Class KeyManagementServiceClient (2.6.7)

Service Description: Google Cloud Key Management Service

Manages cryptographic keys and operations using those keys. Implements a REST model with the following objects:

• KeyRing
• CryptoKey
• CryptoKeyVersion
• ImportJob

If you are using manual gRPC libraries, see Using gRPC with Cloud KMS.

This class provides the ability to make remote calls to the backing service through method calls that map to API methods. Sample code to get started:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   KeyRingName name = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   KeyRing response = keyManagementServiceClient.getKeyRing(name);
 }
 

Note: close() needs to be called on the KeyManagementServiceClient object to clean up resources such as threads. In the example above, try-with-resources is used, which automatically calls close().

The surface of this class includes several types of Java methods for each of the API's methods:

1. A "flattened" method. With this type of method, the fields of the request type have been converted into function parameters. It may be the case that not all fields are available as parameters, and not every API method will have a flattened method entry point.
2. A "request object" method. This type of method only takes one parameter, a request object, which must be constructed before the call. Not every API method will have a request object method.
3. A "callable" method. This type of method takes no parameters and returns an immutable API callable object, which can be used to initiate calls to the service.

See the individual methods for example code.

Many parameters require resource names to be formatted in a particular way. To assist with these names, this class includes a format method for each type of name, and additionally a parse method to extract the individual identifiers contained within names that are returned.

This class can be customized by passing in a custom instance of KeyManagementServiceSettings to create(). For example:

To customize credentials:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 KeyManagementServiceSettings keyManagementServiceSettings =
     KeyManagementServiceSettings.newBuilder()
         .setCredentialsProvider(FixedCredentialsProvider.create(myCredentials))
         .build();
 KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create(keyManagementServiceSettings);
 

To customize the endpoint:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 KeyManagementServiceSettings keyManagementServiceSettings =
     KeyManagementServiceSettings.newBuilder().setEndpoint(myEndpoint).build();
 KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create(keyManagementServiceSettings);
 

To use REST (HTTP1.1/JSON) transport (instead of gRPC) for sending and receiving requests over the wire:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 KeyManagementServiceSettings keyManagementServiceSettings =
     KeyManagementServiceSettings.newBuilder()
         .setTransportChannelProvider(
             KeyManagementServiceSettings.defaultHttpJsonTransportProviderBuilder().build())
         .build();
 KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create(keyManagementServiceSettings);
 

Please refer to the GitHub repository's samples for more quickstart code snippets.

Constructs an instance of KeyManagementServiceClient with default settings.

Constructs an instance of KeyManagementServiceClient, using the given settings. The channels are created based on the settings passed in, or defaults for any settings that are not set.

Constructs an instance of KeyManagementServiceClient, using the given stub for making calls. This is for advanced usage - prefer using create(KeyManagementServiceSettings).

Constructs an instance of KeyManagementServiceClient, using the given settings. This is protected so that it is easy to make a subclass, but otherwise, the static factory methods should be preferred.

Decrypts data that was encrypted with a public key retrieved from GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_DECRYPT.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   AsymmetricDecryptRequest request =
       AsymmetricDecryptRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setCiphertext(ByteString.EMPTY)
           .setCiphertextCrc32C(Int64Value.newBuilder().build())
           .build();
   AsymmetricDecryptResponse response = keyManagementServiceClient.asymmetricDecrypt(request);
 }
 

Decrypts data that was encrypted with a public key retrieved from GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_DECRYPT.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyVersionName name =
       CryptoKeyVersionName.of(
           "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
   ByteString ciphertext = ByteString.EMPTY;
   AsymmetricDecryptResponse response =
       keyManagementServiceClient.asymmetricDecrypt(name, ciphertext);
 }
 

Decrypts data that was encrypted with a public key retrieved from GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_DECRYPT.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyVersionName.of(
               "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
           .toString();
   ByteString ciphertext = ByteString.EMPTY;
   AsymmetricDecryptResponse response =
       keyManagementServiceClient.asymmetricDecrypt(name, ciphertext);
 }
 

Decrypts data that was encrypted with a public key retrieved from GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_DECRYPT.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   AsymmetricDecryptRequest request =
       AsymmetricDecryptRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setCiphertext(ByteString.EMPTY)
           .setCiphertextCrc32C(Int64Value.newBuilder().build())
           .build();
   ApiFuture<AsymmetricDecryptResponse> future =
       keyManagementServiceClient.asymmetricDecryptCallable().futureCall(request);
   // Do something.
   AsymmetricDecryptResponse response = future.get();
 }
 

Signs data using a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from GetPublicKey.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   AsymmetricSignRequest request =
       AsymmetricSignRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setDigest(Digest.newBuilder().build())
           .setDigestCrc32C(Int64Value.newBuilder().build())
           .setData(ByteString.EMPTY)
           .setDataCrc32C(Int64Value.newBuilder().build())
           .build();
   AsymmetricSignResponse response = keyManagementServiceClient.asymmetricSign(request);
 }
 

