cloudkms/v1 library

Cloud Key Management Service (KMS) API - v1

Manages keys and performs cryptographic operations in a central cloud service, for direct use by other cloud resources and applications.

For more information, see cloud.google.com/kms/

Create an instance of CloudKMSApi to access these resources:

Classes

AsymmetricDecryptRequest
Request message for KeyManagementService.AsymmetricDecrypt.
AsymmetricDecryptResponse
Response message for KeyManagementService.AsymmetricDecrypt.
AsymmetricSignRequest
Request message for KeyManagementService.AsymmetricSign.
AsymmetricSignResponse
Response message for KeyManagementService.AsymmetricSign.
AuditConfig
Specifies the audit configuration for a service.
Binding
Associates members, or principals, with a role.
Certificate
A Certificate represents an X.509 certificate used to authenticate HTTPS connections to EKM replicas.
CloudKMSApi
Manages keys and performs cryptographic operations in a central cloud service, for direct use by other cloud resources and applications.
CryptoKey
A CryptoKey represents a logical key that can be used for cryptographic operations.
CryptoKeyVersion
A CryptoKeyVersion represents an individual cryptographic key, and the associated key material.
DecryptRequest
Request message for KeyManagementService.Decrypt.
DecryptResponse
Response message for KeyManagementService.Decrypt.
Digest
A Digest holds a cryptographic message digest.
EkmConfig
An EkmConfig is a singleton resource that represents configuration parameters that apply to all CryptoKeys and CryptoKeyVersions with a ProtectionLevel of EXTERNAL_VPC in a given project and location.
EkmConnection
An EkmConnection represents an individual EKM connection.
EncryptRequest
Request message for KeyManagementService.Encrypt.
EncryptResponse
Response message for KeyManagementService.Encrypt.
GenerateRandomBytesRequest
Request message for KeyManagementService.GenerateRandomBytes.
GenerateRandomBytesResponse
Response message for KeyManagementService.GenerateRandomBytes.
ImportCryptoKeyVersionRequest
Request message for KeyManagementService.ImportCryptoKeyVersion.
ImportJob
An ImportJob can be used to create CryptoKeys and CryptoKeyVersions using pre-existing key material, generated outside of Cloud KMS.
KeyOperationAttestation
Contains an HSM-generated attestation about a key operation.
KeyRing
A KeyRing is a toplevel logical grouping of CryptoKeys.
ListCryptoKeysResponse
Response message for KeyManagementService.ListCryptoKeys.
ListCryptoKeyVersionsResponse
Response message for KeyManagementService.ListCryptoKeyVersions.
ListEkmConnectionsResponse
Response message for EkmService.ListEkmConnections.
ListImportJobsResponse
Response message for KeyManagementService.ListImportJobs.
ListKeyRingsResponse
Response message for KeyManagementService.ListKeyRings.
ListLocationsResponse
The response message for Locations.ListLocations.
MacSignRequest
Request message for KeyManagementService.MacSign.
MacSignResponse
Response message for KeyManagementService.MacSign.
MacVerifyRequest
Request message for KeyManagementService.MacVerify.
MacVerifyResponse
Response message for KeyManagementService.MacVerify.
Policy
An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
ProjectsLocationsEkmConfigResource
ProjectsLocationsEkmConnectionsResource
ProjectsLocationsKeyRingsCryptoKeysCryptoKeyVersionsResource
ProjectsLocationsKeyRingsCryptoKeysResource
ProjectsLocationsKeyRingsImportJobsResource
ProjectsLocationsKeyRingsResource
ProjectsLocationsResource
ProjectsResource
PublicKey
The public keys for a given CryptoKeyVersion.
RawDecryptRequest
Request message for KeyManagementService.RawDecrypt.
RawDecryptResponse
Response message for KeyManagementService.RawDecrypt.
RawEncryptRequest
Request message for KeyManagementService.RawEncrypt.
RawEncryptResponse
Response message for KeyManagementService.RawEncrypt.
ServiceResolver
A ServiceResolver represents an EKM replica that can be reached within an EkmConnection.
SetIamPolicyRequest
Request message for SetIamPolicy method.
UpdateCryptoKeyPrimaryVersionRequest
Request message for KeyManagementService.UpdateCryptoKeyPrimaryVersion.
WrappingPublicKey
The public key component of the wrapping key.

Typedefs

AuditLogConfig = $AuditLogConfig
Provides the configuration for logging a type of permissions.
CertificateChains = $CertificateChains
Certificate chains needed to verify the attestation.
CryptoKeyVersionTemplate = $CryptoKeyVersionTemplate
A CryptoKeyVersionTemplate specifies the properties to use when creating a new CryptoKeyVersion, either manually with CreateCryptoKeyVersion or automatically as a result of auto-rotation.
DestroyCryptoKeyVersionRequest = $Empty
Request message for KeyManagementService.DestroyCryptoKeyVersion.
Expr = $Expr
Represents a textual expression in the Common Expression Language (CEL) syntax.
ExternalProtectionLevelOptions = $ExternalProtectionLevelOptions
ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level and EXTERNAL_VPC protection levels.
Location = $Location00
A resource that represents a Google Cloud location.
RestoreCryptoKeyVersionRequest = $Empty
Request message for KeyManagementService.RestoreCryptoKeyVersion.
TestIamPermissionsRequest = $TestIamPermissionsRequest00
Request message for TestIamPermissions method.
TestIamPermissionsResponse = $PermissionsResponse
Response message for TestIamPermissions method.
VerifyConnectivityResponse = $Empty
Response message for EkmService.VerifyConnectivity.

Exceptions / Errors

ApiRequestError
Represents a general error reported by the API endpoint.
DetailedApiRequestError
Represents a specific error reported by the API endpoint.