GoogleCloudPlatform
diff --git a/‎kms/attestations/README.rst‎
Lines changed: 26 additions & 3 deletions b/‎kms/attestations/README.rst‎
Lines changed: 26 additions & 3 deletions
diff --git a/‎kms/attestations/noxfile.py‎
Lines changed: 1 addition & 2 deletions b/‎kms/attestations/noxfile.py‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎kms/snippets/create_key_asymmetric_decrypt.py‎
Lines changed: 3 additions & 3 deletions b/‎kms/snippets/create_key_asymmetric_decrypt.py‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎kms/snippets/create_key_asymmetric_sign.py‎
Lines changed: 3 additions & 3 deletions b/‎kms/snippets/create_key_asymmetric_sign.py‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎kms/snippets/create_key_hsm.py‎
Lines changed: 4 additions & 4 deletions b/‎kms/snippets/create_key_hsm.py‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎kms/snippets/create_key_labels.py‎
Lines changed: 3 additions & 3 deletions b/‎kms/snippets/create_key_labels.py‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎kms/snippets/create_key_ring.py‎
Lines changed: 2 additions & 2 deletions b/‎kms/snippets/create_key_ring.py‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎kms/snippets/create_key_rotation_schedule.py‎
Lines changed: 3 additions & 3 deletions b/‎kms/snippets/create_key_rotation_schedule.py‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎kms/snippets/create_key_symmetric_encrypt_decrypt.py‎
Lines changed: 3 additions & 3 deletions b/‎kms/snippets/create_key_symmetric_encrypt_decrypt.py‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎kms/snippets/create_key_version.py‎
Lines changed: 1 addition & 1 deletion b/‎kms/snippets/create_key_version.py‎
Lines changed: 1 addition & 1 deletion
@@ -32,7 +32,7 @@ Install Dependencies
    .. _Python Development Environment Setup Guide:
        https://cloud.google.com/python/setup
 
-#. Create a virtualenv. Samples are compatible with Python 2.7 and 3.4+.
+#. Create a virtualenv. Samples are compatible with Python 3.6+.
 
     .. code-block:: bash
 
@@ -48,9 +48,15 @@ Install Dependencies
 .. _pip: https://pip.pypa.io/
 .. _virtualenv: https://virtualenv.pypa.io/
 
+
+
+
+
+
 Samples
 -------------------------------------------------------------------------------
 
+
 Verify attestations for keys generated by Cloud HSM
 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 
@@ -66,9 +72,26 @@ To run this sample:
 
     $ python verify_attestation.py
 
-    
+
+    usage: verify_attestation.py [-h] attestation_file bundle_file
+
+    This application verifies HSM attestations using certificate bundles obtained
+    from Cloud HSM. For more information, visit
+    https://cloud.google.com/kms/docs/attest-key.
+
+    positional arguments:
+      attestation_file  Name of attestation file.
+      bundle_file       Name of certificate bundle file.
+
+    optional arguments:
+      -h, --help        show this help message and exit
+
+
+
+
+
 
 
 
 
-.. _Google Cloud SDK: https://cloud.google.com/sdk/
+.. _Google Cloud SDK: https://cloud.google.com/sdk/
@@ -43,7 +43,7 @@
     # to 'BUILD_SPECIFIC_GCLOUD_PROJECT' if you want to opt in using a
     # build specific Cloud project. You can also use your own string
     # to use your own Cloud project.
-    'gcloud_project_env': 'GCLOUD_PROJECT',
+    'gcloud_project_env': 'GOOGLE_CLOUD_PROJECT',
     # 'gcloud_project_env': 'BUILD_SPECIFIC_GCLOUD_PROJECT',
 
     # A dictionary you want to inject into your test. Don't put any
@@ -72,7 +72,6 @@ def get_pytest_env_vars():
     env_key = TEST_CONFIG['gcloud_project_env']
     # This should error out if not set.
     ret['GOOGLE_CLOUD_PROJECT'] = os.environ[env_key]
-    ret['GCLOUD_PROJECT'] = os.environ[env_key]
 
