@Generated(value="by gapic-generator") @BetaApi public class KeyManagementServiceClient extends Object implements BackgroundResource
Manages cryptographic keys and operations using those keys. Implements a REST model with the following objects:
* [KeyRing][google.cloud.kms.v1.KeyRing] * [CryptoKey][google.cloud.kms.v1.CryptoKey] * [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
If you are using manual gRPC libraries, see [Using gRPC with Cloud KMS](https://cloud.google.com/kms/docs/grpc).
This class provides the ability to make remote calls to the backing service through method calls that map to API methods. Sample code to get started:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyRingName name = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
KeyRing response = keyManagementServiceClient.getKeyRing(name);
}
Note: close() needs to be called on the keyManagementServiceClient object to clean up resources such as threads. In the example above, try-with-resources is used, which automatically calls close().
The surface of this class includes several types of Java methods for each of the API's methods:
See the individual methods for example code.
Many parameters require resource names to be formatted in a particular way. To assist with these names, this class includes a format method for each type of name, and additionally a parse method to extract the individual identifiers contained within names that are returned.
This class can be customized by passing in a custom instance of KeyManagementServiceSettings to create(). For example:
To customize credentials:
KeyManagementServiceSettings keyManagementServiceSettings =
KeyManagementServiceSettings.newBuilder()
.setCredentialsProvider(FixedCredentialsProvider.create(myCredentials))
.build();
KeyManagementServiceClient keyManagementServiceClient =
KeyManagementServiceClient.create(keyManagementServiceSettings);
To customize the endpoint:
KeyManagementServiceSettings keyManagementServiceSettings =
KeyManagementServiceSettings.newBuilder().setEndpoint(myEndpoint).build();
KeyManagementServiceClient keyManagementServiceClient =
KeyManagementServiceClient.create(keyManagementServiceSettings);
| Modifier and Type | Class and Description |
|---|---|
static class |
KeyManagementServiceClient.ListCryptoKeysFixedSizeCollection |
static class |
KeyManagementServiceClient.ListCryptoKeysPage |
static class |
KeyManagementServiceClient.ListCryptoKeysPagedResponse |
static class |
KeyManagementServiceClient.ListCryptoKeyVersionsFixedSizeCollection |
static class |
KeyManagementServiceClient.ListCryptoKeyVersionsPage |
static class |
KeyManagementServiceClient.ListCryptoKeyVersionsPagedResponse |
static class |
KeyManagementServiceClient.ListKeyRingsFixedSizeCollection |
static class |
KeyManagementServiceClient.ListKeyRingsPage |
static class |
KeyManagementServiceClient.ListKeyRingsPagedResponse |
| Modifier | Constructor and Description |
|---|---|
protected |
KeyManagementServiceClient(KeyManagementServiceSettings settings)
Constructs an instance of KeyManagementServiceClient, using the given settings.
|
protected |
KeyManagementServiceClient(KeyManagementServiceStub stub) |
| Modifier and Type | Method and Description |
|---|---|
com.google.cloud.kms.v1.AsymmetricDecryptResponse |
asymmetricDecrypt(com.google.cloud.kms.v1.AsymmetricDecryptRequest request)
Decrypts data that was encrypted with a public key retrieved from
[GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey] corresponding to a
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
[CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_DECRYPT.
|
com.google.cloud.kms.v1.AsymmetricDecryptResponse |
asymmetricDecrypt(com.google.cloud.kms.v1.CryptoKeyVersionName name,
ByteString ciphertext)
Decrypts data that was encrypted with a public key retrieved from
[GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey] corresponding to a
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
[CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_DECRYPT.
|
com.google.cloud.kms.v1.AsymmetricDecryptResponse |
asymmetricDecrypt(String name,
ByteString ciphertext)
Decrypts data that was encrypted with a public key retrieved from
[GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey] corresponding to a
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
[CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_DECRYPT.
|
UnaryCallable<com.google.cloud.kms.v1.AsymmetricDecryptRequest,com.google.cloud.kms.v1.AsymmetricDecryptResponse> |
asymmetricDecryptCallable()
Decrypts data that was encrypted with a public key retrieved from
[GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey] corresponding to a
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
[CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_DECRYPT.
|
com.google.cloud.kms.v1.AsymmetricSignResponse |
asymmetricSign(com.google.cloud.kms.v1.AsymmetricSignRequest request)
Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
[CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_SIGN, producing a
signature that can be verified with the public key retrieved from
[GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
|
com.google.cloud.kms.v1.AsymmetricSignResponse |
asymmetricSign(com.google.cloud.kms.v1.CryptoKeyVersionName name,
com.google.cloud.kms.v1.Digest digest)
Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
[CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_SIGN, producing a
signature that can be verified with the public key retrieved from
[GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
|
com.google.cloud.kms.v1.AsymmetricSignResponse |
asymmetricSign(String name,
com.google.cloud.kms.v1.Digest digest)
Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
[CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_SIGN, producing a
signature that can be verified with the public key retrieved from
[GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
|
UnaryCallable<com.google.cloud.kms.v1.AsymmetricSignRequest,com.google.cloud.kms.v1.AsymmetricSignResponse> |
asymmetricSignCallable()
Signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with
[CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_SIGN, producing a
signature that can be verified with the public key retrieved from
[GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
|
boolean |
awaitTermination(long duration,
TimeUnit unit) |
void |
close() |
static KeyManagementServiceClient |
create()
Constructs an instance of KeyManagementServiceClient with default settings.
|
static KeyManagementServiceClient |
create(KeyManagementServiceSettings settings)
Constructs an instance of KeyManagementServiceClient, using the given settings.
|
static KeyManagementServiceClient |
create(KeyManagementServiceStub stub)
Constructs an instance of KeyManagementServiceClient, using the given stub for making calls.
|
com.google.cloud.kms.v1.CryptoKey |
createCryptoKey(com.google.cloud.kms.v1.CreateCryptoKeyRequest request)
Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a
[KeyRing][google.cloud.kms.v1.KeyRing].
|
com.google.cloud.kms.v1.CryptoKey |
createCryptoKey(com.google.cloud.kms.v1.KeyRingName parent,
String cryptoKeyId,
com.google.cloud.kms.v1.CryptoKey cryptoKey)
Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a
[KeyRing][google.cloud.kms.v1.KeyRing].
|
com.google.cloud.kms.v1.CryptoKey |
createCryptoKey(String parent,
String cryptoKeyId,
com.google.cloud.kms.v1.CryptoKey cryptoKey)
Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a
[KeyRing][google.cloud.kms.v1.KeyRing].
|
UnaryCallable<com.google.cloud.kms.v1.CreateCryptoKeyRequest,com.google.cloud.kms.v1.CryptoKey> |
createCryptoKeyCallable()
Create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a
[KeyRing][google.cloud.kms.v1.KeyRing].
|
com.google.cloud.kms.v1.CryptoKeyVersion |
createCryptoKeyVersion(com.google.cloud.kms.v1.CreateCryptoKeyVersionRequest request)
Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a
[CryptoKey][google.cloud.kms.v1.CryptoKey].
|
com.google.cloud.kms.v1.CryptoKeyVersion |
createCryptoKeyVersion(com.google.cloud.kms.v1.CryptoKeyName parent,
com.google.cloud.kms.v1.CryptoKeyVersion cryptoKeyVersion)
Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a
[CryptoKey][google.cloud.kms.v1.CryptoKey].
|
com.google.cloud.kms.v1.CryptoKeyVersion |
createCryptoKeyVersion(String parent,
com.google.cloud.kms.v1.CryptoKeyVersion cryptoKeyVersion)
Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a
[CryptoKey][google.cloud.kms.v1.CryptoKey].
|
UnaryCallable<com.google.cloud.kms.v1.CreateCryptoKeyVersionRequest,com.google.cloud.kms.v1.CryptoKeyVersion> |
createCryptoKeyVersionCallable()
Create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a
[CryptoKey][google.cloud.kms.v1.CryptoKey].
|
com.google.cloud.kms.v1.KeyRing |
createKeyRing(com.google.cloud.kms.v1.CreateKeyRingRequest request)
Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and Location.
|
com.google.cloud.kms.v1.KeyRing |
createKeyRing(com.google.cloud.kms.v1.LocationName parent,
String keyRingId,
com.google.cloud.kms.v1.KeyRing keyRing)
Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and Location.
|
com.google.cloud.kms.v1.KeyRing |
createKeyRing(String parent,
String keyRingId,
com.google.cloud.kms.v1.KeyRing keyRing)
Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and Location.
|
UnaryCallable<com.google.cloud.kms.v1.CreateKeyRingRequest,com.google.cloud.kms.v1.KeyRing> |
createKeyRingCallable()
Create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and Location.
