but contains an empty allowed_access_reasons list, no default Key Access Justifications (KAJ) policy configuration is active. In this scenario, all newly created keys will default to an "allow-all" policy.
    "allowedAccessReasons": [ # The list of allowed reasons for access to a CryptoKey. Note that empty allowed_access_reasons has a different meaning depending on where this message appears. If this is under KeyAccessJustificationsPolicyConfig, it means allow-all. If this is under CryptoKey, it means deny-all.
      "A String",
    ],
  },
  "name": "A String", # Identifier. Represents the resource name for this KeyAccessJustificationsPolicyConfig in the format of "{organizations|folders|projects}/*/kajPolicyConfig".
}

  updateMask: string, Optional. Specifies the list of fields to update.
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Represents a singleton configuration for Key Access Justifications policies.
  "defaultKeyAccessJustificationPolicy": { # A KeyAccessJustificationsPolicy specifies zero or more allowed AccessReason values for encrypt, decrypt, and sign operations on a CryptoKey or KeyAccessJustificationsPolicyConfig (the default Key Access Justifications policy). # Optional. Specifies the default key access justifications (KAJ) policy used when a CryptoKey is created in this folder. This is only used when a Key Access Justifications policy is not provided in the CreateCryptoKeyRequest. This overrides any default policies in its ancestry. If this field is unset, or is set but contains an empty allowed_access_reasons list, no default Key Access Justifications (KAJ) policy configuration is active. In this scenario, all newly created keys will default to an "allow-all" policy.
    "allowedAccessReasons": [ # The list of allowed reasons for access to a CryptoKey. Note that empty allowed_access_reasons has a different meaning depending on where this message appears. If this is under KeyAccessJustificationsPolicyConfig, it means allow-all. If this is under CryptoKey, it means deny-all.
      "A String",
    ],
  },
  "name": "A String", # Identifier. Represents the resource name for this KeyAccessJustificationsPolicyConfig in the format of "{organizations|folders|projects}/*/kajPolicyConfig".
}