feat(key_manager): add key scheduled deletion and restoration (#1029)

scaleway-bot · web-flow · commit 8e4fba20d186 · 2025-06-17T14:27:30.000Z
diff --git a/scaleway-async/scaleway_async/key_manager/v1alpha1/__init__.py b/scaleway-async/scaleway_async/key_manager/v1alpha1/__init__.py
@@ -29,6 +29,7 @@
 from .types import ListKeysResponse
 from .types import ProtectKeyRequest
 from .types import PublicKey
+from .types import RestoreKeyRequest
 from .types import RotateKeyRequest
 from .types import SignRequest
 from .types import SignResponse
@@ -68,6 +69,7 @@
     "ListKeysResponse",
     "ProtectKeyRequest",
     "PublicKey",
+    "RestoreKeyRequest",
     "RotateKeyRequest",
     "SignRequest",
     "SignResponse",
diff --git a/scaleway-async/scaleway_async/key_manager/v1alpha1/api.py b/scaleway-async/scaleway_async/key_manager/v1alpha1/api.py
@@ -452,6 +452,7 @@ async def disable_key(
     async def list_keys(
         self,
         *,
+        scheduled_for_deletion: bool,
         region: Optional[ScwRegion] = None,
         organization_id: Optional[str] = None,
         project_id: Optional[str] = None,
@@ -465,6 +466,7 @@ async def list_keys(
         """
         List keys.
         Retrieve a list of keys across all Projects in an Organization or within a specific Project. You must specify the `region`, and either the `organization_id` or the `project_id`.
+        :param scheduled_for_deletion: Filter keys based on their deletion status. By default, only keys not scheduled for deletion are returned in the output.
         :param region: Region to target. If none is passed will use default region from the config.
         :param organization_id: (Optional) Filter by Organization ID.
         :param project_id: (Optional) Filter by Project ID.
@@ -479,7 +481,9 @@ async def list_keys(
         Usage:
         ::
 
-            result = await api.list_keys()
+            result = await api.list_keys(
+                scheduled_for_deletion=False,
+            )
         """
 
         param_region = validate_path_param(
@@ -497,6 +501,7 @@ async def list_keys(
                 "page": page,
                 "page_size": page_size or self.client.default_page_size,
                 "project_id": project_id or self.client.default_project_id,
+                "scheduled_for_deletion": scheduled_for_deletion,
                 "tags": tags,
                 "usage": usage,
             },
@@ -508,6 +513,7 @@ async def list_keys(
     async def list_keys_all(
         self,
         *,
+        scheduled_for_deletion: bool,
         region: Optional[ScwRegion] = None,
         organization_id: Optional[str] = None,
         project_id: Optional[str] = None,
@@ -521,6 +527,7 @@ async def list_keys_all(
         """
         List keys.
         Retrieve a list of keys across all Projects in an Organization or within a specific Project. You must specify the `region`, and either the `organization_id` or the `project_id`.
+        :param scheduled_for_deletion: Filter keys based on their deletion status. By default, only keys not scheduled for deletion are returned in the output.
         :param region: Region to target. If none is passed will use default region from the config.
         :param organization_id: (Optional) Filter by Organization ID.
         :param project_id: (Optional) Filter by Project ID.
@@ -535,14 +542,17 @@ async def list_keys_all(
         Usage:
         ::
 
-            result = await api.list_keys_all()
+            result = await api.list_keys_all(
+                scheduled_for_deletion=False,
+            )
         """
 
         return await fetch_all_pages_async(
             type=ListKeysResponse,
             key="keys",
             fetcher=self.list_keys,
             args={
+                "scheduled_for_deletion": scheduled_for_deletion,
                 "region": region,
                 "organization_id": organization_id,
                 "project_id": project_id,
@@ -876,3 +886,38 @@ async def delete_key_material(
         )
 
