import "cloud.google.com/go/kms/apiv1"
Package kms is an auto-generated package for the Cloud Key Management Service (KMS) API.
Manages keys and performs cryptographic operations in a central cloud service, for direct use by other cloud resources and applications.
The ctx passed to NewClient is used for authentication requests and for creating the underlying connection, but is not used for subsequent calls. Individual methods on the client use the ctx given to them.
To close the open connection, use the Close() method.
For information about setting deadlines, reusing contexts, and more please visit godoc.org/cloud.google.com/go.
doc.go iam.go key_management_client.go
DefaultAuthScopes reports the default set of authentication scopes to use with this package.
type CryptoKeyIterator struct {
// Response is the raw response for the current page.
// It must be cast to the RPC response type.
// Calling Next() or InternalFetch() updates this value.
Response interface{}
// InternalFetch is for use by the Google Cloud Libraries only.
// It is not part of the stable interface of this package.
//
// InternalFetch returns results from a single call to the underlying RPC.
// The number of results is no greater than pageSize.
// If there are no more results, nextPageToken is empty and err is nil.
InternalFetch func(pageSize int, pageToken string) (results []*kmspb.CryptoKey, nextPageToken string, err error)
// contains filtered or unexported fields
}CryptoKeyIterator manages a stream of *kmspb.CryptoKey.
func (it *CryptoKeyIterator) Next() (*kmspb.CryptoKey, error)
Next returns the next result. Its second return value is iterator.Done if there are no more results. Once Next returns Done, all subsequent calls will return Done.
func (it *CryptoKeyIterator) PageInfo() *iterator.PageInfo
PageInfo supports pagination. See the google.golang.org/api/iterator package for details.
type CryptoKeyVersionIterator struct {
// Response is the raw response for the current page.
// It must be cast to the RPC response type.
// Calling Next() or InternalFetch() updates this value.
Response interface{}
// InternalFetch is for use by the Google Cloud Libraries only.
// It is not part of the stable interface of this package.
//
// InternalFetch returns results from a single call to the underlying RPC.
// The number of results is no greater than pageSize.
// If there are no more results, nextPageToken is empty and err is nil.
InternalFetch func(pageSize int, pageToken string) (results []*kmspb.CryptoKeyVersion, nextPageToken string, err error)
// contains filtered or unexported fields
}CryptoKeyVersionIterator manages a stream of *kmspb.CryptoKeyVersion.
func (it *CryptoKeyVersionIterator) Next() (*kmspb.CryptoKeyVersion, error)
Next returns the next result. Its second return value is iterator.Done if there are no more results. Once Next returns Done, all subsequent calls will return Done.
func (it *CryptoKeyVersionIterator) PageInfo() *iterator.PageInfo
PageInfo supports pagination. See the google.golang.org/api/iterator package for details.
type ImportJobIterator struct {
// Response is the raw response for the current page.
// It must be cast to the RPC response type.
// Calling Next() or InternalFetch() updates this value.
Response interface{}
// InternalFetch is for use by the Google Cloud Libraries only.
// It is not part of the stable interface of this package.
//
// InternalFetch returns results from a single call to the underlying RPC.
// The number of results is no greater than pageSize.
// If there are no more results, nextPageToken is empty and err is nil.
InternalFetch func(pageSize int, pageToken string) (results []*kmspb.ImportJob, nextPageToken string, err error)
// contains filtered or unexported fields
}ImportJobIterator manages a stream of *kmspb.ImportJob.
func (it *ImportJobIterator) Next() (*kmspb.ImportJob, error)
Next returns the next result. Its second return value is iterator.Done if there are no more results. Once Next returns Done, all subsequent calls will return Done.
func (it *ImportJobIterator) PageInfo() *iterator.PageInfo
PageInfo supports pagination. See the google.golang.org/api/iterator package for details.
