v1. KeyManagementServiceClient
Google Cloud Key Management Service
Manages cryptographic keys and operations using those keys. Implements a REST model with the following objects:
- KeyRing
- CryptoKey
- CryptoKeyVersion
If you are using manual gRPC libraries, see Using gRPC with Cloud KMS.
Constructor
KeyManagementServiceClient
new KeyManagementServiceClient(options)
Construct an instance of KeyManagementServiceClient.
Parameter |
|||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
options |
Optional object The configuration object. See the subsequent parameters for more details. Values in
|
Properties
port
The port for this API service.
scopes
The scopes needed to make gRPC calls for every method defined in this service.
servicePath
The DNS address for this API service.
Methods
asymmetricDecrypt
asymmetricDecrypt(request, options, callback) returns Promise
Decrypts data that was encrypted with a public key retrieved from GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_DECRYPT.
Parameter |
|||||||
---|---|---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing AsymmetricDecryptResponse. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing AsymmetricDecryptResponse. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedName = client.cryptoKeyVersionPath('[PROJECT]', '[LOCATION]', '[KEY_RING]', '[CRYPTO_KEY]', '[CRYPTO_KEY_VERSION]');
const ciphertext = '';
const request = {
name: formattedName,
ciphertext: ciphertext,
};
client.asymmetricDecrypt(request)
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});
asymmetricSign
asymmetricSign(request, options, callback) returns Promise
Signs data using a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from GetPublicKey.
Parameter |
|||||||
---|---|---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing AsymmetricSignResponse. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing AsymmetricSignResponse. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedName = client.cryptoKeyVersionPath('[PROJECT]', '[LOCATION]', '[KEY_RING]', '[CRYPTO_KEY]', '[CRYPTO_KEY_VERSION]');
const digest = {};
const request = {
name: formattedName,
digest: digest,
};
client.asymmetricSign(request)
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});
createCryptoKey
createCryptoKey(request, options, callback) returns Promise
Create a new CryptoKey within a KeyRing.
CryptoKey.purpose and CryptoKey.version_template.algorithm are required.
Parameter |
|||||||||
---|---|---|---|---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing CryptoKey. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing CryptoKey. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedParent = client.keyRingPath('[PROJECT]', '[LOCATION]', '[KEY_RING]');
const cryptoKeyId = 'my-app-key';
const purpose = 'ENCRYPT_DECRYPT';
const seconds = 2147483647;
const nextRotationTime = {
seconds: seconds,
};
const seconds2 = 604800;
const rotationPeriod = {
seconds: seconds2,
};
const cryptoKey = {
purpose: purpose,
nextRotationTime: nextRotationTime,
rotationPeriod: rotationPeriod,
};
const request = {
parent: formattedParent,
cryptoKeyId: cryptoKeyId,
cryptoKey: cryptoKey,
};
client.createCryptoKey(request)
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});
createCryptoKeyVersion
createCryptoKeyVersion(request, options, callback) returns Promise
Create a new CryptoKeyVersion in a CryptoKey.
The server will assign the next sequential id. If unset, state will be set to ENABLED.
Parameter |
|||||||
---|---|---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing CryptoKeyVersion. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing CryptoKeyVersion. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedParent = client.cryptoKeyPath('[PROJECT]', '[LOCATION]', '[KEY_RING]', '[CRYPTO_KEY]');
const cryptoKeyVersion = {};
const request = {
parent: formattedParent,
cryptoKeyVersion: cryptoKeyVersion,
};
client.createCryptoKeyVersion(request)
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});
createKeyRing
createKeyRing(request, options, callback) returns Promise
Create a new KeyRing in a given Project and Location.
Parameter |
|||||||||
---|---|---|---|---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing KeyRing. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing KeyRing. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedParent = client.locationPath('[PROJECT]', '[LOCATION]');
const keyRingId = '';
const keyRing = {};
const request = {
parent: formattedParent,
keyRingId: keyRingId,
keyRing: keyRing,
};
client.createKeyRing(request)
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});
cryptoKeyPath
cryptoKeyPath(project, location, keyRing, cryptoKey) returns String
Return a fully-qualified crypto_key resource name string.
