Method: cryptoKeys.create

Full name: projects.locations.keyRings.cryptoKeys.create

Create a new CryptoKey within a KeyRing.

CryptoKey.purpose and CryptoKey.version_template.algorithm are required.

HTTP request

POST https://cloudkms.googleapis.com/v1/{parent=projects/*/locations/*/keyRings/*}/cryptoKeys

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters
parent

string

Required. The name of the KeyRing associated with the CryptoKeys.

Authorization requires the following IAM permission on the specified resource parent:

  • cloudkms.cryptoKeys.create

Query parameters

Parameters
cryptoKeyId

string

Required. It must be unique within a KeyRing and match the regular expression [a-zA-Z0-9_-]{1,63}

skipInitialVersionCreation

boolean

If set to true, the request will create a CryptoKey without any CryptoKeyVersions. You must manually call cryptoKeyVersions.create or cryptoKeyVersions.import before you can use this CryptoKey.

Request body

The request body contains an instance of CryptoKey.

Response body

If successful, the response body contains a newly created instance of CryptoKey.

Authorization scopes

Requires one of the following OAuth scopes:

  • https://www.googleapis.com/auth/cloudkms
  • https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.