Class HsmManagementAsyncClient (3.10.0) 

HsmManagementAsyncClient(
    *,
    credentials: typing.Optional[google.auth.credentials.Credentials] = None,
    transport: typing.Optional[
        typing.Union[
            str,
            google.cloud.kms_v1.services.hsm_management.transports.base.HsmManagementTransport,
            typing.Callable[
                [...],
                google.cloud.kms_v1.services.hsm_management.transports.base.HsmManagementTransport,
            ],
        ]
    ] = "grpc_asyncio",
    client_options: typing.Optional[
        google.api_core.client_options.ClientOptions
    ] = None,
    client_info: google.api_core.gapic_v1.client_info.ClientInfo = google.api_core.gapic_v1.client_info.ClientInfo
)

Google Cloud HSM Management Service

Provides interfaces for managing HSM instances.

Implements a REST model with the following objects:

  • SingleTenantHsmInstance
  • SingleTenantHsmInstanceProposal

Properties

api_endpoint

Return the API endpoint used by the client instance.

Returns
Type Description
str The API endpoint used by the client instance.

transport

Returns the transport used by the client instance.

Returns
Type Description
HsmManagementTransport The transport used by the client instance.

universe_domain

Return the universe domain used by the client instance.

Returns
Type Description
str The universe domain used by the client instance.

Methods

HsmManagementAsyncClient

HsmManagementAsyncClient(
    *,
    credentials: typing.Optional[google.auth.credentials.Credentials] = None,
    transport: typing.Optional[
        typing.Union[
            str,
            google.cloud.kms_v1.services.hsm_management.transports.base.HsmManagementTransport,
            typing.Callable[
                [...],
                google.cloud.kms_v1.services.hsm_management.transports.base.HsmManagementTransport,
            ],
        ]
    ] = "grpc_asyncio",
    client_options: typing.Optional[
        google.api_core.client_options.ClientOptions
    ] = None,
    client_info: google.api_core.gapic_v1.client_info.ClientInfo = google.api_core.gapic_v1.client_info.ClientInfo
)

Instantiates the hsm management async client.

Parameters
Name Description
credentials Optional[google.auth.credentials.Credentials]

The authorization credentials to attach to requests. These credentials identify the application to the service; if none are specified, the client will attempt to ascertain the credentials from the environment.
transport Optional[Union[str,HsmManagementTransport,Callable[..., HsmManagementTransport]]]

The transport to use, or a Callable that constructs and returns a new transport to use. If a Callable is given, it will be called with the same set of initialization arguments as used in the HsmManagementTransport constructor. If set to None, a transport is chosen automatically.
client_options Optional[Union[google.api_core.client_options.ClientOptions, dict]]

Custom options for the client. 1. The api_endpoint property can be used to override the default endpoint provided by the client when transport is not explicitly provided. Only if this property is not set and transport was not explicitly provided, the endpoint is determined by the GOOGLE_API_USE_MTLS_ENDPOINT environment variable, which have one of the following values: "always" (always use the default mTLS endpoint), "never" (always use the default regular endpoint) and "auto" (auto-switch to the default mTLS endpoint if client certificate is present; this is the default value). 2. If the GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is "true", then the client_cert_source property can be used to provide a client certificate for mTLS transport. If not provided, the default SSL client certificate will be used if present. If GOOGLE_API_USE_CLIENT_CERTIFICATE is "false" or not set, no client certificate will be used. 3. The universe_domain property can be used to override the default "googleapis.com" universe. Note that api_endpoint property still takes precedence; and universe_domain is currently not supported for mTLS.
client_info google.api_core.gapic_v1.client_info.ClientInfo

The client info used to send a user-agent string along with API requests. If None, then default info will be used. Generally, you only need to set this if you're developing your own client library.
Exceptions
Type Description
google.auth.exceptions.MutualTlsChannelError If mutual TLS transport creation failed for any reason.

approve_single_tenant_hsm_instance_proposal

approve_single_tenant_hsm_instance_proposal(
    request: typing.Optional[
        typing.Union[
            google.cloud.kms_v1.types.hsm_management.ApproveSingleTenantHsmInstanceProposalRequest,
            dict,
        ]
    ] = None,
    *,
    name: typing.Optional[str] = None,
    quorum_reply: typing.Optional[
        google.cloud.kms_v1.types.hsm_management.ApproveSingleTenantHsmInstanceProposalRequest.QuorumReply
    ] = None,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> (
    google.cloud.kms_v1.types.hsm_management.ApproveSingleTenantHsmInstanceProposalResponse
)

Approves a xref_SingleTenantHsmInstanceProposal for a given xref_SingleTenantHsmInstance. The proposal must be in the xref_PENDING state.