type KeyManagementCallOptions struct {
ListKeyRings []gax.CallOption
ListCryptoKeys []gax.CallOption
ListCryptoKeyVersions []gax.CallOption
ListImportJobs []gax.CallOption
GetKeyRing []gax.CallOption
GetCryptoKey []gax.CallOption
GetCryptoKeyVersion []gax.CallOption
GetPublicKey []gax.CallOption
GetImportJob []gax.CallOption
CreateKeyRing []gax.CallOption
CreateCryptoKey []gax.CallOption
CreateCryptoKeyVersion []gax.CallOption
ImportCryptoKeyVersion []gax.CallOption
CreateImportJob []gax.CallOption
UpdateCryptoKey []gax.CallOption
UpdateCryptoKeyVersion []gax.CallOption
Encrypt []gax.CallOption
Decrypt []gax.CallOption
AsymmetricSign []gax.CallOption
AsymmetricDecrypt []gax.CallOption
UpdateCryptoKeyPrimaryVersion []gax.CallOption
DestroyCryptoKeyVersion []gax.CallOption
RestoreCryptoKeyVersion []gax.CallOption
}KeyManagementCallOptions contains the retry settings for each method of KeyManagementClient.
type KeyManagementClient struct {
// The call options for this service.
CallOptions *KeyManagementCallOptions
// contains filtered or unexported fields
}KeyManagementClient is a client for interacting with Cloud Key Management Service (KMS) API.
Methods, except Close, may be called concurrently. However, fields must not be modified concurrently with method calls.
func NewKeyManagementClient(ctx context.Context, opts ...option.ClientOption) (*KeyManagementClient, error)
NewKeyManagementClient creates a new key management service client.
Manages cryptographic keys and operations using those keys. Implements a REST model with the following objects:
[KeyRing][google.cloud.kms.v1.KeyRing] [CryptoKey][google.cloud.kms.v1.CryptoKey] [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] [ImportJob][google.cloud.kms.v1.ImportJob]
If you are using manual gRPC libraries, see Using gRPC with Cloud KMS (at https://cloud.google.com/kms/docs/grpc).
Code:
ctx := context.Background()
c, err := kms.NewKeyManagementClient(ctx)
if err != nil {
// TODO: Handle error.
}
// TODO: Use client.
_ = c
func (c *KeyManagementClient) AsymmetricDecrypt(ctx context.Context, req *kmspb.AsymmetricDecryptRequest, opts ...gax.CallOption) (*kmspb.AsymmetricDecryptResponse, error)
AsymmetricDecrypt decrypts data that was encrypted with a public key retrieved from [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey] corresponding to a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_DECRYPT.
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.AsymmetricDecryptRequest{ // TODO: Fill request struct fields. } resp, err := c.AsymmetricDecrypt(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
func (c *KeyManagementClient) AsymmetricSign(ctx context.Context, req *kmspb.AsymmetricSignRequest, opts ...gax.CallOption) (*kmspb.AsymmetricSignResponse, error)
AsymmetricSign signs data using a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] with [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from [GetPublicKey][google.cloud.kms.v1.KeyManagementService.GetPublicKey].
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.AsymmetricSignRequest{ // TODO: Fill request struct fields. } resp, err := c.AsymmetricSign(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
func (c *KeyManagementClient) Close() error
Close closes the connection to the API service. The user should invoke this when the client is no longer required.
func (c *KeyManagementClient) Connection() *grpc.ClientConn
Connection returns the client's connection to the API service.
func (c *KeyManagementClient) CreateCryptoKey(ctx context.Context, req *kmspb.CreateCryptoKeyRequest, opts ...gax.CallOption) (*kmspb.CryptoKey, error)
CreateCryptoKey create a new [CryptoKey][google.cloud.kms.v1.CryptoKey] within a [KeyRing][google.cloud.kms.v1.KeyRing].
[CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] and [CryptoKey.version_template.algorithm][google.cloud.kms.v1.CryptoKeyVersionTemplate.algorithm] are required.
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.CreateCryptoKeyRequest{ // TODO: Fill request struct fields. } resp, err := c.CreateCryptoKey(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
func (c *KeyManagementClient) CreateCryptoKeyVersion(ctx context.Context, req *kmspb.CreateCryptoKeyVersionRequest, opts ...gax.CallOption) (*kmspb.CryptoKeyVersion, error)
CreateCryptoKeyVersion create a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in a [CryptoKey][google.cloud.kms.v1.CryptoKey].
The server will assign the next sequential id. If unset, [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED].
