Documentation ¶
Overview ¶
Package kms is an auto-generated package for the Cloud Key Management Service (KMS) API.
Manages keys and performs cryptographic operations in a central cloud service, for direct use by other cloud resources and applications.
General documentation ¶
For information that is relevant for all client libraries please reference https://pkg.go.dev/cloud.google.com/go#pkg-overview. Some information on this page includes:
- Authentication and Authorization
- Timeouts and Cancellation
- Testing against Client Libraries
- Debugging Client Libraries
- Inspecting errors
Example usage ¶
To get started with this package, create a client.
// go get cloud.google.com/go/kms/apiv1@latest ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close()
The client will use your default application credentials. Clients should be reused instead of created as needed. The methods of Client are safe for concurrent use by multiple goroutines. The returned client must be Closed when it is done being used.
Using the Client ¶
The following is an example of making an API call with the newly created client, mentioned above.
req := &kmspb.CreateKeyHandleRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#CreateKeyHandleRequest. } op, err := c.CreateKeyHandle(ctx, req) if err != nil { // TODO: Handle error. } resp, err := op.Wait(ctx) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp
Use of Context ¶
The ctx passed to NewAutokeyClient is used for authentication requests and for creating the underlying connection, but is not used for subsequent calls. Individual methods on the client use the ctx given to them.
To close the open connection, use the Close() method.
Index ¶
- func DefaultAuthScopes() []string
- type AutokeyAdminCallOptions
- type AutokeyAdminClient
- func (c *AutokeyAdminClient) Close() error
- func (c *AutokeyAdminClient) Connection() *grpc.ClientConndeprecated
- func (c *AutokeyAdminClient) GetAutokeyConfig(ctx context.Context, req *kmspb.GetAutokeyConfigRequest, ...) (*kmspb.AutokeyConfig, error)
- func (c *AutokeyAdminClient) GetIamPolicy(ctx context.Context, req *iampb.GetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error)
- func (c *AutokeyAdminClient) GetLocation(ctx context.Context, req *locationpb.GetLocationRequest, ...) (*locationpb.Location, error)
- func (c *AutokeyAdminClient) GetOperation(ctx context.Context, req *longrunningpb.GetOperationRequest, ...) (*longrunningpb.Operation, error)
- func (c *AutokeyAdminClient) ListLocations(ctx context.Context, req *locationpb.ListLocationsRequest, ...) *LocationIterator
- func (c *AutokeyAdminClient) SetIamPolicy(ctx context.Context, req *iampb.SetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error)
- func (c *AutokeyAdminClient) ShowEffectiveAutokeyConfig(ctx context.Context, req *kmspb.ShowEffectiveAutokeyConfigRequest, ...) (*kmspb.ShowEffectiveAutokeyConfigResponse, error)
- func (c *AutokeyAdminClient) TestIamPermissions(ctx context.Context, req *iampb.TestIamPermissionsRequest, ...) (*iampb.TestIamPermissionsResponse, error)
- func (c *AutokeyAdminClient) UpdateAutokeyConfig(ctx context.Context, req *kmspb.UpdateAutokeyConfigRequest, ...) (*kmspb.AutokeyConfig, error)
- type AutokeyCallOptions
- type AutokeyClient
- func (c *AutokeyClient) Close() error
- func (c *AutokeyClient) Connection() *grpc.ClientConndeprecated
- func (c *AutokeyClient) CreateKeyHandle(ctx context.Context, req *kmspb.CreateKeyHandleRequest, opts ...gax.CallOption) (*CreateKeyHandleOperation, error)
- func (c *AutokeyClient) CreateKeyHandleOperation(name string) *CreateKeyHandleOperation
- func (c *AutokeyClient) GetIamPolicy(ctx context.Context, req *iampb.GetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error)
- func (c *AutokeyClient) GetKeyHandle(ctx context.Context, req *kmspb.GetKeyHandleRequest, opts ...gax.CallOption) (*kmspb.KeyHandle, error)
- func (c *AutokeyClient) GetLocation(ctx context.Context, req *locationpb.GetLocationRequest, ...) (*locationpb.Location, error)