Parameter |
|
---|---|
project |
String |
location |
String |
keyRing |
String |
cryptoKey |
String |
- Returns
-
String
cryptoKeyPathPath
cryptoKeyPathPath(project, location, keyRing, cryptoKeyPath) returns String
Return a fully-qualified crypto_key_path resource name string.
Parameter |
|
---|---|
project |
String |
location |
String |
keyRing |
String |
cryptoKeyPath |
String |
- Returns
-
String
cryptoKeyVersionPath
cryptoKeyVersionPath(project, location, keyRing, cryptoKey, cryptoKeyVersion) returns String
Return a fully-qualified crypto_key_version resource name string.
Parameter |
|
---|---|
project |
String |
location |
String |
keyRing |
String |
cryptoKey |
String |
cryptoKeyVersion |
String |
- Returns
-
String
decrypt
decrypt(request, options, callback) returns Promise
Decrypts data that was protected by Encrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.
Parameter |
|||||||||
---|---|---|---|---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing DecryptResponse. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing DecryptResponse. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedName = client.cryptoKeyPath('[PROJECT]', '[LOCATION]', '[KEY_RING]', '[CRYPTO_KEY]');
const ciphertext = '';
const request = {
name: formattedName,
ciphertext: ciphertext,
};
client.decrypt(request)
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});
destroyCryptoKeyVersion
destroyCryptoKeyVersion(request, options, callback) returns Promise
Schedule a CryptoKeyVersion for destruction.
Upon calling this method, CryptoKeyVersion.state will be set to DESTROY_SCHEDULED and destroy_time will be set to a time 24 hours in the future, at which point the state will be changed to DESTROYED, and the key material will be irrevocably destroyed.
Before the destroy_time is reached, RestoreCryptoKeyVersion may be called to reverse the process.
Parameter |
|||||
---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing CryptoKeyVersion. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing CryptoKeyVersion. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedName = client.cryptoKeyVersionPath('[PROJECT]', '[LOCATION]', '[KEY_RING]', '[CRYPTO_KEY]', '[CRYPTO_KEY_VERSION]');
client.destroyCryptoKeyVersion({name: formattedName})
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});
encrypt
encrypt(request, options, callback) returns Promise
Encrypts data, so that it can only be recovered by a call to Decrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.
Parameter |
|||||||||
---|---|---|---|---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing EncryptResponse. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing EncryptResponse. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedName = client.cryptoKeyPathPath('[PROJECT]', '[LOCATION]', '[KEY_RING]', '[CRYPTO_KEY_PATH]');
const plaintext = '';
const request = {
name: formattedName,
plaintext: plaintext,
};
client.encrypt(request)
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});
getCryptoKey
getCryptoKey(request, options, callback) returns Promise
Returns metadata for a given CryptoKey, as well as its primary CryptoKeyVersion.
Parameter |
|||||
---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing CryptoKey. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing CryptoKey. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedName = client.cryptoKeyPath('[PROJECT]', '[LOCATION]', '[KEY_RING]', '[CRYPTO_KEY]');
client.getCryptoKey({name: formattedName})
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});
getCryptoKeyVersion
getCryptoKeyVersion(request, options, callback) returns Promise
Returns metadata for a given CryptoKeyVersion.
Parameter |
|||||
---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing CryptoKeyVersion. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing CryptoKeyVersion. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedName = client.cryptoKeyVersionPath('[PROJECT]', '[LOCATION]', '[KEY_RING]', '[CRYPTO_KEY]', '[CRYPTO_KEY_VERSION]');
client.getCryptoKeyVersion({name: formattedName})
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});
getIamPolicy
getIamPolicy(request, options, callback) returns Promise
Gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.
Parameter |
|||||
---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing Policy. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing Policy. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedResource = client.keyRingPath('[PROJECT]', '[LOCATION]', '[KEY_RING]');
client.getIamPolicy({resource: formattedResource})
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});
getKeyRing
getKeyRing(request, options, callback) returns Promise
Returns metadata for a given KeyRing.