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.CreateCryptoKeyVersionRequest{ // TODO: Fill request struct fields. } resp, err := c.CreateCryptoKeyVersion(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
func (c *KeyManagementClient) CreateImportJob(ctx context.Context, req *kmspb.CreateImportJobRequest, opts ...gax.CallOption) (*kmspb.ImportJob, error)
CreateImportJob create a new [ImportJob][google.cloud.kms.v1.ImportJob] within a [KeyRing][google.cloud.kms.v1.KeyRing].
[ImportJob.import_method][google.cloud.kms.v1.ImportJob.import_method] is required.
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.CreateImportJobRequest{ // TODO: Fill request struct fields. } resp, err := c.CreateImportJob(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
func (c *KeyManagementClient) CreateKeyRing(ctx context.Context, req *kmspb.CreateKeyRingRequest, opts ...gax.CallOption) (*kmspb.KeyRing, error)
CreateKeyRing create a new [KeyRing][google.cloud.kms.v1.KeyRing] in a given Project and Location.
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.CreateKeyRingRequest{ // TODO: Fill request struct fields. } resp, err := c.CreateKeyRing(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
CryptoKeyIAM returns a handle to inspect and change permissions of a CryptoKey.
Deprecated: Please use ResourceIAM and provide the CryptoKey.Name as input.
func (c *KeyManagementClient) Decrypt(ctx context.Context, req *kmspb.DecryptRequest, opts ...gax.CallOption) (*kmspb.DecryptResponse, error)
Decrypt decrypts data that was protected by [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.DecryptRequest{ // TODO: Fill request struct fields. } resp, err := c.Decrypt(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
func (c *KeyManagementClient) DestroyCryptoKeyVersion(ctx context.Context, req *kmspb.DestroyCryptoKeyVersionRequest, opts ...gax.CallOption) (*kmspb.CryptoKeyVersion, error)
DestroyCryptoKeyVersion schedule a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] for destruction.
Upon calling this method, [CryptoKeyVersion.state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED] and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be set to a time 24 hours in the future, at which point the [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be changed to [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED], and the key material will be irrevocably destroyed.
Before the [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] is reached, [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] may be called to reverse the process.
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.DestroyCryptoKeyVersionRequest{ // TODO: Fill request struct fields. } resp, err := c.DestroyCryptoKeyVersion(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
func (c *KeyManagementClient) Encrypt(ctx context.Context, req *kmspb.EncryptRequest, opts ...gax.CallOption) (*kmspb.EncryptResponse, error)
Encrypt encrypts data, so that it can only be recovered by a call to [Decrypt][google.cloud.kms.v1.KeyManagementService.Decrypt]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT].
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.EncryptRequest{ // TODO: Fill request struct fields. } resp, err := c.Encrypt(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
func (c *KeyManagementClient) GetCryptoKey(ctx context.Context, req *kmspb.GetCryptoKeyRequest, opts ...gax.CallOption) (*kmspb.CryptoKey, error)
GetCryptoKey returns metadata for a given [CryptoKey][google.cloud.kms.v1.CryptoKey], as well as its [primary][google.cloud.kms.v1.CryptoKey.primary] [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.GetCryptoKeyRequest{ // TODO: Fill request struct fields. } resp, err := c.GetCryptoKey(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
func (c *KeyManagementClient) GetCryptoKeyVersion(ctx context.Context, req *kmspb.GetCryptoKeyVersionRequest, opts ...gax.CallOption) (*kmspb.CryptoKeyVersion, error)
GetCryptoKeyVersion returns metadata for a given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion].
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.GetCryptoKeyVersionRequest{ // TODO: Fill request struct fields. } resp, err := c.GetCryptoKeyVersion(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
func (c *KeyManagementClient) GetImportJob(ctx context.Context, req *kmspb.GetImportJobRequest, opts ...gax.CallOption) (*kmspb.ImportJob, error)
GetImportJob returns metadata for a given [ImportJob][google.cloud.kms.v1.ImportJob].
