Class KeyManagementServiceClient (2.6.7)

Stay organized with collections Save and categorize content based on your preferences.
public class KeyManagementServiceClient implements BackgroundResource

Service Description: Google Cloud Key Management Service

Manages cryptographic keys and operations using those keys. Implements a REST model with the following objects:

  • KeyRing
  • CryptoKey
  • CryptoKeyVersion
  • ImportJob

If you are using manual gRPC libraries, see Using gRPC with Cloud KMS.

This class provides the ability to make remote calls to the backing service through method calls that map to API methods. Sample code to get started:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   KeyRingName name = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   KeyRing response = keyManagementServiceClient.getKeyRing(name);
 }
 

Note: close() needs to be called on the KeyManagementServiceClient object to clean up resources such as threads. In the example above, try-with-resources is used, which automatically calls close().

The surface of this class includes several types of Java methods for each of the API's methods:

  1. A "flattened" method. With this type of method, the fields of the request type have been converted into function parameters. It may be the case that not all fields are available as parameters, and not every API method will have a flattened method entry point.
  2. A "request object" method. This type of method only takes one parameter, a request object, which must be constructed before the call. Not every API method will have a request object method.
  3. A "callable" method. This type of method takes no parameters and returns an immutable API callable object, which can be used to initiate calls to the service.

See the individual methods for example code.

Many parameters require resource names to be formatted in a particular way. To assist with these names, this class includes a format method for each type of name, and additionally a parse method to extract the individual identifiers contained within names that are returned.

This class can be customized by passing in a custom instance of KeyManagementServiceSettings to create(). For example:

To customize credentials:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 KeyManagementServiceSettings keyManagementServiceSettings =
     KeyManagementServiceSettings.newBuilder()
         .setCredentialsProvider(FixedCredentialsProvider.create(myCredentials))
         .build();
 KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create(keyManagementServiceSettings);
 

To customize the endpoint:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 KeyManagementServiceSettings keyManagementServiceSettings =
     KeyManagementServiceSettings.newBuilder().setEndpoint(myEndpoint).build();
 KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create(keyManagementServiceSettings);
 

To use REST (HTTP1.1/JSON) transport (instead of gRPC) for sending and receiving requests over the wire:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 KeyManagementServiceSettings keyManagementServiceSettings =
     KeyManagementServiceSettings.newBuilder()
         .setTransportChannelProvider(
             KeyManagementServiceSettings.defaultHttpJsonTransportProviderBuilder().build())
         .build();
 KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create(keyManagementServiceSettings);
 

Please refer to the GitHub repository's samples for more quickstart code snippets.

Inheritance

java.lang.Object > KeyManagementServiceClient

Implements

BackgroundResource

Static Methods

create()

public static final KeyManagementServiceClient create()

Constructs an instance of KeyManagementServiceClient with default settings.

Returns
TypeDescription
KeyManagementServiceClient
Exceptions
TypeDescription
IOException

create(KeyManagementServiceSettings settings)

public static final KeyManagementServiceClient create(KeyManagementServiceSettings settings)

Constructs an instance of KeyManagementServiceClient, using the given settings. The channels are created based on the settings passed in, or defaults for any settings that are not set.

Parameter
NameDescription
settingsKeyManagementServiceSettings
Returns
TypeDescription
KeyManagementServiceClient
Exceptions
TypeDescription
IOException

create(KeyManagementServiceStub stub)

public static final KeyManagementServiceClient create(KeyManagementServiceStub stub)

Constructs an instance of KeyManagementServiceClient, using the given stub for making calls. This is for advanced usage - prefer using create(KeyManagementServiceSettings).

Parameter
NameDescription
stubKeyManagementServiceStub
Returns
TypeDescription
KeyManagementServiceClient

Constructors

KeyManagementServiceClient(KeyManagementServiceSettings settings)

protected KeyManagementServiceClient(KeyManagementServiceSettings settings)

Constructs an instance of KeyManagementServiceClient, using the given settings. This is protected so that it is easy to make a subclass, but otherwise, the static factory methods should be preferred.

Parameter
NameDescription
settingsKeyManagementServiceSettings

KeyManagementServiceClient(KeyManagementServiceStub stub)

protected KeyManagementServiceClient(KeyManagementServiceStub stub)
Parameter
NameDescription
stubKeyManagementServiceStub

Methods

asymmetricDecrypt(AsymmetricDecryptRequest request)

public final AsymmetricDecryptResponse asymmetricDecrypt(AsymmetricDecryptRequest request)

Decrypts data that was encrypted with a public key retrieved from GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_DECRYPT.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   AsymmetricDecryptRequest request =
       AsymmetricDecryptRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setCiphertext(ByteString.EMPTY)
           .setCiphertextCrc32C(Int64Value.newBuilder().build())
           .build();
   AsymmetricDecryptResponse response = keyManagementServiceClient.asymmetricDecrypt(request);
 }
 
Parameter
NameDescription
requestAsymmetricDecryptRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
AsymmetricDecryptResponse

asymmetricDecrypt(CryptoKeyVersionName name, ByteString ciphertext)

public final AsymmetricDecryptResponse asymmetricDecrypt(CryptoKeyVersionName name, ByteString ciphertext)

Decrypts data that was encrypted with a public key retrieved from GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_DECRYPT.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyVersionName name =
       CryptoKeyVersionName.of(
           "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
   ByteString ciphertext = ByteString.EMPTY;
   AsymmetricDecryptResponse response =
       keyManagementServiceClient.asymmetricDecrypt(name, ciphertext);
 }
 
Parameters
NameDescription
nameCryptoKeyVersionName

Required. The resource name of the CryptoKeyVersion to use for decryption.

ciphertextByteString

Required. The data encrypted with the named CryptoKeyVersion's public key using OAEP.

Returns
TypeDescription
AsymmetricDecryptResponse

asymmetricDecrypt(String name, ByteString ciphertext)

public final AsymmetricDecryptResponse asymmetricDecrypt(String name, ByteString ciphertext)

Decrypts data that was encrypted with a public key retrieved from GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_DECRYPT.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyVersionName.of(
               "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
           .toString();
   ByteString ciphertext = ByteString.EMPTY;
   AsymmetricDecryptResponse response =
       keyManagementServiceClient.asymmetricDecrypt(name, ciphertext);
 }
 
Parameters
NameDescription
nameString

Required. The resource name of the CryptoKeyVersion to use for decryption.

ciphertextByteString

Required. The data encrypted with the named CryptoKeyVersion's public key using OAEP.

Returns
TypeDescription
AsymmetricDecryptResponse

asymmetricDecryptCallable()

public final UnaryCallable<AsymmetricDecryptRequest,AsymmetricDecryptResponse> asymmetricDecryptCallable()

Decrypts data that was encrypted with a public key retrieved from GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_DECRYPT.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   AsymmetricDecryptRequest request =
       AsymmetricDecryptRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setCiphertext(ByteString.EMPTY)
           .setCiphertextCrc32C(Int64Value.newBuilder().build())
           .build();
   ApiFuture<AsymmetricDecryptResponse> future =
       keyManagementServiceClient.asymmetricDecryptCallable().futureCall(request);
   // Do something.
   AsymmetricDecryptResponse response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<AsymmetricDecryptRequest,AsymmetricDecryptResponse>

asymmetricSign(AsymmetricSignRequest request)

public final AsymmetricSignResponse asymmetricSign(AsymmetricSignRequest request)

Signs data using a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from GetPublicKey.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   AsymmetricSignRequest request =
       AsymmetricSignRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setDigest(Digest.newBuilder().build())
           .setDigestCrc32C(Int64Value.newBuilder().build())
           .setData(ByteString.EMPTY)
           .setDataCrc32C(Int64Value.newBuilder().build())
           .build();
   AsymmetricSignResponse response = keyManagementServiceClient.asymmetricSign(request);
 }
 
Parameter
NameDescription
requestAsymmetricSignRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
AsymmetricSignResponse

asymmetricSign(CryptoKeyVersionName name, Digest digest)

public final AsymmetricSignResponse asymmetricSign(CryptoKeyVersionName name, Digest digest)

Signs data using a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from GetPublicKey.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyVersionName name =
       CryptoKeyVersionName.of(
           "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
   Digest digest = Digest.newBuilder().build();
   AsymmetricSignResponse response = keyManagementServiceClient.asymmetricSign(name, digest);
 }
 
Parameters
NameDescription
nameCryptoKeyVersionName

Required. The resource name of the CryptoKeyVersion to use for signing.

digestDigest

Optional. The digest of the data to sign. The digest must be produced with the same digest algorithm as specified by the key version's algorithm.

This field may not be supplied if AsymmetricSignRequest.data is supplied.

Returns
TypeDescription
AsymmetricSignResponse

asymmetricSign(String name, Digest digest)

public final AsymmetricSignResponse asymmetricSign(String name, Digest digest)

Signs data using a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from GetPublicKey.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyVersionName.of(
               "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
           .toString();
   Digest digest = Digest.newBuilder().build();
   AsymmetricSignResponse response = keyManagementServiceClient.asymmetricSign(name, digest);
 }
 
Parameters
NameDescription
nameString

Required. The resource name of the CryptoKeyVersion to use for signing.

digestDigest

Optional. The digest of the data to sign. The digest must be produced with the same digest algorithm as specified by the key version's algorithm.

This field may not be supplied if AsymmetricSignRequest.data is supplied.

