Google Key Management Service

Use the Google Key Management Service API for CryptoKey management and encrypt/decrypt functionality.

Network Security · Google Key Management Service

Configuration parameters

  • service_account — User's Service Account JSON
  • credentials_service_account
  • project — Project in Google Cloud KMS (required)
  • location — Default Location (required)
  • key_ring — Default Key Ring
  • proxy — Use system proxy settings

Commands (15)

  • google-kms-asymmetric-decrypt

    Decrypts data using an asymmetric CryptoKey.

  • google-kms-asymmetric-encrypt

    Encrypts data using a asymmetric CryptoKey.

  • google-kms-create-key

    Creates a new CryptoKey within a KeyRing.

  • google-kms-destroy-key

    Schedules a CryptoKeyVersion for destruction.

  • google-kms-disable-key

    Disables a CryptoKeyVersion of a given CryptoKey.

  • google-kms-enable-key

    Enables a CryptoKeyVersion of a given CryptoKey.

  • google-kms-get-key

    Returns metadata for a given CryptoKey, and its primary CryptoKeyVersion.

  • google-kms-get-public-key

    Returns the public key from a given CryptoKey.

  • google-kms-list-all-keys

    Lists all CryptoKeys across all KeyRings in a given location.

  • google-kms-list-key-rings

    Lists all KeyRings in a given location.

  • google-kms-list-keys

    Lists all keys in key ring.

  • google-kms-restore-key

    Restores a CryptoKeyVersion in the DESTROY_SCHEDULED state.

  • google-kms-symmetric-decrypt

    Decrypts data that was protected by Encrypt.

  • google-kms-symmetric-encrypt

    Encrypts data, so it can only be recovered by a call to Decrypt.

  • google-kms-update-key

    Updates a CryptoKey.