- func (c *AutokeyClient) GetOperation(ctx context.Context, req *longrunningpb.GetOperationRequest, ...) (*longrunningpb.Operation, error)
- func (c *AutokeyClient) ListKeyHandles(ctx context.Context, req *kmspb.ListKeyHandlesRequest, opts ...gax.CallOption) *KeyHandleIterator
- func (c *AutokeyClient) ListLocations(ctx context.Context, req *locationpb.ListLocationsRequest, ...) *LocationIterator
- func (c *AutokeyClient) SetIamPolicy(ctx context.Context, req *iampb.SetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error)
- func (c *AutokeyClient) TestIamPermissions(ctx context.Context, req *iampb.TestIamPermissionsRequest, ...) (*iampb.TestIamPermissionsResponse, error)
- type CreateKeyHandleOperation
- func (op *CreateKeyHandleOperation) Done() bool
- func (op *CreateKeyHandleOperation) Metadata() (*kmspb.CreateKeyHandleMetadata, error)
- func (op *CreateKeyHandleOperation) Name() string
- func (op *CreateKeyHandleOperation) Poll(ctx context.Context, opts ...gax.CallOption) (*kmspb.KeyHandle, error)
- func (op *CreateKeyHandleOperation) Wait(ctx context.Context, opts ...gax.CallOption) (*kmspb.KeyHandle, error)
- type CryptoKeyIterator
- type CryptoKeyVersionIterator
- type EkmCallOptions
- type EkmClient
- func (c *EkmClient) Close() error
- func (c *EkmClient) Connection() *grpc.ClientConndeprecated
- func (c *EkmClient) CreateEkmConnection(ctx context.Context, req *kmspb.CreateEkmConnectionRequest, ...) (*kmspb.EkmConnection, error)
- func (c *EkmClient) GetEkmConfig(ctx context.Context, req *kmspb.GetEkmConfigRequest, opts ...gax.CallOption) (*kmspb.EkmConfig, error)
- func (c *EkmClient) GetEkmConnection(ctx context.Context, req *kmspb.GetEkmConnectionRequest, ...) (*kmspb.EkmConnection, error)
- func (c *EkmClient) GetIamPolicy(ctx context.Context, req *iampb.GetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error)
- func (c *EkmClient) GetLocation(ctx context.Context, req *locationpb.GetLocationRequest, ...) (*locationpb.Location, error)
- func (c *EkmClient) GetOperation(ctx context.Context, req *longrunningpb.GetOperationRequest, ...) (*longrunningpb.Operation, error)
- func (c *EkmClient) ListEkmConnections(ctx context.Context, req *kmspb.ListEkmConnectionsRequest, ...) *EkmConnectionIterator
- func (c *EkmClient) ListLocations(ctx context.Context, req *locationpb.ListLocationsRequest, ...) *LocationIterator
- func (c *EkmClient) SetIamPolicy(ctx context.Context, req *iampb.SetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error)
- func (c *EkmClient) TestIamPermissions(ctx context.Context, req *iampb.TestIamPermissionsRequest, ...) (*iampb.TestIamPermissionsResponse, error)
- func (c *EkmClient) UpdateEkmConfig(ctx context.Context, req *kmspb.UpdateEkmConfigRequest, opts ...gax.CallOption) (*kmspb.EkmConfig, error)
- func (c *EkmClient) UpdateEkmConnection(ctx context.Context, req *kmspb.UpdateEkmConnectionRequest, ...) (*kmspb.EkmConnection, error)
- func (c *EkmClient) VerifyConnectivity(ctx context.Context, req *kmspb.VerifyConnectivityRequest, ...) (*kmspb.VerifyConnectivityResponse, error)
- type EkmConnectionIterator
- type ImportJobIterator
- type KeyHandleIterator
- type KeyManagementCallOptions
- type KeyManagementClient
- func (c *KeyManagementClient) AsymmetricDecrypt(ctx context.Context, req *kmspb.AsymmetricDecryptRequest, ...) (*kmspb.AsymmetricDecryptResponse, error)
- func (c *KeyManagementClient) AsymmetricSign(ctx context.Context, req *kmspb.AsymmetricSignRequest, opts ...gax.CallOption) (*kmspb.AsymmetricSignResponse, error)
- func (c *KeyManagementClient) Close() error
- func (c *KeyManagementClient) Connection() *grpc.ClientConndeprecated
- func (c *KeyManagementClient) CreateCryptoKey(ctx context.Context, req *kmspb.CreateCryptoKeyRequest, opts ...gax.CallOption) (*kmspb.CryptoKey, error)
- func (c *KeyManagementClient) CreateCryptoKeyVersion(ctx context.Context, req *kmspb.CreateCryptoKeyVersionRequest, ...) (*kmspb.CryptoKeyVersion, error)