Signs data using a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from GetPublicKey.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyVersionName name =
       CryptoKeyVersionName.of(
           "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
   Digest digest = Digest.newBuilder().build();
   AsymmetricSignResponse response = keyManagementServiceClient.asymmetricSign(name, digest);
 }
 

Signs data using a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from GetPublicKey.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyVersionName.of(
               "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
           .toString();
   Digest digest = Digest.newBuilder().build();
   AsymmetricSignResponse response = keyManagementServiceClient.asymmetricSign(name, digest);
 }
 

Signs data using a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from GetPublicKey.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   AsymmetricSignRequest request =
       AsymmetricSignRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setDigest(Digest.newBuilder().build())
           .setDigestCrc32C(Int64Value.newBuilder().build())
           .setData(ByteString.EMPTY)
           .setDataCrc32C(Int64Value.newBuilder().build())
           .build();
   ApiFuture<AsymmetricSignResponse> future =
       keyManagementServiceClient.asymmetricSignCallable().futureCall(request);
   // Do something.
   AsymmetricSignResponse response = future.get();
 }
 

Create a new CryptoKey within a KeyRing.

CryptoKey.purpose and CryptoKey.version_template.algorithm are required.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CreateCryptoKeyRequest request =
       CreateCryptoKeyRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setCryptoKeyId("cryptoKeyId-1643185255")
           .setCryptoKey(CryptoKey.newBuilder().build())
           .setSkipInitialVersionCreation(true)
           .build();
   CryptoKey response = keyManagementServiceClient.createCryptoKey(request);
 }
 

Create a new CryptoKey within a KeyRing.

CryptoKey.purpose and CryptoKey.version_template.algorithm are required.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   KeyRingName parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   String cryptoKeyId = "cryptoKeyId-1643185255";
   CryptoKey cryptoKey = CryptoKey.newBuilder().build();
   CryptoKey response =
       keyManagementServiceClient.createCryptoKey(parent, cryptoKeyId, cryptoKey);
 }
 

Create a new CryptoKey within a KeyRing.

CryptoKey.purpose and CryptoKey.version_template.algorithm are required.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString();
   String cryptoKeyId = "cryptoKeyId-1643185255";
   CryptoKey cryptoKey = CryptoKey.newBuilder().build();
   CryptoKey response =
       keyManagementServiceClient.createCryptoKey(parent, cryptoKeyId, cryptoKey);
 }
 

Create a new CryptoKey within a KeyRing.

CryptoKey.purpose and CryptoKey.version_template.algorithm are required.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CreateCryptoKeyRequest request =
       CreateCryptoKeyRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setCryptoKeyId("cryptoKeyId-1643185255")
           .setCryptoKey(CryptoKey.newBuilder().build())
           .setSkipInitialVersionCreation(true)
           .build();
   ApiFuture<CryptoKey> future =
       keyManagementServiceClient.createCryptoKeyCallable().futureCall(request);
   // Do something.
   CryptoKey response = future.get();
 }
 

Create a new CryptoKeyVersion in a CryptoKey.

The server will assign the next sequential id. If unset, state will be set to ENABLED.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CreateCryptoKeyVersionRequest request =
       CreateCryptoKeyVersionRequest.newBuilder()
           .setParent(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setCryptoKeyVersion(CryptoKeyVersion.newBuilder().build())
           .build();
   CryptoKeyVersion response = keyManagementServiceClient.createCryptoKeyVersion(request);
 }
 

Create a new CryptoKeyVersion in a CryptoKey.

The server will assign the next sequential id. If unset, state will be set to ENABLED.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyName parent =
       CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
   CryptoKeyVersion cryptoKeyVersion = CryptoKeyVersion.newBuilder().build();
   CryptoKeyVersion response =
       keyManagementServiceClient.createCryptoKeyVersion(parent, cryptoKeyVersion);
 }
 

Create a new CryptoKeyVersion in a CryptoKey.

The server will assign the next sequential id. If unset, state will be set to ENABLED.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String parent =
       CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]").toString();
   CryptoKeyVersion cryptoKeyVersion = CryptoKeyVersion.newBuilder().build();
   CryptoKeyVersion response =
       keyManagementServiceClient.createCryptoKeyVersion(parent, cryptoKeyVersion);
 }
 

Create a new CryptoKeyVersion in a CryptoKey.

The server will assign the next sequential id. If unset, state will be set to ENABLED.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CreateCryptoKeyVersionRequest request =
       CreateCryptoKeyVersionRequest.newBuilder()
           .setParent(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setCryptoKeyVersion(CryptoKeyVersion.newBuilder().build())
           .build();
   ApiFuture<CryptoKeyVersion> future =
       keyManagementServiceClient.createCryptoKeyVersionCallable().futureCall(request);
   // Do something.
   CryptoKeyVersion response = future.get();
 }
 

Create a new ImportJob within a KeyRing.

ImportJob.import_method is required.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CreateImportJobRequest request =
       CreateImportJobRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setImportJobId("importJobId1449444627")
           .setImportJob(ImportJob.newBuilder().build())
           .build();
   ImportJob response = keyManagementServiceClient.createImportJob(request);
 }
 

Create a new ImportJob within a KeyRing.