     # Apply user supplied envs.
     ret.update(TEST_CONFIG['envs'])
 
@@ -38,8 +38,8 @@ def create_key_asymmetric_decrypt(project_id, location_id, key_ring_id, id):
     key_ring_name = client.key_ring_path(project_id, location_id, key_ring_id)
 
     # Build the key.
-    purpose = kms.enums.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT
-    algorithm = kms.enums.CryptoKeyVersion.CryptoKeyVersionAlgorithm.RSA_DECRYPT_OAEP_2048_SHA256
+    purpose = kms.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT
+    algorithm = kms.CryptoKeyVersion.CryptoKeyVersionAlgorithm.RSA_DECRYPT_OAEP_2048_SHA256
     key = {
         'purpose': purpose,
         'version_template': {
@@ -48,7 +48,7 @@ def create_key_asymmetric_decrypt(project_id, location_id, key_ring_id, id):
     }
 
     # Call the API.
-    created_key = client.create_crypto_key(key_ring_name, id, key)
+    created_key = client.create_crypto_key(request={'parent': key_ring_name, 'crypto_key_id': id, 'crypto_key': key})
     print('Created asymmetric decrypt key: {}'.format(created_key.name))
     return created_key
 # [END kms_create_key_asymmetric_decrypt]
@@ -38,8 +38,8 @@ def create_key_asymmetric_sign(project_id, location_id, key_ring_id, id):
     key_ring_name = client.key_ring_path(project_id, location_id, key_ring_id)
 
     # Build the key.
-    purpose = kms.enums.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN
-    algorithm = kms.enums.CryptoKeyVersion.CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_2048_SHA256
+    purpose = kms.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN
+    algorithm = kms.CryptoKeyVersion.CryptoKeyVersionAlgorithm.RSA_SIGN_PKCS1_2048_SHA256
     key = {
         'purpose': purpose,
         'version_template': {
@@ -48,7 +48,7 @@ def create_key_asymmetric_sign(project_id, location_id, key_ring_id, id):
     }
 
     # Call the API.
-    created_key = client.create_crypto_key(key_ring_name, id, key)
+    created_key = client.create_crypto_key(request={'parent': key_ring_name, 'crypto_key_id': id, 'crypto_key': key})
     print('Created asymmetric signing key: {}'.format(created_key.name))
     return created_key
 # [END kms_create_key_asymmetric_sign]
@@ -38,9 +38,9 @@ def create_key_hsm(project_id, location_id, key_ring_id, id):
     key_ring_name = client.key_ring_path(project_id, location_id, key_ring_id)
 
     # Build the key.
-    purpose = kms.enums.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT
-    algorithm = kms.enums.CryptoKeyVersion.CryptoKeyVersionAlgorithm.GOOGLE_SYMMETRIC_ENCRYPTION
-    protection_level = kms.enums.ProtectionLevel.HSM
+    purpose = kms.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT
+    algorithm = kms.CryptoKeyVersion.CryptoKeyVersionAlgorithm.GOOGLE_SYMMETRIC_ENCRYPTION
+    protection_level = kms.ProtectionLevel.HSM
     key = {
         'purpose': purpose,
         'version_template': {
@@ -50,7 +50,7 @@ def create_key_hsm(project_id, location_id, key_ring_id, id):
     }
 
     # Call the API.
-    created_key = client.create_crypto_key(key_ring_name, id, key)
+    created_key = client.create_crypto_key(request={'parent': key_ring_name, 'crypto_key_id': id, 'crypto_key': key})
     print('Created hsm key: {}'.format(created_key.name))
     return created_key
 # [END kms_create_key_hsm]
@@ -38,8 +38,8 @@ def create_key_labels(project_id, location_id, key_ring_id, id):
     key_ring_name = client.key_ring_path(project_id, location_id, key_ring_id)
 
     # Build the key.
-    purpose = kms.enums.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT
-    algorithm = kms.enums.CryptoKeyVersion.CryptoKeyVersionAlgorithm.GOOGLE_SYMMETRIC_ENCRYPTION
+    purpose = kms.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT
+    algorithm = kms.CryptoKeyVersion.CryptoKeyVersionAlgorithm.GOOGLE_SYMMETRIC_ENCRYPTION
     key = {
         'purpose': purpose,
         'version_template': {
@@ -52,7 +52,7 @@ def create_key_labels(project_id, location_id, key_ring_id, id):
     }
 