Returns
TypeDescription
AsymmetricSignResponse

asymmetricSignCallable()

public final UnaryCallable<AsymmetricSignRequest,AsymmetricSignResponse> asymmetricSignCallable()

Signs data using a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from GetPublicKey.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   AsymmetricSignRequest request =
       AsymmetricSignRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setDigest(Digest.newBuilder().build())
           .setDigestCrc32C(Int64Value.newBuilder().build())
           .setData(ByteString.EMPTY)
           .setDataCrc32C(Int64Value.newBuilder().build())
           .build();
   ApiFuture<AsymmetricSignResponse> future =
       keyManagementServiceClient.asymmetricSignCallable().futureCall(request);
   // Do something.
   AsymmetricSignResponse response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<AsymmetricSignRequest,AsymmetricSignResponse>

awaitTermination(long duration, TimeUnit unit)

public boolean awaitTermination(long duration, TimeUnit unit)
Parameters
NameDescription
durationlong
unitTimeUnit
Returns
TypeDescription
boolean
Exceptions
TypeDescription
InterruptedException

close()

public final void close()

createCryptoKey(CreateCryptoKeyRequest request)

public final CryptoKey createCryptoKey(CreateCryptoKeyRequest request)

Create a new CryptoKey within a KeyRing.

CryptoKey.purpose and CryptoKey.version_template.algorithm are required.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CreateCryptoKeyRequest request =
       CreateCryptoKeyRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setCryptoKeyId("cryptoKeyId-1643185255")
           .setCryptoKey(CryptoKey.newBuilder().build())
           .setSkipInitialVersionCreation(true)
           .build();
   CryptoKey response = keyManagementServiceClient.createCryptoKey(request);
 }
 
Parameter
NameDescription
requestCreateCryptoKeyRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
CryptoKey

createCryptoKey(KeyRingName parent, String cryptoKeyId, CryptoKey cryptoKey)

public final CryptoKey createCryptoKey(KeyRingName parent, String cryptoKeyId, CryptoKey cryptoKey)

Create a new CryptoKey within a KeyRing.

CryptoKey.purpose and CryptoKey.version_template.algorithm are required.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   KeyRingName parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   String cryptoKeyId = "cryptoKeyId-1643185255";
   CryptoKey cryptoKey = CryptoKey.newBuilder().build();
   CryptoKey response =
       keyManagementServiceClient.createCryptoKey(parent, cryptoKeyId, cryptoKey);
 }
 
Parameters
NameDescription
parentKeyRingName

Required. The name of the KeyRing associated with the CryptoKeys.

cryptoKeyIdString

Required. It must be unique within a KeyRing and match the regular expression [a-zA-Z0-9_-]{1,63}

cryptoKeyCryptoKey

Required. A CryptoKey with initial field values.

Returns
TypeDescription
CryptoKey

createCryptoKey(String parent, String cryptoKeyId, CryptoKey cryptoKey)

public final CryptoKey createCryptoKey(String parent, String cryptoKeyId, CryptoKey cryptoKey)

Create a new CryptoKey within a KeyRing.

CryptoKey.purpose and CryptoKey.version_template.algorithm are required.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString();
   String cryptoKeyId = "cryptoKeyId-1643185255";
   CryptoKey cryptoKey = CryptoKey.newBuilder().build();
   CryptoKey response =
       keyManagementServiceClient.createCryptoKey(parent, cryptoKeyId, cryptoKey);
 }
 
Parameters
NameDescription
parentString

Required. The name of the KeyRing associated with the CryptoKeys.

cryptoKeyIdString

Required. It must be unique within a KeyRing and match the regular expression [a-zA-Z0-9_-]{1,63}

cryptoKeyCryptoKey

Required. A CryptoKey with initial field values.

Returns
TypeDescription
CryptoKey

createCryptoKeyCallable()

public final UnaryCallable<CreateCryptoKeyRequest,CryptoKey> createCryptoKeyCallable()

Create a new CryptoKey within a KeyRing.

CryptoKey.purpose and CryptoKey.version_template.algorithm are required.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CreateCryptoKeyRequest request =
       CreateCryptoKeyRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setCryptoKeyId("cryptoKeyId-1643185255")
           .setCryptoKey(CryptoKey.newBuilder().build())
           .setSkipInitialVersionCreation(true)
           .build();
   ApiFuture<CryptoKey> future =
       keyManagementServiceClient.createCryptoKeyCallable().futureCall(request);
   // Do something.
   CryptoKey response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<CreateCryptoKeyRequest,CryptoKey>

createCryptoKeyVersion(CreateCryptoKeyVersionRequest request)

public final CryptoKeyVersion createCryptoKeyVersion(CreateCryptoKeyVersionRequest request)

Create a new CryptoKeyVersion in a CryptoKey.

The server will assign the next sequential id. If unset, state will be set to ENABLED.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CreateCryptoKeyVersionRequest request =
       CreateCryptoKeyVersionRequest.newBuilder()
           .setParent(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setCryptoKeyVersion(CryptoKeyVersion.newBuilder().build())
           .build();
   CryptoKeyVersion response = keyManagementServiceClient.createCryptoKeyVersion(request);
 }
 
Parameter
NameDescription
requestCreateCryptoKeyVersionRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
CryptoKeyVersion

createCryptoKeyVersion(CryptoKeyName parent, CryptoKeyVersion cryptoKeyVersion)

public final CryptoKeyVersion createCryptoKeyVersion(CryptoKeyName parent, CryptoKeyVersion cryptoKeyVersion)

Create a new CryptoKeyVersion in a CryptoKey.

The server will assign the next sequential id. If unset, state will be set to ENABLED.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyName parent =
       CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
   CryptoKeyVersion cryptoKeyVersion = CryptoKeyVersion.newBuilder().build();
   CryptoKeyVersion response =
       keyManagementServiceClient.createCryptoKeyVersion(parent, cryptoKeyVersion);
 }
 
Parameters
NameDescription
parentCryptoKeyName

Required. The name of the CryptoKey associated with the CryptoKeyVersions.

cryptoKeyVersionCryptoKeyVersion

Required. A CryptoKeyVersion with initial field values.

Returns
TypeDescription
CryptoKeyVersion

createCryptoKeyVersion(String parent, CryptoKeyVersion cryptoKeyVersion)

public final CryptoKeyVersion createCryptoKeyVersion(String parent, CryptoKeyVersion cryptoKeyVersion)

Create a new CryptoKeyVersion in a CryptoKey.

The server will assign the next sequential id. If unset, state will be set to ENABLED.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String parent =
       CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]").toString();
   CryptoKeyVersion cryptoKeyVersion = CryptoKeyVersion.newBuilder().build();
   CryptoKeyVersion response =
       keyManagementServiceClient.createCryptoKeyVersion(parent, cryptoKeyVersion);
 }
 
Parameters
NameDescription
parentString

Required. The name of the CryptoKey associated with the CryptoKeyVersions.

cryptoKeyVersionCryptoKeyVersion

Required. A CryptoKeyVersion with initial field values.

Returns
TypeDescription
CryptoKeyVersion

createCryptoKeyVersionCallable()

public final UnaryCallable<CreateCryptoKeyVersionRequest,CryptoKeyVersion> createCryptoKeyVersionCallable()

Create a new CryptoKeyVersion in a CryptoKey.

The server will assign the next sequential id. If unset, state will be set to ENABLED.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CreateCryptoKeyVersionRequest request =
       CreateCryptoKeyVersionRequest.newBuilder()
           .setParent(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setCryptoKeyVersion(CryptoKeyVersion.newBuilder().build())
           .build();
   ApiFuture<CryptoKeyVersion> future =
       keyManagementServiceClient.createCryptoKeyVersionCallable().futureCall(request);
   // Do something.
   CryptoKeyVersion response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<CreateCryptoKeyVersionRequest,CryptoKeyVersion>

createImportJob(CreateImportJobRequest request)

public final ImportJob createImportJob(CreateImportJobRequest request)

Create a new ImportJob within a KeyRing.

ImportJob.import_method is required.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CreateImportJobRequest request =
       CreateImportJobRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setImportJobId("importJobId1449444627")
           .setImportJob(ImportJob.newBuilder().build())
           .build();
   ImportJob response = keyManagementServiceClient.createImportJob(request);
 }
 
Parameter
NameDescription
requestCreateImportJobRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
ImportJob

createImportJob(KeyRingName parent, String importJobId, ImportJob importJob)

public final ImportJob createImportJob(KeyRingName parent, String importJobId, ImportJob importJob)

Create a new ImportJob within a KeyRing.

ImportJob.import_method is required.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   KeyRingName parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   String importJobId = "importJobId1449444627";
   ImportJob importJob = ImportJob.newBuilder().build();
   ImportJob response =
       keyManagementServiceClient.createImportJob(parent, importJobId, importJob);
 }
 
Parameters
NameDescription
parentKeyRingName

Required. The name of the KeyRing associated with the ImportJobs.

importJobIdString

Required. It must be unique within a KeyRing and match the regular expression [a-zA-Z0-9_-]{1,63}

importJobImportJob

Required. An ImportJob with initial field values.

Returns
TypeDescription
ImportJob

createImportJob(String parent, String importJobId, ImportJob importJob)

public final ImportJob createImportJob(String parent, String importJobId, ImportJob importJob)

Create a new ImportJob within a KeyRing.

ImportJob.import_method is required.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString();
   String importJobId = "importJobId1449444627";
   ImportJob importJob = ImportJob.newBuilder().build();
   ImportJob response =
       keyManagementServiceClient.createImportJob(parent, importJobId, importJob);
 }
 
Parameters
NameDescription
parentString

Required. The name of the KeyRing associated with the ImportJobs.

importJobIdString

Required. It must be unique within a KeyRing and match the regular expression [a-zA-Z0-9_-]{1,63}

importJobImportJob

Required. An ImportJob with initial field values.