ImportJob.import_method is required.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   KeyRingName parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   String importJobId = "importJobId1449444627";
   ImportJob importJob = ImportJob.newBuilder().build();
   ImportJob response =
       keyManagementServiceClient.createImportJob(parent, importJobId, importJob);
 }
 

Create a new ImportJob within a KeyRing.

ImportJob.import_method is required.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString();
   String importJobId = "importJobId1449444627";
   ImportJob importJob = ImportJob.newBuilder().build();
   ImportJob response =
       keyManagementServiceClient.createImportJob(parent, importJobId, importJob);
 }
 

Create a new ImportJob within a KeyRing.

ImportJob.import_method is required.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CreateImportJobRequest request =
       CreateImportJobRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setImportJobId("importJobId1449444627")
           .setImportJob(ImportJob.newBuilder().build())
           .build();
   ApiFuture<ImportJob> future =
       keyManagementServiceClient.createImportJobCallable().futureCall(request);
   // Do something.
   ImportJob response = future.get();
 }
 

Create a new KeyRing in a given Project and Location.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CreateKeyRingRequest request =
       CreateKeyRingRequest.newBuilder()
           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
           .setKeyRingId("keyRingId-2027180374")
           .setKeyRing(KeyRing.newBuilder().build())
           .build();
   KeyRing response = keyManagementServiceClient.createKeyRing(request);
 }
 

Create a new KeyRing in a given Project and Location.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
   String keyRingId = "keyRingId-2027180374";
   KeyRing keyRing = KeyRing.newBuilder().build();
   KeyRing response = keyManagementServiceClient.createKeyRing(parent, keyRingId, keyRing);
 }
 

Create a new KeyRing in a given Project and Location.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
   String keyRingId = "keyRingId-2027180374";
   KeyRing keyRing = KeyRing.newBuilder().build();
   KeyRing response = keyManagementServiceClient.createKeyRing(parent, keyRingId, keyRing);
 }
 

Create a new KeyRing in a given Project and Location.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CreateKeyRingRequest request =
       CreateKeyRingRequest.newBuilder()
           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
           .setKeyRingId("keyRingId-2027180374")
           .setKeyRing(KeyRing.newBuilder().build())
           .build();
   ApiFuture<KeyRing> future =
       keyManagementServiceClient.createKeyRingCallable().futureCall(request);
   // Do something.
   KeyRing response = future.get();
 }
 

Decrypts data that was protected by Encrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyName name =
       CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
   ByteString ciphertext = ByteString.EMPTY;
   DecryptResponse response = keyManagementServiceClient.decrypt(name, ciphertext);
 }
 

Decrypts data that was protected by Encrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   DecryptRequest request =
       DecryptRequest.newBuilder()
           .setName(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setCiphertext(ByteString.EMPTY)
           .setAdditionalAuthenticatedData(ByteString.EMPTY)
           .setCiphertextCrc32C(Int64Value.newBuilder().build())
           .setAdditionalAuthenticatedDataCrc32C(Int64Value.newBuilder().build())
           .build();
   DecryptResponse response = keyManagementServiceClient.decrypt(request);
 }
 

Decrypts data that was protected by Encrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]").toString();
   ByteString ciphertext = ByteString.EMPTY;
   DecryptResponse response = keyManagementServiceClient.decrypt(name, ciphertext);
 }
 

Decrypts data that was protected by Encrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   DecryptRequest request =
       DecryptRequest.newBuilder()
           .setName(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setCiphertext(ByteString.EMPTY)
           .setAdditionalAuthenticatedData(ByteString.EMPTY)
           .setCiphertextCrc32C(Int64Value.newBuilder().build())
           .setAdditionalAuthenticatedDataCrc32C(Int64Value.newBuilder().build())
           .build();
   ApiFuture<DecryptResponse> future =
       keyManagementServiceClient.decryptCallable().futureCall(request);
   // Do something.
   DecryptResponse response = future.get();
 }
 

Schedule a CryptoKeyVersion for destruction.

Upon calling this method, CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and destroy_time will be set to the time destroy_scheduled_duration in the future. At that time, the state will automatically change to DESTROYED, and the key material will be irrevocably destroyed.

Before the destroy_time is reached, RestoreCryptoKeyVersion may be called to reverse the process.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyVersionName name =
       CryptoKeyVersionName.of(
           "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
   CryptoKeyVersion response = keyManagementServiceClient.destroyCryptoKeyVersion(name);
 }
 

Schedule a CryptoKeyVersion for destruction.

Upon calling this method, CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and destroy_time will be set to the time destroy_scheduled_duration in the future. At that time, the state will automatically change to DESTROYED, and the key material will be irrevocably destroyed.

Before the destroy_time is reached, RestoreCryptoKeyVersion may be called to reverse the process.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   DestroyCryptoKeyVersionRequest request =
       DestroyCryptoKeyVersionRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .build();
   CryptoKeyVersion response = keyManagementServiceClient.destroyCryptoKeyVersion(request);
 }
 

Schedule a CryptoKeyVersion for destruction.