|
com.google.cloud.kms.v1.DecryptResponse |
decrypt(com.google.cloud.kms.v1.CryptoKeyName name,
ByteString ciphertext)
Decrypts data that was protected by
[Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
|
com.google.cloud.kms.v1.DecryptResponse |
decrypt(com.google.cloud.kms.v1.DecryptRequest request)
Decrypts data that was protected by
[Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
|
com.google.cloud.kms.v1.DecryptResponse |
decrypt(String name,
ByteString ciphertext)
Decrypts data that was protected by
[Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
|
UnaryCallable<com.google.cloud.kms.v1.DecryptRequest,com.google.cloud.kms.v1.DecryptResponse> |
decryptCallable()
Decrypts data that was protected by
[Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
|
com.google.cloud.kms.v1.CryptoKeyVersion |
destroyCryptoKeyVersion(com.google.cloud.kms.v1.CryptoKeyVersionName name)
Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for destruction.
|
com.google.cloud.kms.v1.CryptoKeyVersion |
destroyCryptoKeyVersion(com.google.cloud.kms.v1.DestroyCryptoKeyVersionRequest request)
Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for destruction.
|
com.google.cloud.kms.v1.CryptoKeyVersion |
destroyCryptoKeyVersion(String name)
Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for destruction.
|
UnaryCallable<com.google.cloud.kms.v1.DestroyCryptoKeyVersionRequest,com.google.cloud.kms.v1.CryptoKeyVersion> |
destroyCryptoKeyVersionCallable()
Schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for destruction.
|
com.google.cloud.kms.v1.EncryptResponse |
encrypt(com.google.cloud.kms.v1.CryptoKeyPathName name,
ByteString plaintext)
Encrypts data, so that it can only be recovered by a call to
[Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt].
|
com.google.cloud.kms.v1.EncryptResponse |
encrypt(com.google.cloud.kms.v1.EncryptRequest request)
Encrypts data, so that it can only be recovered by a call to
[Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt].
|
com.google.cloud.kms.v1.EncryptResponse |
encrypt(String name,
ByteString plaintext)
Encrypts data, so that it can only be recovered by a call to
[Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt].
|
UnaryCallable<com.google.cloud.kms.v1.EncryptRequest,com.google.cloud.kms.v1.EncryptResponse> |
encryptCallable()
Encrypts data, so that it can only be recovered by a call to
[Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt].
|
com.google.cloud.kms.v1.CryptoKey |
getCryptoKey(com.google.cloud.kms.v1.CryptoKeyName name)
Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as well as its
[primary][google.cloud.kms.v1.CryptoKey.primary]
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
com.google.cloud.kms.v1.CryptoKey |
getCryptoKey(com.google.cloud.kms.v1.GetCryptoKeyRequest request)
Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as well as its
[primary][google.cloud.kms.v1.CryptoKey.primary]
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
com.google.cloud.kms.v1.CryptoKey |
getCryptoKey(String name)
Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as well as its
[primary][google.cloud.kms.v1.CryptoKey.primary]
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
UnaryCallable<com.google.cloud.kms.v1.GetCryptoKeyRequest,com.google.cloud.kms.v1.CryptoKey> |
getCryptoKeyCallable()
Returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as well as its
[primary][google.cloud.kms.v1.CryptoKey.primary]
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
com.google.cloud.kms.v1.CryptoKeyVersion |
getCryptoKeyVersion(com.google.cloud.kms.v1.CryptoKeyVersionName name)
Returns metadata for a given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
com.google.cloud.kms.v1.CryptoKeyVersion |
getCryptoKeyVersion(com.google.cloud.kms.v1.GetCryptoKeyVersionRequest request)
Returns metadata for a given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
com.google.cloud.kms.v1.CryptoKeyVersion |
getCryptoKeyVersion(String name)
Returns metadata for a given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
UnaryCallable<com.google.cloud.kms.v1.GetCryptoKeyVersionRequest,com.google.cloud.kms.v1.CryptoKeyVersion> |
getCryptoKeyVersionCallable()
Returns metadata for a given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
com.google.iam.v1.Policy |
getIamPolicy(com.google.iam.v1.GetIamPolicyRequest request)
Gets the access control policy for a resource.
|
com.google.iam.v1.Policy |
getIamPolicy(com.google.cloud.kms.v1.KeyName resource)
Gets the access control policy for a resource.
|
com.google.iam.v1.Policy |
getIamPolicy(String resource)
Gets the access control policy for a resource.
|
UnaryCallable<com.google.iam.v1.GetIamPolicyRequest,com.google.iam.v1.Policy> |
getIamPolicyCallable()
Gets the access control policy for a resource.
|
com.google.cloud.kms.v1.KeyRing |
getKeyRing(com.google.cloud.kms.v1.GetKeyRingRequest request)
Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing].
|
com.google.cloud.kms.v1.KeyRing |
getKeyRing(com.google.cloud.kms.v1.KeyRingName name)
Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing].
|
com.google.cloud.kms.v1.KeyRing |
getKeyRing(String name)
Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing].
|
UnaryCallable<com.google.cloud.kms.v1.GetKeyRingRequest,com.google.cloud.kms.v1.KeyRing> |
getKeyRingCallable()
Returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing].
|
com.google.cloud.kms.v1.PublicKey |
getPublicKey(com.google.cloud.kms.v1.CryptoKeyVersionName name)
Returns the public key for the given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
com.google.cloud.kms.v1.PublicKey |
getPublicKey(com.google.cloud.kms.v1.GetPublicKeyRequest request)
Returns the public key for the given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
com.google.cloud.kms.v1.PublicKey |
getPublicKey(String name)
Returns the public key for the given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
UnaryCallable<com.google.cloud.kms.v1.GetPublicKeyRequest,com.google.cloud.kms.v1.PublicKey> |
getPublicKeyCallable()
Returns the public key for the given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
|
KeyManagementServiceSettings |
getSettings() |
KeyManagementServiceStub |
getStub() |
boolean |
isShutdown() |
boolean |
isTerminated() |
KeyManagementServiceClient.ListCryptoKeysPagedResponse |
listCryptoKeys(com.google.cloud.kms.v1.KeyRingName parent)
Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey].
|
KeyManagementServiceClient.ListCryptoKeysPagedResponse |
listCryptoKeys(com.google.cloud.kms.v1.ListCryptoKeysRequest request)
Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey].
|
KeyManagementServiceClient.ListCryptoKeysPagedResponse |
listCryptoKeys(String parent)
Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey].
|
UnaryCallable<com.google.cloud.kms.v1.ListCryptoKeysRequest,com.google.cloud.kms.v1.ListCryptoKeysResponse> |
listCryptoKeysCallable()
Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey].
|
UnaryCallable<com.google.cloud.kms.v1.ListCryptoKeysRequest,KeyManagementServiceClient.ListCryptoKeysPagedResponse> |
listCryptoKeysPagedCallable()
Lists [CryptoKeys][google.cloud.kms.v1.CryptoKey].
|
KeyManagementServiceClient.ListCryptoKeyVersionsPagedResponse |
listCryptoKeyVersions(com.google.cloud.kms.v1.CryptoKeyName parent)
Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
|
KeyManagementServiceClient.ListCryptoKeyVersionsPagedResponse |
listCryptoKeyVersions(com.google.cloud.kms.v1.ListCryptoKeyVersionsRequest request)
Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
|
KeyManagementServiceClient.ListCryptoKeyVersionsPagedResponse |
listCryptoKeyVersions(String parent)
Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
|
UnaryCallable<com.google.cloud.kms.v1.ListCryptoKeyVersionsRequest,com.google.cloud.kms.v1.ListCryptoKeyVersionsResponse> |
listCryptoKeyVersionsCallable()
Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
|
UnaryCallable<com.google.cloud.kms.v1.ListCryptoKeyVersionsRequest,KeyManagementServiceClient.ListCryptoKeyVersionsPagedResponse> |
listCryptoKeyVersionsPagedCallable()
Lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
|
KeyManagementServiceClient.ListKeyRingsPagedResponse |
listKeyRings(com.google.cloud.kms.v1.ListKeyRingsRequest request)
Lists [KeyRings][google.cloud.kms.v1.KeyRing].
|
KeyManagementServiceClient.ListKeyRingsPagedResponse |
listKeyRings(com.google.cloud.kms.v1.LocationName parent)
Lists [KeyRings][google.cloud.kms.v1.KeyRing].
|
KeyManagementServiceClient.ListKeyRingsPagedResponse |
listKeyRings(String parent)
Lists [KeyRings][google.cloud.kms.v1.KeyRing].
|
UnaryCallable<com.google.cloud.kms.v1.ListKeyRingsRequest,com.google.cloud.kms.v1.ListKeyRingsResponse> |
listKeyRingsCallable()
Lists [KeyRings][google.cloud.kms.v1.KeyRing].
|
UnaryCallable<com.google.cloud.kms.v1.ListKeyRingsRequest,KeyManagementServiceClient.ListKeyRingsPagedResponse> |
listKeyRingsPagedCallable()
Lists [KeyRings][google.cloud.kms.v1.KeyRing].
|
com.google.cloud.kms.v1.CryptoKeyVersion |
restoreCryptoKeyVersion(com.google.cloud.kms.v1.CryptoKeyVersionName name)
Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the
[DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]
state.
|
com.google.cloud.kms.v1.CryptoKeyVersion |
restoreCryptoKeyVersion(com.google.cloud.kms.v1.RestoreCryptoKeyVersionRequest request)
Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the
[DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]
state.
