Cloud Key Management Service (KMS) API

Manages keys and performs cryptographic operations in a central cloud service, for direct use by other cloud resources and applications.

Service: cloudkms.googleapis.com

The Service name cloudkms.googleapis.com is needed to create RPC client stubs.

`google.cloud.kms.v1.Autokey`

Methods
`CreateKeyHandle`	Creates a new `KeyHandle` , triggering the provisioning of a new `CryptoKey` for CMEK use with the given resource type in the configured key project and the same location.
`GetKeyHandle`	Returns the `KeyHandle` .
`ListKeyHandles`	Lists `KeyHandles` .

`google.cloud.kms.v1.AutokeyAdmin`

Methods
`GetAutokeyConfig`	Returns the `AutokeyConfig` for a folder or project.
`ShowEffectiveAutokeyConfig`	Returns the effective Cloud KMS Autokey configuration for a given project.
`UpdateAutokeyConfig`	Updates the `AutokeyConfig` for a folder.

`google.cloud.kms.v1.EkmService`

Methods
`CreateEkmConnection`	Creates a new `EkmConnection` in a given Project and Location.
`GetEkmConfig`	Returns the `EkmConfig` singleton resource for a given project and location.
`GetEkmConnection`	Returns metadata for a given `EkmConnection` .
`ListEkmConnections`	Lists `EkmConnections` .
`UpdateEkmConfig`	Updates the `EkmConfig` singleton resource for a given project and location.
`UpdateEkmConnection`	Updates an `EkmConnection` 's metadata.
`VerifyConnectivity`	Verifies that Cloud KMS can successfully connect to the external key manager specified by an `EkmConnection` .

`google.cloud.kms.v1.KeyAccessJustificationsConfig`

Methods
`GetKeyAccessJustificationsPolicyConfig`	Gets the `KeyAccessJustificationsPolicyConfig` for a given organization, folder, or project.
`ShowEffectiveKeyAccessJustificationsEnrollmentConfig`	Returns the `KeyAccessJustificationsEnrollmentConfig` of the resource closest to the given project in hierarchy.
`ShowEffectiveKeyAccessJustificationsPolicyConfig`	Returns the `KeyAccessJustificationsPolicyConfig` of the resource closest to the given project in hierarchy.
`UpdateKeyAccessJustificationsPolicyConfig`	Updates the `KeyAccessJustificationsPolicyConfig` for a given organization, folder, or project.

`google.cloud.kms.v1.KeyManagementService`

Methods
`AsymmetricDecrypt`	Decrypts data that was encrypted with a public key retrieved from `GetPublicKey` corresponding to a `CryptoKeyVersion` with `CryptoKey.purpose` ASYMMETRIC_DECRYPT.
`AsymmetricSign`	Signs data using a `CryptoKeyVersion` with `CryptoKey.purpose` ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from `GetPublicKey` .
`CreateCryptoKey`	Create a new `CryptoKey` within a `KeyRing` .
`CreateCryptoKeyVersion`	Create a new `CryptoKeyVersion` in a `CryptoKey` .
`CreateImportJob`	Create a new `ImportJob` within a `KeyRing` .
`CreateKeyRing`	Create a new `KeyRing` in a given Project and Location.
`Decapsulate`	Decapsulates data that was encapsulated with a public key retrieved from `GetPublicKey` corresponding to a `CryptoKeyVersion` with `CryptoKey.purpose` KEY_ENCAPSULATION.
`Decrypt`	Decrypts data that was protected by `Encrypt` .
`DestroyCryptoKeyVersion`	Schedule a `CryptoKeyVersion` for destruction.
`Encrypt`	Encrypts data, so that it can only be recovered by a call to `Decrypt` .
`GenerateRandomBytes`	Generate random bytes using the Cloud KMS randomness source in the provided location.
`GetCryptoKey`	Returns metadata for a given `CryptoKey` , as well as its `primary` `CryptoKeyVersion` .
`GetCryptoKeyVersion`	Returns metadata for a given `CryptoKeyVersion` .
`GetImportJob`	Returns metadata for a given `ImportJob` .
`GetKeyRing`	Returns metadata for a given `KeyRing` .
`GetPublicKey`	Returns the public key for the given `CryptoKeyVersion` .
`ImportCryptoKeyVersion`	Import wrapped key material into a `CryptoKeyVersion` .
`ListCryptoKeyVersions`	Lists `CryptoKeyVersions` .
`ListCryptoKeys`	Lists `CryptoKeys` .
`ListImportJobs`	Lists `ImportJobs` .
`ListKeyRings`	Lists `KeyRings` .
`MacSign`	Signs data using a `CryptoKeyVersion` with `CryptoKey.purpose` MAC, producing a tag that can be verified by another source with the same key.
`MacVerify`	Verifies MAC tag using a `CryptoKeyVersion` with `CryptoKey.purpose` MAC, and returns a response that indicates whether or not the verification was successful.
`RawDecrypt`	Decrypts data that was originally encrypted using a raw cryptographic mechanism.
`RawEncrypt`	Encrypts data using portable cryptographic primitives.
`RestoreCryptoKeyVersion`	Restore a `CryptoKeyVersion` in the `DESTROY_SCHEDULED` state.
`UpdateCryptoKey`	Update a `CryptoKey` .
`UpdateCryptoKeyPrimaryVersion`	Update the version of a `CryptoKey` that will be used in `Encrypt` .
`UpdateCryptoKeyVersion`	Update a `CryptoKeyVersion` 's metadata.

`google.cloud.location.Locations`

Methods
`GetLocation`	Gets information about a location.
`ListLocations`	Lists information about the supported locations for this service.

`google.iam.v1.IAMPolicy`

Methods
`GetIamPolicy`	Gets the access control policy for a resource.
`SetIamPolicy`	Sets the access control policy on the specified resource.
`TestIamPermissions`	Returns permissions that a caller has on the specified resource.

`google.longrunning.Operations`

Methods
`GetOperation`	Gets the latest state of a long-running operation.