Upon calling this method, CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and destroy_time will be set to the time destroy_scheduled_duration in the future. At that time, the state will automatically change to DESTROYED, and the key material will be irrevocably destroyed.

Before the destroy_time is reached, RestoreCryptoKeyVersion may be called to reverse the process.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyVersionName.of(
               "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
           .toString();
   CryptoKeyVersion response = keyManagementServiceClient.destroyCryptoKeyVersion(name);
 }
 

Schedule a CryptoKeyVersion for destruction.

Upon calling this method, CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and destroy_time will be set to the time destroy_scheduled_duration in the future. At that time, the state will automatically change to DESTROYED, and the key material will be irrevocably destroyed.

Before the destroy_time is reached, RestoreCryptoKeyVersion may be called to reverse the process.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   DestroyCryptoKeyVersionRequest request =
       DestroyCryptoKeyVersionRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .build();
   ApiFuture<CryptoKeyVersion> future =
       keyManagementServiceClient.destroyCryptoKeyVersionCallable().futureCall(request);
   // Do something.
   CryptoKeyVersion response = future.get();
 }
 

Encrypts data, so that it can only be recovered by a call to Decrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ResourceName name = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
   ByteString plaintext = ByteString.EMPTY;
   EncryptResponse response = keyManagementServiceClient.encrypt(name, plaintext);
 }
 

Encrypts data, so that it can only be recovered by a call to Decrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Sample code:

 try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
   CryptoKeyPathName name = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
   ByteString plaintext = ByteString.copyFromUtf8("");
   EncryptResponse response = keyManagementServiceClient.encrypt(name, plaintext);
 }
 

Encrypts data, so that it can only be recovered by a call to Decrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   EncryptRequest request =
       EncryptRequest.newBuilder()
           .setName(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setPlaintext(ByteString.EMPTY)
           .setAdditionalAuthenticatedData(ByteString.EMPTY)
           .setPlaintextCrc32C(Int64Value.newBuilder().build())
           .setAdditionalAuthenticatedDataCrc32C(Int64Value.newBuilder().build())
           .build();
   EncryptResponse response = keyManagementServiceClient.encrypt(request);
 }
 

Encrypts data, so that it can only be recovered by a call to Decrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]").toString();
   ByteString plaintext = ByteString.EMPTY;
   EncryptResponse response = keyManagementServiceClient.encrypt(name, plaintext);
 }
 

Encrypts data, so that it can only be recovered by a call to Decrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   EncryptRequest request =
       EncryptRequest.newBuilder()
           .setName(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setPlaintext(ByteString.EMPTY)
           .setAdditionalAuthenticatedData(ByteString.EMPTY)
           .setPlaintextCrc32C(Int64Value.newBuilder().build())
           .setAdditionalAuthenticatedDataCrc32C(Int64Value.newBuilder().build())
           .build();
   ApiFuture<EncryptResponse> future =
       keyManagementServiceClient.encryptCallable().futureCall(request);
   // Do something.
   EncryptResponse response = future.get();
 }
 

Generate random bytes using the Cloud KMS randomness source in the provided location.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GenerateRandomBytesRequest request =
       GenerateRandomBytesRequest.newBuilder()
           .setLocation("location1901043637")
           .setLengthBytes(-745661998)
           .setProtectionLevel(ProtectionLevel.forNumber(0))
           .build();
   GenerateRandomBytesResponse response =
       keyManagementServiceClient.generateRandomBytes(request);
 }
 

Generate random bytes using the Cloud KMS randomness source in the provided location.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String location = "location1901043637";
   int lengthBytes = -745661998;
   ProtectionLevel protectionLevel = ProtectionLevel.forNumber(0);
   GenerateRandomBytesResponse response =
       keyManagementServiceClient.generateRandomBytes(location, lengthBytes, protectionLevel);
 }
 

Generate random bytes using the Cloud KMS randomness source in the provided location.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GenerateRandomBytesRequest request =
       GenerateRandomBytesRequest.newBuilder()
           .setLocation("location1901043637")
           .setLengthBytes(-745661998)
           .setProtectionLevel(ProtectionLevel.forNumber(0))
           .build();
   ApiFuture<GenerateRandomBytesResponse> future =
       keyManagementServiceClient.generateRandomBytesCallable().futureCall(request);
   // Do something.
   GenerateRandomBytesResponse response = future.get();
 }
 

Returns metadata for a given CryptoKey, as well as its primary CryptoKeyVersion.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyName name =
       CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
   CryptoKey response = keyManagementServiceClient.getCryptoKey(name);
 }
 

Returns metadata for a given CryptoKey, as well as its primary CryptoKeyVersion.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetCryptoKeyRequest request =
       GetCryptoKeyRequest.newBuilder()
           .setName(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .build();
   CryptoKey response = keyManagementServiceClient.getCryptoKey(request);
 }
 

Returns metadata for a given CryptoKey, as well as its primary CryptoKeyVersion.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]").toString();
   CryptoKey response = keyManagementServiceClient.getCryptoKey(name);
 }
 