         self._throw_on_error(res)
+
+    async def restore_key(
+        self,
+        *,
+        key_id: str,
+        region: Optional[ScwRegion] = None,
+    ) -> Key:
+        """
+        Restore a key.
+        Restore a key and all its rotations scheduled for deletion specified by the `region` and `key_id` parameters.
+        :param key_id:
+        :param region: Region to target. If none is passed will use default region from the config.
+        :return: :class:`Key <Key>`
+
+        Usage:
+        ::
+
+            result = await api.restore_key(
+                key_id="example",
+            )
+        """
+
+        param_region = validate_path_param(
+            "region", region or self.client.default_region
+        )
+        param_key_id = validate_path_param("key_id", key_id)
+
+        res = self._request(
+            "POST",
+            f"/key-manager/v1alpha1/regions/{param_region}/keys/{param_key_id}/restore",
+            body={},
+        )
+
+        self._throw_on_error(res)
+        return unmarshal_Key(res.json())
diff --git a/scaleway-async/scaleway_async/key_manager/v1alpha1/marshalling.py b/scaleway-async/scaleway_async/key_manager/v1alpha1/marshalling.py
@@ -169,6 +169,14 @@ def unmarshal_Key(data: Any) -> Key:
     else:
         args["rotation_policy"] = None
 
+    field = data.get("deletion_requested_at", None)
+    if field is not None:
+        args["deletion_requested_at"] = (
+            parser.isoparse(field) if isinstance(field, str) else field
+        )
+    else:
+        args["deletion_requested_at"] = None
+
     return Key(**args)
 
 
diff --git a/scaleway-async/scaleway_async/key_manager/v1alpha1/types.py b/scaleway-async/scaleway_async/key_manager/v1alpha1/types.py
@@ -201,6 +201,11 @@ class Key:
     Key rotation policy.
     """
 
+    deletion_requested_at: Optional[datetime]
+    """
+    Returns the time at which deletion was requested.
+    """
+
 
 @dataclass
 class CreateKeyRequest:
@@ -482,6 +487,11 @@ class ImportKeyMaterialRequest:
 
 @dataclass
 class ListKeysRequest:
+    scheduled_for_deletion: bool
+    """
+    Filter keys based on their deletion status. By default, only keys not scheduled for deletion are returned in the output.
+    """
+
     region: Optional[ScwRegion]
     """
     Region to target. If none is passed will use default region from the config.
@@ -550,6 +560,16 @@ class PublicKey:
     pem: str
 
 
+@dataclass
+class RestoreKeyRequest:
+    key_id: str
+
+    region: Optional[ScwRegion]
+    """
+    Region to target. If none is passed will use default region from the config.
+    """
+
+
 @dataclass
 class RotateKeyRequest:
     key_id: str
diff --git a/scaleway/scaleway/key_manager/v1alpha1/__init__.py b/scaleway/scaleway/key_manager/v1alpha1/__init__.py
@@ -29,6 +29,7 @@
 from .types import ListKeysResponse
 from .types import ProtectKeyRequest
 from .types import PublicKey
+from .types import RestoreKeyRequest
 from .types import RotateKeyRequest
 from .types import SignRequest
 from .types import SignResponse
@@ -68,6 +69,7 @@
     "ListKeysResponse",
     "ProtectKeyRequest",
     "PublicKey",
+    "RestoreKeyRequest",
     "RotateKeyRequest",
     "SignRequest",
     "SignResponse",
diff --git a/scaleway/scaleway/key_manager/v1alpha1/api.py b/scaleway/scaleway/key_manager/v1alpha1/api.py
@@ -452,6 +452,7 @@ def disable_key(
     def list_keys(
         self,
         *,
+        scheduled_for_deletion: bool,
         region: Optional[ScwRegion] = None,
         organization_id: Optional[str] = None,
         project_id: Optional[str] = None,
@@ -465,6 +466,7 @@ def list_keys(
         """
         List keys.
         Retrieve a list of keys across all Projects in an Organization or within a specific Project. You must specify the `region`, and either the `organization_id` or the `project_id`.
+        :param scheduled_for_deletion: Filter keys based on their deletion status. By default, only keys not scheduled for deletion are returned in the output.
         :param region: Region to target. If none is passed will use default region from the config.
         :param organization_id: (Optional) Filter by Organization ID.
         :param project_id: (Optional) Filter by Project ID.
@@ -479,7 +481,9 @@ def list_keys(
         Usage:
         ::
 