Parameter |
|||||
---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing KeyRing. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing KeyRing. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedName = client.keyRingPath('[PROJECT]', '[LOCATION]', '[KEY_RING]');
client.getKeyRing({name: formattedName})
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});
getProjectId
getProjectId(callback)
Return the project ID used by this class.
Parameter |
|
---|---|
callback |
function(Error, string) the callback to be called with the current project Id. |
getPublicKey
getPublicKey(request, options, callback) returns Promise
Returns the public key for the given CryptoKeyVersion. The CryptoKey.purpose must be ASYMMETRIC_SIGN or ASYMMETRIC_DECRYPT.
Parameter |
|||||
---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing PublicKey. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing PublicKey. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedName = client.cryptoKeyVersionPath('[PROJECT]', '[LOCATION]', '[KEY_RING]', '[CRYPTO_KEY]', '[CRYPTO_KEY_VERSION]');
client.getPublicKey({name: formattedName})
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});
keyRingPath
keyRingPath(project, location, keyRing) returns String
Return a fully-qualified key_ring resource name string.
Parameter |
|
---|---|
project |
String |
location |
String |
keyRing |
String |
- Returns
-
String
listCryptoKeys
listCryptoKeys(request, options, callback) returns Promise
Lists CryptoKeys.
Parameter |
|||||||||
---|---|---|---|---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||||||
callback |
Optional function(nullable Error, nullable Array, nullable Object, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is Array of CryptoKey. When autoPaginate: false is specified through options, it contains the result in a single response. If the response indicates the next page exists, the third parameter is set to be used for the next request object. The fourth parameter keeps the raw response object of an object representing ListCryptoKeysResponse. |
- Returns
-
Promise
-
The promise which resolves to an array. The first element of the array is Array of CryptoKey.
When autoPaginate: false is specified through options, the array has three elements. The first element is Array of CryptoKey in a single response. The second element is the next request object if the response indicates the next page exists, or null. The third element is an object representing ListCryptoKeysResponse.
The promise has a method named "cancel" which cancels the ongoing API call.
-
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
// Iterate over all elements.
const formattedParent = client.keyRingPath('[PROJECT]', '[LOCATION]', '[KEY_RING]');
client.listCryptoKeys({parent: formattedParent})
.then(responses => {
const resources = responses[0];
for (const resource of resources) {
// doThingsWith(resource)
}
})
.catch(err => {
console.error(err);
});
// Or obtain the paged response.
const formattedParent = client.keyRingPath('[PROJECT]', '[LOCATION]', '[KEY_RING]');
const options = {autoPaginate: false};
const callback = responses => {
// The actual resources in a response.
const resources = responses[0];
// The next request if the response shows that there are more responses.
const nextRequest = responses[1];
// The actual response object, if necessary.
// const rawResponse = responses[2];
for (const resource of resources) {
// doThingsWith(resource);
}
if (nextRequest) {
// Fetch the next page.
return client.listCryptoKeys(nextRequest, options).then(callback);
}
}
client.listCryptoKeys({parent: formattedParent}, options)
.then(callback)
.catch(err => {
console.error(err);
});
listCryptoKeysStream
listCryptoKeysStream(request, options) returns Stream
Equivalent to listCryptoKeys, but returns a NodeJS Stream object.
This fetches the paged responses for listCryptoKeys continuously and invokes the callback registered for 'data' event for each element in the responses.
The returned object has 'end' method when no more elements are required.
autoPaginate option will be ignored.
Parameter |
|||||||||
---|---|---|---|---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
- See also
- https://nodejs.org/api/stream.html
- Returns
-
Stream
An object stream which emits an object representing CryptoKey on 'data' event.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedParent = client.keyRingPath('[PROJECT]', '[LOCATION]', '[KEY_RING]');
client.listCryptoKeysStream({parent: formattedParent})
.on('data', element => {
// doThingsWith(element)
}).on('error', err => {
console.log(err);
});
listCryptoKeyVersions
listCryptoKeyVersions(request, options, callback) returns Promise
Lists CryptoKeyVersions.