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import kms_v1

async def sample_approve_single_tenant_hsm_instance_proposal():
    # Create a client
    client = kms_v1.HsmManagementAsyncClient()

    # Initialize request argument(s)
    quorum_reply = kms_v1.QuorumReply()
    quorum_reply.challenge_replies.signed_challenge = b'signed_challenge_blob'
    quorum_reply.challenge_replies.public_key_pem = "public_key_pem_value"

    request = kms_v1.ApproveSingleTenantHsmInstanceProposalRequest(
        quorum_reply=quorum_reply,
        name="name_value",
    )

    # Make the request
    response = await client.approve_single_tenant_hsm_instance_proposal(request=request)

    # Handle the response
    print(response)
Parameters
Name Description
request Optional[Union[google.cloud.kms_v1.types.ApproveSingleTenantHsmInstanceProposalRequest, dict]]

The request object. Request message for HsmManagement.ApproveSingleTenantHsmInstanceProposal.
name str

Required. The name of the SingleTenantHsmInstanceProposal to approve. This corresponds to the name field on the request instance; if request is provided, this should not be set.
quorum_reply QuorumReply

Required. The reply to QuorumParameters for approving the proposal. This corresponds to the quorum_reply field on the request instance; if request is provided, this should not be set.
retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.
timeout float

The timeout for this request.
metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.
Returns
Type Description
google.cloud.kms_v1.types.ApproveSingleTenantHsmInstanceProposalResponse Response message for HsmManagement.ApproveSingleTenantHsmInstanceProposal.

common_billing_account_path

common_billing_account_path(billing_account: str) -> str

Returns a fully-qualified billing_account string.

common_folder_path

common_folder_path(folder: str) -> str

Returns a fully-qualified folder string.

common_location_path

common_location_path(project: str, location: str) -> str

Returns a fully-qualified location string.

common_organization_path

common_organization_path(organization: str) -> str

Returns a fully-qualified organization string.

common_project_path

common_project_path(project: str) -> str

Returns a fully-qualified project string.

create_single_tenant_hsm_instance

create_single_tenant_hsm_instance(
    request: typing.Optional[
        typing.Union[
            google.cloud.kms_v1.types.hsm_management.CreateSingleTenantHsmInstanceRequest,
            dict,
        ]
    ] = None,
    *,
    parent: typing.Optional[str] = None,
    single_tenant_hsm_instance: typing.Optional[
        google.cloud.kms_v1.types.hsm_management.SingleTenantHsmInstance
    ] = None,
    single_tenant_hsm_instance_id: typing.Optional[str] = None,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.api_core.operation_async.AsyncOperation

Creates a new xref_SingleTenantHsmInstance in a given Project and Location. User must create a RegisterTwoFactorAuthKeys proposal with this single-tenant HSM instance to finish setup of the instance.

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import kms_v1

async def sample_create_single_tenant_hsm_instance():
    # Create a client
    client = kms_v1.HsmManagementAsyncClient()

    # Initialize request argument(s)
    single_tenant_hsm_instance = kms_v1.SingleTenantHsmInstance()
    single_tenant_hsm_instance.quorum_auth.total_approver_count = 2170

    request = kms_v1.CreateSingleTenantHsmInstanceRequest(
        parent="parent_value",
        single_tenant_hsm_instance=single_tenant_hsm_instance,
    )

    # Make the request
    operation = client.create_single_tenant_hsm_instance(request=request)

    print("Waiting for operation to complete...")

    response = (await operation).result()