- func (c *KeyManagementClient) CreateImportJob(ctx context.Context, req *kmspb.CreateImportJobRequest, opts ...gax.CallOption) (*kmspb.ImportJob, error)
- func (c *KeyManagementClient) CreateKeyRing(ctx context.Context, req *kmspb.CreateKeyRingRequest, opts ...gax.CallOption) (*kmspb.KeyRing, error)
- func (c *KeyManagementClient) CryptoKeyIAM(cryptoKey *kmspb.CryptoKey) *iam.Handledeprecated
- func (c *KeyManagementClient) Decrypt(ctx context.Context, req *kmspb.DecryptRequest, opts ...gax.CallOption) (*kmspb.DecryptResponse, error)
- func (c *KeyManagementClient) DestroyCryptoKeyVersion(ctx context.Context, req *kmspb.DestroyCryptoKeyVersionRequest, ...) (*kmspb.CryptoKeyVersion, error)
- func (c *KeyManagementClient) Encrypt(ctx context.Context, req *kmspb.EncryptRequest, opts ...gax.CallOption) (*kmspb.EncryptResponse, error)
- func (c *KeyManagementClient) GenerateRandomBytes(ctx context.Context, req *kmspb.GenerateRandomBytesRequest, ...) (*kmspb.GenerateRandomBytesResponse, error)
- func (c *KeyManagementClient) GetCryptoKey(ctx context.Context, req *kmspb.GetCryptoKeyRequest, opts ...gax.CallOption) (*kmspb.CryptoKey, error)
- func (c *KeyManagementClient) GetCryptoKeyVersion(ctx context.Context, req *kmspb.GetCryptoKeyVersionRequest, ...) (*kmspb.CryptoKeyVersion, error)
- func (c *KeyManagementClient) GetIamPolicy(ctx context.Context, req *iampb.GetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error)
- func (c *KeyManagementClient) GetImportJob(ctx context.Context, req *kmspb.GetImportJobRequest, opts ...gax.CallOption) (*kmspb.ImportJob, error)
- func (c *KeyManagementClient) GetKeyRing(ctx context.Context, req *kmspb.GetKeyRingRequest, opts ...gax.CallOption) (*kmspb.KeyRing, error)
- func (c *KeyManagementClient) GetLocation(ctx context.Context, req *locationpb.GetLocationRequest, ...) (*locationpb.Location, error)
- func (c *KeyManagementClient) GetOperation(ctx context.Context, req *longrunningpb.GetOperationRequest, ...) (*longrunningpb.Operation, error)
- func (c *KeyManagementClient) GetPublicKey(ctx context.Context, req *kmspb.GetPublicKeyRequest, opts ...gax.CallOption) (*kmspb.PublicKey, error)
- func (c *KeyManagementClient) ImportCryptoKeyVersion(ctx context.Context, req *kmspb.ImportCryptoKeyVersionRequest, ...) (*kmspb.CryptoKeyVersion, error)
- func (c *KeyManagementClient) KeyRingIAM(keyRing *kmspb.KeyRing) *iam.Handledeprecated
- func (c *KeyManagementClient) ListCryptoKeyVersions(ctx context.Context, req *kmspb.ListCryptoKeyVersionsRequest, ...) *CryptoKeyVersionIterator
- func (c *KeyManagementClient) ListCryptoKeys(ctx context.Context, req *kmspb.ListCryptoKeysRequest, opts ...gax.CallOption) *CryptoKeyIterator
- func (c *KeyManagementClient) ListImportJobs(ctx context.Context, req *kmspb.ListImportJobsRequest, opts ...gax.CallOption) *ImportJobIterator
- func (c *KeyManagementClient) ListKeyRings(ctx context.Context, req *kmspb.ListKeyRingsRequest, opts ...gax.CallOption) *KeyRingIterator
- func (c *KeyManagementClient) ListLocations(ctx context.Context, req *locationpb.ListLocationsRequest, ...) *LocationIterator
- func (c *KeyManagementClient) MacSign(ctx context.Context, req *kmspb.MacSignRequest, opts ...gax.CallOption) (*kmspb.MacSignResponse, error)
- func (c *KeyManagementClient) MacVerify(ctx context.Context, req *kmspb.MacVerifyRequest, opts ...gax.CallOption) (*kmspb.MacVerifyResponse, error)
- func (c *KeyManagementClient) RawDecrypt(ctx context.Context, req *kmspb.RawDecryptRequest, opts ...gax.CallOption) (*kmspb.RawDecryptResponse, error)
- func (c *KeyManagementClient) RawEncrypt(ctx context.Context, req *kmspb.RawEncryptRequest, opts ...gax.CallOption) (*kmspb.RawEncryptResponse, error)
- func (c *KeyManagementClient) ResourceIAM(resourcePath string) *iam.Handle
- func (c *KeyManagementClient) RestoreCryptoKeyVersion(ctx context.Context, req *kmspb.RestoreCryptoKeyVersionRequest, ...) (*kmspb.CryptoKeyVersion, error)