Parameter |
|||||||||
---|---|---|---|---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||||||
callback |
Optional function(nullable Error, nullable Array, nullable Object, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is Array of CryptoKeyVersion. When autoPaginate: false is specified through options, it contains the result in a single response. If the response indicates the next page exists, the third parameter is set to be used for the next request object. The fourth parameter keeps the raw response object of an object representing ListCryptoKeyVersionsResponse. |
- Returns
-
Promise
-
The promise which resolves to an array. The first element of the array is Array of CryptoKeyVersion.
When autoPaginate: false is specified through options, the array has three elements. The first element is Array of CryptoKeyVersion in a single response. The second element is the next request object if the response indicates the next page exists, or null. The third element is an object representing ListCryptoKeyVersionsResponse.
The promise has a method named "cancel" which cancels the ongoing API call.
-
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
// Iterate over all elements.
const formattedParent = client.cryptoKeyPath('[PROJECT]', '[LOCATION]', '[KEY_RING]', '[CRYPTO_KEY]');
client.listCryptoKeyVersions({parent: formattedParent})
.then(responses => {
const resources = responses[0];
for (const resource of resources) {
// doThingsWith(resource)
}
})
.catch(err => {
console.error(err);
});
// Or obtain the paged response.
const formattedParent = client.cryptoKeyPath('[PROJECT]', '[LOCATION]', '[KEY_RING]', '[CRYPTO_KEY]');
const options = {autoPaginate: false};
const callback = responses => {
// The actual resources in a response.
const resources = responses[0];
// The next request if the response shows that there are more responses.
const nextRequest = responses[1];
// The actual response object, if necessary.
// const rawResponse = responses[2];
for (const resource of resources) {
// doThingsWith(resource);
}
if (nextRequest) {
// Fetch the next page.
return client.listCryptoKeyVersions(nextRequest, options).then(callback);
}
}
client.listCryptoKeyVersions({parent: formattedParent}, options)
.then(callback)
.catch(err => {
console.error(err);
});
listCryptoKeyVersionsStream
listCryptoKeyVersionsStream(request, options) returns Stream
Equivalent to listCryptoKeyVersions, but returns a NodeJS Stream object.
This fetches the paged responses for listCryptoKeyVersions continuously and invokes the callback registered for 'data' event for each element in the responses.
The returned object has 'end' method when no more elements are required.
autoPaginate option will be ignored.
Parameter |
|||||||||
---|---|---|---|---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
- See also
- https://nodejs.org/api/stream.html
- Returns
-
Stream
An object stream which emits an object representing CryptoKeyVersion on 'data' event.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedParent = client.cryptoKeyPath('[PROJECT]', '[LOCATION]', '[KEY_RING]', '[CRYPTO_KEY]');
client.listCryptoKeyVersionsStream({parent: formattedParent})
.on('data', element => {
// doThingsWith(element)
}).on('error', err => {
console.log(err);
});
listKeyRings
listKeyRings(request, options, callback) returns Promise
Lists KeyRings.
Parameter |
|||||||
---|---|---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||||
callback |
Optional function(nullable Error, nullable Array, nullable Object, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is Array of KeyRing. When autoPaginate: false is specified through options, it contains the result in a single response. If the response indicates the next page exists, the third parameter is set to be used for the next request object. The fourth parameter keeps the raw response object of an object representing ListKeyRingsResponse. |
- Returns
-
Promise
-
The promise which resolves to an array. The first element of the array is Array of KeyRing.
When autoPaginate: false is specified through options, the array has three elements. The first element is Array of KeyRing in a single response. The second element is the next request object if the response indicates the next page exists, or null. The third element is an object representing ListKeyRingsResponse.
The promise has a method named "cancel" which cancels the ongoing API call.