Returns metadata for a given CryptoKey, as well as its primary CryptoKeyVersion.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetCryptoKeyRequest request =
       GetCryptoKeyRequest.newBuilder()
           .setName(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .build();
   ApiFuture<CryptoKey> future =
       keyManagementServiceClient.getCryptoKeyCallable().futureCall(request);
   // Do something.
   CryptoKey response = future.get();
 }
 

Returns metadata for a given CryptoKeyVersion.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyVersionName name =
       CryptoKeyVersionName.of(
           "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
   CryptoKeyVersion response = keyManagementServiceClient.getCryptoKeyVersion(name);
 }
 

Returns metadata for a given CryptoKeyVersion.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetCryptoKeyVersionRequest request =
       GetCryptoKeyVersionRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .build();
   CryptoKeyVersion response = keyManagementServiceClient.getCryptoKeyVersion(request);
 }
 

Returns metadata for a given CryptoKeyVersion.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyVersionName.of(
               "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
           .toString();
   CryptoKeyVersion response = keyManagementServiceClient.getCryptoKeyVersion(name);
 }
 

Returns metadata for a given CryptoKeyVersion.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetCryptoKeyVersionRequest request =
       GetCryptoKeyVersionRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .build();
   ApiFuture<CryptoKeyVersion> future =
       keyManagementServiceClient.getCryptoKeyVersionCallable().futureCall(request);
   // Do something.
   CryptoKeyVersion response = future.get();
 }
 

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

Sample code:

 try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
   KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   Policy response = keyManagementServiceClient.getIamPolicy(resource);
 }
 

Gets the access control policy for a resource. Returns an empty policyif the resource exists and does not have a policy set.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetIamPolicyRequest request =
       GetIamPolicyRequest.newBuilder()
           .setResource(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setOptions(GetPolicyOptions.newBuilder().build())
           .build();
   Policy response = keyManagementServiceClient.getIamPolicy(request);
 }
 

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

Sample code:

 try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
   KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   Policy response = keyManagementServiceClient.getIamPolicy(resource.toString());
 }
 

Gets the access control policy for a resource. Returns an empty policyif the resource exists and does not have a policy set.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetIamPolicyRequest request =
       GetIamPolicyRequest.newBuilder()
           .setResource(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setOptions(GetPolicyOptions.newBuilder().build())
           .build();
   ApiFuture<Policy> future =
       keyManagementServiceClient.getIamPolicyCallable().futureCall(request);
   // Do something.
   Policy response = future.get();
 }
 

Returns metadata for a given ImportJob.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetImportJobRequest request =
       GetImportJobRequest.newBuilder()
           .setName(
               ImportJobName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[IMPORT_JOB]")
                   .toString())
           .build();
   ImportJob response = keyManagementServiceClient.getImportJob(request);
 }
 

Returns metadata for a given ImportJob.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ImportJobName name =
       ImportJobName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[IMPORT_JOB]");
   ImportJob response = keyManagementServiceClient.getImportJob(name);
 }
 

Returns metadata for a given ImportJob.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       ImportJobName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[IMPORT_JOB]").toString();
   ImportJob response = keyManagementServiceClient.getImportJob(name);
 }
 

Returns metadata for a given ImportJob.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetImportJobRequest request =
       GetImportJobRequest.newBuilder()
           .setName(
               ImportJobName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[IMPORT_JOB]")
                   .toString())
           .build();
   ApiFuture<ImportJob> future =
       keyManagementServiceClient.getImportJobCallable().futureCall(request);
   // Do something.
   ImportJob response = future.get();
 }
 

Returns metadata for a given KeyRing.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetKeyRingRequest request =
       GetKeyRingRequest.newBuilder()
           .setName(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .build();
   KeyRing response = keyManagementServiceClient.getKeyRing(request);
 }
 

Returns metadata for a given KeyRing.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   KeyRingName name = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   KeyRing response = keyManagementServiceClient.getKeyRing(name);
 }
 

Returns metadata for a given KeyRing.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString();
   KeyRing response = keyManagementServiceClient.getKeyRing(name);
 }
 

Returns metadata for a given KeyRing.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetKeyRingRequest request =
       GetKeyRingRequest.newBuilder()
           .setName(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .build();
   ApiFuture<KeyRing> future =
       keyManagementServiceClient.getKeyRingCallable().futureCall(request);
   // Do something.
   KeyRing response = future.get();
 }
 

Returns the public key for the given CryptoKeyVersion. The CryptoKey.purpose must be ASYMMETRIC_SIGN or ASYMMETRIC_DECRYPT.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyVersionName name =
       CryptoKeyVersionName.of(
           "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
   PublicKey response = keyManagementServiceClient.getPublicKey(name);
 }
 

Returns the public key for the given CryptoKeyVersion. The CryptoKey.purpose must be ASYMMETRIC_SIGN or ASYMMETRIC_DECRYPT.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetPublicKeyRequest request =
       GetPublicKeyRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .build();
   PublicKey response = keyManagementServiceClient.getPublicKey(request);
 }
 

Returns the public key for the given CryptoKeyVersion. The CryptoKey.purpose must be ASYMMETRIC_SIGN or ASYMMETRIC_DECRYPT.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyVersionName.of(
               "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
           .toString();
   PublicKey response = keyManagementServiceClient.getPublicKey(name);
 }
 

Returns the public key for the given CryptoKeyVersion. The CryptoKey.purpose must be ASYMMETRIC_SIGN or ASYMMETRIC_DECRYPT.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetPublicKeyRequest request =
       GetPublicKeyRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .build();
   ApiFuture<PublicKey> future =
       keyManagementServiceClient.getPublicKeyCallable().futureCall(request);
   // Do something.
   PublicKey response = future.get();
 }
 

Import wrapped key material into a CryptoKeyVersion.