- func (c *KeyManagementClient) SetIamPolicy(ctx context.Context, req *iampb.SetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error)
- func (c *KeyManagementClient) TestIamPermissions(ctx context.Context, req *iampb.TestIamPermissionsRequest, ...) (*iampb.TestIamPermissionsResponse, error)
- func (c *KeyManagementClient) UpdateCryptoKey(ctx context.Context, req *kmspb.UpdateCryptoKeyRequest, opts ...gax.CallOption) (*kmspb.CryptoKey, error)
- func (c *KeyManagementClient) UpdateCryptoKeyPrimaryVersion(ctx context.Context, req *kmspb.UpdateCryptoKeyPrimaryVersionRequest, ...) (*kmspb.CryptoKey, error)
- func (c *KeyManagementClient) UpdateCryptoKeyVersion(ctx context.Context, req *kmspb.UpdateCryptoKeyVersionRequest, ...) (*kmspb.CryptoKeyVersion, error)
- type KeyRingIterator
- type LocationIterator
Examples ¶
- AutokeyAdminClient.GetAutokeyConfig
- AutokeyAdminClient.GetIamPolicy
- AutokeyAdminClient.GetLocation
- AutokeyAdminClient.GetOperation
- AutokeyAdminClient.ListLocations
- AutokeyAdminClient.ListLocations (All)
- AutokeyAdminClient.SetIamPolicy
- AutokeyAdminClient.ShowEffectiveAutokeyConfig
- AutokeyAdminClient.TestIamPermissions
- AutokeyAdminClient.UpdateAutokeyConfig
- AutokeyClient.CreateKeyHandle
- AutokeyClient.GetIamPolicy
- AutokeyClient.GetKeyHandle
- AutokeyClient.GetLocation
- AutokeyClient.GetOperation
- AutokeyClient.ListKeyHandles
- AutokeyClient.ListKeyHandles (All)
- AutokeyClient.ListLocations
- AutokeyClient.ListLocations (All)
- AutokeyClient.SetIamPolicy
- AutokeyClient.TestIamPermissions
- EkmClient.CreateEkmConnection
- EkmClient.GetEkmConfig
- EkmClient.GetEkmConnection
- EkmClient.GetIamPolicy
- EkmClient.GetLocation
- EkmClient.GetOperation
- EkmClient.ListEkmConnections
- EkmClient.ListEkmConnections (All)
- EkmClient.ListLocations
- EkmClient.ListLocations (All)
- EkmClient.SetIamPolicy
- EkmClient.TestIamPermissions
- EkmClient.UpdateEkmConfig
- EkmClient.UpdateEkmConnection
- EkmClient.VerifyConnectivity
- KeyManagementClient.AsymmetricDecrypt
- KeyManagementClient.AsymmetricSign
- KeyManagementClient.CreateCryptoKey
- KeyManagementClient.CreateCryptoKeyVersion
- KeyManagementClient.CreateImportJob
- KeyManagementClient.CreateKeyRing
- KeyManagementClient.Decrypt
- KeyManagementClient.DestroyCryptoKeyVersion
- KeyManagementClient.Encrypt
- KeyManagementClient.GenerateRandomBytes
- KeyManagementClient.GetCryptoKey
- KeyManagementClient.GetCryptoKeyVersion
- KeyManagementClient.GetIamPolicy
- KeyManagementClient.GetImportJob
- KeyManagementClient.GetKeyRing
- KeyManagementClient.GetLocation
- KeyManagementClient.GetOperation
- KeyManagementClient.GetPublicKey
- KeyManagementClient.ImportCryptoKeyVersion
- KeyManagementClient.ListCryptoKeyVersions
- KeyManagementClient.ListCryptoKeyVersions (All)
- KeyManagementClient.ListCryptoKeys
- KeyManagementClient.ListCryptoKeys (All)
- KeyManagementClient.ListImportJobs
- KeyManagementClient.ListImportJobs (All)
- KeyManagementClient.ListKeyRings
- KeyManagementClient.ListKeyRings (All)
- KeyManagementClient.ListLocations
- KeyManagementClient.ListLocations (All)
- KeyManagementClient.MacSign
- KeyManagementClient.MacVerify
- KeyManagementClient.RawDecrypt
- KeyManagementClient.RawEncrypt
- KeyManagementClient.ResourceIAM
- KeyManagementClient.RestoreCryptoKeyVersion
- KeyManagementClient.SetIamPolicy
- KeyManagementClient.TestIamPermissions
- KeyManagementClient.UpdateCryptoKey
- KeyManagementClient.UpdateCryptoKeyPrimaryVersion
- KeyManagementClient.UpdateCryptoKeyVersion
- NewAutokeyAdminClient
- NewAutokeyAdminRESTClient
- NewAutokeyClient
- NewAutokeyRESTClient
- NewEkmClient
- NewEkmRESTClient
- NewKeyManagementClient
- NewKeyManagementRESTClient
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DefaultAuthScopes ¶
func DefaultAuthScopes() []string
DefaultAuthScopes reports the default set of authentication scopes to use with this package.