    # Handle the response
    print(response)
Parameters
Name Description
request Optional[Union[google.cloud.kms_v1.types.CreateSingleTenantHsmInstanceRequest, dict]]

The request object. Request message for HsmManagement.CreateSingleTenantHsmInstance.
parent str

Required. The resource name of the location associated with the SingleTenantHsmInstance, in the format projects//locations/. This corresponds to the parent field on the request instance; if request is provided, this should not be set.
single_tenant_hsm_instance SingleTenantHsmInstance

Required. An SingleTenantHsmInstance with initial field values. This corresponds to the single_tenant_hsm_instance field on the request instance; if request is provided, this should not be set.
single_tenant_hsm_instance_id str

Optional. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}. This corresponds to the single_tenant_hsm_instance_id field on the request instance; if request is provided, this should not be set.
retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.
timeout float

The timeout for this request.
metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.
Returns
Type Description
google.api_core.operation_async.AsyncOperation An object representing a long-running operation. The result type for the operation will be SingleTenantHsmInstance A SingleTenantHsmInstance represents a single-tenant HSM instance. It can be used for creating CryptoKeys with a ProtectionLevel of HSM_SINGLE_TENANT][CryptoKeyVersion.ProtectionLevel.HSM_SINGLE_TENANT], as well as performing cryptographic operations using keys created within the SingleTenantHsmInstance.

create_single_tenant_hsm_instance_proposal

create_single_tenant_hsm_instance_proposal(
    request: typing.Optional[
        typing.Union[
            google.cloud.kms_v1.types.hsm_management.CreateSingleTenantHsmInstanceProposalRequest,
            dict,
        ]
    ] = None,
    *,
    parent: typing.Optional[str] = None,
    single_tenant_hsm_instance_proposal: typing.Optional[
        google.cloud.kms_v1.types.hsm_management.SingleTenantHsmInstanceProposal
    ] = None,
    single_tenant_hsm_instance_proposal_id: typing.Optional[str] = None,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.api_core.operation_async.AsyncOperation

Creates a new xref_SingleTenantHsmInstanceProposal for a given xref_SingleTenantHsmInstance.

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import kms_v1

async def sample_create_single_tenant_hsm_instance_proposal():
    # Create a client
    client = kms_v1.HsmManagementAsyncClient()

    # Initialize request argument(s)
    single_tenant_hsm_instance_proposal = kms_v1.SingleTenantHsmInstanceProposal()
    single_tenant_hsm_instance_proposal.register_two_factor_auth_keys.required_approver_count = 2487
    single_tenant_hsm_instance_proposal.register_two_factor_auth_keys.two_factor_public_key_pems = ['two_factor_public_key_pems_value1', 'two_factor_public_key_pems_value2']

    request = kms_v1.CreateSingleTenantHsmInstanceProposalRequest(
        parent="parent_value",
        single_tenant_hsm_instance_proposal=single_tenant_hsm_instance_proposal,
    )

    # Make the request
    operation = client.create_single_tenant_hsm_instance_proposal(request=request)

    print("Waiting for operation to complete...")

    response = (await operation).result()

    # Handle the response
    print(response)
Parameters
Name Description
request Optional[Union[google.cloud.kms_v1.types.CreateSingleTenantHsmInstanceProposalRequest, dict]]

The request object. Request message for HsmManagement.CreateSingleTenantHsmInstanceProposal.
parent str

Required. The name of the SingleTenantHsmInstance associated with the SingleTenantHsmInstanceProposals. This corresponds to the parent field on the request instance; if request is provided, this should not be set.
single_tenant_hsm_instance_proposal SingleTenantHsmInstanceProposal

Required. The SingleTenantHsmInstanceProposal to create. This corresponds to the single_tenant_hsm_instance_proposal field on the request instance; if request is provided, this should not be set.
single_tenant_hsm_instance_proposal_id str

Optional. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}. This corresponds to the single_tenant_hsm_instance_proposal_id field on the request instance; if request is provided, this should not be set.
retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.
timeout float

The timeout for this request.
metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.
Returns
Type Description
google.api_core.operation_async.AsyncOperation An object representing a long-running operation. The result type for the operation will be SingleTenantHsmInstanceProposal A SingleTenantHsmInstanceProposal represents a proposal to perform an operation on a SingleTenantHsmInstance.

delete_single_tenant_hsm_instance_proposal

delete_single_tenant_hsm_instance_proposal(
    request: typing.Optional[
        typing.Union[
            google.cloud.kms_v1.types.hsm_management.DeleteSingleTenantHsmInstanceProposalRequest,
            dict,
        ]
    ] = None,
    *,
    name: typing.Optional[str] = None,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> None

Deletes a xref_SingleTenantHsmInstanceProposal.