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.GetImportJobRequest{ // TODO: Fill request struct fields. } resp, err := c.GetImportJob(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
func (c *KeyManagementClient) GetKeyRing(ctx context.Context, req *kmspb.GetKeyRingRequest, opts ...gax.CallOption) (*kmspb.KeyRing, error)
GetKeyRing returns metadata for a given [KeyRing][google.cloud.kms.v1.KeyRing].
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.GetKeyRingRequest{ // TODO: Fill request struct fields. } resp, err := c.GetKeyRing(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
func (c *KeyManagementClient) GetPublicKey(ctx context.Context, req *kmspb.GetPublicKeyRequest, opts ...gax.CallOption) (*kmspb.PublicKey, error)
GetPublicKey returns the public key for the given [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]. The [CryptoKey.purpose][google.cloud.kms.v1.CryptoKey.purpose] must be [ASYMMETRIC_SIGN][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_SIGN] or [ASYMMETRIC_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ASYMMETRIC_DECRYPT].
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.GetPublicKeyRequest{ // TODO: Fill request struct fields. } resp, err := c.GetPublicKey(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
func (c *KeyManagementClient) ImportCryptoKeyVersion(ctx context.Context, req *kmspb.ImportCryptoKeyVersionRequest, opts ...gax.CallOption) (*kmspb.CryptoKeyVersion, error)
ImportCryptoKeyVersion imports a new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] into an existing [CryptoKey][google.cloud.kms.v1.CryptoKey] using the wrapped key material provided in the request.
The version ID will be assigned the next sequential id within the [CryptoKey][google.cloud.kms.v1.CryptoKey].
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.ImportCryptoKeyVersionRequest{ // TODO: Fill request struct fields. } resp, err := c.ImportCryptoKeyVersion(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
KeyRingIAM returns a handle to inspect and change permissions of a KeyRing.
Deprecated: Please use ResourceIAM and provide the KeyRing.Name as input.
func (c *KeyManagementClient) ListCryptoKeyVersions(ctx context.Context, req *kmspb.ListCryptoKeyVersionsRequest, opts ...gax.CallOption) *CryptoKeyVersionIterator
ListCryptoKeyVersions lists [CryptoKeyVersions][google.cloud.kms.v1.CryptoKeyVersion].
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" // import "google.golang.org/api/iterator" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.ListCryptoKeyVersionsRequest{ // TODO: Fill request struct fields. } it := c.ListCryptoKeyVersions(ctx, req) for { resp, err := it.Next() if err == iterator.Done { break } if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
func (c *KeyManagementClient) ListCryptoKeys(ctx context.Context, req *kmspb.ListCryptoKeysRequest, opts ...gax.CallOption) *CryptoKeyIterator
ListCryptoKeys lists [CryptoKeys][google.cloud.kms.v1.CryptoKey].
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" // import "google.golang.org/api/iterator" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.ListCryptoKeysRequest{ // TODO: Fill request struct fields. } it := c.ListCryptoKeys(ctx, req) for { resp, err := it.Next() if err == iterator.Done { break } if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
func (c *KeyManagementClient) ListImportJobs(ctx context.Context, req *kmspb.ListImportJobsRequest, opts ...gax.CallOption) *ImportJobIterator
ListImportJobs lists [ImportJobs][google.cloud.kms.v1.ImportJob].
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" // import "google.golang.org/api/iterator" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.ListImportJobsRequest{ // TODO: Fill request struct fields. } it := c.ListImportJobs(ctx, req) for { resp, err := it.Next() if err == iterator.Done { break } if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
func (c *KeyManagementClient) ListKeyRings(ctx context.Context, req *kmspb.ListKeyRingsRequest, opts ...gax.CallOption) *KeyRingIterator
ListKeyRings lists [KeyRings][google.cloud.kms.v1.KeyRing].
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" // import "google.golang.org/api/iterator" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.ListKeyRingsRequest{ // TODO: Fill request struct fields. } it := c.ListKeyRings(ctx, req) for { resp, err := it.Next() if err == iterator.Done { break } if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
func (c *KeyManagementClient) ResourceIAM(resourcePath string) *iam.Handle
ResourceIAM returns a handle to inspect and change permissions of the resource indicated by the given resource path.
Code:
ctx := context.Background()
c, err := kms.NewKeyManagementClient(ctx)
if err != nil {
// TODO: Handle error.
