Interface CustomerEncryptionKeyOrBuilder (1.93.0) 

public interface CustomerEncryptionKeyOrBuilder extends MessageOrBuilder

Implements

MessageOrBuilder

Methods

getKmsKeyName()

public abstract String getKmsKeyName()

The name of the encryption key that is stored in Google Cloud KMS. For example:

"kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key

The fully-qualifed key name may be returned for resource GET requests. For example:

"kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key /cryptoKeyVersions/1

optional string kms_key_name = 484373913;

Returns
Type Description
String

The kmsKeyName.

getKmsKeyNameBytes()

public abstract ByteString getKmsKeyNameBytes()

The name of the encryption key that is stored in Google Cloud KMS. For example:

"kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key

The fully-qualifed key name may be returned for resource GET requests. For example:

"kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key /cryptoKeyVersions/1

optional string kms_key_name = 484373913;

Returns
Type Description
ByteString

The bytes for kmsKeyName.

getKmsKeyServiceAccount()

public abstract String getKmsKeyServiceAccount()

The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example:

"kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com/

optional string kms_key_service_account = 209986261;

Returns
Type Description
String

The kmsKeyServiceAccount.

getKmsKeyServiceAccountBytes()

public abstract ByteString getKmsKeyServiceAccountBytes()

The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example:

"kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com/

optional string kms_key_service_account = 209986261;

Returns
Type Description
ByteString

The bytes for kmsKeyServiceAccount.

getRawKey()

public abstract String getRawKey()

Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or thersaEncryptedKey. For example:

"rawKey": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="

optional string raw_key = 449196488;

Returns
Type Description
String

The rawKey.

getRawKeyBytes()

public abstract ByteString getRawKeyBytes()

Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or thersaEncryptedKey. For example:

"rawKey": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="

optional string raw_key = 449196488;

Returns
Type Description
ByteString

The bytes for rawKey.

getRsaEncryptedKey()

public abstract String getRsaEncryptedKey()

Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or thersaEncryptedKey. For example:

"rsaEncryptedKey": "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe=="

The key must meet the following requirements before you can provide it to Compute Engine:

  1. The key is wrapped using a RSA public key certificate provided by Google.

  2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding.

    Gets the RSA public key certificate provided by Google at:

https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem

optional string rsa_encrypted_key = 335487397;

Returns
Type Description
String

The rsaEncryptedKey.

getRsaEncryptedKeyBytes()

public abstract ByteString getRsaEncryptedKeyBytes()

Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or thersaEncryptedKey. For example:

"rsaEncryptedKey": "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe=="

The key must meet the following requirements before you can provide it to Compute Engine:

  1. The key is wrapped using a RSA public key certificate provided by Google.

  2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding.

    Gets the RSA public key certificate provided by Google at:

https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem

optional string rsa_encrypted_key = 335487397;

Returns
Type Description
ByteString

The bytes for rsaEncryptedKey.

getSha256()

public abstract String getSha256()

[Output only] TheRFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.

optional string sha256 = 170112551;

Returns
Type Description
String

The sha256.

getSha256Bytes()

public abstract ByteString getSha256Bytes()

[Output only] TheRFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.

optional string sha256 = 170112551;

Returns
Type Description
ByteString

The bytes for sha256.

hasKmsKeyName()

public abstract boolean hasKmsKeyName()

The name of the encryption key that is stored in Google Cloud KMS. For example:

"kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key

The fully-qualifed key name may be returned for resource GET requests. For example:

"kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key /cryptoKeyVersions/1

optional string kms_key_name = 484373913;

Returns
Type Description
boolean

Whether the kmsKeyName field is set.

hasKmsKeyServiceAccount()

public abstract boolean hasKmsKeyServiceAccount()

The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example:

"kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com/

optional string kms_key_service_account = 209986261;

Returns
Type Description
boolean

Whether the kmsKeyServiceAccount field is set.

hasRawKey()

public abstract boolean hasRawKey()

Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or thersaEncryptedKey. For example:

"rawKey": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="

optional string raw_key = 449196488;

Returns
Type Description
boolean

Whether the rawKey field is set.

hasRsaEncryptedKey()

public abstract boolean hasRsaEncryptedKey()

Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or thersaEncryptedKey. For example:

"rsaEncryptedKey": "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe=="

The key must meet the following requirements before you can provide it to Compute Engine:

  1. The key is wrapped using a RSA public key certificate provided by Google.

  2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding.

    Gets the RSA public key certificate provided by Google at:

https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem

optional string rsa_encrypted_key = 335487397;

Returns
Type Description
boolean

Whether the rsaEncryptedKey field is set.

hasSha256()

public abstract boolean hasSha256()

[Output only] TheRFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.

optional string sha256 = 170112551;

Returns
Type Description
boolean

Whether the sha256 field is set.