|
com.google.cloud.kms.v1.CryptoKeyVersion |
restoreCryptoKeyVersion(String name)
Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the
[DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]
state.
|
UnaryCallable<com.google.cloud.kms.v1.RestoreCryptoKeyVersionRequest,com.google.cloud.kms.v1.CryptoKeyVersion> |
restoreCryptoKeyVersionCallable()
Restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the
[DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED]
state.
|
com.google.iam.v1.Policy |
setIamPolicy(com.google.cloud.kms.v1.KeyName resource,
com.google.iam.v1.Policy policy)
Sets the access control policy on the specified resource.
|
com.google.iam.v1.Policy |
setIamPolicy(com.google.iam.v1.SetIamPolicyRequest request)
Sets the access control policy on the specified resource.
|
com.google.iam.v1.Policy |
setIamPolicy(String resource,
com.google.iam.v1.Policy policy)
Sets the access control policy on the specified resource.
|
UnaryCallable<com.google.iam.v1.SetIamPolicyRequest,com.google.iam.v1.Policy> |
setIamPolicyCallable()
Sets the access control policy on the specified resource.
|
void |
shutdown() |
void |
shutdownNow() |
com.google.iam.v1.TestIamPermissionsResponse |
testIamPermissions(com.google.cloud.kms.v1.KeyName resource,
List<String> permissions)
Returns permissions that a caller has on the specified resource.
|
com.google.iam.v1.TestIamPermissionsResponse |
testIamPermissions(String resource,
List<String> permissions)
Returns permissions that a caller has on the specified resource.
|
com.google.iam.v1.TestIamPermissionsResponse |
testIamPermissions(com.google.iam.v1.TestIamPermissionsRequest request)
Returns permissions that a caller has on the specified resource.
|
UnaryCallable<com.google.iam.v1.TestIamPermissionsRequest,com.google.iam.v1.TestIamPermissionsResponse> |
testIamPermissionsCallable()
Returns permissions that a caller has on the specified resource.
|
com.google.cloud.kms.v1.CryptoKey |
updateCryptoKey(com.google.cloud.kms.v1.CryptoKey cryptoKey,
FieldMask updateMask)
Update a [CryptoKey][google.cloud.kms.v1.CryptoKey].
|
com.google.cloud.kms.v1.CryptoKey |
updateCryptoKey(com.google.cloud.kms.v1.UpdateCryptoKeyRequest request)
Update a [CryptoKey][google.cloud.kms.v1.CryptoKey].
|
UnaryCallable<com.google.cloud.kms.v1.UpdateCryptoKeyRequest,com.google.cloud.kms.v1.CryptoKey> |
updateCryptoKeyCallable()
Update a [CryptoKey][google.cloud.kms.v1.CryptoKey].
|
com.google.cloud.kms.v1.CryptoKey |
updateCryptoKeyPrimaryVersion(com.google.cloud.kms.v1.CryptoKeyName name,
String cryptoKeyVersionId)
Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that will be used in
[Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
|
com.google.cloud.kms.v1.CryptoKey |
updateCryptoKeyPrimaryVersion(String name,
String cryptoKeyVersionId)
Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that will be used in
[Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
|
com.google.cloud.kms.v1.CryptoKey |
updateCryptoKeyPrimaryVersion(com.google.cloud.kms.v1.UpdateCryptoKeyPrimaryVersionRequest request)
Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that will be used in
[Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
|
UnaryCallable<com.google.cloud.kms.v1.UpdateCryptoKeyPrimaryVersionRequest,com.google.cloud.kms.v1.CryptoKey> |
updateCryptoKeyPrimaryVersionCallable()
Update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that will be used in
[Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
|
com.google.cloud.kms.v1.CryptoKeyVersion |
updateCryptoKeyVersion(com.google.cloud.kms.v1.CryptoKeyVersion cryptoKeyVersion,
FieldMask updateMask)
Update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s metadata.
|
com.google.cloud.kms.v1.CryptoKeyVersion |
updateCryptoKeyVersion(com.google.cloud.kms.v1.UpdateCryptoKeyVersionRequest request)
Update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s metadata.
|
UnaryCallable<com.google.cloud.kms.v1.UpdateCryptoKeyVersionRequest,com.google.cloud.kms.v1.CryptoKeyVersion> |
updateCryptoKeyVersionCallable()
Update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s metadata.
|
protected KeyManagementServiceClient(KeyManagementServiceSettings settings) throws IOException
IOException@BetaApi(value="A restructuring of stub classes is planned, so this may break in the future") protected KeyManagementServiceClient(KeyManagementServiceStub stub)
public static final KeyManagementServiceClient create() throws IOException
IOExceptionpublic static final KeyManagementServiceClient create(KeyManagementServiceSettings settings) throws IOException
IOException@BetaApi(value="A restructuring of stub classes is planned, so this may break in the future") public static final KeyManagementServiceClient create(KeyManagementServiceStub stub)
public final KeyManagementServiceSettings getSettings()
@BetaApi(value="A restructuring of stub classes is planned, so this may break in the future") public KeyManagementServiceStub getStub()
public final KeyManagementServiceClient.ListKeyRingsPagedResponse listKeyRings(com.google.cloud.kms.v1.LocationName parent)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
for (KeyRing element : keyManagementServiceClient.listKeyRings(parent).iterateAll()) {
// doThingsWith(element);
}
}
parent - Required. The resource name of the location associated with the
[KeyRings][google.cloud.kms.v1.KeyRing], in the format `projects/*/locations/*`.ApiException - if the remote call failspublic final KeyManagementServiceClient.ListKeyRingsPagedResponse listKeyRings(String parent)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
for (KeyRing element : keyManagementServiceClient.listKeyRings(parent.toString()).iterateAll()) {
// doThingsWith(element);
}
}
parent - Required. The resource name of the location associated with the
[KeyRings][google.cloud.kms.v1.KeyRing], in the format `projects/*/locations/*`.ApiException - if the remote call failspublic final KeyManagementServiceClient.ListKeyRingsPagedResponse listKeyRings(com.google.cloud.kms.v1.ListKeyRingsRequest request)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
ListKeyRingsRequest request = ListKeyRingsRequest.newBuilder()
.setParent(parent.toString())
.build();
for (KeyRing element : keyManagementServiceClient.listKeyRings(request).iterateAll()) {
// doThingsWith(element);
}
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.ListKeyRingsRequest,KeyManagementServiceClient.ListKeyRingsPagedResponse> listKeyRingsPagedCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
ListKeyRingsRequest request = ListKeyRingsRequest.newBuilder()
.setParent(parent.toString())
.build();
ApiFuture<ListKeyRingsPagedResponse> future = keyManagementServiceClient.listKeyRingsPagedCallable().futureCall(request);
// Do something
for (KeyRing element : future.get().iterateAll()) {
// doThingsWith(element);
}
}
public final UnaryCallable<com.google.cloud.kms.v1.ListKeyRingsRequest,com.google.cloud.kms.v1.ListKeyRingsResponse> listKeyRingsCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
ListKeyRingsRequest request = ListKeyRingsRequest.newBuilder()
.setParent(parent.toString())
.build();
while (true) {
ListKeyRingsResponse response = keyManagementServiceClient.listKeyRingsCallable().call(request);
for (KeyRing element : response.getKeyRingsList()) {
// doThingsWith(element);
}
String nextPageToken = response.getNextPageToken();
if (!Strings.isNullOrEmpty(nextPageToken)) {
request = request.toBuilder().setPageToken(nextPageToken).build();
} else {
break;
}
}
}
public final KeyManagementServiceClient.ListCryptoKeysPagedResponse listCryptoKeys(com.google.cloud.kms.v1.KeyRingName parent)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyRingName parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
for (CryptoKey element : keyManagementServiceClient.listCryptoKeys(parent).iterateAll()) {
// doThingsWith(element);
}
}
parent - Required. The resource name of the [KeyRing][google.cloud.kms.v1.KeyRing] to
list, in the format `projects/*/locations/*/keyRings/*`.ApiException - if the remote call failspublic final KeyManagementServiceClient.ListCryptoKeysPagedResponse listCryptoKeys(String parent)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyRingName parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
for (CryptoKey element : keyManagementServiceClient.listCryptoKeys(parent.toString()).iterateAll()) {
// doThingsWith(element);
}
}
parent - Required. The resource name of the [KeyRing][google.cloud.kms.v1.KeyRing] to
list, in the format `projects/*/locations/*/keyRings/*`.ApiException - if the remote call failspublic final KeyManagementServiceClient.ListCryptoKeysPagedResponse listCryptoKeys(com.google.cloud.kms.v1.ListCryptoKeysRequest request)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyRingName parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
ListCryptoKeysRequest request = ListCryptoKeysRequest.newBuilder()
.setParent(parent.toString())
.build();
for (CryptoKey element : keyManagementServiceClient.listCryptoKeys(request).iterateAll()) {
// doThingsWith(element);
}
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.ListCryptoKeysRequest,KeyManagementServiceClient.ListCryptoKeysPagedResponse> listCryptoKeysPagedCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyRingName parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
ListCryptoKeysRequest request = ListCryptoKeysRequest.newBuilder()
.setParent(parent.toString())
.build();