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import kms_v1

async def sample_delete_single_tenant_hsm_instance_proposal():
    # Create a client
    client = kms_v1.HsmManagementAsyncClient()

    # Initialize request argument(s)
    request = kms_v1.DeleteSingleTenantHsmInstanceProposalRequest(
        name="name_value",
    )

    # Make the request
    await client.delete_single_tenant_hsm_instance_proposal(request=request)
Parameters
Name Description
request Optional[Union[google.cloud.kms_v1.types.DeleteSingleTenantHsmInstanceProposalRequest, dict]]

The request object. Request message for HsmManagement.DeleteSingleTenantHsmInstanceProposal.
name str

Required. The name of the SingleTenantHsmInstanceProposal to delete. This corresponds to the name field on the request instance; if request is provided, this should not be set.
retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.
timeout float

The timeout for this request.
metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.

execute_single_tenant_hsm_instance_proposal

execute_single_tenant_hsm_instance_proposal(
    request: typing.Optional[
        typing.Union[
            google.cloud.kms_v1.types.hsm_management.ExecuteSingleTenantHsmInstanceProposalRequest,
            dict,
        ]
    ] = None,
    *,
    name: typing.Optional[str] = None,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.api_core.operation_async.AsyncOperation

Executes a xref_SingleTenantHsmInstanceProposal for a given xref_SingleTenantHsmInstance. The proposal must be in the xref_APPROVED state.

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import kms_v1

async def sample_execute_single_tenant_hsm_instance_proposal():
    # Create a client
    client = kms_v1.HsmManagementAsyncClient()

    # Initialize request argument(s)
    request = kms_v1.ExecuteSingleTenantHsmInstanceProposalRequest(
        name="name_value",
    )

    # Make the request
    operation = client.execute_single_tenant_hsm_instance_proposal(request=request)

    print("Waiting for operation to complete...")

    response = (await operation).result()

    # Handle the response
    print(response)
Parameters
Name Description
request Optional[Union[google.cloud.kms_v1.types.ExecuteSingleTenantHsmInstanceProposalRequest, dict]]

The request object. Request message for HsmManagement.ExecuteSingleTenantHsmInstanceProposal.
name str

Required. The name of the SingleTenantHsmInstanceProposal to execute. This corresponds to the name field on the request instance; if request is provided, this should not be set.
retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.
timeout float

The timeout for this request.
metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.
Returns
Type Description
google.api_core.operation_async.AsyncOperation An object representing a long-running operation. The result type for the operation will be ExecuteSingleTenantHsmInstanceProposalResponse Response message for HsmManagement.ExecuteSingleTenantHsmInstanceProposal.

from_service_account_file

from_service_account_file(filename: str, *args, **kwargs)

Creates an instance of this client using the provided credentials file.

Parameter
Name Description
filename str

The path to the service account private key json file.
Returns
Type Description
HsmManagementAsyncClient The constructed client.

from_service_account_info

from_service_account_info(info: dict, *args, **kwargs)

Creates an instance of this client using the provided credentials info.

Parameter
Name Description
info dict

The service account private key info.
Returns
Type Description
HsmManagementAsyncClient The constructed client.

from_service_account_json

from_service_account_json(filename: str, *args, **kwargs)

Creates an instance of this client using the provided credentials file.

Parameter
Name Description
filename str

The path to the service account private key json file.
Returns
Type Description
HsmManagementAsyncClient The constructed client.

get_iam_policy

get_iam_policy(
    request: typing.Optional[google.iam.v1.iam_policy_pb2.GetIamPolicyRequest] = None,
    *,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.iam.v1.policy_pb2.Policy

Gets the IAM access control policy for a function.

