Adds snippet for restoring a key version

Author: Walter Poupore

kms/src/main/java/com/example/SnippetCommands.java

@@ -109,6 +109,12 @@ public void run() throws IOException {
     }
   }
 
+  public static class RestoreCryptoKeyVersionCommand extends KeyVersionArgs implements Command {
+    public void run() throws IOException {
+      Snippets.restoreCryptoKeyVersion(projectId, locationId, keyRingId, cryptoKeyId, version);
+    }
+  }
+
   public static class SetPrimaryVersionCommand extends KeyVersionArgs implements Command {
 
     public void run() throws IOException {
@@ -206,6 +212,7 @@ public void run() throws IOException {
       @SubCommand(name = "listCryptoKeyVersions", impl = ListCryptoKeyVersionsCommand.class),
       @SubCommand(name = "disableCryptoKeyVersion", impl = DisableCryptoKeyVersionCommand.class),
       @SubCommand(name = "destroyCryptoKeyVersion", impl = DestroyCryptoKeyVersionCommand.class),
+      @SubCommand(name = "restoreCryptoKeyVersion", impl = RestoreCryptoKeyVersionCommand.class),
       @SubCommand(name = "getKeyRingPolicy", impl = GetKeyRingPolicyCommand.class),
       @SubCommand(name = "getCryptoKeyPolicy", impl = GetCryptoKeyPolicyCommand.class),
       @SubCommand(name = "setPrimaryVersion", impl = SetPrimaryVersionCommand.class),

kms/src/main/java/com/example/Snippets.java

@@ -26,6 +26,7 @@
 import com.google.api.services.cloudkms.v1.model.CryptoKey;
 import com.google.api.services.cloudkms.v1.model.CryptoKeyVersion;
 import com.google.api.services.cloudkms.v1.model.DestroyCryptoKeyVersionRequest;
+import com.google.api.services.cloudkms.v1.model.RestoreCryptoKeyVersionRequest;
 import com.google.api.services.cloudkms.v1.model.KeyRing;
 import com.google.api.services.cloudkms.v1.model.ListCryptoKeyVersionsResponse;
 import com.google.api.services.cloudkms.v1.model.ListCryptoKeysResponse;
@@ -206,6 +207,34 @@ public static CryptoKeyVersion destroyCryptoKeyVersion(
   }
   // [END kms_destroy_cryptokey_version]
 
+  // [START kms_restore_cryptokey_version]
+
+  /**
+   * Restores the given version of a crypto key that is currently scheduled for destruction.
+   */
+  public static CryptoKeyVersion restoreCryptoKeyVersion(
+      String projectId, String locationId, String keyRingId, String cryptoKeyId, String version)
+      throws IOException {
+    // Create the Cloud KMS client.
+    CloudKMS kms = createAuthorizedClient();
+
+    // The resource name of the cryptoKey version
+    String cryptoKeyVersion = String.format(
+        "projects/%s/locations/%s/keyRings/%s/cryptoKeys/%s/cryptoKeyVersions/%s",
+        projectId, locationId, keyRingId, cryptoKeyId, version);
+
+    RestoreCryptoKeyVersionRequest restoreRequest = new RestoreCryptoKeyVersionRequest();
+
+    CryptoKeyVersion restored = kms.projects().locations().keyRings().cryptoKeys()
+        .cryptoKeyVersions()
+        .restore(cryptoKeyVersion, restoreRequest)
+        .execute();
+
+    System.out.println(restored);
+    return restored;
+  }
+  // [END kms_destroy_cryptokey_version]
+
   // [START kms_get_cryptokey_policy]
 
   /**

kms/src/test/java/com/example/SnippetsIT.java

@@ -204,6 +204,24 @@ public void destroyCryptoKeyVersion_destroys() throws Exception {
         KEY_RING_ID, CRYPTO_KEY_ID, version));
   }
 
+
+  @Test
+  public void restoreCryptoKeyVersion_restores() throws Exception {
+    Snippets.createCryptoKeyVersion(PROJECT_ID, LOCATION_ID, KEY_RING_ID, CRYPTO_KEY_ID);
+
+    Matcher matcher = Pattern.compile(".*cryptoKeyVersions/(\\d+)\",\"state\":\"DESTROY_SCHEDULED\".*",
+        Pattern.DOTALL | Pattern.MULTILINE).matcher(bout.toString().trim());
+    assertTrue(matcher.matches());
+
+    String version = matcher.group(1);
+
+    Snippets.restoreCryptoKeyVersion(PROJECT_ID, LOCATION_ID, KEY_RING_ID, CRYPTO_KEY_ID, version);
+
+    assertThat(bout.toString()).containsMatch(String.format(
+        "keyRings/%s/cryptoKeys/%s/cryptoKeyVersions/%s\",\"state\":\"DISABLED\"",
+        KEY_RING_ID, CRYPTO_KEY_ID, version));
+  }
+
   @Test
   public void setPrimaryVersion_createKeyAndSetPrimaryVersion() throws Exception {
     // We can't test that setPrimaryVersion actually took effect via a list call because of