ApiFuture<ListCryptoKeysPagedResponse> future = keyManagementServiceClient.listCryptoKeysPagedCallable().futureCall(request);
// Do something
for (CryptoKey element : future.get().iterateAll()) {
// doThingsWith(element);
}
}
public final UnaryCallable<com.google.cloud.kms.v1.ListCryptoKeysRequest,com.google.cloud.kms.v1.ListCryptoKeysResponse> listCryptoKeysCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyRingName parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
ListCryptoKeysRequest request = ListCryptoKeysRequest.newBuilder()
.setParent(parent.toString())
.build();
while (true) {
ListCryptoKeysResponse response = keyManagementServiceClient.listCryptoKeysCallable().call(request);
for (CryptoKey element : response.getCryptoKeysList()) {
// doThingsWith(element);
}
String nextPageToken = response.getNextPageToken();
if (!Strings.isNullOrEmpty(nextPageToken)) {
request = request.toBuilder().setPageToken(nextPageToken).build();
} else {
break;
}
}
}
public final KeyManagementServiceClient.ListCryptoKeyVersionsPagedResponse listCryptoKeyVersions(com.google.cloud.kms.v1.CryptoKeyName parent)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName parent = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
for (CryptoKeyVersion element : keyManagementServiceClient.listCryptoKeyVersions(parent).iterateAll()) {
// doThingsWith(element);
}
}
parent - Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to
list, in the format `projects/*/locations/*/keyRings/*/cryptoKeys/*`.ApiException - if the remote call failspublic final KeyManagementServiceClient.ListCryptoKeyVersionsPagedResponse listCryptoKeyVersions(String parent)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName parent = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
for (CryptoKeyVersion element : keyManagementServiceClient.listCryptoKeyVersions(parent.toString()).iterateAll()) {
// doThingsWith(element);
}
}
parent - Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to
list, in the format `projects/*/locations/*/keyRings/*/cryptoKeys/*`.ApiException - if the remote call failspublic final KeyManagementServiceClient.ListCryptoKeyVersionsPagedResponse listCryptoKeyVersions(com.google.cloud.kms.v1.ListCryptoKeyVersionsRequest request)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName parent = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
ListCryptoKeyVersionsRequest request = ListCryptoKeyVersionsRequest.newBuilder()
.setParent(parent.toString())
.build();
for (CryptoKeyVersion element : keyManagementServiceClient.listCryptoKeyVersions(request).iterateAll()) {
// doThingsWith(element);
}
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.ListCryptoKeyVersionsRequest,KeyManagementServiceClient.ListCryptoKeyVersionsPagedResponse> listCryptoKeyVersionsPagedCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName parent = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
ListCryptoKeyVersionsRequest request = ListCryptoKeyVersionsRequest.newBuilder()
.setParent(parent.toString())
.build();
ApiFuture<ListCryptoKeyVersionsPagedResponse> future = keyManagementServiceClient.listCryptoKeyVersionsPagedCallable().futureCall(request);
// Do something
for (CryptoKeyVersion element : future.get().iterateAll()) {
// doThingsWith(element);
}
}
public final UnaryCallable<com.google.cloud.kms.v1.ListCryptoKeyVersionsRequest,com.google.cloud.kms.v1.ListCryptoKeyVersionsResponse> listCryptoKeyVersionsCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName parent = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
ListCryptoKeyVersionsRequest request = ListCryptoKeyVersionsRequest.newBuilder()
.setParent(parent.toString())
.build();
while (true) {
ListCryptoKeyVersionsResponse response = keyManagementServiceClient.listCryptoKeyVersionsCallable().call(request);
for (CryptoKeyVersion element : response.getCryptoKeyVersionsList()) {
// doThingsWith(element);
}
String nextPageToken = response.getNextPageToken();
if (!Strings.isNullOrEmpty(nextPageToken)) {
request = request.toBuilder().setPageToken(nextPageToken).build();
} else {
break;
}
}
}
public final com.google.cloud.kms.v1.KeyRing getKeyRing(com.google.cloud.kms.v1.KeyRingName name)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyRingName name = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
KeyRing response = keyManagementServiceClient.getKeyRing(name);
}
name - The [name][google.cloud.kms.v1.KeyRing.name] of the
[KeyRing][google.cloud.kms.v1.KeyRing] to get.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.KeyRing getKeyRing(String name)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyRingName name = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
KeyRing response = keyManagementServiceClient.getKeyRing(name.toString());
}
name - The [name][google.cloud.kms.v1.KeyRing.name] of the
[KeyRing][google.cloud.kms.v1.KeyRing] to get.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.KeyRing getKeyRing(com.google.cloud.kms.v1.GetKeyRingRequest request)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyRingName name = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
GetKeyRingRequest request = GetKeyRingRequest.newBuilder()
.setName(name.toString())
.build();
KeyRing response = keyManagementServiceClient.getKeyRing(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.GetKeyRingRequest,com.google.cloud.kms.v1.KeyRing> getKeyRingCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyRingName name = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
GetKeyRingRequest request = GetKeyRingRequest.newBuilder()
.setName(name.toString())
.build();
ApiFuture<KeyRing> future = keyManagementServiceClient.getKeyRingCallable().futureCall(request);
// Do something
KeyRing response = future.get();
}
public final com.google.cloud.kms.v1.CryptoKey getCryptoKey(com.google.cloud.kms.v1.CryptoKeyName name)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName name = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
CryptoKey response = keyManagementServiceClient.getCryptoKey(name);
}
name - The [name][google.cloud.kms.v1.CryptoKey.name] of the
[CryptoKey][google.cloud.kms.v1.CryptoKey] to get.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.CryptoKey getCryptoKey(String name)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName name = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
CryptoKey response = keyManagementServiceClient.getCryptoKey(name.toString());
}
name - The [name][google.cloud.kms.v1.CryptoKey.name] of the
[CryptoKey][google.cloud.kms.v1.CryptoKey] to get.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.CryptoKey getCryptoKey(com.google.cloud.kms.v1.GetCryptoKeyRequest request)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName name = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
GetCryptoKeyRequest request = GetCryptoKeyRequest.newBuilder()
.setName(name.toString())
.build();
CryptoKey response = keyManagementServiceClient.getCryptoKey(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.GetCryptoKeyRequest,com.google.cloud.kms.v1.CryptoKey> getCryptoKeyCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName name = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
GetCryptoKeyRequest request = GetCryptoKeyRequest.newBuilder()
.setName(name.toString())
.build();
ApiFuture<CryptoKey> future = keyManagementServiceClient.getCryptoKeyCallable().futureCall(request);
// Do something
CryptoKey response = future.get();
}
public final com.google.cloud.kms.v1.CryptoKeyVersion getCryptoKeyVersion(com.google.cloud.kms.v1.CryptoKeyVersionName name)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
CryptoKeyVersion response = keyManagementServiceClient.getCryptoKeyVersion(name);
}
name - The [name][google.cloud.kms.v1.CryptoKeyVersion.name] of the
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to get.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.CryptoKeyVersion getCryptoKeyVersion(String name)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
CryptoKeyVersion response = keyManagementServiceClient.getCryptoKeyVersion(name.toString());
}
name - The [name][google.cloud.kms.v1.CryptoKeyVersion.name] of the
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to get.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.CryptoKeyVersion getCryptoKeyVersion(com.google.cloud.kms.v1.GetCryptoKeyVersionRequest request)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
GetCryptoKeyVersionRequest request = GetCryptoKeyVersionRequest.newBuilder()
.setName(name.toString())
.build();
CryptoKeyVersion response = keyManagementServiceClient.getCryptoKeyVersion(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.GetCryptoKeyVersionRequest,com.google.cloud.kms.v1.CryptoKeyVersion> getCryptoKeyVersionCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
GetCryptoKeyVersionRequest request = GetCryptoKeyVersionRequest.newBuilder()
.setName(name.toString())
.build();
ApiFuture<CryptoKeyVersion> future = keyManagementServiceClient.getCryptoKeyVersionCallable().futureCall(request);
// Do something
CryptoKeyVersion response = future.get();
}
public final com.google.cloud.kms.v1.KeyRing createKeyRing(com.google.cloud.kms.v1.LocationName parent,
String keyRingId,
com.google.cloud.kms.v1.KeyRing keyRing)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
String keyRingId = "";
KeyRing keyRing = KeyRing.newBuilder().build();
KeyRing response = keyManagementServiceClient.createKeyRing(parent, keyRingId, keyRing);
}
parent - Required. The resource name of the location associated with the