Returns an empty policy if the function exists and does not have a policy set.

Parameters
Name Description
request .iam_policy_pb2.GetIamPolicyRequest

The request object. Request message for GetIamPolicy method.
retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.
timeout float

The timeout for this request.
metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.
Returns
Type Description
.policy_pb2.Policy Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources. A Policy is a collection of bindings. A binding binds one or more members to a single role. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions (defined by IAM or configured by users). A binding can optionally specify a condition, which is a logic expression that further constrains the role binding based on attributes about the request and/or target resource. **JSON Example** :: { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": ["user:eve@example.com"], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01t00:00:00.000z')",="" }="" }="" ]="" }="" **yaml="" example**="" ::="" bindings:="" -="" members:="" -="" user:mike@example.com="" -="" group:admins@example.com="" -="" domain:google.com="" -="" serviceaccount:my-project-id@appspot.gserviceaccount.com="" role:="" roles/resourcemanager.organizationadmin="" -="" members:="" -="" user:eve@example.com="" role:="" roles/resourcemanager.organizationviewer="" condition:="" title:="" expirable="" access="" description:="" does="" not="" grant="" access="" after="" sep="" 2020="" expression:="" request.time="">< timestamp('2020-10-01t00:00:00.000z')="" for="" a="" description="" of="" iam="" and="" its="" features,="" see="" the="">IAM developer's guide __.

get_location

get_location(
    request: typing.Optional[
        google.cloud.location.locations_pb2.GetLocationRequest
    ] = None,
    *,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.cloud.location.locations_pb2.Location

Gets information about a location.

Parameters
Name Description
request .location_pb2.GetLocationRequest

The request object. Request message for GetLocation method.
retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.
timeout float

The timeout for this request.
metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.
Returns
Type Description
.location_pb2.Location Location object.

get_mtls_endpoint_and_cert_source

get_mtls_endpoint_and_cert_source(
    client_options: typing.Optional[
        google.api_core.client_options.ClientOptions
    ] = None,
)

Return the API endpoint and client cert source for mutual TLS.

The client cert source is determined in the following order: (1) if GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is not "true", the client cert source is None. (2) if client_options.client_cert_source is provided, use the provided one; if the default client cert source exists, use the default one; otherwise the client cert source is None.

The API endpoint is determined in the following order: (1) if client_options.api_endpoint if provided, use the provided one. (2) if GOOGLE_API_USE_CLIENT_CERTIFICATE environment variable is "always", use the default mTLS endpoint; if the environment variable is "never", use the default API endpoint; otherwise if client cert source exists, use the default mTLS endpoint, otherwise use the default API endpoint.

More details can be found at https://google.aip.dev/auth/4114.

Parameter
Name Description
client_options google.api_core.client_options.ClientOptions

Custom options for the client. Only the api_endpoint and client_cert_source properties may be used in this method.
Exceptions
Type Description
google.auth.exceptions.MutualTLSChannelError If any errors happen.
Returns
Type Description
Tuple[str, Callable[[], Tuple[bytes, bytes]]] returns the API endpoint and the client cert source to use.

get_operation

get_operation(
    request: typing.Optional[
        google.longrunning.operations_pb2.GetOperationRequest
    ] = None,
    *,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.longrunning.operations_pb2.Operation

Gets the latest state of a long-running operation.

Parameters
Name Description
request .operations_pb2.GetOperationRequest

The request object. Request message for GetOperation method.
retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.
timeout float

The timeout for this request.
metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.
Returns
Type Description
.operations_pb2.Operation An Operation object.

get_single_tenant_hsm_instance

get_single_tenant_hsm_instance(
    request: typing.Optional[
        typing.Union[
            google.cloud.kms_v1.types.hsm_management.GetSingleTenantHsmInstanceRequest,
            dict,
        ]
    ] = None,
    *,
    name: typing.Optional[str] = None,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.cloud.kms_v1.types.hsm_management.SingleTenantHsmInstance

Returns metadata for a given xref_SingleTenantHsmInstance.

