google-cloud-kms overview (2.44.0)

Cloud Key Management Service Description: A cloud-hosted key management service that lets you manage cryptographic keys for your cloud services the same way you do on-premises. You can generate, use, rotate, and destroy AES256, RSA 2048, RSA 3072, RSA 4096, EC P256, and EC P384 cryptographic keys. Cloud KMS is integrated with Cloud IAM and Cloud Audit Logging so that you can manage permissions on individual keys and monitor how these are used. Use Cloud KMS to protect secrets and other sensitive data that you need to store in Google Cloud Platform.

Cloud Key Management Service Product ReferenceGitHub Repository (includes samples)Maven artifact

Getting Started

In order to use this library, you first need to go through the following steps:

Use the Cloud Key Management Service for Java

To ensure that your project uses compatible versions of the libraries and their component artifacts, import and use the BOM to specify dependency versions. Be sure to remove any versions that you set previously. For more information about BOMs, see Google Cloud Platform Libraries BOM.


Import the BOM in the dependencyManagement section of your pom.xml file. Include specific artifacts you depend on in the dependencies section, but don't specify the artifacts' versions in the dependencies section.

The example below demonstrates how you would import the BOM and include the google-cloud-kms artifact.

      <version>  26.37.0</version>



BOMs are supported by default in Gradle 5.x or later. Add a platform dependency on and remove the version from the dependency declarations in the artifact's build.gradle file.

The example below demonstrates how you would import the BOM and include the google-cloud-kms artifact.

implementation platform('  26.37.0')
implementation ''

The platform and enforcedPlatform keywords supply dependency versions declared in a BOM. The enforcedPlatform keyword enforces the dependency versions declared in the BOM and thus overrides what you specified.

For more details of the platform and enforcedPlatform keywords Gradle 5.x or higher, see Gradle: Importing Maven BOMs.

If you're using Gradle 4.6 or later, add enableFeaturePreview('IMPROVED_POM_SUPPORT') to your settings.gradle file. For details, see Gradle 4.6 Release Notes: BOM import. Versions of Gradle earlier than 4.6 don't support BOMs.


SBT doesn't support BOMs. You can find recommended versions of libraries from a particular BOM version on the dashboard and set the versions manually. To use the latest version of this library, add this to your dependencies:

libraryDependencies += "" % "google-cloud-kms" % "2.44.0"

Which version should I use?

For this library, we recommend using API version v1 for new applications.

Each Cloud Java client library may contain multiple packages. Each package containing a version number in its name corresponds to a published version of the service. We recommend using the latest stable version for new production applications, which can be identified by the largest numeric version that does not contain a suffix. For example, if a client library has two packages: v1 and v2alpha, then the latest stable version is v1. If you use an unstable release, breaking changes may be introduced when upgrading. You can read more about Cloud API versioning strategy here.