[KeyRings][google.cloud.kms.v1.KeyRing], in the format `projects/*/locations/*`.keyRingId - Required. It must be unique within a location and match the regular expression
`[a-zA-Z0-9_-]{1,63}`keyRing - A [KeyRing][google.cloud.kms.v1.KeyRing] with initial field values.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.KeyRing createKeyRing(String parent, String keyRingId, com.google.cloud.kms.v1.KeyRing keyRing)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
String keyRingId = "";
KeyRing keyRing = KeyRing.newBuilder().build();
KeyRing response = keyManagementServiceClient.createKeyRing(parent.toString(), keyRingId, keyRing);
}
parent - Required. The resource name of the location associated with the
[KeyRings][google.cloud.kms.v1.KeyRing], in the format `projects/*/locations/*`.keyRingId - Required. It must be unique within a location and match the regular expression
`[a-zA-Z0-9_-]{1,63}`keyRing - A [KeyRing][google.cloud.kms.v1.KeyRing] with initial field values.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.KeyRing createKeyRing(com.google.cloud.kms.v1.CreateKeyRingRequest request)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
String keyRingId = "";
KeyRing keyRing = KeyRing.newBuilder().build();
CreateKeyRingRequest request = CreateKeyRingRequest.newBuilder()
.setParent(parent.toString())
.setKeyRingId(keyRingId)
.setKeyRing(keyRing)
.build();
KeyRing response = keyManagementServiceClient.createKeyRing(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.CreateKeyRingRequest,com.google.cloud.kms.v1.KeyRing> createKeyRingCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
String keyRingId = "";
KeyRing keyRing = KeyRing.newBuilder().build();
CreateKeyRingRequest request = CreateKeyRingRequest.newBuilder()
.setParent(parent.toString())
.setKeyRingId(keyRingId)
.setKeyRing(keyRing)
.build();
ApiFuture<KeyRing> future = keyManagementServiceClient.createKeyRingCallable().futureCall(request);
// Do something
KeyRing response = future.get();
}
public final com.google.cloud.kms.v1.CryptoKey createCryptoKey(com.google.cloud.kms.v1.KeyRingName parent,
String cryptoKeyId,
com.google.cloud.kms.v1.CryptoKey cryptoKey)
[CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm] are required.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyRingName parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
String cryptoKeyId = "my-app-key";
CryptoKey.CryptoKeyPurpose purpose = CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT;
long seconds = 2147483647L;
Timestamp nextRotationTime = Timestamp.newBuilder()
.setSeconds(seconds)
.build();
long seconds2 = 604800L;
Duration rotationPeriod = Duration.newBuilder()
.setSeconds(seconds2)
.build();
CryptoKey cryptoKey = CryptoKey.newBuilder()
.setPurpose(purpose)
.setNextRotationTime(nextRotationTime)
.setRotationPeriod(rotationPeriod)
.build();
CryptoKey response = keyManagementServiceClient.createCryptoKey(parent, cryptoKeyId, cryptoKey);
}
parent - Required. The [name][google.cloud.kms.v1.KeyRing.name] of the KeyRing associated
with the [CryptoKeys][google.cloud.kms.v1.CryptoKey].cryptoKeyId - Required. It must be unique within a KeyRing and match the regular
expression `[a-zA-Z0-9_-]{1,63}`cryptoKey - A [CryptoKey][google.cloud.kms.v1.CryptoKey] with initial field values.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.CryptoKey createCryptoKey(String parent, String cryptoKeyId, com.google.cloud.kms.v1.CryptoKey cryptoKey)
[CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm] are required.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyRingName parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
String cryptoKeyId = "my-app-key";
CryptoKey.CryptoKeyPurpose purpose = CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT;
long seconds = 2147483647L;
Timestamp nextRotationTime = Timestamp.newBuilder()
.setSeconds(seconds)
.build();
long seconds2 = 604800L;
Duration rotationPeriod = Duration.newBuilder()
.setSeconds(seconds2)
.build();
CryptoKey cryptoKey = CryptoKey.newBuilder()
.setPurpose(purpose)
.setNextRotationTime(nextRotationTime)
.setRotationPeriod(rotationPeriod)
.build();
CryptoKey response = keyManagementServiceClient.createCryptoKey(parent.toString(), cryptoKeyId, cryptoKey);
}
parent - Required. The [name][google.cloud.kms.v1.KeyRing.name] of the KeyRing associated
with the [CryptoKeys][google.cloud.kms.v1.CryptoKey].cryptoKeyId - Required. It must be unique within a KeyRing and match the regular
expression `[a-zA-Z0-9_-]{1,63}`cryptoKey - A [CryptoKey][google.cloud.kms.v1.CryptoKey] with initial field values.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.CryptoKey createCryptoKey(com.google.cloud.kms.v1.CreateCryptoKeyRequest request)
[CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm] are required.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyRingName parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
String cryptoKeyId = "my-app-key";
CryptoKey.CryptoKeyPurpose purpose = CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT;
long seconds = 2147483647L;
Timestamp nextRotationTime = Timestamp.newBuilder()
.setSeconds(seconds)
.build();
long seconds2 = 604800L;
Duration rotationPeriod = Duration.newBuilder()
.setSeconds(seconds2)
.build();
CryptoKey cryptoKey = CryptoKey.newBuilder()
.setPurpose(purpose)
.setNextRotationTime(nextRotationTime)
.setRotationPeriod(rotationPeriod)
.build();
CreateCryptoKeyRequest request = CreateCryptoKeyRequest.newBuilder()
.setParent(parent.toString())
.setCryptoKeyId(cryptoKeyId)
.setCryptoKey(cryptoKey)
.build();
CryptoKey response = keyManagementServiceClient.createCryptoKey(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.CreateCryptoKeyRequest,com.google.cloud.kms.v1.CryptoKey> createCryptoKeyCallable()
[CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm] are required.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyRingName parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
String cryptoKeyId = "my-app-key";
CryptoKey.CryptoKeyPurpose purpose = CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT;
long seconds = 2147483647L;
Timestamp nextRotationTime = Timestamp.newBuilder()
.setSeconds(seconds)
.build();
long seconds2 = 604800L;
Duration rotationPeriod = Duration.newBuilder()
.setSeconds(seconds2)
.build();
CryptoKey cryptoKey = CryptoKey.newBuilder()
.setPurpose(purpose)
.setNextRotationTime(nextRotationTime)
.setRotationPeriod(rotationPeriod)
.build();
CreateCryptoKeyRequest request = CreateCryptoKeyRequest.newBuilder()
.setParent(parent.toString())
.setCryptoKeyId(cryptoKeyId)
.setCryptoKey(cryptoKey)
.build();
ApiFuture<CryptoKey> future = keyManagementServiceClient.createCryptoKeyCallable().futureCall(request);
// Do something
CryptoKey response = future.get();
}
public final com.google.cloud.kms.v1.CryptoKeyVersion createCryptoKeyVersion(com.google.cloud.kms.v1.CryptoKeyName parent,
com.google.cloud.kms.v1.CryptoKeyVersion cryptoKeyVersion)
The server will assign the next sequential id. If unset, [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED].
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName parent = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
CryptoKeyVersion cryptoKeyVersion = CryptoKeyVersion.newBuilder().build();
CryptoKeyVersion response = keyManagementServiceClient.createCryptoKeyVersion(parent, cryptoKeyVersion);
}
parent - Required. The [name][google.cloud.kms.v1.CryptoKey.name] of the
[CryptoKey][google.cloud.kms.v1.CryptoKey] associated with the
[CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].cryptoKeyVersion - A [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with initial
field values.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.CryptoKeyVersion createCryptoKeyVersion(String parent, com.google.cloud.kms.v1.CryptoKeyVersion cryptoKeyVersion)
The server will assign the next sequential id. If unset, [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED].
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName parent = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
CryptoKeyVersion cryptoKeyVersion = CryptoKeyVersion.newBuilder().build();
CryptoKeyVersion response = keyManagementServiceClient.createCryptoKeyVersion(parent.toString(), cryptoKeyVersion);
}
parent - Required. The [name][google.cloud.kms.v1.CryptoKey.name] of the
[CryptoKey][google.cloud.kms.v1.CryptoKey] associated with the
[CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].cryptoKeyVersion - A [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with initial
field values.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.CryptoKeyVersion createCryptoKeyVersion(com.google.cloud.kms.v1.CreateCryptoKeyVersionRequest request)
The server will assign the next sequential id. If unset, [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED].
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName parent = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
CryptoKeyVersion cryptoKeyVersion = CryptoKeyVersion.newBuilder().build();
CreateCryptoKeyVersionRequest request = CreateCryptoKeyVersionRequest.newBuilder()
.setParent(parent.toString())
.setCryptoKeyVersion(cryptoKeyVersion)
.build();
CryptoKeyVersion response = keyManagementServiceClient.createCryptoKeyVersion(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.CreateCryptoKeyVersionRequest,com.google.cloud.kms.v1.CryptoKeyVersion> createCryptoKeyVersionCallable()
The server will assign the next sequential id. If unset, [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED].