Types ¶
type AutokeyAdminCallOptions ¶ added in v1.17.0
type AutokeyAdminCallOptions struct { UpdateAutokeyConfig []gax.CallOption GetAutokeyConfig []gax.CallOption ShowEffectiveAutokeyConfig []gax.CallOption GetLocation []gax.CallOption ListLocations []gax.CallOption GetIamPolicy []gax.CallOption SetIamPolicy []gax.CallOption TestIamPermissions []gax.CallOption GetOperation []gax.CallOption }
AutokeyAdminCallOptions contains the retry settings for each method of AutokeyAdminClient.
type AutokeyAdminClient ¶ added in v1.17.0
type AutokeyAdminClient struct { // The call options for this service. CallOptions *AutokeyAdminCallOptions // contains filtered or unexported fields }
AutokeyAdminClient is a client for interacting with Cloud Key Management Service (KMS) API. Methods, except Close, may be called concurrently. However, fields must not be modified concurrently with method calls.
Provides interfaces for managing Cloud KMS Autokey (at https://cloud.google.com/kms/help/autokey) folder-level configurations. A configuration is inherited by all descendent projects. A configuration at one folder overrides any other configurations in its ancestry. Setting a configuration on a folder is a prerequisite for Cloud KMS Autokey, so that users working in a descendant project can request provisioned CryptoKeys, ready for Customer Managed Encryption Key (CMEK) use, on-demand.
func NewAutokeyAdminClient ¶ added in v1.17.0
func NewAutokeyAdminClient(ctx context.Context, opts ...option.ClientOption) (*AutokeyAdminClient, error)
NewAutokeyAdminClient creates a new autokey admin client based on gRPC. The returned client must be Closed when it is done being used to clean up its underlying connections.
Provides interfaces for managing Cloud KMS Autokey (at https://cloud.google.com/kms/help/autokey) folder-level configurations. A configuration is inherited by all descendent projects. A configuration at one folder overrides any other configurations in its ancestry. Setting a configuration on a folder is a prerequisite for Cloud KMS Autokey, so that users working in a descendant project can request provisioned CryptoKeys, ready for Customer Managed Encryption Key (CMEK) use, on-demand.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyAdminClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() // TODO: Use client. _ = c }
Output:
func NewAutokeyAdminRESTClient ¶ added in v1.17.0
func NewAutokeyAdminRESTClient(ctx context.Context, opts ...option.ClientOption) (*AutokeyAdminClient, error)
NewAutokeyAdminRESTClient creates a new autokey admin rest client.
Provides interfaces for managing Cloud KMS Autokey (at https://cloud.google.com/kms/help/autokey) folder-level configurations. A configuration is inherited by all descendent projects. A configuration at one folder overrides any other configurations in its ancestry. Setting a configuration on a folder is a prerequisite for Cloud KMS Autokey, so that users working in a descendant project can request provisioned CryptoKeys, ready for Customer Managed Encryption Key (CMEK) use, on-demand.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyAdminRESTClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() // TODO: Use client. _ = c }
Output:
func (*AutokeyAdminClient) Close ¶ added in v1.17.0
func (c *AutokeyAdminClient) Close() error
Close closes the connection to the API service. The user should invoke this when the client is no longer required.
func (*AutokeyAdminClient) Connection
deprecated
added in
v1.17.0
func (c *AutokeyAdminClient) Connection() *grpc.ClientConn
Connection returns a connection to the API service.
Deprecated: Connections are now pooled so this method does not always return the same resource.
func (*AutokeyAdminClient) GetAutokeyConfig ¶ added in v1.17.0
func (c *AutokeyAdminClient) GetAutokeyConfig(ctx context.Context, req *kmspb.GetAutokeyConfigRequest, opts ...gax.CallOption) (*kmspb.AutokeyConfig, error)
GetAutokeyConfig returns the AutokeyConfig for a folder.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyAdminClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.GetAutokeyConfigRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#GetAutokeyConfigRequest. } resp, err := c.GetAutokeyConfig(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*AutokeyAdminClient) GetIamPolicy ¶ added in v1.17.0
func (c *AutokeyAdminClient) GetIamPolicy(ctx context.Context, req *iampb.GetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error)
GetIamPolicy gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.