-
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
// Iterate over all elements.
const formattedParent = client.locationPath('[PROJECT]', '[LOCATION]');
client.listKeyRings({parent: formattedParent})
.then(responses => {
const resources = responses[0];
for (const resource of resources) {
// doThingsWith(resource)
}
})
.catch(err => {
console.error(err);
});
// Or obtain the paged response.
const formattedParent = client.locationPath('[PROJECT]', '[LOCATION]');
const options = {autoPaginate: false};
const callback = responses => {
// The actual resources in a response.
const resources = responses[0];
// The next request if the response shows that there are more responses.
const nextRequest = responses[1];
// The actual response object, if necessary.
// const rawResponse = responses[2];
for (const resource of resources) {
// doThingsWith(resource);
}
if (nextRequest) {
// Fetch the next page.
return client.listKeyRings(nextRequest, options).then(callback);
}
}
client.listKeyRings({parent: formattedParent}, options)
.then(callback)
.catch(err => {
console.error(err);
});
listKeyRingsStream
listKeyRingsStream(request, options) returns Stream
Equivalent to listKeyRings, but returns a NodeJS Stream object.
This fetches the paged responses for listKeyRings continuously and invokes the callback registered for 'data' event for each element in the responses.
The returned object has 'end' method when no more elements are required.
autoPaginate option will be ignored.
Parameter |
|||||||
---|---|---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
- See also
- https://nodejs.org/api/stream.html
- Returns
-
Stream
An object stream which emits an object representing KeyRing on 'data' event.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedParent = client.locationPath('[PROJECT]', '[LOCATION]');
client.listKeyRingsStream({parent: formattedParent})
.on('data', element => {
// doThingsWith(element)
}).on('error', err => {
console.log(err);
});
locationPath
locationPath(project, location) returns String
Return a fully-qualified location resource name string.
Parameter |
|
---|---|
project |
String |
location |
String |
- Returns
-
String
matchCryptoKeyFromCryptoKeyName
matchCryptoKeyFromCryptoKeyName(cryptoKeyName) returns String
Parse the cryptoKeyName from a crypto_key resource.
Parameter |
|
---|---|
cryptoKeyName |
String A fully-qualified path representing a crypto_key resources. |
- Returns
-
String
- A string representing the crypto_key.
matchCryptoKeyFromCryptoKeyVersionName
matchCryptoKeyFromCryptoKeyVersionName(cryptoKeyVersionName) returns String
Parse the cryptoKeyVersionName from a crypto_key_version resource.
Parameter |
|
---|---|
cryptoKeyVersionName |
String A fully-qualified path representing a crypto_key_version resources. |
- Returns
-
String
- A string representing the crypto_key.
matchCryptoKeyPathFromCryptoKeyPathName
matchCryptoKeyPathFromCryptoKeyPathName(cryptoKeyPathName) returns String
Parse the cryptoKeyPathName from a crypto_key_path resource.
Parameter |
|
---|---|
cryptoKeyPathName |
String A fully-qualified path representing a crypto_key_path resources. |
- Returns
-
String
- A string representing the crypto_key_path.
matchCryptoKeyVersionFromCryptoKeyVersionName
matchCryptoKeyVersionFromCryptoKeyVersionName(cryptoKeyVersionName) returns String
Parse the cryptoKeyVersionName from a crypto_key_version resource.
Parameter |
|
---|---|
cryptoKeyVersionName |
String A fully-qualified path representing a crypto_key_version resources. |
- Returns
-
String
- A string representing the crypto_key_version.
matchKeyRingFromCryptoKeyName
matchKeyRingFromCryptoKeyName(cryptoKeyName) returns String
Parse the cryptoKeyName from a crypto_key resource.
Parameter |
|
---|---|
cryptoKeyName |
String A fully-qualified path representing a crypto_key resources. |
- Returns
-
String
- A string representing the key_ring.
matchKeyRingFromCryptoKeyPathName
matchKeyRingFromCryptoKeyPathName(cryptoKeyPathName) returns String
Parse the cryptoKeyPathName from a crypto_key_path resource.