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName parent = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
CryptoKeyVersion cryptoKeyVersion = CryptoKeyVersion.newBuilder().build();
CreateCryptoKeyVersionRequest request = CreateCryptoKeyVersionRequest.newBuilder()
.setParent(parent.toString())
.setCryptoKeyVersion(cryptoKeyVersion)
.build();
ApiFuture<CryptoKeyVersion> future = keyManagementServiceClient.createCryptoKeyVersionCallable().futureCall(request);
// Do something
CryptoKeyVersion response = future.get();
}
public final com.google.cloud.kms.v1.CryptoKey updateCryptoKey(com.google.cloud.kms.v1.CryptoKey cryptoKey,
FieldMask updateMask)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKey cryptoKey = CryptoKey.newBuilder().build();
FieldMask updateMask = FieldMask.newBuilder().build();
CryptoKey response = keyManagementServiceClient.updateCryptoKey(cryptoKey, updateMask);
}
cryptoKey - [CryptoKey][google.cloud.kms.v1.CryptoKey] with updated values.updateMask - Required list of fields to be updated in this request.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.CryptoKey updateCryptoKey(com.google.cloud.kms.v1.UpdateCryptoKeyRequest request)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKey cryptoKey = CryptoKey.newBuilder().build();
FieldMask updateMask = FieldMask.newBuilder().build();
UpdateCryptoKeyRequest request = UpdateCryptoKeyRequest.newBuilder()
.setCryptoKey(cryptoKey)
.setUpdateMask(updateMask)
.build();
CryptoKey response = keyManagementServiceClient.updateCryptoKey(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.UpdateCryptoKeyRequest,com.google.cloud.kms.v1.CryptoKey> updateCryptoKeyCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKey cryptoKey = CryptoKey.newBuilder().build();
FieldMask updateMask = FieldMask.newBuilder().build();
UpdateCryptoKeyRequest request = UpdateCryptoKeyRequest.newBuilder()
.setCryptoKey(cryptoKey)
.setUpdateMask(updateMask)
.build();
ApiFuture<CryptoKey> future = keyManagementServiceClient.updateCryptoKeyCallable().futureCall(request);
// Do something
CryptoKey response = future.get();
}
public final com.google.cloud.kms.v1.CryptoKeyVersion updateCryptoKeyVersion(com.google.cloud.kms.v1.CryptoKeyVersion cryptoKeyVersion,
FieldMask updateMask)
[state][google.cloud.kms.v1.CryptoKeyVersion.state] may be changed between [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] and [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED] using this method. See [DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion] and [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] to move between other states.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersion cryptoKeyVersion = CryptoKeyVersion.newBuilder().build();
FieldMask updateMask = FieldMask.newBuilder().build();
CryptoKeyVersion response = keyManagementServiceClient.updateCryptoKeyVersion(cryptoKeyVersion, updateMask);
}
cryptoKeyVersion - [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with updated
values.updateMask - Required list of fields to be updated in this request.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.CryptoKeyVersion updateCryptoKeyVersion(com.google.cloud.kms.v1.UpdateCryptoKeyVersionRequest request)
[state][google.cloud.kms.v1.CryptoKeyVersion.state] may be changed between [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] and [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED] using this method. See [DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion] and [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] to move between other states.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersion cryptoKeyVersion = CryptoKeyVersion.newBuilder().build();
FieldMask updateMask = FieldMask.newBuilder().build();
UpdateCryptoKeyVersionRequest request = UpdateCryptoKeyVersionRequest.newBuilder()
.setCryptoKeyVersion(cryptoKeyVersion)
.setUpdateMask(updateMask)
.build();
CryptoKeyVersion response = keyManagementServiceClient.updateCryptoKeyVersion(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.UpdateCryptoKeyVersionRequest,com.google.cloud.kms.v1.CryptoKeyVersion> updateCryptoKeyVersionCallable()
[state][google.cloud.kms.v1.CryptoKeyVersion.state] may be changed between [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] and [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED] using this method. See [DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion] and [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] to move between other states.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersion cryptoKeyVersion = CryptoKeyVersion.newBuilder().build();
FieldMask updateMask = FieldMask.newBuilder().build();
UpdateCryptoKeyVersionRequest request = UpdateCryptoKeyVersionRequest.newBuilder()
.setCryptoKeyVersion(cryptoKeyVersion)
.setUpdateMask(updateMask)
.build();
ApiFuture<CryptoKeyVersion> future = keyManagementServiceClient.updateCryptoKeyVersionCallable().futureCall(request);
// Do something
CryptoKeyVersion response = future.get();
}
public final com.google.cloud.kms.v1.EncryptResponse encrypt(com.google.cloud.kms.v1.CryptoKeyPathName name,
ByteString plaintext)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyPathName name = CryptoKeyPathName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY_PATH]");
ByteString plaintext = ByteString.copyFromUtf8("");
EncryptResponse response = keyManagementServiceClient.encrypt(name, plaintext);
}
name - Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] or
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for encryption.
If a [CryptoKey][google.cloud.kms.v1.CryptoKey] is specified, the server will use its [primary version][google.cloud.kms.v1.CryptoKey.primary].
plaintext - Required. The data to encrypt. Must be no larger than 64KiB.
The maximum size depends on the key version's [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the plaintext must be no larger than 64KiB. For [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of the plaintext and additional_authenticated_data fields must be no larger than 8KiB.
ApiException - if the remote call failspublic final com.google.cloud.kms.v1.EncryptResponse encrypt(String name, ByteString plaintext)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyPathName name = CryptoKeyPathName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY_PATH]");
ByteString plaintext = ByteString.copyFromUtf8("");
EncryptResponse response = keyManagementServiceClient.encrypt(name.toString(), plaintext);
}
name - Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] or
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for encryption.
If a [CryptoKey][google.cloud.kms.v1.CryptoKey] is specified, the server will use its [primary version][google.cloud.kms.v1.CryptoKey.primary].
plaintext - Required. The data to encrypt. Must be no larger than 64KiB.
The maximum size depends on the key version's [protection_level][google.cloud.kms.v1.CryptoKeyVersionTemplate.protection_level]. For [SOFTWARE][google.cloud.kms.v1.ProtectionLevel.SOFTWARE] keys, the plaintext must be no larger than 64KiB. For [HSM][google.cloud.kms.v1.ProtectionLevel.HSM] keys, the combined length of the plaintext and additional_authenticated_data fields must be no larger than 8KiB.
ApiException - if the remote call failspublic final com.google.cloud.kms.v1.EncryptResponse encrypt(com.google.cloud.kms.v1.EncryptRequest request)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyPathName name = CryptoKeyPathName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY_PATH]");
ByteString plaintext = ByteString.copyFromUtf8("");
EncryptRequest request = EncryptRequest.newBuilder()
.setName(name.toString())
.setPlaintext(plaintext)
.build();
EncryptResponse response = keyManagementServiceClient.encrypt(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.EncryptRequest,com.google.cloud.kms.v1.EncryptResponse> encryptCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyPathName name = CryptoKeyPathName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY_PATH]");
ByteString plaintext = ByteString.copyFromUtf8("");
EncryptRequest request = EncryptRequest.newBuilder()
.setName(name.toString())
.setPlaintext(plaintext)
.build();
ApiFuture<EncryptResponse> future = keyManagementServiceClient.encryptCallable().futureCall(request);
// Do something
EncryptResponse response = future.get();
}
public final com.google.cloud.kms.v1.DecryptResponse decrypt(com.google.cloud.kms.v1.CryptoKeyName name,
ByteString ciphertext)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName name = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
ByteString ciphertext = ByteString.copyFromUtf8("");
DecryptResponse response = keyManagementServiceClient.decrypt(name, ciphertext);
}
name - Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to
use for decryption. The server will choose the appropriate version.ciphertext - Required. The encrypted data originally returned in
[EncryptResponse.ciphertext][google.cloud.kms.v1.EncryptResponse.ciphertext].ApiException - if the remote call failspublic final com.google.cloud.kms.v1.DecryptResponse decrypt(String name, ByteString ciphertext)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName name = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
ByteString ciphertext = ByteString.copyFromUtf8("");
DecryptResponse response = keyManagementServiceClient.decrypt(name.toString(), ciphertext);
}
name - Required. The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to
use for decryption. The server will choose the appropriate version.ciphertext - Required. The encrypted data originally returned in
[EncryptResponse.ciphertext][google.cloud.kms.v1.EncryptResponse.ciphertext].ApiException - if the remote call failspublic final com.google.cloud.kms.v1.DecryptResponse decrypt(com.google.cloud.kms.v1.DecryptRequest request)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName name = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
ByteString ciphertext = ByteString.copyFromUtf8("");
DecryptRequest request = DecryptRequest.newBuilder()
.setName(name.toString())
.setCiphertext(ciphertext)
.build();
DecryptResponse response = keyManagementServiceClient.decrypt(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.DecryptRequest,com.google.cloud.kms.v1.DecryptResponse> decryptCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName name = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
ByteString ciphertext = ByteString.copyFromUtf8("");
DecryptRequest request = DecryptRequest.newBuilder()
.setName(name.toString())
.setCiphertext(ciphertext)
.build();
ApiFuture<DecryptResponse> future = keyManagementServiceClient.decryptCallable().futureCall(request);
// Do something
DecryptResponse response = future.get();
}
public final com.google.cloud.kms.v1.CryptoKey updateCryptoKeyPrimaryVersion(com.google.cloud.kms.v1.CryptoKeyName name,
String cryptoKeyVersionId)
Returns an error if called on an asymmetric key.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName name = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
String cryptoKeyVersionId = "";
CryptoKey response = keyManagementServiceClient.updateCryptoKeyPrimaryVersion(name, cryptoKeyVersionId);
}
name - The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to update.cryptoKeyVersionId - The id of the child
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use as primary.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.CryptoKey updateCryptoKeyPrimaryVersion(String name, String cryptoKeyVersionId)
Returns an error if called on an asymmetric key.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName name = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
String cryptoKeyVersionId = "";
CryptoKey response = keyManagementServiceClient.updateCryptoKeyPrimaryVersion(name.toString(), cryptoKeyVersionId);
}
name - The resource name of the [CryptoKey][google.cloud.kms.v1.CryptoKey] to update.cryptoKeyVersionId - The id of the child
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use as primary.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.CryptoKey updateCryptoKeyPrimaryVersion(com.google.cloud.kms.v1.UpdateCryptoKeyPrimaryVersionRequest request)
Returns an error if called on an asymmetric key.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName name = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
String cryptoKeyVersionId = "";
UpdateCryptoKeyPrimaryVersionRequest request = UpdateCryptoKeyPrimaryVersionRequest.newBuilder()
.setName(name.toString())
.setCryptoKeyVersionId(cryptoKeyVersionId)
.build();
CryptoKey response = keyManagementServiceClient.updateCryptoKeyPrimaryVersion(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.UpdateCryptoKeyPrimaryVersionRequest,com.google.cloud.kms.v1.CryptoKey> updateCryptoKeyPrimaryVersionCallable()
Returns an error if called on an asymmetric key.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyName name = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
String cryptoKeyVersionId = "";
UpdateCryptoKeyPrimaryVersionRequest request = UpdateCryptoKeyPrimaryVersionRequest.newBuilder()
.setName(name.toString())
.setCryptoKeyVersionId(cryptoKeyVersionId)
.build();
ApiFuture<CryptoKey> future = keyManagementServiceClient.updateCryptoKeyPrimaryVersionCallable().futureCall(request);
// Do something
CryptoKey response = future.get();
}
public final com.google.cloud.kms.v1.CryptoKeyVersion destroyCryptoKeyVersion(com.google.cloud.kms.v1.CryptoKeyVersionName name)
Upon calling this method, [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED] and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be set to a time 24 hours in the future, at which point the [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be changed to [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED], and the key material will be irrevocably destroyed.