Example ¶
package main import ( "context" iampb "cloud.google.com/go/iam/apiv1/iampb" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyAdminClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &iampb.GetIamPolicyRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/iam/apiv1/iampb#GetIamPolicyRequest. } resp, err := c.GetIamPolicy(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*AutokeyAdminClient) GetLocation ¶ added in v1.17.0
func (c *AutokeyAdminClient) GetLocation(ctx context.Context, req *locationpb.GetLocationRequest, opts ...gax.CallOption) (*locationpb.Location, error)
GetLocation gets information about a location.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" locationpb "google.golang.org/genproto/googleapis/cloud/location" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyAdminClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &locationpb.GetLocationRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/location#GetLocationRequest. } resp, err := c.GetLocation(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*AutokeyAdminClient) GetOperation ¶ added in v1.17.0
func (c *AutokeyAdminClient) GetOperation(ctx context.Context, req *longrunningpb.GetOperationRequest, opts ...gax.CallOption) (*longrunningpb.Operation, error)
GetOperation is a utility method from google.longrunning.Operations.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" longrunningpb "cloud.google.com/go/longrunning/autogen/longrunningpb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyAdminClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &longrunningpb.GetOperationRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/longrunning/autogen/longrunningpb#GetOperationRequest. } resp, err := c.GetOperation(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*AutokeyAdminClient) ListLocations ¶ added in v1.17.0
func (c *AutokeyAdminClient) ListLocations(ctx context.Context, req *locationpb.ListLocationsRequest, opts ...gax.CallOption) *LocationIterator
ListLocations lists information about the supported locations for this service.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" "google.golang.org/api/iterator" locationpb "google.golang.org/genproto/googleapis/cloud/location" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyAdminClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &locationpb.ListLocationsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/location#ListLocationsRequest. } it := c.ListLocations(ctx, req) for { resp, err := it.Next() if err == iterator.Done { break } if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp // If you need to access the underlying RPC response, // you can do so by casting the `Response` as below. // Otherwise, remove this line. Only populated after // first call to Next(). Not safe for concurrent access. _ = it.Response.(*locationpb.ListLocationsResponse) } }
Output:
Example (All) ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" locationpb "google.golang.org/genproto/googleapis/cloud/location" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyAdminClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &locationpb.ListLocationsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/location#ListLocationsRequest. } for resp, err := range c.ListLocations(ctx, req).All() { if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp } }
Output:
func (*AutokeyAdminClient) SetIamPolicy ¶ added in v1.17.0
func (c *AutokeyAdminClient) SetIamPolicy(ctx context.Context, req *iampb.SetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error)
SetIamPolicy sets the access control policy on the specified resource. Replaces any existing policy.
Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIED errors.
Example ¶
package main import ( "context" iampb "cloud.google.com/go/iam/apiv1/iampb" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyAdminClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &iampb.SetIamPolicyRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/iam/apiv1/iampb#SetIamPolicyRequest. } resp, err := c.SetIamPolicy(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*AutokeyAdminClient) ShowEffectiveAutokeyConfig ¶ added in v1.17.0
func (c *AutokeyAdminClient) ShowEffectiveAutokeyConfig(ctx context.Context, req *kmspb.ShowEffectiveAutokeyConfigRequest, opts ...gax.CallOption) (*kmspb.ShowEffectiveAutokeyConfigResponse, error)
ShowEffectiveAutokeyConfig returns the effective Cloud KMS Autokey configuration for a given project.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyAdminClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.ShowEffectiveAutokeyConfigRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#ShowEffectiveAutokeyConfigRequest. } resp, err := c.ShowEffectiveAutokeyConfig(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*AutokeyAdminClient) TestIamPermissions ¶ added in v1.17.0
func (c *AutokeyAdminClient) TestIamPermissions(ctx context.Context, req *iampb.TestIamPermissionsRequest, opts ...gax.CallOption) (*iampb.TestIamPermissionsResponse, error)
TestIamPermissions returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may “fail open” without warning.
Example ¶
package main import ( "context" iampb "cloud.google.com/go/iam/apiv1/iampb" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyAdminClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &iampb.TestIamPermissionsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/iam/apiv1/iampb#TestIamPermissionsRequest. } resp, err := c.TestIamPermissions(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*AutokeyAdminClient) UpdateAutokeyConfig ¶ added in v1.17.0
func (c *AutokeyAdminClient) UpdateAutokeyConfig(ctx context.Context, req *kmspb.UpdateAutokeyConfigRequest, opts ...gax.CallOption) (*kmspb.AutokeyConfig, error)
UpdateAutokeyConfig updates the AutokeyConfig for a folder. The caller must have both cloudkms.autokeyConfigs.update permission on the parent folder and cloudkms.cryptoKeys.setIamPolicy permission on the provided key project. A KeyHandle creation in the folder’s descendant projects will use this configuration to determine where to create the resulting CryptoKey.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyAdminClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.UpdateAutokeyConfigRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#UpdateAutokeyConfigRequest. } resp, err := c.UpdateAutokeyConfig(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
type AutokeyCallOptions ¶ added in v1.17.0
type AutokeyCallOptions struct { CreateKeyHandle []gax.CallOption GetKeyHandle []gax.CallOption ListKeyHandles []gax.CallOption GetLocation []gax.CallOption ListLocations []gax.CallOption GetIamPolicy []gax.CallOption SetIamPolicy []gax.CallOption TestIamPermissions []gax.CallOption GetOperation []gax.CallOption }
AutokeyCallOptions contains the retry settings for each method of AutokeyClient.