Parameter |
|
---|---|
cryptoKeyPathName |
String A fully-qualified path representing a crypto_key_path resources. |
- Returns
-
String
- A string representing the key_ring.
matchKeyRingFromCryptoKeyVersionName
matchKeyRingFromCryptoKeyVersionName(cryptoKeyVersionName) returns String
Parse the cryptoKeyVersionName from a crypto_key_version resource.
Parameter |
|
---|---|
cryptoKeyVersionName |
String A fully-qualified path representing a crypto_key_version resources. |
- Returns
-
String
- A string representing the key_ring.
matchKeyRingFromKeyRingName
matchKeyRingFromKeyRingName(keyRingName) returns String
Parse the keyRingName from a key_ring resource.
Parameter |
|
---|---|
keyRingName |
String A fully-qualified path representing a key_ring resources. |
- Returns
-
String
- A string representing the key_ring.
matchLocationFromCryptoKeyName
matchLocationFromCryptoKeyName(cryptoKeyName) returns String
Parse the cryptoKeyName from a crypto_key resource.
Parameter |
|
---|---|
cryptoKeyName |
String A fully-qualified path representing a crypto_key resources. |
- Returns
-
String
- A string representing the location.
matchLocationFromCryptoKeyPathName
matchLocationFromCryptoKeyPathName(cryptoKeyPathName) returns String
Parse the cryptoKeyPathName from a crypto_key_path resource.
Parameter |
|
---|---|
cryptoKeyPathName |
String A fully-qualified path representing a crypto_key_path resources. |
- Returns
-
String
- A string representing the location.
matchLocationFromCryptoKeyVersionName
matchLocationFromCryptoKeyVersionName(cryptoKeyVersionName) returns String
Parse the cryptoKeyVersionName from a crypto_key_version resource.
Parameter |
|
---|---|
cryptoKeyVersionName |
String A fully-qualified path representing a crypto_key_version resources. |
- Returns
-
String
- A string representing the location.
matchLocationFromKeyRingName
matchLocationFromKeyRingName(keyRingName) returns String
Parse the keyRingName from a key_ring resource.
Parameter |
|
---|---|
keyRingName |
String A fully-qualified path representing a key_ring resources. |
- Returns
-
String
- A string representing the location.
matchLocationFromLocationName
matchLocationFromLocationName(locationName) returns String
Parse the locationName from a location resource.
Parameter |
|
---|---|
locationName |
String A fully-qualified path representing a location resources. |
- Returns
-
String
- A string representing the location.
matchProjectFromCryptoKeyName
matchProjectFromCryptoKeyName(cryptoKeyName) returns String
Parse the cryptoKeyName from a crypto_key resource.
Parameter |
|
---|---|
cryptoKeyName |
String A fully-qualified path representing a crypto_key resources. |
- Returns
-
String
- A string representing the project.
matchProjectFromCryptoKeyPathName
matchProjectFromCryptoKeyPathName(cryptoKeyPathName) returns String
Parse the cryptoKeyPathName from a crypto_key_path resource.
Parameter |
|
---|---|
cryptoKeyPathName |
String A fully-qualified path representing a crypto_key_path resources. |
- Returns
-
String
- A string representing the project.
matchProjectFromCryptoKeyVersionName
matchProjectFromCryptoKeyVersionName(cryptoKeyVersionName) returns String
Parse the cryptoKeyVersionName from a crypto_key_version resource.
Parameter |
|
---|---|
cryptoKeyVersionName |
String A fully-qualified path representing a crypto_key_version resources. |
- Returns
-
String
- A string representing the project.
matchProjectFromKeyRingName
matchProjectFromKeyRingName(keyRingName) returns String
Parse the keyRingName from a key_ring resource.
Parameter |
|
---|---|
keyRingName |
String A fully-qualified path representing a key_ring resources. |
- Returns
-
String
- A string representing the project.
matchProjectFromLocationName
matchProjectFromLocationName(locationName) returns String
Parse the locationName from a location resource.