     # Call the API.
-    created_key = client.create_crypto_key(key_ring_name, id, key)
+    created_key = client.create_crypto_key(request={'parent': key_ring_name, 'crypto_key_id': id, 'crypto_key': key})
     print('Created labeled key: {}'.format(created_key.name))
     return created_key
 # [END kms_create_key_labels]
@@ -34,13 +34,13 @@ def create_key_ring(project_id, location_id, id):
     client = kms.KeyManagementServiceClient()
 
     # Build the parent location name.
-    location_name = client.location_path(project_id, location_id)
+    location_name = f'projects/{project_id}/locations/{location_id}'
 
     # Build the key ring.
     key_ring = {}
 
     # Call the API.
-    created_key_ring = client.create_key_ring(location_name, id, key_ring)
+    created_key_ring = client.create_key_ring(request={'parent': location_name, 'key_ring_id': id, 'key_ring': key_ring})
     print('Created key ring: {}'.format(created_key_ring.name))
     return created_key_ring
 # [END kms_create_key_ring]
@@ -41,8 +41,8 @@ def create_key_rotation_schedule(project_id, location_id, key_ring_id, id):
     key_ring_name = client.key_ring_path(project_id, location_id, key_ring_id)
 
     # Build the key.
-    purpose = kms.enums.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT
-    algorithm = kms.enums.CryptoKeyVersion.CryptoKeyVersionAlgorithm.GOOGLE_SYMMETRIC_ENCRYPTION
+    purpose = kms.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT
+    algorithm = kms.CryptoKeyVersion.CryptoKeyVersionAlgorithm.GOOGLE_SYMMETRIC_ENCRYPTION
     key = {
         'purpose': purpose,
         'version_template': {
@@ -61,7 +61,7 @@ def create_key_rotation_schedule(project_id, location_id, key_ring_id, id):
     }
 
     # Call the API.
-    created_key = client.create_crypto_key(key_ring_name, id, key)
+    created_key = client.create_crypto_key(request={'parent': key_ring_name, 'crypto_key_id': id, 'crypto_key': key})
     print('Created labeled key: {}'.format(created_key.name))
     return created_key
 # [END kms_create_key_rotation_schedule]
@@ -38,8 +38,8 @@ def create_key_symmetric_encrypt_decrypt(project_id, location_id, key_ring_id, i
     key_ring_name = client.key_ring_path(project_id, location_id, key_ring_id)
 
     # Build the key.
-    purpose = kms.enums.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT
-    algorithm = kms.enums.CryptoKeyVersion.CryptoKeyVersionAlgorithm.GOOGLE_SYMMETRIC_ENCRYPTION
+    purpose = kms.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT
+    algorithm = kms.CryptoKeyVersion.CryptoKeyVersionAlgorithm.GOOGLE_SYMMETRIC_ENCRYPTION
     key = {
         'purpose': purpose,
         'version_template': {
@@ -48,7 +48,7 @@ def create_key_symmetric_encrypt_decrypt(project_id, location_id, key_ring_id, i
     }
 
     # Call the API.
-    created_key = client.create_crypto_key(key_ring_name, id, key)
+    created_key = client.create_crypto_key(request={'parent': key_ring_name, 'crypto_key_id': id, 'crypto_key': key})
     print('Created symmetric key: {}'.format(created_key.name))
     return created_key
 # [END kms_create_key_symmetric_encrypt_decrypt]
@@ -41,7 +41,7 @@ def create_key_version(project_id, location_id, key_ring_id, key_id):
     version = {}
 
     # Call the API.
-    created_version = client.create_crypto_key_version(key_name, version)
+    created_version = client.create_crypto_key_version(request={'parent': key_name, 'crypto_key_version': version})
     print('Created key version: {}'.format(created_version.name))
     return created_version
 # [END kms_create_key_version]