}
// TODO: fill in key ring resource path
keyRing := "projects/[PROJECT_ID]/locations/[LOCATION]/keyRings/[KEY_RING]"
handle := c.ResourceIAM(keyRing)
policy, err := handle.Policy(ctx)
if err != nil {
// TODO: Handle error.
}
// TODO: Use policy.
_ = policy
func (c *KeyManagementClient) RestoreCryptoKeyVersion(ctx context.Context, req *kmspb.RestoreCryptoKeyVersionRequest, opts ...gax.CallOption) (*kmspb.CryptoKeyVersion, error)
RestoreCryptoKeyVersion restore a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] in the [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED] state.
Upon restoration of the CryptoKeyVersion, [state][google.cloud.kms.v1.CryptoKeyVersion.state] will be set to [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED], and [destroy_time][google.cloud.kms.v1.CryptoKeyVersion.destroy_time] will be cleared.
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.RestoreCryptoKeyVersionRequest{ // TODO: Fill request struct fields. } resp, err := c.RestoreCryptoKeyVersion(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
func (c *KeyManagementClient) UpdateCryptoKey(ctx context.Context, req *kmspb.UpdateCryptoKeyRequest, opts ...gax.CallOption) (*kmspb.CryptoKey, error)
UpdateCryptoKey update a [CryptoKey][google.cloud.kms.v1.CryptoKey].
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.UpdateCryptoKeyRequest{ // TODO: Fill request struct fields. } resp, err := c.UpdateCryptoKey(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
func (c *KeyManagementClient) UpdateCryptoKeyPrimaryVersion(ctx context.Context, req *kmspb.UpdateCryptoKeyPrimaryVersionRequest, opts ...gax.CallOption) (*kmspb.CryptoKey, error)
UpdateCryptoKeyPrimaryVersion update the version of a [CryptoKey][google.cloud.kms.v1.CryptoKey] that will be used in [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt].
Returns an error if called on an asymmetric key.
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.UpdateCryptoKeyPrimaryVersionRequest{ // TODO: Fill request struct fields. } resp, err := c.UpdateCryptoKeyPrimaryVersion(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
func (c *KeyManagementClient) UpdateCryptoKeyVersion(ctx context.Context, req *kmspb.UpdateCryptoKeyVersionRequest, opts ...gax.CallOption) (*kmspb.CryptoKeyVersion, error)
UpdateCryptoKeyVersion update a [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion]'s metadata.
[state][google.cloud.kms.v1.CryptoKeyVersion.state] may be changed between [ENABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.ENABLED] and [DISABLED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DISABLED] using this method. See [DestroyCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.DestroyCryptoKeyVersion] and [RestoreCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.RestoreCryptoKeyVersion] to move between other states.
Code:
// import kmspb "google.golang.org/genproto/googleapis/cloud/kms/v1" ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } req := &kmspb.UpdateCryptoKeyVersionRequest{ // TODO: Fill request struct fields. } resp, err := c.UpdateCryptoKeyVersion(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
type KeyRingIterator struct {
// Response is the raw response for the current page.
// It must be cast to the RPC response type.
// Calling Next() or InternalFetch() updates this value.
Response interface{}
// InternalFetch is for use by the Google Cloud Libraries only.
// It is not part of the stable interface of this package.
//
// InternalFetch returns results from a single call to the underlying RPC.
// The number of results is no greater than pageSize.
// If there are no more results, nextPageToken is empty and err is nil.
InternalFetch func(pageSize int, pageToken string) (results []*kmspb.KeyRing, nextPageToken string, err error)
// contains filtered or unexported fields
}KeyRingIterator manages a stream of *kmspb.KeyRing.
func (it *KeyRingIterator) Next() (*kmspb.KeyRing, error)
Next returns the next result. Its second return value is iterator.Done if there are no more results. Once Next returns Done, all subsequent calls will return Done.
func (it *KeyRingIterator) PageInfo() *iterator.PageInfo
PageInfo supports pagination. See the google.golang.org/api/iterator package for details.
Package kms imports 18 packages (graph) and is imported by 21 packages. Updated 2020-01-24. Refresh now. Tools for package owners.