Returns
TypeDescription
ImportJob

createImportJobCallable()

public final UnaryCallable<CreateImportJobRequest,ImportJob> createImportJobCallable()

Create a new ImportJob within a KeyRing.

ImportJob.import_method is required.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CreateImportJobRequest request =
       CreateImportJobRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setImportJobId("importJobId1449444627")
           .setImportJob(ImportJob.newBuilder().build())
           .build();
   ApiFuture<ImportJob> future =
       keyManagementServiceClient.createImportJobCallable().futureCall(request);
   // Do something.
   ImportJob response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<CreateImportJobRequest,ImportJob>

createKeyRing(CreateKeyRingRequest request)

public final KeyRing createKeyRing(CreateKeyRingRequest request)

Create a new KeyRing in a given Project and Location.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CreateKeyRingRequest request =
       CreateKeyRingRequest.newBuilder()
           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
           .setKeyRingId("keyRingId-2027180374")
           .setKeyRing(KeyRing.newBuilder().build())
           .build();
   KeyRing response = keyManagementServiceClient.createKeyRing(request);
 }
 
Parameter
NameDescription
requestCreateKeyRingRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
KeyRing

createKeyRing(LocationName parent, String keyRingId, KeyRing keyRing)

public final KeyRing createKeyRing(LocationName parent, String keyRingId, KeyRing keyRing)

Create a new KeyRing in a given Project and Location.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
   String keyRingId = "keyRingId-2027180374";
   KeyRing keyRing = KeyRing.newBuilder().build();
   KeyRing response = keyManagementServiceClient.createKeyRing(parent, keyRingId, keyRing);
 }
 
Parameters
NameDescription
parentLocationName

Required. The resource name of the location associated with the KeyRings, in the format projects/*/locations/*.

keyRingIdString

Required. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}

keyRingKeyRing

Required. A KeyRing with initial field values.

Returns
TypeDescription
KeyRing

createKeyRing(String parent, String keyRingId, KeyRing keyRing)

public final KeyRing createKeyRing(String parent, String keyRingId, KeyRing keyRing)

Create a new KeyRing in a given Project and Location.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
   String keyRingId = "keyRingId-2027180374";
   KeyRing keyRing = KeyRing.newBuilder().build();
   KeyRing response = keyManagementServiceClient.createKeyRing(parent, keyRingId, keyRing);
 }
 
Parameters
NameDescription
parentString

Required. The resource name of the location associated with the KeyRings, in the format projects/*/locations/*.

keyRingIdString

Required. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}

keyRingKeyRing

Required. A KeyRing with initial field values.

Returns
TypeDescription
KeyRing

createKeyRingCallable()

public final UnaryCallable<CreateKeyRingRequest,KeyRing> createKeyRingCallable()

Create a new KeyRing in a given Project and Location.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CreateKeyRingRequest request =
       CreateKeyRingRequest.newBuilder()
           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
           .setKeyRingId("keyRingId-2027180374")
           .setKeyRing(KeyRing.newBuilder().build())
           .build();
   ApiFuture<KeyRing> future =
       keyManagementServiceClient.createKeyRingCallable().futureCall(request);
   // Do something.
   KeyRing response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<CreateKeyRingRequest,KeyRing>

decrypt(CryptoKeyName name, ByteString ciphertext)

public final DecryptResponse decrypt(CryptoKeyName name, ByteString ciphertext)

Decrypts data that was protected by Encrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyName name =
       CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
   ByteString ciphertext = ByteString.EMPTY;
   DecryptResponse response = keyManagementServiceClient.decrypt(name, ciphertext);
 }
 
Parameters
NameDescription
nameCryptoKeyName

Required. The resource name of the CryptoKey to use for decryption. The server will choose the appropriate version.

ciphertextByteString

Required. The encrypted data originally returned in EncryptResponse.ciphertext.

Returns
TypeDescription
DecryptResponse

decrypt(DecryptRequest request)

public final DecryptResponse decrypt(DecryptRequest request)

Decrypts data that was protected by Encrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   DecryptRequest request =
       DecryptRequest.newBuilder()
           .setName(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setCiphertext(ByteString.EMPTY)
           .setAdditionalAuthenticatedData(ByteString.EMPTY)
           .setCiphertextCrc32C(Int64Value.newBuilder().build())
           .setAdditionalAuthenticatedDataCrc32C(Int64Value.newBuilder().build())
           .build();
   DecryptResponse response = keyManagementServiceClient.decrypt(request);
 }
 
Parameter
NameDescription
requestDecryptRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
DecryptResponse

decrypt(String name, ByteString ciphertext)

public final DecryptResponse decrypt(String name, ByteString ciphertext)

Decrypts data that was protected by Encrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]").toString();
   ByteString ciphertext = ByteString.EMPTY;
   DecryptResponse response = keyManagementServiceClient.decrypt(name, ciphertext);
 }
 
Parameters
NameDescription
nameString

Required. The resource name of the CryptoKey to use for decryption. The server will choose the appropriate version.

ciphertextByteString

Required. The encrypted data originally returned in EncryptResponse.ciphertext.

Returns
TypeDescription
DecryptResponse

decryptCallable()

public final UnaryCallable<DecryptRequest,DecryptResponse> decryptCallable()

Decrypts data that was protected by Encrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   DecryptRequest request =
       DecryptRequest.newBuilder()
           .setName(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setCiphertext(ByteString.EMPTY)
           .setAdditionalAuthenticatedData(ByteString.EMPTY)
           .setCiphertextCrc32C(Int64Value.newBuilder().build())
           .setAdditionalAuthenticatedDataCrc32C(Int64Value.newBuilder().build())
           .build();
   ApiFuture<DecryptResponse> future =
       keyManagementServiceClient.decryptCallable().futureCall(request);
   // Do something.
   DecryptResponse response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<DecryptRequest,DecryptResponse>

destroyCryptoKeyVersion(CryptoKeyVersionName name)

public final CryptoKeyVersion destroyCryptoKeyVersion(CryptoKeyVersionName name)

Schedule a CryptoKeyVersion for destruction.

Upon calling this method, CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and destroy_time will be set to the time destroy_scheduled_duration in the future. At that time, the state will automatically change to DESTROYED, and the key material will be irrevocably destroyed.

Before the destroy_time is reached, RestoreCryptoKeyVersion may be called to reverse the process.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyVersionName name =
       CryptoKeyVersionName.of(
           "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
   CryptoKeyVersion response = keyManagementServiceClient.destroyCryptoKeyVersion(name);
 }
 
Parameter
NameDescription
nameCryptoKeyVersionName

Required. The resource name of the CryptoKeyVersion to destroy.

Returns
TypeDescription
CryptoKeyVersion

destroyCryptoKeyVersion(DestroyCryptoKeyVersionRequest request)

public final CryptoKeyVersion destroyCryptoKeyVersion(DestroyCryptoKeyVersionRequest request)

Schedule a CryptoKeyVersion for destruction.

Upon calling this method, CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and destroy_time will be set to the time destroy_scheduled_duration in the future. At that time, the state will automatically change to DESTROYED, and the key material will be irrevocably destroyed.

Before the destroy_time is reached, RestoreCryptoKeyVersion may be called to reverse the process.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   DestroyCryptoKeyVersionRequest request =
       DestroyCryptoKeyVersionRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .build();
   CryptoKeyVersion response = keyManagementServiceClient.destroyCryptoKeyVersion(request);
 }
 
Parameter
NameDescription
requestDestroyCryptoKeyVersionRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
CryptoKeyVersion

destroyCryptoKeyVersion(String name)

public final CryptoKeyVersion destroyCryptoKeyVersion(String name)

Schedule a CryptoKeyVersion for destruction.

Upon calling this method, CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and destroy_time will be set to the time destroy_scheduled_duration in the future. At that time, the state will automatically change to DESTROYED, and the key material will be irrevocably destroyed.

Before the destroy_time is reached, RestoreCryptoKeyVersion may be called to reverse the process.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyVersionName.of(
               "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
           .toString();
   CryptoKeyVersion response = keyManagementServiceClient.destroyCryptoKeyVersion(name);
 }
 
Parameter
NameDescription
nameString

Required. The resource name of the CryptoKeyVersion to destroy.

Returns
TypeDescription
CryptoKeyVersion

destroyCryptoKeyVersionCallable()

public final UnaryCallable<DestroyCryptoKeyVersionRequest,CryptoKeyVersion> destroyCryptoKeyVersionCallable()

Schedule a CryptoKeyVersion for destruction.

Upon calling this method, CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and destroy_time will be set to the time destroy_scheduled_duration in the future. At that time, the state will automatically change to DESTROYED, and the key material will be irrevocably destroyed.

Before the destroy_time is reached, RestoreCryptoKeyVersion may be called to reverse the process.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   DestroyCryptoKeyVersionRequest request =
       DestroyCryptoKeyVersionRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .build();
   ApiFuture<CryptoKeyVersion> future =
       keyManagementServiceClient.destroyCryptoKeyVersionCallable().futureCall(request);
   // Do something.
   CryptoKeyVersion response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<DestroyCryptoKeyVersionRequest,CryptoKeyVersion>

encrypt(ResourceName name, ByteString plaintext)

public final EncryptResponse encrypt(ResourceName name, ByteString plaintext)

Encrypts data, so that it can only be recovered by a call to Decrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ResourceName name = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
   ByteString plaintext = ByteString.EMPTY;
   EncryptResponse response = keyManagementServiceClient.encrypt(name, plaintext);
 }
 
Parameters
NameDescription
namecom.google.api.resourcenames.ResourceName

Required. The resource name of the CryptoKey or CryptoKeyVersion to use for encryption.