Before the [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is reached, [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] may be called to reverse the process.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
CryptoKeyVersion response = keyManagementServiceClient.destroyCryptoKeyVersion(name);
}
name - The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
to destroy.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.CryptoKeyVersion destroyCryptoKeyVersion(String name)
Upon calling this method, [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED] and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be set to a time 24 hours in the future, at which point the [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be changed to [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED], and the key material will be irrevocably destroyed.
Before the [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is reached, [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] may be called to reverse the process.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
CryptoKeyVersion response = keyManagementServiceClient.destroyCryptoKeyVersion(name.toString());
}
name - The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
to destroy.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.CryptoKeyVersion destroyCryptoKeyVersion(com.google.cloud.kms.v1.DestroyCryptoKeyVersionRequest request)
Upon calling this method, [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED] and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be set to a time 24 hours in the future, at which point the [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be changed to [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED], and the key material will be irrevocably destroyed.
Before the [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is reached, [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] may be called to reverse the process.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
DestroyCryptoKeyVersionRequest request = DestroyCryptoKeyVersionRequest.newBuilder()
.setName(name.toString())
.build();
CryptoKeyVersion response = keyManagementServiceClient.destroyCryptoKeyVersion(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.DestroyCryptoKeyVersionRequest,com.google.cloud.kms.v1.CryptoKeyVersion> destroyCryptoKeyVersionCallable()
Upon calling this method, [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED] and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be set to a time 24 hours in the future, at which point the [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be changed to [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED], and the key material will be irrevocably destroyed.
Before the [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is reached, [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] may be called to reverse the process.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
DestroyCryptoKeyVersionRequest request = DestroyCryptoKeyVersionRequest.newBuilder()
.setName(name.toString())
.build();
ApiFuture<CryptoKeyVersion> future = keyManagementServiceClient.destroyCryptoKeyVersionCallable().futureCall(request);
// Do something
CryptoKeyVersion response = future.get();
}
public final com.google.cloud.kms.v1.CryptoKeyVersion restoreCryptoKeyVersion(com.google.cloud.kms.v1.CryptoKeyVersionName name)
Upon restoration of the CryptoKeyVersion, [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED], and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be cleared.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
CryptoKeyVersion response = keyManagementServiceClient.restoreCryptoKeyVersion(name);
}
name - The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
to restore.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.CryptoKeyVersion restoreCryptoKeyVersion(String name)
Upon restoration of the CryptoKeyVersion, [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED], and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be cleared.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
CryptoKeyVersion response = keyManagementServiceClient.restoreCryptoKeyVersion(name.toString());
}
name - The resource name of the [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]
to restore.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.CryptoKeyVersion restoreCryptoKeyVersion(com.google.cloud.kms.v1.RestoreCryptoKeyVersionRequest request)
Upon restoration of the CryptoKeyVersion, [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED], and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be cleared.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
RestoreCryptoKeyVersionRequest request = RestoreCryptoKeyVersionRequest.newBuilder()
.setName(name.toString())
.build();
CryptoKeyVersion response = keyManagementServiceClient.restoreCryptoKeyVersion(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.RestoreCryptoKeyVersionRequest,com.google.cloud.kms.v1.CryptoKeyVersion> restoreCryptoKeyVersionCallable()
Upon restoration of the CryptoKeyVersion, [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED], and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be cleared.
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
RestoreCryptoKeyVersionRequest request = RestoreCryptoKeyVersionRequest.newBuilder()
.setName(name.toString())
.build();
ApiFuture<CryptoKeyVersion> future = keyManagementServiceClient.restoreCryptoKeyVersionCallable().futureCall(request);
// Do something
CryptoKeyVersion response = future.get();
}
public final com.google.cloud.kms.v1.PublicKey getPublicKey(com.google.cloud.kms.v1.CryptoKeyVersionName name)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
PublicKey response = keyManagementServiceClient.getPublicKey(name);
}
name - The [name][google.cloud.kms.v1.CryptoKeyVersion.name] of the
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] public key to get.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.PublicKey getPublicKey(String name)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
PublicKey response = keyManagementServiceClient.getPublicKey(name.toString());
}
name - The [name][google.cloud.kms.v1.CryptoKeyVersion.name] of the
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] public key to get.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.PublicKey getPublicKey(com.google.cloud.kms.v1.GetPublicKeyRequest request)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
GetPublicKeyRequest request = GetPublicKeyRequest.newBuilder()
.setName(name.toString())
.build();
PublicKey response = keyManagementServiceClient.getPublicKey(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.GetPublicKeyRequest,com.google.cloud.kms.v1.PublicKey> getPublicKeyCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
GetPublicKeyRequest request = GetPublicKeyRequest.newBuilder()
.setName(name.toString())
.build();
ApiFuture<PublicKey> future = keyManagementServiceClient.getPublicKeyCallable().futureCall(request);
// Do something
PublicKey response = future.get();
}
public final com.google.cloud.kms.v1.AsymmetricDecryptResponse asymmetricDecrypt(com.google.cloud.kms.v1.CryptoKeyVersionName name,
ByteString ciphertext)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
ByteString ciphertext = ByteString.copyFromUtf8("");
AsymmetricDecryptResponse response = keyManagementServiceClient.asymmetricDecrypt(name, ciphertext);
}
name - Required. The resource name of the
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for decryption.ciphertext - Required. The data encrypted with the named
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s public key using OAEP.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.AsymmetricDecryptResponse asymmetricDecrypt(String name, ByteString ciphertext)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
ByteString ciphertext = ByteString.copyFromUtf8("");
AsymmetricDecryptResponse response = keyManagementServiceClient.asymmetricDecrypt(name.toString(), ciphertext);
}
name - Required. The resource name of the
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for decryption.ciphertext - Required. The data encrypted with the named
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s public key using OAEP.ApiException - if the remote call failspublic final com.google.cloud.kms.v1.AsymmetricDecryptResponse asymmetricDecrypt(com.google.cloud.kms.v1.AsymmetricDecryptRequest request)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
ByteString ciphertext = ByteString.copyFromUtf8("");
AsymmetricDecryptRequest request = AsymmetricDecryptRequest.newBuilder()
.setName(name.toString())
.setCiphertext(ciphertext)
.build();
AsymmetricDecryptResponse response = keyManagementServiceClient.asymmetricDecrypt(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.AsymmetricDecryptRequest,com.google.cloud.kms.v1.AsymmetricDecryptResponse> asymmetricDecryptCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
ByteString ciphertext = ByteString.copyFromUtf8("");
AsymmetricDecryptRequest request = AsymmetricDecryptRequest.newBuilder()
.setName(name.toString())
.setCiphertext(ciphertext)
.build();
ApiFuture<AsymmetricDecryptResponse> future = keyManagementServiceClient.asymmetricDecryptCallable().futureCall(request);
// Do something
AsymmetricDecryptResponse response = future.get();
}
public final com.google.cloud.kms.v1.AsymmetricSignResponse asymmetricSign(com.google.cloud.kms.v1.CryptoKeyVersionName name,
com.google.cloud.kms.v1.Digest digest)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
Digest digest = Digest.newBuilder().build();
AsymmetricSignResponse response = keyManagementServiceClient.asymmetricSign(name, digest);
}
name - Required. The resource name of the
