Manages keys and performs cryptographic operations in a central cloud service, for direct use by other cloud resources and applications.
Service: cloudkms.googleapis.com
The Service name cloudkms.googleapis.com is needed to create RPC client stubs.
google.cloud.kms.v1.Autokey
| Methods | |
|---|---|
|
Creates a new KeyHandle, triggering the provisioning of a new CryptoKey for CMEK use with the given resource type in the configured key project and the same location. |
|
Returns the KeyHandle. |
|
Lists KeyHandles. |
google.cloud.kms.v1.AutokeyAdmin
| Methods | |
|---|---|
|
Returns the AutokeyConfig for a folder. |
|
Returns the effective Cloud KMS Autokey configuration for a given project. |
|
Updates the AutokeyConfig for a folder. |
google.cloud.kms.v1.EkmService
| Methods | |
|---|---|
|
Creates a new EkmConnection in a given Project and Location. |
|
Returns the EkmConfig singleton resource for a given project and location. |
|
Returns metadata for a given EkmConnection. |
|
Lists EkmConnections. |
|
Updates the EkmConfig singleton resource for a given project and location. |
|
Updates an EkmConnection's metadata. |
|
Verifies that Cloud KMS can successfully connect to the external key manager specified by an EkmConnection. |
google.cloud.kms.v1.KeyManagementService
| Methods | |
|---|---|
|
Decrypts data that was encrypted with a public key retrieved from GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_DECRYPT. |
|
Signs data using a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from GetPublicKey. |
|
Create a new CryptoKey within a KeyRing. |
|
Create a new CryptoKeyVersion in a CryptoKey. |
|
Create a new ImportJob within a KeyRing. |
|
Create a new KeyRing in a given Project and Location. |
|
Decrypts data that was protected by Encrypt. |
|
Schedule a CryptoKeyVersion for destruction. |
|
Encrypts data, so that it can only be recovered by a call to Decrypt. |
|
Generate random bytes using the Cloud KMS randomness source in the provided location. |
|
Returns metadata for a given CryptoKey, as well as its primary CryptoKeyVersion. |
|
Returns metadata for a given CryptoKeyVersion. |
|
Returns metadata for a given ImportJob. |
|
Returns metadata for a given KeyRing. |
|
Returns the public key for the given CryptoKeyVersion. |
|
Import wrapped key material into a CryptoKeyVersion. |
|
Lists CryptoKeyVersions. |
|
Lists CryptoKeys. |
|
Lists ImportJobs. |
|
Lists KeyRings. |
|
Signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, producing a tag that can be verified by another source with the same key. |
|
Verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, and returns a response that indicates whether or not the verification was successful. |
|
Decrypts data that was originally encrypted using a raw cryptographic mechanism. |
|
Encrypts data using portable cryptographic primitives. |
|
Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state. |
|
Update a CryptoKey. |
|
Update the version of a CryptoKey that will be used in Encrypt. |
|
Update a CryptoKeyVersion's metadata. |
google.cloud.location.Locations
| Methods | |
|---|---|
|
Gets information about a location. |
|
Lists information about the supported locations for this service. |
google.iam.v1.IAMPolicy
| Methods | |
|---|---|
|
Gets the access control policy for a resource. |
|
Sets the access control policy on the specified resource. |
|
Returns permissions that a caller has on the specified resource. |
google.longrunning.Operations
| Methods | |
|---|---|
|
Gets the latest state of a long-running operation. |