-            result = api.list_keys()
+            result = api.list_keys(
+                scheduled_for_deletion=False,
+            )
         """
 
         param_region = validate_path_param(
@@ -497,6 +501,7 @@ def list_keys(
                 "page": page,
                 "page_size": page_size or self.client.default_page_size,
                 "project_id": project_id or self.client.default_project_id,
+                "scheduled_for_deletion": scheduled_for_deletion,
                 "tags": tags,
                 "usage": usage,
             },
@@ -508,6 +513,7 @@ def list_keys(
     def list_keys_all(
         self,
         *,
+        scheduled_for_deletion: bool,
         region: Optional[ScwRegion] = None,
         organization_id: Optional[str] = None,
         project_id: Optional[str] = None,
@@ -521,6 +527,7 @@ def list_keys_all(
         """
         List keys.
         Retrieve a list of keys across all Projects in an Organization or within a specific Project. You must specify the `region`, and either the `organization_id` or the `project_id`.
+        :param scheduled_for_deletion: Filter keys based on their deletion status. By default, only keys not scheduled for deletion are returned in the output.
         :param region: Region to target. If none is passed will use default region from the config.
         :param organization_id: (Optional) Filter by Organization ID.
         :param project_id: (Optional) Filter by Project ID.
@@ -535,14 +542,17 @@ def list_keys_all(
         Usage:
         ::
 
-            result = api.list_keys_all()
+            result = api.list_keys_all(
+                scheduled_for_deletion=False,
+            )
         """
 
         return fetch_all_pages(
             type=ListKeysResponse,
             key="keys",
             fetcher=self.list_keys,
             args={
+                "scheduled_for_deletion": scheduled_for_deletion,
                 "region": region,
                 "organization_id": organization_id,
                 "project_id": project_id,
@@ -876,3 +886,38 @@ def delete_key_material(
         )
 
         self._throw_on_error(res)
+
+    def restore_key(
+        self,
+        *,
+        key_id: str,
+        region: Optional[ScwRegion] = None,
+    ) -> Key:
+        """
+        Restore a key.
+        Restore a key and all its rotations scheduled for deletion specified by the `region` and `key_id` parameters.
+        :param key_id:
+        :param region: Region to target. If none is passed will use default region from the config.
+        :return: :class:`Key <Key>`
+
+        Usage:
+        ::
+
+            result = api.restore_key(
+                key_id="example",
+            )
+        """
+
+        param_region = validate_path_param(
+            "region", region or self.client.default_region
+        )
+        param_key_id = validate_path_param("key_id", key_id)
+
+        res = self._request(
+            "POST",
+            f"/key-manager/v1alpha1/regions/{param_region}/keys/{param_key_id}/restore",
+            body={},
+        )
+
+        self._throw_on_error(res)
+        return unmarshal_Key(res.json())
diff --git a/scaleway/scaleway/key_manager/v1alpha1/marshalling.py b/scaleway/scaleway/key_manager/v1alpha1/marshalling.py
@@ -169,6 +169,14 @@ def unmarshal_Key(data: Any) -> Key:
     else:
         args["rotation_policy"] = None
 
+    field = data.get("deletion_requested_at", None)
+    if field is not None:
+        args["deletion_requested_at"] = (
+            parser.isoparse(field) if isinstance(field, str) else field
+        )
+    else:
+        args["deletion_requested_at"] = None
+
     return Key(**args)
 
 
diff --git a/scaleway/scaleway/key_manager/v1alpha1/types.py b/scaleway/scaleway/key_manager/v1alpha1/types.py
@@ -201,6 +201,11 @@ class Key:
     Key rotation policy.
     """
 
+    deletion_requested_at: Optional[datetime]
+    """
+    Returns the time at which deletion was requested.
+    """
+
 
 @dataclass
 class CreateKeyRequest:
@@ -482,6 +487,11 @@ class ImportKeyMaterialRequest:
 
 @dataclass
 class ListKeysRequest:
+    scheduled_for_deletion: bool
+    """
+    Filter keys based on their deletion status. By default, only keys not scheduled for deletion are returned in the output.
+    """
+
     region: Optional[ScwRegion]
     """
     Region to target. If none is passed will use default region from the config.
@@ -550,6 +560,16 @@ class PublicKey:
     pem: str
 
 
+@dataclass
+class RestoreKeyRequest:
+    key_id: str
+
+    region: Optional[ScwRegion]
+    """
+    Region to target. If none is passed will use default region from the config.
+    """
+
+
 @dataclass
 class RotateKeyRequest:
     key_id: str