All requests must specify a CryptoKey. If a CryptoKeyVersion is additionally specified in the request, key material will be reimported into that version. Otherwise, a new version will be created, and will be assigned the next sequential id within the CryptoKey.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ImportCryptoKeyVersionRequest request =
       ImportCryptoKeyVersionRequest.newBuilder()
           .setParent(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setCryptoKeyVersion(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setImportJob("importJob-208547368")
           .build();
   CryptoKeyVersion response = keyManagementServiceClient.importCryptoKeyVersion(request);
 }
 

Import wrapped key material into a CryptoKeyVersion.

All requests must specify a CryptoKey. If a CryptoKeyVersion is additionally specified in the request, key material will be reimported into that version. Otherwise, a new version will be created, and will be assigned the next sequential id within the CryptoKey.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ImportCryptoKeyVersionRequest request =
       ImportCryptoKeyVersionRequest.newBuilder()
           .setParent(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setCryptoKeyVersion(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setImportJob("importJob-208547368")
           .build();
   ApiFuture<CryptoKeyVersion> future =
       keyManagementServiceClient.importCryptoKeyVersionCallable().futureCall(request);
   // Do something.
   CryptoKeyVersion response = future.get();
 }
 

Lists CryptoKeyVersions.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyName parent =
       CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
   for (CryptoKeyVersion element :
       keyManagementServiceClient.listCryptoKeyVersions(parent).iterateAll()) {
     // doThingsWith(element);
   }
 }
 

Lists CryptoKeyVersions.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListCryptoKeyVersionsRequest request =
       ListCryptoKeyVersionsRequest.newBuilder()
           .setParent(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   for (CryptoKeyVersion element :
       keyManagementServiceClient.listCryptoKeyVersions(request).iterateAll()) {
     // doThingsWith(element);
   }
 }
 

Lists CryptoKeyVersions.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String parent =
       CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]").toString();
   for (CryptoKeyVersion element :
       keyManagementServiceClient.listCryptoKeyVersions(parent).iterateAll()) {
     // doThingsWith(element);
   }
 }
 

Lists CryptoKeyVersions.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListCryptoKeyVersionsRequest request =
       ListCryptoKeyVersionsRequest.newBuilder()
           .setParent(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   while (true) {
     ListCryptoKeyVersionsResponse response =
         keyManagementServiceClient.listCryptoKeyVersionsCallable().call(request);
     for (CryptoKeyVersion element : response.getCryptoKeyVersionsList()) {
       // doThingsWith(element);
     }
     String nextPageToken = response.getNextPageToken();
     if (!Strings.isNullOrEmpty(nextPageToken)) {
       request = request.toBuilder().setPageToken(nextPageToken).build();
     } else {
       break;
     }
   }
 }
 

Lists CryptoKeyVersions.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListCryptoKeyVersionsRequest request =
       ListCryptoKeyVersionsRequest.newBuilder()
           .setParent(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   ApiFuture<CryptoKeyVersion> future =
       keyManagementServiceClient.listCryptoKeyVersionsPagedCallable().futureCall(request);
   // Do something.
   for (CryptoKeyVersion element : future.get().iterateAll()) {
     // doThingsWith(element);
   }
 }
 

Lists CryptoKeys.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   KeyRingName parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   for (CryptoKey element : keyManagementServiceClient.listCryptoKeys(parent).iterateAll()) {
     // doThingsWith(element);
   }
 }
 

Lists CryptoKeys.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListCryptoKeysRequest request =
       ListCryptoKeysRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   for (CryptoKey element : keyManagementServiceClient.listCryptoKeys(request).iterateAll()) {
     // doThingsWith(element);
   }
 }
 

Lists CryptoKeys.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString();
   for (CryptoKey element : keyManagementServiceClient.listCryptoKeys(parent).iterateAll()) {
     // doThingsWith(element);
   }
 }
 

Lists CryptoKeys.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListCryptoKeysRequest request =
       ListCryptoKeysRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   while (true) {
     ListCryptoKeysResponse response =
         keyManagementServiceClient.listCryptoKeysCallable().call(request);
     for (CryptoKey element : response.getCryptoKeysList()) {
       // doThingsWith(element);
     }
     String nextPageToken = response.getNextPageToken();
     if (!Strings.isNullOrEmpty(nextPageToken)) {
       request = request.toBuilder().setPageToken(nextPageToken).build();
     } else {
       break;
     }
   }
 }
 