Parameter |
|
---|---|
locationName |
String A fully-qualified path representing a location resources. |
- Returns
-
String
- A string representing the project.
restoreCryptoKeyVersion
restoreCryptoKeyVersion(request, options, callback) returns Promise
Restore a CryptoKeyVersion in the DESTROY_SCHEDULED state.
Upon restoration of the CryptoKeyVersion, state will be set to DISABLED, and destroy_time will be cleared.
Parameter |
|||||
---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing CryptoKeyVersion. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing CryptoKeyVersion. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedName = client.cryptoKeyVersionPath('[PROJECT]', '[LOCATION]', '[KEY_RING]', '[CRYPTO_KEY]', '[CRYPTO_KEY_VERSION]');
client.restoreCryptoKeyVersion({name: formattedName})
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});
setIamPolicy
setIamPolicy(request, options, callback) returns Promise
Sets the access control policy on the specified resource. Replaces any existing policy.
Parameter |
|||||||
---|---|---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing Policy. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing Policy. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedResource = client.keyRingPath('[PROJECT]', '[LOCATION]', '[KEY_RING]');
const policy = {};
const request = {
resource: formattedResource,
policy: policy,
};
client.setIamPolicy(request)
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});
testIamPermissions
testIamPermissions(request, options, callback) returns Promise
Returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.
Parameter |
|||||||
---|---|---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing TestIamPermissionsResponse. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing TestIamPermissionsResponse. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedResource = client.keyRingPath('[PROJECT]', '[LOCATION]', '[KEY_RING]');
const permissions = [];
const request = {
resource: formattedResource,
permissions: permissions,
};
client.testIamPermissions(request)
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});
updateCryptoKey
updateCryptoKey(request, options, callback) returns Promise
Update a CryptoKey.
Parameter |
|||||||
---|---|---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing CryptoKey. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing CryptoKey. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const cryptoKey = {};
const updateMask = {};
const request = {
cryptoKey: cryptoKey,
updateMask: updateMask,
};
client.updateCryptoKey(request)
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});
updateCryptoKeyPrimaryVersion
updateCryptoKeyPrimaryVersion(request, options, callback) returns Promise
Update the version of a CryptoKey that will be used in Encrypt.
Returns an error if called on an asymmetric key.
Parameter |
|||||||
---|---|---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing CryptoKey. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing CryptoKey. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const formattedName = client.cryptoKeyPath('[PROJECT]', '[LOCATION]', '[KEY_RING]', '[CRYPTO_KEY]');
const cryptoKeyVersionId = '';
const request = {
name: formattedName,
cryptoKeyVersionId: cryptoKeyVersionId,
};
client.updateCryptoKeyPrimaryVersion(request)
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});
updateCryptoKeyVersion
updateCryptoKeyVersion(request, options, callback) returns Promise
Update a CryptoKeyVersion's metadata.
state may be changed between ENABLED and DISABLED using this method. See DestroyCryptoKeyVersion and RestoreCryptoKeyVersion to move between other states.
Parameter |
|||||||
---|---|---|---|---|---|---|---|
request |
Object The request object that will be sent. Values in
|
||||||
options |
Optional Object Optional parameters. You can override the default settings for this call, e.g, timeout, retries, paginations, etc. See gax.CallOptions for the details. |
||||||
callback |
Optional function(nullable Error, nullable Object) The function which will be called with the result of the API call. The second parameter to the callback is an object representing CryptoKeyVersion. |
- Returns
-
Promise
- The promise which resolves to an array. The first element of the array is an object representing CryptoKeyVersion. The promise has a method named "cancel" which cancels the ongoing API call.
Example
const kms = require('@google-cloud/kms');
const client = new kms.v1.KeyManagementServiceClient({
// optional auth parameters.
});
const cryptoKeyVersion = {};
const updateMask = {};
const request = {
cryptoKeyVersion: cryptoKeyVersion,
updateMask: updateMask,
};
client.updateCryptoKeyVersion(request)
.then(responses => {
const response = responses[0];
// doThingsWith(response)
})
.catch(err => {
console.error(err);
});