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for signing.digest - Required. The digest of the data to sign. The digest must be produced with the
same digest algorithm as specified by the key version's
[algorithm][google.cloud.kms.v1.CryptoKeyVersion.algorithm].ApiException - if the remote call failspublic final com.google.cloud.kms.v1.AsymmetricSignResponse asymmetricSign(String name, com.google.cloud.kms.v1.Digest digest)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
Digest digest = Digest.newBuilder().build();
AsymmetricSignResponse response = keyManagementServiceClient.asymmetricSign(name.toString(), digest);
}
name - Required. The resource name of the
[CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] to use for signing.digest - Required. The digest of the data to sign. The digest must be produced with the
same digest algorithm as specified by the key version's
[algorithm][google.cloud.kms.v1.CryptoKeyVersion.algorithm].ApiException - if the remote call failspublic final com.google.cloud.kms.v1.AsymmetricSignResponse asymmetricSign(com.google.cloud.kms.v1.AsymmetricSignRequest request)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
Digest digest = Digest.newBuilder().build();
AsymmetricSignRequest request = AsymmetricSignRequest.newBuilder()
.setName(name.toString())
.setDigest(digest)
.build();
AsymmetricSignResponse response = keyManagementServiceClient.asymmetricSign(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.cloud.kms.v1.AsymmetricSignRequest,com.google.cloud.kms.v1.AsymmetricSignResponse> asymmetricSignCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
CryptoKeyVersionName name = CryptoKeyVersionName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
Digest digest = Digest.newBuilder().build();
AsymmetricSignRequest request = AsymmetricSignRequest.newBuilder()
.setName(name.toString())
.setDigest(digest)
.build();
ApiFuture<AsymmetricSignResponse> future = keyManagementServiceClient.asymmetricSignCallable().futureCall(request);
// Do something
AsymmetricSignResponse response = future.get();
}
public final com.google.iam.v1.Policy setIamPolicy(com.google.cloud.kms.v1.KeyName resource,
com.google.iam.v1.Policy policy)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
Policy policy = Policy.newBuilder().build();
Policy response = keyManagementServiceClient.setIamPolicy(resource, policy);
}
resource - REQUIRED: The resource for which the policy is being specified. `resource` is
usually specified as a path. For example, a Project resource is specified as
`projects/{project}`.policy - REQUIRED: The complete policy to be applied to the `resource`. The size of the
policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud
Platform services (such as Projects) might reject them.ApiException - if the remote call failspublic final com.google.iam.v1.Policy setIamPolicy(String resource, com.google.iam.v1.Policy policy)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
Policy policy = Policy.newBuilder().build();
Policy response = keyManagementServiceClient.setIamPolicy(resource.toString(), policy);
}
resource - REQUIRED: The resource for which the policy is being specified. `resource` is
usually specified as a path. For example, a Project resource is specified as
`projects/{project}`.policy - REQUIRED: The complete policy to be applied to the `resource`. The size of the
policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud
Platform services (such as Projects) might reject them.ApiException - if the remote call failspublic final com.google.iam.v1.Policy setIamPolicy(com.google.iam.v1.SetIamPolicyRequest request)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
ResourceName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
Policy policy = Policy.newBuilder().build();
SetIamPolicyRequest request = SetIamPolicyRequest.newBuilder()
.setResource(resource.toString())
.setPolicy(policy)
.build();
Policy response = keyManagementServiceClient.setIamPolicy(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.iam.v1.SetIamPolicyRequest,com.google.iam.v1.Policy> setIamPolicyCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
ResourceName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
Policy policy = Policy.newBuilder().build();
SetIamPolicyRequest request = SetIamPolicyRequest.newBuilder()
.setResource(resource.toString())
.setPolicy(policy)
.build();
ApiFuture<Policy> future = keyManagementServiceClient.setIamPolicyCallable().futureCall(request);
// Do something
Policy response = future.get();
}
public final com.google.iam.v1.Policy getIamPolicy(com.google.cloud.kms.v1.KeyName resource)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
Policy response = keyManagementServiceClient.getIamPolicy(resource);
}
resource - REQUIRED: The resource for which the policy is being requested. `resource` is
usually specified as a path. For example, a Project resource is specified as
`projects/{project}`.ApiException - if the remote call failspublic final com.google.iam.v1.Policy getIamPolicy(String resource)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
Policy response = keyManagementServiceClient.getIamPolicy(resource.toString());
}
resource - REQUIRED: The resource for which the policy is being requested. `resource` is
usually specified as a path. For example, a Project resource is specified as
`projects/{project}`.ApiException - if the remote call failspublic final com.google.iam.v1.Policy getIamPolicy(com.google.iam.v1.GetIamPolicyRequest request)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
ResourceName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
GetIamPolicyRequest request = GetIamPolicyRequest.newBuilder()
.setResource(resource.toString())
.build();
Policy response = keyManagementServiceClient.getIamPolicy(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.iam.v1.GetIamPolicyRequest,com.google.iam.v1.Policy> getIamPolicyCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
ResourceName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
GetIamPolicyRequest request = GetIamPolicyRequest.newBuilder()
.setResource(resource.toString())
.build();
ApiFuture<Policy> future = keyManagementServiceClient.getIamPolicyCallable().futureCall(request);
// Do something
Policy response = future.get();
}
public final com.google.iam.v1.TestIamPermissionsResponse testIamPermissions(com.google.cloud.kms.v1.KeyName resource,
List<String> permissions)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
List<String> permissions = new ArrayList<>();
TestIamPermissionsResponse response = keyManagementServiceClient.testIamPermissions(resource, permissions);
}
resource - REQUIRED: The resource for which the policy detail is being requested.
`resource` is usually specified as a path. For example, a Project resource is specified as
`projects/{project}`.permissions - The set of permissions to check for the `resource`. Permissions with
wildcards (such as '*' or 'storage.*') are not allowed. For more information see
[IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).ApiException - if the remote call failspublic final com.google.iam.v1.TestIamPermissionsResponse testIamPermissions(String resource, List<String> permissions)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
List<String> permissions = new ArrayList<>();
TestIamPermissionsResponse response = keyManagementServiceClient.testIamPermissions(resource.toString(), permissions);
}
resource - REQUIRED: The resource for which the policy detail is being requested.
`resource` is usually specified as a path. For example, a Project resource is specified as
`projects/{project}`.permissions - The set of permissions to check for the `resource`. Permissions with
wildcards (such as '*' or 'storage.*') are not allowed. For more information see
[IAM Overview](https://cloud.google.com/iam/docs/overview#permissions).ApiException - if the remote call failspublic final com.google.iam.v1.TestIamPermissionsResponse testIamPermissions(com.google.iam.v1.TestIamPermissionsRequest request)
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
ResourceName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
List<String> permissions = new ArrayList<>();
TestIamPermissionsRequest request = TestIamPermissionsRequest.newBuilder()
.setResource(resource.toString())
.addAllPermissions(permissions)
.build();
TestIamPermissionsResponse response = keyManagementServiceClient.testIamPermissions(request);
}
request - The request object containing all of the parameters for the API call.ApiException - if the remote call failspublic final UnaryCallable<com.google.iam.v1.TestIamPermissionsRequest,com.google.iam.v1.TestIamPermissionsResponse> testIamPermissionsCallable()
Sample code:
try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
ResourceName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
List<String> permissions = new ArrayList<>();
TestIamPermissionsRequest request = TestIamPermissionsRequest.newBuilder()
.setResource(resource.toString())
.addAllPermissions(permissions)
.build();
ApiFuture<TestIamPermissionsResponse> future = keyManagementServiceClient.testIamPermissionsCallable().futureCall(request);
// Do something
TestIamPermissionsResponse response = future.get();
}
public final void close()
close in interface AutoCloseablepublic void shutdown()
shutdown in interface BackgroundResourcepublic boolean isShutdown()
isShutdown in interface BackgroundResourcepublic boolean isTerminated()
isTerminated in interface BackgroundResourcepublic void shutdownNow()
shutdownNow in interface BackgroundResourcepublic boolean awaitTermination(long duration,
TimeUnit unit)
throws InterruptedException
awaitTermination in interface BackgroundResourceInterruptedExceptionCopyright © 2019 Google LLC. All rights reserved.