Lists CryptoKeys.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListCryptoKeysRequest request =
       ListCryptoKeysRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   ApiFuture<CryptoKey> future =
       keyManagementServiceClient.listCryptoKeysPagedCallable().futureCall(request);
   // Do something.
   for (CryptoKey element : future.get().iterateAll()) {
     // doThingsWith(element);
   }
 }
 

Lists ImportJobs.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   KeyRingName parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   for (ImportJob element : keyManagementServiceClient.listImportJobs(parent).iterateAll()) {
     // doThingsWith(element);
   }
 }
 

Lists ImportJobs.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListImportJobsRequest request =
       ListImportJobsRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   for (ImportJob element : keyManagementServiceClient.listImportJobs(request).iterateAll()) {
     // doThingsWith(element);
   }
 }
 

Lists ImportJobs.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString();
   for (ImportJob element : keyManagementServiceClient.listImportJobs(parent).iterateAll()) {
     // doThingsWith(element);
   }
 }
 

Lists ImportJobs.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListImportJobsRequest request =
       ListImportJobsRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   while (true) {
     ListImportJobsResponse response =
         keyManagementServiceClient.listImportJobsCallable().call(request);
     for (ImportJob element : response.getImportJobsList()) {
       // doThingsWith(element);
     }
     String nextPageToken = response.getNextPageToken();
     if (!Strings.isNullOrEmpty(nextPageToken)) {
       request = request.toBuilder().setPageToken(nextPageToken).build();
     } else {
       break;
     }
   }
 }
 

Lists ImportJobs.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListImportJobsRequest request =
       ListImportJobsRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   ApiFuture<ImportJob> future =
       keyManagementServiceClient.listImportJobsPagedCallable().futureCall(request);
   // Do something.
   for (ImportJob element : future.get().iterateAll()) {
     // doThingsWith(element);
   }
 }
 

Lists KeyRings.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListKeyRingsRequest request =
       ListKeyRingsRequest.newBuilder()
           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   for (KeyRing element : keyManagementServiceClient.listKeyRings(request).iterateAll()) {
     // doThingsWith(element);
   }
 }
 

Lists KeyRings.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
   for (KeyRing element : keyManagementServiceClient.listKeyRings(parent).iterateAll()) {
     // doThingsWith(element);
   }
 }
 

Lists KeyRings.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
   for (KeyRing element : keyManagementServiceClient.listKeyRings(parent).iterateAll()) {
     // doThingsWith(element);
   }
 }
 

Lists KeyRings.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListKeyRingsRequest request =
       ListKeyRingsRequest.newBuilder()
           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   while (true) {
     ListKeyRingsResponse response =
         keyManagementServiceClient.listKeyRingsCallable().call(request);
     for (KeyRing element : response.getKeyRingsList()) {
       // doThingsWith(element);
     }
     String nextPageToken = response.getNextPageToken();
     if (!Strings.isNullOrEmpty(nextPageToken)) {
       request = request.toBuilder().setPageToken(nextPageToken).build();
     } else {
       break;
     }
   }
 }
 

Lists KeyRings.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListKeyRingsRequest request =
       ListKeyRingsRequest.newBuilder()
           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   ApiFuture<KeyRing> future =
       keyManagementServiceClient.listKeyRingsPagedCallable().futureCall(request);
   // Do something.
   for (KeyRing element : future.get().iterateAll()) {
     // doThingsWith(element);
   }
 }
 

Signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, producing a tag that can be verified by another source with the same key.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyVersionName name =
       CryptoKeyVersionName.of(
           "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
   ByteString data = ByteString.EMPTY;
   MacSignResponse response = keyManagementServiceClient.macSign(name, data);
 }
 

Signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, producing a tag that can be verified by another source with the same key.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   MacSignRequest request =
       MacSignRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setData(ByteString.EMPTY)
           .setDataCrc32C(Int64Value.newBuilder().build())
           .build();
   MacSignResponse response = keyManagementServiceClient.macSign(request);
 }
 

Signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, producing a tag that can be verified by another source with the same key.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyVersionName.of(
               "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
           .toString();
   ByteString data = ByteString.EMPTY;
   MacSignResponse response = keyManagementServiceClient.macSign(name, data);
 }
 

Signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, producing a tag that can be verified by another source with the same key.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   MacSignRequest request =
       MacSignRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setData(ByteString.EMPTY)
           .setDataCrc32C(Int64Value.newBuilder().build())
           .build();
   ApiFuture<MacSignResponse> future =
       keyManagementServiceClient.macSignCallable().futureCall(request);
   // Do something.
   MacSignResponse response = future.get();
 }
 

Verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, and returns a response that indicates whether or not the verification was successful.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyVersionName name =
       CryptoKeyVersionName.of(
           "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
   ByteString data = ByteString.EMPTY;
   ByteString mac = ByteString.EMPTY;
   MacVerifyResponse response = keyManagementServiceClient.macVerify(name, data, mac);
 }
 

Verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, and returns a response that indicates whether or not the verification was successful.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   MacVerifyRequest request =
       MacVerifyRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setData(ByteString.EMPTY)
           .setDataCrc32C(Int64Value.newBuilder().build())
           .setMac(ByteString.EMPTY)
           .setMacCrc32C(Int64Value.newBuilder().build())
           .build();
   MacVerifyResponse response = keyManagementServiceClient.macVerify(request);
 }
 

Verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, and returns a response that indicates whether or not the verification was successful.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyVersionName.of(
               "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
           .toString();
   ByteString data = ByteString.EMPTY;
   ByteString mac = ByteString.EMPTY;
   MacVerifyResponse response = keyManagementServiceClient.macVerify(name, data, mac);
 }
 

Verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, and returns a response that indicates whether or not the verification was successful.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   MacVerifyRequest request =
       MacVerifyRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setData(ByteString.EMPTY)
           .setDataCrc32C(Int64Value.newBuilder().build())
           .setMac(ByteString.EMPTY)
           .setMacCrc32C(Int64Value.newBuilder().build())
           .build();
   ApiFuture<MacVerifyResponse> future =
       keyManagementServiceClient.macVerifyCallable().futureCall(request);
   // Do something.
   MacVerifyResponse response = future.get();
 }
 

Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state.

Upon restoration of the CryptoKeyVersion, state will be set to DISABLED, and destroy_time will be cleared.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyVersionName name =
       CryptoKeyVersionName.of(
           "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
   CryptoKeyVersion response = keyManagementServiceClient.restoreCryptoKeyVersion(name);
 }
 

Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state.

Upon restoration of the CryptoKeyVersion, state will be set to DISABLED, and destroy_time will be cleared.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   RestoreCryptoKeyVersionRequest request =
       RestoreCryptoKeyVersionRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .build();
   CryptoKeyVersion response = keyManagementServiceClient.restoreCryptoKeyVersion(request);
 }
 

Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state.

Upon restoration of the CryptoKeyVersion, state will be set to DISABLED, and destroy_time will be cleared.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyVersionName.of(
               "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
           .toString();
   CryptoKeyVersion response = keyManagementServiceClient.restoreCryptoKeyVersion(name);
 }
 

Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state.

Upon restoration of the CryptoKeyVersion, state will be set to DISABLED, and destroy_time will be cleared.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   RestoreCryptoKeyVersionRequest request =
       RestoreCryptoKeyVersionRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .build();
   ApiFuture<CryptoKeyVersion> future =
       keyManagementServiceClient.restoreCryptoKeyVersionCallable().futureCall(request);
   // Do something.
   CryptoKeyVersion response = future.get();
 }
 

Sets the access control policy on the specified resource. Replaces any existing policy.

Can return Public Errors: NOT_FOUND, INVALID_ARGUMENT and PERMISSION_DENIED

Sample code:

 try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
   KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   Policy policy = Policy.newBuilder().build();
   Policy response = keyManagementServiceClient.setIamPolicy(resource, policy);
 }
 

Sets the access control policy on the specified resource. Replacesany existing policy.

Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIEDerrors.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   SetIamPolicyRequest request =
       SetIamPolicyRequest.newBuilder()
           .setResource(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setPolicy(Policy.newBuilder().build())
           .setUpdateMask(FieldMask.newBuilder().build())
           .build();
   Policy response = keyManagementServiceClient.setIamPolicy(request);
 }
 

Sets the access control policy on the specified resource. Replaces any existing policy.

Can return Public Errors: NOT_FOUND, INVALID_ARGUMENT and PERMISSION_DENIED

Sample code:

 try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
   KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   Policy policy = Policy.newBuilder().build();
   Policy response = keyManagementServiceClient.setIamPolicy(resource.toString(), policy);
 }
 

Sets the access control policy on the specified resource. Replacesany existing policy.

Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIEDerrors.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   SetIamPolicyRequest request =
       SetIamPolicyRequest.newBuilder()
           .setResource(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setPolicy(Policy.newBuilder().build())
           .setUpdateMask(FieldMask.newBuilder().build())
           .build();
   ApiFuture<Policy> future =
       keyManagementServiceClient.setIamPolicyCallable().futureCall(request);
   // Do something.
   Policy response = future.get();
 }
 

Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.

Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.

Sample code:

 try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
   KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   List<String> permissions = new ArrayList<>();
   TestIamPermissionsResponse response = keyManagementServiceClient.testIamPermissions(resource, permissions);
 }
 

Returns permissions that a caller has on the specified resource. If theresource does not exist, this will return an empty set ofpermissions, not a NOT_FOUND error.

Note: This operation is designed to be used for buildingpermission-aware UIs and command-line tools, not for authorizationchecking. This operation may "fail open" without warning.

Sample code:

 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   TestIamPermissionsRequest request =
       TestIamPermissionsRequest.newBuilder()
           .setResource(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .addAllPermissions(new ArrayList<String>())
           .build();
   TestIamPermissionsResponse response = keyManagementServiceClient.testIamPermissions(request);
 }
 

Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.

Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.

Sample code:

 try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
   KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   List<String> permissions = new ArrayList<>();
   TestIamPermissionsResponse response = keyManagementServiceClient.testIamPermissions(resource.toString(), permissions);
 }
 

Returns permissi