- NAME
-
- gcloud alpha kms - manage cryptographic keys in the cloud
- SYNOPSIS
-
-
gcloud alpha kms
GROUP
|COMMAND
[GCLOUD_WIDE_FLAG …
]
-
- DESCRIPTION
-
(ALPHA)
The gcloud kms command group lets you generate, use, rotate and destroy Google Cloud KMS keys.Cloud KMS is a cloud-hosted key management service that lets you manage encryption for your cloud services the same way you do on-premises. You can generate, use, rotate and destroy AES256 encryption keys. Cloud KMS is integrated with IAM and Cloud Audit Logging so that you can manage permissions on individual keys, and monitor how these are used. Use Cloud KMS to protect secrets and other sensitive data which you need to store in Google Cloud Platform.
More information on Cloud KMS can be found here: https://cloud.google.com/kms/ and detailed documentation can be found here: https://cloud.google.com/kms/docs/
- GCLOUD WIDE FLAGS
-
These flags are available to all commands:
--help
.Run
$ gcloud help
for details. - GROUPS
-
is one of the following:GROUP
ekm-config
-
(ALPHA)
Update and retrieve the EkmConfig. ekm-connections
-
(ALPHA)
Create and manage ekm connections. import-jobs
-
(ALPHA)
Create and manage import jobs. inventory
-
(ALPHA)
Manages the KMS Inventory and Key Tracking commands. keyrings
-
(ALPHA)
Create and manage keyrings. keys
-
(ALPHA)
Create and manage keys. locations
-
(ALPHA)
View locations available for a project.
- COMMANDS
-
is one of the following:COMMAND
asymmetric-decrypt
-
(ALPHA)
Decrypt an input file using an asymmetric-encryption key version. asymmetric-sign
-
(ALPHA)
Sign a user input file using an asymmetric-signing key version. decrypt
-
(ALPHA)
Decrypt a ciphertext file using a Cloud KMS key. encrypt
-
(ALPHA)
Encrypt a plaintext file using a key. mac-sign
-
(ALPHA)
Sign a user input file using a MAC key version. mac-verify
-
(ALPHA)
Verify a user signature file using a MAC key version. raw-decrypt
-
(ALPHA)
Decrypt a ciphertext file using a raw key. raw-encrypt
-
(ALPHA)
Encrypt a plaintext file using a raw key.
- NOTES
-
This command is currently in alpha and might change without notice. If this
command fails with API permission errors despite specifying the correct project,
you might be trying to access an API with an invitation-only early access
allowlist. These variants are also available:
gcloud kms
gcloud beta kms
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-05-29 UTC.