type AutokeyClient ¶ added in v1.17.0
type AutokeyClient struct { // The call options for this service. CallOptions *AutokeyCallOptions // LROClient is used internally to handle long-running operations. // It is exposed so that its CallOptions can be modified if required. // Users should not Close this client. LROClient *lroauto.OperationsClient // contains filtered or unexported fields }
AutokeyClient is a client for interacting with Cloud Key Management Service (KMS) API. Methods, except Close, may be called concurrently. However, fields must not be modified concurrently with method calls.
Provides interfaces for using Cloud KMS Autokey (at https://cloud.google.com/kms/help/autokey) to provision new CryptoKeys, ready for Customer Managed Encryption Key (CMEK) use, on-demand. To support certain client tooling, this feature is modeled around a KeyHandle resource: creating a KeyHandle in a resource project and given location triggers Cloud KMS Autokey to provision a CryptoKey in the configured key project and the same location.
Prior to use in a given resource project, UpdateAutokeyConfig should have been called on an ancestor folder, setting the key project where Cloud KMS Autokey should create new CryptoKeys. See documentation for additional prerequisites. To check what key project, if any, is currently configured on a resource project’s ancestor folder, see ShowEffectiveAutokeyConfig.
func NewAutokeyClient ¶ added in v1.17.0
func NewAutokeyClient(ctx context.Context, opts ...option.ClientOption) (*AutokeyClient, error)
NewAutokeyClient creates a new autokey client based on gRPC. The returned client must be Closed when it is done being used to clean up its underlying connections.
Provides interfaces for using Cloud KMS Autokey (at https://cloud.google.com/kms/help/autokey) to provision new CryptoKeys, ready for Customer Managed Encryption Key (CMEK) use, on-demand. To support certain client tooling, this feature is modeled around a KeyHandle resource: creating a KeyHandle in a resource project and given location triggers Cloud KMS Autokey to provision a CryptoKey in the configured key project and the same location.
Prior to use in a given resource project, UpdateAutokeyConfig should have been called on an ancestor folder, setting the key project where Cloud KMS Autokey should create new CryptoKeys. See documentation for additional prerequisites. To check what key project, if any, is currently configured on a resource project’s ancestor folder, see ShowEffectiveAutokeyConfig.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() // TODO: Use client. _ = c }
Output:
func NewAutokeyRESTClient ¶ added in v1.17.0
func NewAutokeyRESTClient(ctx context.Context, opts ...option.ClientOption) (*AutokeyClient, error)
NewAutokeyRESTClient creates a new autokey rest client.
Provides interfaces for using Cloud KMS Autokey (at https://cloud.google.com/kms/help/autokey) to provision new CryptoKeys, ready for Customer Managed Encryption Key (CMEK) use, on-demand. To support certain client tooling, this feature is modeled around a KeyHandle resource: creating a KeyHandle in a resource project and given location triggers Cloud KMS Autokey to provision a CryptoKey in the configured key project and the same location.
Prior to use in a given resource project, UpdateAutokeyConfig should have been called on an ancestor folder, setting the key project where Cloud KMS Autokey should create new CryptoKeys. See documentation for additional prerequisites. To check what key project, if any, is currently configured on a resource project’s ancestor folder, see ShowEffectiveAutokeyConfig.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyRESTClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() // TODO: Use client. _ = c }
Output:
func (*AutokeyClient) Close ¶ added in v1.17.0
func (c *AutokeyClient) Close() error
Close closes the connection to the API service. The user should invoke this when the client is no longer required.
func (*AutokeyClient) Connection
deprecated
added in
v1.17.0
func (c *AutokeyClient) Connection() *grpc.ClientConn
Connection returns a connection to the API service.