If a CryptoKey is specified, the server will use its primary version.

plaintextByteString

Required. The data to encrypt. Must be no larger than 64KiB.

The maximum size depends on the key version's protection_level. For SOFTWARE keys, the plaintext must be no larger than 64KiB. For HSM keys, the combined length of the plaintext and additional_authenticated_data fields must be no larger than 8KiB.

Returns
TypeDescription
EncryptResponse

encrypt(CryptoKeyPathName name, ByteString plaintext)

public final EncryptResponse encrypt(CryptoKeyPathName name, ByteString plaintext)

Encrypts data, so that it can only be recovered by a call to Decrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Sample code:


 try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
   CryptoKeyPathName name = CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
   ByteString plaintext = ByteString.copyFromUtf8("");
   EncryptResponse response = keyManagementServiceClient.encrypt(name, plaintext);
 }
 
Parameters
NameDescription
nameCryptoKeyPathName

Required. The resource name of the CryptoKey or CryptoKeyVersion to use for encryption.

If a CryptoKey is specified, the server will use its primary version.

plaintextByteString

Required. The data to encrypt. Must be no larger than 64KiB.

The maximum size depends on the key version's protection_level. For SOFTWARE keys, the plaintext must be no larger than 64KiB. For HSM keys, the combined length of the plaintext and additional_authenticated_data fields must be no larger than 8KiB.

Returns
TypeDescription
EncryptResponse

encrypt(EncryptRequest request)

public final EncryptResponse encrypt(EncryptRequest request)

Encrypts data, so that it can only be recovered by a call to Decrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   EncryptRequest request =
       EncryptRequest.newBuilder()
           .setName(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setPlaintext(ByteString.EMPTY)
           .setAdditionalAuthenticatedData(ByteString.EMPTY)
           .setPlaintextCrc32C(Int64Value.newBuilder().build())
           .setAdditionalAuthenticatedDataCrc32C(Int64Value.newBuilder().build())
           .build();
   EncryptResponse response = keyManagementServiceClient.encrypt(request);
 }
 
Parameter
NameDescription
requestEncryptRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
EncryptResponse

encrypt(String name, ByteString plaintext)

public final EncryptResponse encrypt(String name, ByteString plaintext)

Encrypts data, so that it can only be recovered by a call to Decrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]").toString();
   ByteString plaintext = ByteString.EMPTY;
   EncryptResponse response = keyManagementServiceClient.encrypt(name, plaintext);
 }
 
Parameters
NameDescription
nameString

Required. The resource name of the CryptoKey or CryptoKeyVersion to use for encryption.

If a CryptoKey is specified, the server will use its primary version.

plaintextByteString

Required. The data to encrypt. Must be no larger than 64KiB.

The maximum size depends on the key version's protection_level. For SOFTWARE keys, the plaintext must be no larger than 64KiB. For HSM keys, the combined length of the plaintext and additional_authenticated_data fields must be no larger than 8KiB.

Returns
TypeDescription
EncryptResponse

encryptCallable()

public final UnaryCallable<EncryptRequest,EncryptResponse> encryptCallable()

Encrypts data, so that it can only be recovered by a call to Decrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   EncryptRequest request =
       EncryptRequest.newBuilder()
           .setName(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setPlaintext(ByteString.EMPTY)
           .setAdditionalAuthenticatedData(ByteString.EMPTY)
           .setPlaintextCrc32C(Int64Value.newBuilder().build())
           .setAdditionalAuthenticatedDataCrc32C(Int64Value.newBuilder().build())
           .build();
   ApiFuture<EncryptResponse> future =
       keyManagementServiceClient.encryptCallable().futureCall(request);
   // Do something.
   EncryptResponse response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<EncryptRequest,EncryptResponse>

generateRandomBytes(GenerateRandomBytesRequest request)

public final GenerateRandomBytesResponse generateRandomBytes(GenerateRandomBytesRequest request)

Generate random bytes using the Cloud KMS randomness source in the provided location.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GenerateRandomBytesRequest request =
       GenerateRandomBytesRequest.newBuilder()
           .setLocation("location1901043637")
           .setLengthBytes(-745661998)
           .setProtectionLevel(ProtectionLevel.forNumber(0))
           .build();
   GenerateRandomBytesResponse response =
       keyManagementServiceClient.generateRandomBytes(request);
 }
 
Parameter
NameDescription
requestGenerateRandomBytesRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
GenerateRandomBytesResponse

generateRandomBytes(String location, int lengthBytes, ProtectionLevel protectionLevel)

public final GenerateRandomBytesResponse generateRandomBytes(String location, int lengthBytes, ProtectionLevel protectionLevel)

Generate random bytes using the Cloud KMS randomness source in the provided location.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String location = "location1901043637";
   int lengthBytes = -745661998;
   ProtectionLevel protectionLevel = ProtectionLevel.forNumber(0);
   GenerateRandomBytesResponse response =
       keyManagementServiceClient.generateRandomBytes(location, lengthBytes, protectionLevel);
 }
 
Parameters
NameDescription
locationString

The project-specific location in which to generate random bytes. For example, "projects/my-project/locations/us-central1".

lengthBytesint

The length in bytes of the amount of randomness to retrieve. Minimum 8 bytes, maximum 1024 bytes.

protectionLevelProtectionLevel

The ProtectionLevel to use when generating the random data. Currently, only HSM protection level is supported.

Returns
TypeDescription
GenerateRandomBytesResponse

generateRandomBytesCallable()

public final UnaryCallable<GenerateRandomBytesRequest,GenerateRandomBytesResponse> generateRandomBytesCallable()

Generate random bytes using the Cloud KMS randomness source in the provided location.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GenerateRandomBytesRequest request =
       GenerateRandomBytesRequest.newBuilder()
           .setLocation("location1901043637")
           .setLengthBytes(-745661998)
           .setProtectionLevel(ProtectionLevel.forNumber(0))
           .build();
   ApiFuture<GenerateRandomBytesResponse> future =
       keyManagementServiceClient.generateRandomBytesCallable().futureCall(request);
   // Do something.
   GenerateRandomBytesResponse response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<GenerateRandomBytesRequest,GenerateRandomBytesResponse>

getCryptoKey(CryptoKeyName name)

public final CryptoKey getCryptoKey(CryptoKeyName name)

Returns metadata for a given CryptoKey, as well as its primary CryptoKeyVersion.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyName name =
       CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
   CryptoKey response = keyManagementServiceClient.getCryptoKey(name);
 }
 
Parameter
NameDescription
nameCryptoKeyName

Required. The name of the CryptoKey to get.

Returns
TypeDescription
CryptoKey

getCryptoKey(GetCryptoKeyRequest request)

public final CryptoKey getCryptoKey(GetCryptoKeyRequest request)

Returns metadata for a given CryptoKey, as well as its primary CryptoKeyVersion.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetCryptoKeyRequest request =
       GetCryptoKeyRequest.newBuilder()
           .setName(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .build();
   CryptoKey response = keyManagementServiceClient.getCryptoKey(request);
 }
 
Parameter
NameDescription
requestGetCryptoKeyRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
CryptoKey

getCryptoKey(String name)

public final CryptoKey getCryptoKey(String name)

Returns metadata for a given CryptoKey, as well as its primary CryptoKeyVersion.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]").toString();
   CryptoKey response = keyManagementServiceClient.getCryptoKey(name);
 }
 
Parameter
NameDescription
nameString

Required. The name of the CryptoKey to get.

Returns
TypeDescription
CryptoKey

getCryptoKeyCallable()

public final UnaryCallable<GetCryptoKeyRequest,CryptoKey> getCryptoKeyCallable()

Returns metadata for a given CryptoKey, as well as its primary CryptoKeyVersion.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetCryptoKeyRequest request =
       GetCryptoKeyRequest.newBuilder()
           .setName(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .build();
   ApiFuture<CryptoKey> future =
       keyManagementServiceClient.getCryptoKeyCallable().futureCall(request);
   // Do something.
   CryptoKey response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<GetCryptoKeyRequest,CryptoKey>

getCryptoKeyVersion(CryptoKeyVersionName name)

public final CryptoKeyVersion getCryptoKeyVersion(CryptoKeyVersionName name)

Returns metadata for a given CryptoKeyVersion.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyVersionName name =
       CryptoKeyVersionName.of(
           "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
   CryptoKeyVersion response = keyManagementServiceClient.getCryptoKeyVersion(name);
 }
 
Parameter
NameDescription
nameCryptoKeyVersionName

Required. The name of the CryptoKeyVersion to get.

Returns
TypeDescription
CryptoKeyVersion

getCryptoKeyVersion(GetCryptoKeyVersionRequest request)

public final CryptoKeyVersion getCryptoKeyVersion(GetCryptoKeyVersionRequest request)

Returns metadata for a given CryptoKeyVersion.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetCryptoKeyVersionRequest request =
       GetCryptoKeyVersionRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .build();
   CryptoKeyVersion response = keyManagementServiceClient.getCryptoKeyVersion(request);
 }
 
Parameter
NameDescription
requestGetCryptoKeyVersionRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
CryptoKeyVersion

getCryptoKeyVersion(String name)

public final CryptoKeyVersion getCryptoKeyVersion(String name)

Returns metadata for a given CryptoKeyVersion.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyVersionName.of(
               "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
           .toString();
   CryptoKeyVersion response = keyManagementServiceClient.getCryptoKeyVersion(name);
 }
 
Parameter
NameDescription
nameString

Required. The name of the CryptoKeyVersion to get.