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import kms_v1

async def sample_get_single_tenant_hsm_instance():
    # Create a client
    client = kms_v1.HsmManagementAsyncClient()

    # Initialize request argument(s)
    request = kms_v1.GetSingleTenantHsmInstanceRequest(
        name="name_value",
    )

    # Make the request
    response = await client.get_single_tenant_hsm_instance(request=request)

    # Handle the response
    print(response)
Parameters
Name Description
request Optional[Union[google.cloud.kms_v1.types.GetSingleTenantHsmInstanceRequest, dict]]

The request object. Request message for HsmManagement.GetSingleTenantHsmInstance.
name str

Required. The name of the SingleTenantHsmInstance to get. This corresponds to the name field on the request instance; if request is provided, this should not be set.
retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.
timeout float

The timeout for this request.
metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.
Returns
Type Description
google.cloud.kms_v1.types.SingleTenantHsmInstance A SingleTenantHsmInstance represents a single-tenant HSM instance. It can be used for creating CryptoKeys with a ProtectionLevel of HSM_SINGLE_TENANT][CryptoKeyVersion.ProtectionLevel.HSM_SINGLE_TENANT], as well as performing cryptographic operations using keys created within the SingleTenantHsmInstance.

get_single_tenant_hsm_instance_proposal

get_single_tenant_hsm_instance_proposal(
    request: typing.Optional[
        typing.Union[
            google.cloud.kms_v1.types.hsm_management.GetSingleTenantHsmInstanceProposalRequest,
            dict,
        ]
    ] = None,
    *,
    name: typing.Optional[str] = None,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.cloud.kms_v1.types.hsm_management.SingleTenantHsmInstanceProposal

Returns metadata for a given xref_SingleTenantHsmInstanceProposal.

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import kms_v1

async def sample_get_single_tenant_hsm_instance_proposal():
    # Create a client
    client = kms_v1.HsmManagementAsyncClient()

    # Initialize request argument(s)
    request = kms_v1.GetSingleTenantHsmInstanceProposalRequest(
        name="name_value",
    )

    # Make the request
    response = await client.get_single_tenant_hsm_instance_proposal(request=request)

    # Handle the response
    print(response)
Parameters
Name Description
request Optional[Union[google.cloud.kms_v1.types.GetSingleTenantHsmInstanceProposalRequest, dict]]

The request object. Request message for HsmManagement.GetSingleTenantHsmInstanceProposal.
name str

Required. The name of the SingleTenantHsmInstanceProposal to get. This corresponds to the name field on the request instance; if request is provided, this should not be set.
retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.
timeout float

The timeout for this request.
metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.
Returns
Type Description
google.cloud.kms_v1.types.SingleTenantHsmInstanceProposal A SingleTenantHsmInstanceProposal represents a proposal to perform an operation on a SingleTenantHsmInstance.

get_transport_class

get_transport_class(
    label: typing.Optional[str] = None,
) -> typing.Type[
    google.cloud.kms_v1.services.hsm_management.transports.base.HsmManagementTransport
]

Returns an appropriate transport class.

Parameter
Name Description
label typing.Optional[str]

The name of the desired transport. If none is provided, then the first transport in the registry is used.

list_locations

list_locations(
    request: typing.Optional[
        google.cloud.location.locations_pb2.ListLocationsRequest
    ] = None,
    *,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.cloud.location.locations_pb2.ListLocationsResponse

Lists information about the supported locations for this service.

Parameters
Name Description
request .location_pb2.ListLocationsRequest

The request object. Request message for ListLocations method.
retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.
timeout float

The timeout for this request.
metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.
Returns
Type Description
.location_pb2.ListLocationsResponse Response message for ListLocations method.

list_single_tenant_hsm_instance_proposals

list_single_tenant_hsm_instance_proposals(
    request: typing.Optional[
        typing.Union[
            google.cloud.kms_v1.types.hsm_management.ListSingleTenantHsmInstanceProposalsRequest,
            dict,
        ]
    ] = None,
    *,
    parent: typing.Optional[str] = None,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> (
    google.cloud.kms_v1.services.hsm_management.pagers.ListSingleTenantHsmInstanceProposalsAsyncPager
)

Lists xref_SingleTenantHsmInstanceProposals.

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import kms_v1

async def sample_list_single_tenant_hsm_instance_proposals():
    # Create a client
    client = kms_v1.HsmManagementAsyncClient()

    # Initialize request argument(s)
    request = kms_v1.ListSingleTenantHsmInstanceProposalsRequest(
        parent="parent_value",
    )

    # Make the request
    page_result = client.list_single_tenant_hsm_instance_proposals(request=request)

    # Handle the response
    async for response in page_result:
        print(response)
Parameters
Name Description
request Optional[Union[google.cloud.kms_v1.types.ListSingleTenantHsmInstanceProposalsRequest, dict]]

The request object. Request message for HsmManagement.ListSingleTenantHsmInstanceProposals.
parent str

Required. The resource name of the single tenant HSM instance associated with the SingleTenantHsmInstanceProposals to list, in the format projects//locations//singleTenantHsmInstances/*. This corresponds to the parent field on the request instance; if request is provided, this should not be set.
retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.
timeout float

The timeout for this request.
metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.
Returns
Type Description
google.cloud.kms_v1.services.hsm_management.pagers.ListSingleTenantHsmInstanceProposalsAsyncPager Response message for HsmManagement.ListSingleTenantHsmInstanceProposals. Iterating over this object will yield results and resolve additional pages automatically.

list_single_tenant_hsm_instances

list_single_tenant_hsm_instances(
    request: typing.Optional[
        typing.Union[
            google.cloud.kms_v1.types.hsm_management.ListSingleTenantHsmInstancesRequest,
            dict,
        ]
    ] = None,
    *,
    parent: typing.Optional[str] = None,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> (
    google.cloud.kms_v1.services.hsm_management.pagers.ListSingleTenantHsmInstancesAsyncPager
)

Lists xref_SingleTenantHsmInstances.

# This snippet has been automatically generated and should be regarded as a
# code template only.
# It will require modifications to work:
# - It may require correct/in-range values for request initialization.
# - It may require specifying regional endpoints when creating the service
#   client as shown in:
#   https://googleapis.dev/python/google-api-core/latest/client_options.html
from google.cloud import kms_v1

async def sample_list_single_tenant_hsm_instances():
    # Create a client
    client = kms_v1.HsmManagementAsyncClient()

    # Initialize request argument(s)
    request = kms_v1.ListSingleTenantHsmInstancesRequest(
        parent="parent_value",
    )

    # Make the request
    page_result = client.list_single_tenant_hsm_instances(request=request)

    # Handle the response
    async for response in page_result:
        print(response)
Parameters
Name Description
request Optional[Union[google.cloud.kms_v1.types.ListSingleTenantHsmInstancesRequest, dict]]

The request object. Request message for HsmManagement.ListSingleTenantHsmInstances.
parent str

Required. The resource name of the location associated with the SingleTenantHsmInstances to list, in the format projects//locations/. This corresponds to the parent field on the request instance; if request is provided, this should not be set.
retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.
timeout float

The timeout for this request.
metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.
Returns
Type Description
google.cloud.kms_v1.services.hsm_management.pagers.ListSingleTenantHsmInstancesAsyncPager Response message for HsmManagement.ListSingleTenantHsmInstances. Iterating over this object will yield results and resolve additional pages automatically.

parse_common_billing_account_path

parse_common_billing_account_path(path: str) -> typing.Dict[str, str]

Parse a billing_account path into its component segments.

parse_common_folder_path

parse_common_folder_path(path: str) -> typing.Dict[str, str]

Parse a folder path into its component segments.

parse_common_location_path

parse_common_location_path(path: str) -> typing.Dict[str, str]

Parse a location path into its component segments.

parse_common_organization_path

parse_common_organization_path(path: str) -> typing.Dict[str, str]

Parse a organization path into its component segments.

parse_common_project_path

parse_common_project_path(path: str) -> typing.Dict[str, str]

Parse a project path into its component segments.

parse_single_tenant_hsm_instance_path

parse_single_tenant_hsm_instance_path(path: str) -> typing.Dict[str, str]

Parses a single_tenant_hsm_instance path into its component segments.

parse_single_tenant_hsm_instance_proposal_path

parse_single_tenant_hsm_instance_proposal_path(path: str) -> typing.Dict[str, str]

Parses a single_tenant_hsm_instance_proposal path into its component segments.

set_iam_policy

set_iam_policy(
    request: typing.Optional[google.iam.v1.iam_policy_pb2.SetIamPolicyRequest] = None,
    *,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.iam.v1.policy_pb2.Policy

Sets the IAM access control policy on the specified function.