Returns
TypeDescription
CryptoKeyVersion

getCryptoKeyVersionCallable()

public final UnaryCallable<GetCryptoKeyVersionRequest,CryptoKeyVersion> getCryptoKeyVersionCallable()

Returns metadata for a given CryptoKeyVersion.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetCryptoKeyVersionRequest request =
       GetCryptoKeyVersionRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .build();
   ApiFuture<CryptoKeyVersion> future =
       keyManagementServiceClient.getCryptoKeyVersionCallable().futureCall(request);
   // Do something.
   CryptoKeyVersion response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<GetCryptoKeyVersionRequest,CryptoKeyVersion>

getIamPolicy(KeyName resource)

public final Policy getIamPolicy(KeyName resource)

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

Sample code:


 try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
   KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   Policy response = keyManagementServiceClient.getIamPolicy(resource);
 }
 
Parameter
NameDescription
resourceKeyName

REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.

Returns
TypeDescription
com.google.iam.v1.Policy

getIamPolicy(GetIamPolicyRequest request)

public final Policy getIamPolicy(GetIamPolicyRequest request)

Gets the access control policy for a resource. Returns an empty policyif the resource exists and does not have a policy set.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetIamPolicyRequest request =
       GetIamPolicyRequest.newBuilder()
           .setResource(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setOptions(GetPolicyOptions.newBuilder().build())
           .build();
   Policy response = keyManagementServiceClient.getIamPolicy(request);
 }
 
Parameter
NameDescription
requestcom.google.iam.v1.GetIamPolicyRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
com.google.iam.v1.Policy

getIamPolicy(String resource)

public final Policy getIamPolicy(String resource)

Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.

Sample code:


 try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
   KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   Policy response = keyManagementServiceClient.getIamPolicy(resource.toString());
 }
 
Parameter
NameDescription
resourceString

REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field.

Returns
TypeDescription
com.google.iam.v1.Policy

getIamPolicyCallable()

public final UnaryCallable<GetIamPolicyRequest,Policy> getIamPolicyCallable()

Gets the access control policy for a resource. Returns an empty policyif the resource exists and does not have a policy set.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetIamPolicyRequest request =
       GetIamPolicyRequest.newBuilder()
           .setResource(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setOptions(GetPolicyOptions.newBuilder().build())
           .build();
   ApiFuture<Policy> future =
       keyManagementServiceClient.getIamPolicyCallable().futureCall(request);
   // Do something.
   Policy response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<com.google.iam.v1.GetIamPolicyRequest,com.google.iam.v1.Policy>

getImportJob(GetImportJobRequest request)

public final ImportJob getImportJob(GetImportJobRequest request)

Returns metadata for a given ImportJob.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetImportJobRequest request =
       GetImportJobRequest.newBuilder()
           .setName(
               ImportJobName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[IMPORT_JOB]")
                   .toString())
           .build();
   ImportJob response = keyManagementServiceClient.getImportJob(request);
 }
 
Parameter
NameDescription
requestGetImportJobRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
ImportJob

getImportJob(ImportJobName name)

public final ImportJob getImportJob(ImportJobName name)

Returns metadata for a given ImportJob.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ImportJobName name =
       ImportJobName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[IMPORT_JOB]");
   ImportJob response = keyManagementServiceClient.getImportJob(name);
 }
 
Parameter
NameDescription
nameImportJobName

Required. The name of the ImportJob to get.

Returns
TypeDescription
ImportJob

getImportJob(String name)

public final ImportJob getImportJob(String name)

Returns metadata for a given ImportJob.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       ImportJobName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[IMPORT_JOB]").toString();
   ImportJob response = keyManagementServiceClient.getImportJob(name);
 }
 
Parameter
NameDescription
nameString

Required. The name of the ImportJob to get.

Returns
TypeDescription
ImportJob

getImportJobCallable()

public final UnaryCallable<GetImportJobRequest,ImportJob> getImportJobCallable()

Returns metadata for a given ImportJob.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetImportJobRequest request =
       GetImportJobRequest.newBuilder()
           .setName(
               ImportJobName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[IMPORT_JOB]")
                   .toString())
           .build();
   ApiFuture<ImportJob> future =
       keyManagementServiceClient.getImportJobCallable().futureCall(request);
   // Do something.
   ImportJob response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<GetImportJobRequest,ImportJob>

getKeyRing(GetKeyRingRequest request)

public final KeyRing getKeyRing(GetKeyRingRequest request)

Returns metadata for a given KeyRing.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetKeyRingRequest request =
       GetKeyRingRequest.newBuilder()
           .setName(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .build();
   KeyRing response = keyManagementServiceClient.getKeyRing(request);
 }
 
Parameter
NameDescription
requestGetKeyRingRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
KeyRing

getKeyRing(KeyRingName name)

public final KeyRing getKeyRing(KeyRingName name)

Returns metadata for a given KeyRing.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   KeyRingName name = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   KeyRing response = keyManagementServiceClient.getKeyRing(name);
 }
 
Parameter
NameDescription
nameKeyRingName

Required. The name of the KeyRing to get.

Returns
TypeDescription
KeyRing

getKeyRing(String name)

public final KeyRing getKeyRing(String name)

Returns metadata for a given KeyRing.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString();
   KeyRing response = keyManagementServiceClient.getKeyRing(name);
 }
 
Parameter
NameDescription
nameString

Required. The name of the KeyRing to get.

Returns
TypeDescription
KeyRing

getKeyRingCallable()

public final UnaryCallable<GetKeyRingRequest,KeyRing> getKeyRingCallable()

Returns metadata for a given KeyRing.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetKeyRingRequest request =
       GetKeyRingRequest.newBuilder()
           .setName(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .build();
   ApiFuture<KeyRing> future =
       keyManagementServiceClient.getKeyRingCallable().futureCall(request);
   // Do something.
   KeyRing response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<GetKeyRingRequest,KeyRing>

getPublicKey(CryptoKeyVersionName name)

public final PublicKey getPublicKey(CryptoKeyVersionName name)

Returns the public key for the given CryptoKeyVersion. The CryptoKey.purpose must be ASYMMETRIC_SIGN or ASYMMETRIC_DECRYPT.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyVersionName name =
       CryptoKeyVersionName.of(
           "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
   PublicKey response = keyManagementServiceClient.getPublicKey(name);
 }
 
Parameter
NameDescription
nameCryptoKeyVersionName

Required. The name of the CryptoKeyVersion public key to get.

Returns
TypeDescription
PublicKey

getPublicKey(GetPublicKeyRequest request)

public final PublicKey getPublicKey(GetPublicKeyRequest request)

Returns the public key for the given CryptoKeyVersion. The CryptoKey.purpose must be ASYMMETRIC_SIGN or ASYMMETRIC_DECRYPT.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetPublicKeyRequest request =
       GetPublicKeyRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .build();
   PublicKey response = keyManagementServiceClient.getPublicKey(request);
 }
 
Parameter
NameDescription
requestGetPublicKeyRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
PublicKey

getPublicKey(String name)

public final PublicKey getPublicKey(String name)

Returns the public key for the given CryptoKeyVersion. The CryptoKey.purpose must be ASYMMETRIC_SIGN or ASYMMETRIC_DECRYPT.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyVersionName.of(
               "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
           .toString();
   PublicKey response = keyManagementServiceClient.getPublicKey(name);
 }
 
Parameter
NameDescription
nameString

Required. The name of the CryptoKeyVersion public key to get.

Returns
TypeDescription
PublicKey

getPublicKeyCallable()

public final UnaryCallable<GetPublicKeyRequest,PublicKey> getPublicKeyCallable()

Returns the public key for the given CryptoKeyVersion. The CryptoKey.purpose must be ASYMMETRIC_SIGN or ASYMMETRIC_DECRYPT.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   GetPublicKeyRequest request =
       GetPublicKeyRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .build();
   ApiFuture<PublicKey> future =
       keyManagementServiceClient.getPublicKeyCallable().futureCall(request);
   // Do something.
   PublicKey response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<GetPublicKeyRequest,PublicKey>

getSettings()

public final KeyManagementServiceSettings getSettings()
Returns
TypeDescription
KeyManagementServiceSettings

getStub()

public KeyManagementServiceStub getStub()
Returns
TypeDescription
KeyManagementServiceStub

importCryptoKeyVersion(ImportCryptoKeyVersionRequest request)

public final CryptoKeyVersion importCryptoKeyVersion(ImportCryptoKeyVersionRequest request)

Import wrapped key material into a CryptoKeyVersion.

All requests must specify a CryptoKey. If a CryptoKeyVersion is additionally specified in the request, key material will be reimported into that version. Otherwise, a new version will be created, and will be assigned the next sequential id within the CryptoKey.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ImportCryptoKeyVersionRequest request =
       ImportCryptoKeyVersionRequest.newBuilder()
           .setParent(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setCryptoKeyVersion(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setImportJob("importJob-208547368")
           .build();
   CryptoKeyVersion response = keyManagementServiceClient.importCryptoKeyVersion(request);
 }
 
Parameter
NameDescription
requestImportCryptoKeyVersionRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
CryptoKeyVersion

importCryptoKeyVersionCallable()

public final UnaryCallable<ImportCryptoKeyVersionRequest,CryptoKeyVersion> importCryptoKeyVersionCallable()

Import wrapped key material into a CryptoKeyVersion.

All requests must specify a CryptoKey. If a CryptoKeyVersion is additionally specified in the request, key material will be reimported into that version. Otherwise, a new version will be created, and will be assigned the next sequential id within the CryptoKey.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ImportCryptoKeyVersionRequest request =
       ImportCryptoKeyVersionRequest.newBuilder()
           .setParent(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setCryptoKeyVersion(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setImportJob("importJob-208547368")
           .build();
   ApiFuture<CryptoKeyVersion> future =
       keyManagementServiceClient.importCryptoKeyVersionCallable().futureCall(request);
   // Do something.
   CryptoKeyVersion response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<ImportCryptoKeyVersionRequest,CryptoKeyVersion>

isShutdown()

public boolean isShutdown()
Returns
TypeDescription
boolean

isTerminated()

public boolean isTerminated()
Returns
TypeDescription
boolean

listCryptoKeyVersions(CryptoKeyName parent)

public final KeyManagementServiceClient.ListCryptoKeyVersionsPagedResponse listCryptoKeyVersions(CryptoKeyName parent)

Lists CryptoKeyVersions.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyName parent =
       CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]");
   for (CryptoKeyVersion element :
       keyManagementServiceClient.listCryptoKeyVersions(parent).iterateAll()) {
     // doThingsWith(element);
   }
 }
 
Parameter
NameDescription
parentCryptoKeyName

Required. The resource name of the CryptoKey to list, in the format projects/*/locations/*/keyRings/*/cryptoKeys/*.

Returns
TypeDescription
KeyManagementServiceClient.ListCryptoKeyVersionsPagedResponse

listCryptoKeyVersions(ListCryptoKeyVersionsRequest request)

public final KeyManagementServiceClient.ListCryptoKeyVersionsPagedResponse listCryptoKeyVersions(ListCryptoKeyVersionsRequest request)

Lists CryptoKeyVersions.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListCryptoKeyVersionsRequest request =
       ListCryptoKeyVersionsRequest.newBuilder()
           .setParent(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   for (CryptoKeyVersion element :
       keyManagementServiceClient.listCryptoKeyVersions(request).iterateAll()) {
     // doThingsWith(element);
   }
 }
 
Parameter
NameDescription
requestListCryptoKeyVersionsRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
KeyManagementServiceClient.ListCryptoKeyVersionsPagedResponse

listCryptoKeyVersions(String parent)

public final KeyManagementServiceClient.ListCryptoKeyVersionsPagedResponse listCryptoKeyVersions(String parent)

Lists CryptoKeyVersions.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String parent =
       CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]").toString();
   for (CryptoKeyVersion element :
       keyManagementServiceClient.listCryptoKeyVersions(parent).iterateAll()) {
     // doThingsWith(element);
   }
 }
 
Parameter
NameDescription
parentString

Required. The resource name of the CryptoKey to list, in the format projects/*/locations/*/keyRings/*/cryptoKeys/*.

Returns
TypeDescription
KeyManagementServiceClient.ListCryptoKeyVersionsPagedResponse

listCryptoKeyVersionsCallable()

public final UnaryCallable<ListCryptoKeyVersionsRequest,ListCryptoKeyVersionsResponse> listCryptoKeyVersionsCallable()

Lists CryptoKeyVersions.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListCryptoKeyVersionsRequest request =
       ListCryptoKeyVersionsRequest.newBuilder()
           .setParent(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   while (true) {
     ListCryptoKeyVersionsResponse response =
         keyManagementServiceClient.listCryptoKeyVersionsCallable().call(request);
     for (CryptoKeyVersion element : response.getCryptoKeyVersionsList()) {
       // doThingsWith(element);
     }
     String nextPageToken = response.getNextPageToken();
     if (!Strings.isNullOrEmpty(nextPageToken)) {
       request = request.toBuilder().setPageToken(nextPageToken).build();
     } else {
       break;
     }
   }
 }
 
Returns
TypeDescription
UnaryCallable<ListCryptoKeyVersionsRequest,ListCryptoKeyVersionsResponse>

listCryptoKeyVersionsPagedCallable()

public final UnaryCallable<ListCryptoKeyVersionsRequest,KeyManagementServiceClient.ListCryptoKeyVersionsPagedResponse> listCryptoKeyVersionsPagedCallable()

Lists CryptoKeyVersions.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListCryptoKeyVersionsRequest request =
       ListCryptoKeyVersionsRequest.newBuilder()
           .setParent(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   ApiFuture<CryptoKeyVersion> future =
       keyManagementServiceClient.listCryptoKeyVersionsPagedCallable().futureCall(request);
   // Do something.
   for (CryptoKeyVersion element : future.get().iterateAll()) {
     // doThingsWith(element);
   }
 }
 
Returns
TypeDescription
UnaryCallable<ListCryptoKeyVersionsRequest,ListCryptoKeyVersionsPagedResponse>

listCryptoKeys(KeyRingName parent)

public final KeyManagementServiceClient.ListCryptoKeysPagedResponse listCryptoKeys(KeyRingName parent)

Lists CryptoKeys.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   KeyRingName parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   for (CryptoKey element : keyManagementServiceClient.listCryptoKeys(parent).iterateAll()) {
     // doThingsWith(element);
   }
 }
 
Parameter
NameDescription
parentKeyRingName

Required. The resource name of the KeyRing to list, in the format projects/*/locations/*/keyRings/*.

Returns
TypeDescription
KeyManagementServiceClient.ListCryptoKeysPagedResponse

listCryptoKeys(ListCryptoKeysRequest request)

public final KeyManagementServiceClient.ListCryptoKeysPagedResponse listCryptoKeys(ListCryptoKeysRequest request)

Lists CryptoKeys.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListCryptoKeysRequest request =
       ListCryptoKeysRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   for (CryptoKey element : keyManagementServiceClient.listCryptoKeys(request).iterateAll()) {
     // doThingsWith(element);
   }
 }
 
Parameter
NameDescription
requestListCryptoKeysRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
KeyManagementServiceClient.ListCryptoKeysPagedResponse

listCryptoKeys(String parent)

public final KeyManagementServiceClient.ListCryptoKeysPagedResponse listCryptoKeys(String parent)

Lists CryptoKeys.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString();
   for (CryptoKey element : keyManagementServiceClient.listCryptoKeys(parent).iterateAll()) {
     // doThingsWith(element);
   }
 }
 
Parameter
NameDescription
parentString

Required. The resource name of the KeyRing to list, in the format projects/*/locations/*/keyRings/*.

Returns
TypeDescription
KeyManagementServiceClient.ListCryptoKeysPagedResponse

listCryptoKeysCallable()

public final UnaryCallable<ListCryptoKeysRequest,ListCryptoKeysResponse> listCryptoKeysCallable()

Lists CryptoKeys.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListCryptoKeysRequest request =
       ListCryptoKeysRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   while (true) {
     ListCryptoKeysResponse response =
         keyManagementServiceClient.listCryptoKeysCallable().call(request);
     for (CryptoKey element : response.getCryptoKeysList()) {
       // doThingsWith(element);
     }
     String nextPageToken = response.getNextPageToken();
     if (!Strings.isNullOrEmpty(nextPageToken)) {
       request = request.toBuilder().setPageToken(nextPageToken).build();
     } else {
       break;
     }
   }
 }
 
Returns
TypeDescription
UnaryCallable<ListCryptoKeysRequest,ListCryptoKeysResponse>

listCryptoKeysPagedCallable()

public final UnaryCallable<ListCryptoKeysRequest,KeyManagementServiceClient.ListCryptoKeysPagedResponse> listCryptoKeysPagedCallable()

Lists CryptoKeys.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListCryptoKeysRequest request =
       ListCryptoKeysRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   ApiFuture<CryptoKey> future =
       keyManagementServiceClient.listCryptoKeysPagedCallable().futureCall(request);
   // Do something.
   for (CryptoKey element : future.get().iterateAll()) {
     // doThingsWith(element);
   }
 }
 
Returns
TypeDescription
UnaryCallable<ListCryptoKeysRequest,ListCryptoKeysPagedResponse>

listImportJobs(KeyRingName parent)

public final KeyManagementServiceClient.ListImportJobsPagedResponse listImportJobs(KeyRingName parent)

Lists ImportJobs.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   KeyRingName parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   for (ImportJob element : keyManagementServiceClient.listImportJobs(parent).iterateAll()) {
     // doThingsWith(element);
   }
 }
 
Parameter
NameDescription
parentKeyRingName

Required. The resource name of the KeyRing to list, in the format projects/*/locations/*/keyRings/*.

Returns
TypeDescription
KeyManagementServiceClient.ListImportJobsPagedResponse

listImportJobs(ListImportJobsRequest request)

public final KeyManagementServiceClient.ListImportJobsPagedResponse listImportJobs(ListImportJobsRequest request)

Lists ImportJobs.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListImportJobsRequest request =
       ListImportJobsRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   for (ImportJob element : keyManagementServiceClient.listImportJobs(request).iterateAll()) {
     // doThingsWith(element);
   }
 }
 
Parameter
NameDescription
requestListImportJobsRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
KeyManagementServiceClient.ListImportJobsPagedResponse

listImportJobs(String parent)

public final KeyManagementServiceClient.ListImportJobsPagedResponse listImportJobs(String parent)

Lists ImportJobs.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String parent = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString();
   for (ImportJob element : keyManagementServiceClient.listImportJobs(parent).iterateAll()) {
     // doThingsWith(element);
   }
 }
 
Parameter
NameDescription
parentString

Required. The resource name of the KeyRing to list, in the format projects/*/locations/*/keyRings/*.