Replaces any existing policy.

Parameters
Name Description
request .iam_policy_pb2.SetIamPolicyRequest

The request object. Request message for SetIamPolicy method.
retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.
timeout float

The timeout for this request.
metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.
Returns
Type Description
.policy_pb2.Policy Defines an Identity and Access Management (IAM) policy. It is used to specify access control policies for Cloud Platform resources. A Policy is a collection of bindings. A binding binds one or more members to a single role. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A role is a named list of permissions (defined by IAM or configured by users). A binding can optionally specify a condition, which is a logic expression that further constrains the role binding based on attributes about the request and/or target resource. **JSON Example** :: { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:mike@example.com", "group:admins@example.com", "domain:google.com", "serviceAccount:my-project-id@appspot.gserviceaccount.com" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": ["user:eve@example.com"], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01t00:00:00.000z')",="" }="" }="" ]="" }="" **yaml="" example**="" ::="" bindings:="" -="" members:="" -="" user:mike@example.com="" -="" group:admins@example.com="" -="" domain:google.com="" -="" serviceaccount:my-project-id@appspot.gserviceaccount.com="" role:="" roles/resourcemanager.organizationadmin="" -="" members:="" -="" user:eve@example.com="" role:="" roles/resourcemanager.organizationviewer="" condition:="" title:="" expirable="" access="" description:="" does="" not="" grant="" access="" after="" sep="" 2020="" expression:="" request.time="">< timestamp('2020-10-01t00:00:00.000z')="" for="" a="" description="" of="" iam="" and="" its="" features,="" see="" the="">IAM developer's guide __.

single_tenant_hsm_instance_path

single_tenant_hsm_instance_path(
    project: str, location: str, single_tenant_hsm_instance: str
) -> str

Returns a fully-qualified single_tenant_hsm_instance string.

single_tenant_hsm_instance_proposal_path

single_tenant_hsm_instance_proposal_path(
    project: str, location: str, single_tenant_hsm_instance: str, proposal: str
) -> str

Returns a fully-qualified single_tenant_hsm_instance_proposal string.

test_iam_permissions

test_iam_permissions(
    request: typing.Optional[
        google.iam.v1.iam_policy_pb2.TestIamPermissionsRequest
    ] = None,
    *,
    retry: typing.Optional[
        typing.Union[
            google.api_core.retry.retry_unary_async.AsyncRetry,
            google.api_core.gapic_v1.method._MethodDefault,
        ]
    ] = _MethodDefault._DEFAULT_VALUE,
    timeout: typing.Union[float, object] = _MethodDefault._DEFAULT_VALUE,
    metadata: typing.Sequence[typing.Tuple[str, typing.Union[str, bytes]]] = ()
) -> google.iam.v1.iam_policy_pb2.TestIamPermissionsResponse

Tests the specified IAM permissions against the IAM access control policy for a function.

If the function does not exist, this will return an empty set of permissions, not a NOT_FOUND error.

Parameters
Name Description
request .iam_policy_pb2.TestIamPermissionsRequest

The request object. Request message for TestIamPermissions method.
retry google.api_core.retry_async.AsyncRetry

Designation of what errors, if any, should be retried.
timeout float

The timeout for this request.
metadata Sequence[Tuple[str, Union[str, bytes]]]

Key/value pairs which should be sent along with the request as metadata. Normally, each value must be of type str, but for metadata keys ending with the suffix -bin, the corresponding values must be of type bytes.
Returns
Type Description
.iam_policy_pb2.TestIamPermissionsResponse Response message for TestIamPermissions method.