Returns
TypeDescription
KeyManagementServiceClient.ListImportJobsPagedResponse

listImportJobsCallable()

public final UnaryCallable<ListImportJobsRequest,ListImportJobsResponse> listImportJobsCallable()

Lists ImportJobs.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListImportJobsRequest request =
       ListImportJobsRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   while (true) {
     ListImportJobsResponse response =
         keyManagementServiceClient.listImportJobsCallable().call(request);
     for (ImportJob element : response.getImportJobsList()) {
       // doThingsWith(element);
     }
     String nextPageToken = response.getNextPageToken();
     if (!Strings.isNullOrEmpty(nextPageToken)) {
       request = request.toBuilder().setPageToken(nextPageToken).build();
     } else {
       break;
     }
   }
 }
 
Returns
TypeDescription
UnaryCallable<ListImportJobsRequest,ListImportJobsResponse>

listImportJobsPagedCallable()

public final UnaryCallable<ListImportJobsRequest,KeyManagementServiceClient.ListImportJobsPagedResponse> listImportJobsPagedCallable()

Lists ImportJobs.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListImportJobsRequest request =
       ListImportJobsRequest.newBuilder()
           .setParent(KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]").toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   ApiFuture<ImportJob> future =
       keyManagementServiceClient.listImportJobsPagedCallable().futureCall(request);
   // Do something.
   for (ImportJob element : future.get().iterateAll()) {
     // doThingsWith(element);
   }
 }
 
Returns
TypeDescription
UnaryCallable<ListImportJobsRequest,ListImportJobsPagedResponse>

listKeyRings(ListKeyRingsRequest request)

public final KeyManagementServiceClient.ListKeyRingsPagedResponse listKeyRings(ListKeyRingsRequest request)

Lists KeyRings.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListKeyRingsRequest request =
       ListKeyRingsRequest.newBuilder()
           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   for (KeyRing element : keyManagementServiceClient.listKeyRings(request).iterateAll()) {
     // doThingsWith(element);
   }
 }
 
Parameter
NameDescription
requestListKeyRingsRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
KeyManagementServiceClient.ListKeyRingsPagedResponse

listKeyRings(LocationName parent)

public final KeyManagementServiceClient.ListKeyRingsPagedResponse listKeyRings(LocationName parent)

Lists KeyRings.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   LocationName parent = LocationName.of("[PROJECT]", "[LOCATION]");
   for (KeyRing element : keyManagementServiceClient.listKeyRings(parent).iterateAll()) {
     // doThingsWith(element);
   }
 }
 
Parameter
NameDescription
parentLocationName

Required. The resource name of the location associated with the KeyRings, in the format projects/*/locations/*.

Returns
TypeDescription
KeyManagementServiceClient.ListKeyRingsPagedResponse

listKeyRings(String parent)

public final KeyManagementServiceClient.ListKeyRingsPagedResponse listKeyRings(String parent)

Lists KeyRings.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String parent = LocationName.of("[PROJECT]", "[LOCATION]").toString();
   for (KeyRing element : keyManagementServiceClient.listKeyRings(parent).iterateAll()) {
     // doThingsWith(element);
   }
 }
 
Parameter
NameDescription
parentString

Required. The resource name of the location associated with the KeyRings, in the format projects/*/locations/*.

Returns
TypeDescription
KeyManagementServiceClient.ListKeyRingsPagedResponse

listKeyRingsCallable()

public final UnaryCallable<ListKeyRingsRequest,ListKeyRingsResponse> listKeyRingsCallable()

Lists KeyRings.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListKeyRingsRequest request =
       ListKeyRingsRequest.newBuilder()
           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   while (true) {
     ListKeyRingsResponse response =
         keyManagementServiceClient.listKeyRingsCallable().call(request);
     for (KeyRing element : response.getKeyRingsList()) {
       // doThingsWith(element);
     }
     String nextPageToken = response.getNextPageToken();
     if (!Strings.isNullOrEmpty(nextPageToken)) {
       request = request.toBuilder().setPageToken(nextPageToken).build();
     } else {
       break;
     }
   }
 }
 
Returns
TypeDescription
UnaryCallable<ListKeyRingsRequest,ListKeyRingsResponse>

listKeyRingsPagedCallable()

public final UnaryCallable<ListKeyRingsRequest,KeyManagementServiceClient.ListKeyRingsPagedResponse> listKeyRingsPagedCallable()

Lists KeyRings.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   ListKeyRingsRequest request =
       ListKeyRingsRequest.newBuilder()
           .setParent(LocationName.of("[PROJECT]", "[LOCATION]").toString())
           .setPageSize(883849137)
           .setPageToken("pageToken873572522")
           .setFilter("filter-1274492040")
           .setOrderBy("orderBy-1207110587")
           .build();
   ApiFuture<KeyRing> future =
       keyManagementServiceClient.listKeyRingsPagedCallable().futureCall(request);
   // Do something.
   for (KeyRing element : future.get().iterateAll()) {
     // doThingsWith(element);
   }
 }
 
Returns
TypeDescription
UnaryCallable<ListKeyRingsRequest,ListKeyRingsPagedResponse>

macSign(CryptoKeyVersionName name, ByteString data)

public final MacSignResponse macSign(CryptoKeyVersionName name, ByteString data)

Signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, producing a tag that can be verified by another source with the same key.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyVersionName name =
       CryptoKeyVersionName.of(
           "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
   ByteString data = ByteString.EMPTY;
   MacSignResponse response = keyManagementServiceClient.macSign(name, data);
 }
 
Parameters
NameDescription
nameCryptoKeyVersionName

Required. The resource name of the CryptoKeyVersion to use for signing.

dataByteString

Required. The data to sign. The MAC tag is computed over this data field based on the specific algorithm.

Returns
TypeDescription
MacSignResponse

macSign(MacSignRequest request)

public final MacSignResponse macSign(MacSignRequest request)

Signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, producing a tag that can be verified by another source with the same key.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   MacSignRequest request =
       MacSignRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setData(ByteString.EMPTY)
           .setDataCrc32C(Int64Value.newBuilder().build())
           .build();
   MacSignResponse response = keyManagementServiceClient.macSign(request);
 }
 
Parameter
NameDescription
requestMacSignRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
MacSignResponse

macSign(String name, ByteString data)

public final MacSignResponse macSign(String name, ByteString data)

Signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, producing a tag that can be verified by another source with the same key.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyVersionName.of(
               "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
           .toString();
   ByteString data = ByteString.EMPTY;
   MacSignResponse response = keyManagementServiceClient.macSign(name, data);
 }
 
Parameters
NameDescription
nameString

Required. The resource name of the CryptoKeyVersion to use for signing.

dataByteString

Required. The data to sign. The MAC tag is computed over this data field based on the specific algorithm.

Returns
TypeDescription
MacSignResponse

macSignCallable()

public final UnaryCallable<MacSignRequest,MacSignResponse> macSignCallable()

Signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, producing a tag that can be verified by another source with the same key.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   MacSignRequest request =
       MacSignRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setData(ByteString.EMPTY)
           .setDataCrc32C(Int64Value.newBuilder().build())
           .build();
   ApiFuture<MacSignResponse> future =
       keyManagementServiceClient.macSignCallable().futureCall(request);
   // Do something.
   MacSignResponse response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<MacSignRequest,MacSignResponse>

macVerify(CryptoKeyVersionName name, ByteString data, ByteString mac)

public final MacVerifyResponse macVerify(CryptoKeyVersionName name, ByteString data, ByteString mac)

Verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, and returns a response that indicates whether or not the verification was successful.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyVersionName name =
       CryptoKeyVersionName.of(
           "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
   ByteString data = ByteString.EMPTY;
   ByteString mac = ByteString.EMPTY;
   MacVerifyResponse response = keyManagementServiceClient.macVerify(name, data, mac);
 }
 
Parameters
NameDescription
nameCryptoKeyVersionName

Required. The resource name of the CryptoKeyVersion to use for verification.

dataByteString

Required. The data used previously as a MacSignRequest.data to generate the MAC tag.

macByteString

Required. The signature to verify.

Returns
TypeDescription
MacVerifyResponse

macVerify(MacVerifyRequest request)

public final MacVerifyResponse macVerify(MacVerifyRequest request)

Verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, and returns a response that indicates whether or not the verification was successful.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   MacVerifyRequest request =
       MacVerifyRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setData(ByteString.EMPTY)
           .setDataCrc32C(Int64Value.newBuilder().build())
           .setMac(ByteString.EMPTY)
           .setMacCrc32C(Int64Value.newBuilder().build())
           .build();
   MacVerifyResponse response = keyManagementServiceClient.macVerify(request);
 }
 
Parameter
NameDescription
requestMacVerifyRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
MacVerifyResponse

macVerify(String name, ByteString data, ByteString mac)

public final MacVerifyResponse macVerify(String name, ByteString data, ByteString mac)

Verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, and returns a response that indicates whether or not the verification was successful.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyVersionName.of(
               "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
           .toString();
   ByteString data = ByteString.EMPTY;
   ByteString mac = ByteString.EMPTY;
   MacVerifyResponse response = keyManagementServiceClient.macVerify(name, data, mac);
 }
 
Parameters
NameDescription
nameString

Required. The resource name of the CryptoKeyVersion to use for verification.

dataByteString

Required. The data used previously as a MacSignRequest.data to generate the MAC tag.

macByteString

Required. The signature to verify.

Returns
TypeDescription
MacVerifyResponse

macVerifyCallable()

public final UnaryCallable<MacVerifyRequest,MacVerifyResponse> macVerifyCallable()

Verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, and returns a response that indicates whether or not the verification was successful.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   MacVerifyRequest request =
       MacVerifyRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .setData(ByteString.EMPTY)
           .setDataCrc32C(Int64Value.newBuilder().build())
           .setMac(ByteString.EMPTY)
           .setMacCrc32C(Int64Value.newBuilder().build())
           .build();
   ApiFuture<MacVerifyResponse> future =
       keyManagementServiceClient.macVerifyCallable().futureCall(request);
   // Do something.
   MacVerifyResponse response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<MacVerifyRequest,MacVerifyResponse>

restoreCryptoKeyVersion(CryptoKeyVersionName name)

public final CryptoKeyVersion restoreCryptoKeyVersion(CryptoKeyVersionName name)

Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state.

Upon restoration of the CryptoKeyVersion, state will be set to DISABLED, and destroy_time will be cleared.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   CryptoKeyVersionName name =
       CryptoKeyVersionName.of(
           "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]");
   CryptoKeyVersion response = keyManagementServiceClient.restoreCryptoKeyVersion(name);
 }
 
Parameter
NameDescription
nameCryptoKeyVersionName

Required. The resource name of the CryptoKeyVersion to restore.

Returns
TypeDescription
CryptoKeyVersion

restoreCryptoKeyVersion(RestoreCryptoKeyVersionRequest request)

public final CryptoKeyVersion restoreCryptoKeyVersion(RestoreCryptoKeyVersionRequest request)

Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state.

Upon restoration of the CryptoKeyVersion, state will be set to DISABLED, and destroy_time will be cleared.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   RestoreCryptoKeyVersionRequest request =
       RestoreCryptoKeyVersionRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .build();
   CryptoKeyVersion response = keyManagementServiceClient.restoreCryptoKeyVersion(request);
 }
 
Parameter
NameDescription
requestRestoreCryptoKeyVersionRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
CryptoKeyVersion

restoreCryptoKeyVersion(String name)

public final CryptoKeyVersion restoreCryptoKeyVersion(String name)

Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state.

Upon restoration of the CryptoKeyVersion, state will be set to DISABLED, and destroy_time will be cleared.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   String name =
       CryptoKeyVersionName.of(
               "[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]", "[CRYPTO_KEY_VERSION]")
           .toString();
   CryptoKeyVersion response = keyManagementServiceClient.restoreCryptoKeyVersion(name);
 }
 
Parameter
NameDescription
nameString

Required. The resource name of the CryptoKeyVersion to restore.

Returns
TypeDescription
CryptoKeyVersion

restoreCryptoKeyVersionCallable()

public final UnaryCallable<RestoreCryptoKeyVersionRequest,CryptoKeyVersion> restoreCryptoKeyVersionCallable()

Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state.

Upon restoration of the CryptoKeyVersion, state will be set to DISABLED, and destroy_time will be cleared.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   RestoreCryptoKeyVersionRequest request =
       RestoreCryptoKeyVersionRequest.newBuilder()
           .setName(
               CryptoKeyVersionName.of(
                       "[PROJECT]",
                       "[LOCATION]",
                       "[KEY_RING]",
                       "[CRYPTO_KEY]",
                       "[CRYPTO_KEY_VERSION]")
                   .toString())
           .build();
   ApiFuture<CryptoKeyVersion> future =
       keyManagementServiceClient.restoreCryptoKeyVersionCallable().futureCall(request);
   // Do something.
   CryptoKeyVersion response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<RestoreCryptoKeyVersionRequest,CryptoKeyVersion>

setIamPolicy(KeyName resource, Policy policy)

public final Policy setIamPolicy(KeyName resource, Policy policy)

Sets the access control policy on the specified resource. Replaces any existing policy.

Can return Public Errors: NOT_FOUND, INVALID_ARGUMENT and PERMISSION_DENIED

Sample code:


 try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
   KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   Policy policy = Policy.newBuilder().build();
   Policy response = keyManagementServiceClient.setIamPolicy(resource, policy);
 }
 
Parameters
NameDescription
resourceKeyName

REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.

policycom.google.iam.v1.Policy

REQUIRED: The complete policy to be applied to the resource. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.

Returns
TypeDescription
com.google.iam.v1.Policy

setIamPolicy(SetIamPolicyRequest request)

public final Policy setIamPolicy(SetIamPolicyRequest request)

Sets the access control policy on the specified resource. Replacesany existing policy.

Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIEDerrors.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   SetIamPolicyRequest request =
       SetIamPolicyRequest.newBuilder()
           .setResource(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setPolicy(Policy.newBuilder().build())
           .setUpdateMask(FieldMask.newBuilder().build())
           .build();
   Policy response = keyManagementServiceClient.setIamPolicy(request);
 }
 
Parameter
NameDescription
requestcom.google.iam.v1.SetIamPolicyRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
com.google.iam.v1.Policy

setIamPolicy(String resource, Policy policy)

public final Policy setIamPolicy(String resource, Policy policy)

Sets the access control policy on the specified resource. Replaces any existing policy.

Can return Public Errors: NOT_FOUND, INVALID_ARGUMENT and PERMISSION_DENIED

Sample code:


 try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
   KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   Policy policy = Policy.newBuilder().build();
   Policy response = keyManagementServiceClient.setIamPolicy(resource.toString(), policy);
 }
 
Parameters
NameDescription
resourceString

REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field.

policycom.google.iam.v1.Policy

REQUIRED: The complete policy to be applied to the resource. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them.

Returns
TypeDescription
com.google.iam.v1.Policy

setIamPolicyCallable()

public final UnaryCallable<SetIamPolicyRequest,Policy> setIamPolicyCallable()

Sets the access control policy on the specified resource. Replacesany existing policy.

Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIEDerrors.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   SetIamPolicyRequest request =
       SetIamPolicyRequest.newBuilder()
           .setResource(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .setPolicy(Policy.newBuilder().build())
           .setUpdateMask(FieldMask.newBuilder().build())
           .build();
   ApiFuture<Policy> future =
       keyManagementServiceClient.setIamPolicyCallable().futureCall(request);
   // Do something.
   Policy response = future.get();
 }
 
Returns
TypeDescription
UnaryCallable<com.google.iam.v1.SetIamPolicyRequest,com.google.iam.v1.Policy>

shutdown()

public void shutdown()

shutdownNow()

public void shutdownNow()

testIamPermissions(KeyName resource, List<String> permissions)

public final TestIamPermissionsResponse testIamPermissions(KeyName resource, List<String> permissions)

Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.

Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.

Sample code:


 try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
   KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   List<String> permissions = new ArrayList<>();
   TestIamPermissionsResponse response = keyManagementServiceClient.testIamPermissions(resource, permissions);
 }
 
Parameters
NameDescription
resourceKeyName

REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.

permissionsList<String>

The set of permissions to check for the resource. Permissions with wildcards (such as '*' or 'storage.*') are not allowed. For more information see IAM Overview.

Returns
TypeDescription
com.google.iam.v1.TestIamPermissionsResponse

testIamPermissions(TestIamPermissionsRequest request)

public final TestIamPermissionsResponse testIamPermissions(TestIamPermissionsRequest request)

Returns permissions that a caller has on the specified resource. If theresource does not exist, this will return an empty set ofpermissions, not a NOT_FOUND error.

Note: This operation is designed to be used for buildingpermission-aware UIs and command-line tools, not for authorizationchecking. This operation may "fail open" without warning.

Sample code:


 // This snippet has been automatically generated and should be regarded as a code template only.
 // It will require modifications to work:
 // - It may require correct/in-range values for request initialization.
 // - It may require specifying regional endpoints when creating the service client as shown in
 // https://cloud.google.com/java/docs/setup#configure_endpoints_for_the_client_library
 try (KeyManagementServiceClient keyManagementServiceClient =
     KeyManagementServiceClient.create()) {
   TestIamPermissionsRequest request =
       TestIamPermissionsRequest.newBuilder()
           .setResource(
               CryptoKeyName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]", "[CRYPTO_KEY]")
                   .toString())
           .addAllPermissions(new ArrayList<String>())
           .build();
   TestIamPermissionsResponse response = keyManagementServiceClient.testIamPermissions(request);
 }
 
Parameter
NameDescription
requestcom.google.iam.v1.TestIamPermissionsRequest

The request object containing all of the parameters for the API call.

Returns
TypeDescription
com.google.iam.v1.TestIamPermissionsResponse

testIamPermissions(String resource, List<String> permissions)

public final TestIamPermissionsResponse testIamPermissions(String resource, List<String> permissions)

Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.

Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may "fail open" without warning.

Sample code:


 try (KeyManagementServiceClient keyManagementServiceClient = KeyManagementServiceClient.create()) {
   KeyName resource = KeyRingName.of("[PROJECT]", "[LOCATION]", "[KEY_RING]");
   List<String> permissions = new ArrayList<>();
   TestIamPermissionsResponse response = keyManagementServiceClient.testIamPermissions(resource.toString(), permissions);
 }
 
Parameters
NameDescription
resourceString

REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field.

permissionsList<String>

The set of permissions to check for the resource. Permissions with wildcards (such as '*' or 'storage.*') are not allowed. For more information see IAM Overview.

Returns
TypeDescription
com.google.iam.v1.TestIamPermissionsResponse

testIamPermissionsCallable()

public final UnaryCallable<TestIamPermissionsRequest,TestIamPermissionsResponse> testIamPermissionsCallable()

Returns permissi