Deprecated: Connections are now pooled so this method does not always return the same resource.
func (*AutokeyClient) CreateKeyHandle ¶ added in v1.17.0
func (c *AutokeyClient) CreateKeyHandle(ctx context.Context, req *kmspb.CreateKeyHandleRequest, opts ...gax.CallOption) (*CreateKeyHandleOperation, error)
CreateKeyHandle creates a new KeyHandle, triggering the provisioning of a new CryptoKey for CMEK use with the given resource type in the configured key project and the same location. GetOperation should be used to resolve the resulting long-running operation and get the resulting KeyHandle and CryptoKey.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.CreateKeyHandleRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#CreateKeyHandleRequest. } op, err := c.CreateKeyHandle(ctx, req) if err != nil { // TODO: Handle error. } resp, err := op.Wait(ctx) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*AutokeyClient) CreateKeyHandleOperation ¶ added in v1.17.0
func (c *AutokeyClient) CreateKeyHandleOperation(name string) *CreateKeyHandleOperation
CreateKeyHandleOperation returns a new CreateKeyHandleOperation from a given name. The name must be that of a previously created CreateKeyHandleOperation, possibly from a different process.
func (*AutokeyClient) GetIamPolicy ¶ added in v1.17.0
func (c *AutokeyClient) GetIamPolicy(ctx context.Context, req *iampb.GetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error)
GetIamPolicy gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.
Example ¶
package main import ( "context" iampb "cloud.google.com/go/iam/apiv1/iampb" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &iampb.GetIamPolicyRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/iam/apiv1/iampb#GetIamPolicyRequest. } resp, err := c.GetIamPolicy(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*AutokeyClient) GetKeyHandle ¶ added in v1.17.0
func (c *AutokeyClient) GetKeyHandle(ctx context.Context, req *kmspb.GetKeyHandleRequest, opts ...gax.CallOption) (*kmspb.KeyHandle, error)
GetKeyHandle returns the KeyHandle.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.GetKeyHandleRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#GetKeyHandleRequest. } resp, err := c.GetKeyHandle(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*AutokeyClient) GetLocation ¶ added in v1.17.0
func (c *AutokeyClient) GetLocation(ctx context.Context, req *locationpb.GetLocationRequest, opts ...gax.CallOption) (*locationpb.Location, error)
GetLocation gets information about a location.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" locationpb "google.golang.org/genproto/googleapis/cloud/location" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &locationpb.GetLocationRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/location#GetLocationRequest. } resp, err := c.GetLocation(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*AutokeyClient) GetOperation ¶ added in v1.17.0
func (c *AutokeyClient) GetOperation(ctx context.Context, req *longrunningpb.GetOperationRequest, opts ...gax.CallOption) (*longrunningpb.Operation, error)
GetOperation is a utility method from google.longrunning.Operations.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" longrunningpb "cloud.google.com/go/longrunning/autogen/longrunningpb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &longrunningpb.GetOperationRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/longrunning/autogen/longrunningpb#GetOperationRequest. } resp, err := c.GetOperation(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*AutokeyClient) ListKeyHandles ¶ added in v1.17.0
func (c *AutokeyClient) ListKeyHandles(ctx context.Context, req *kmspb.ListKeyHandlesRequest, opts ...gax.CallOption) *KeyHandleIterator
ListKeyHandles lists KeyHandles.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" "google.golang.org/api/iterator" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.ListKeyHandlesRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#ListKeyHandlesRequest. } it := c.ListKeyHandles(ctx, req) for { resp, err := it.Next() if err == iterator.Done { break } if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp // If you need to access the underlying RPC response, // you can do so by casting the `Response` as below. // Otherwise, remove this line. Only populated after // first call to Next(). Not safe for concurrent access. _ = it.Response.(*kmspb.ListKeyHandlesResponse) } }
Output:
Example (All) ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.ListKeyHandlesRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#ListKeyHandlesRequest. } for resp, err := range c.ListKeyHandles(ctx, req).All() { if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp } }
Output:
func (*AutokeyClient) ListLocations ¶ added in v1.17.0
func (c *AutokeyClient) ListLocations(ctx context.Context, req *locationpb.ListLocationsRequest, opts ...gax.CallOption) *LocationIterator
ListLocations lists information about the supported locations for this service.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" "google.golang.org/api/iterator" locationpb "google.golang.org/genproto/googleapis/cloud/location" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &locationpb.ListLocationsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/location#ListLocationsRequest. } it := c.ListLocations(ctx, req) for { resp, err := it.Next() if err == iterator.Done { break } if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp // If you need to access the underlying RPC response, // you can do so by casting the `Response` as below. // Otherwise, remove this line. Only populated after // first call to Next(). Not safe for concurrent access. _ = it.Response.(*locationpb.ListLocationsResponse) } }
Output:
Example (All) ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" locationpb "google.golang.org/genproto/googleapis/cloud/location" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &locationpb.ListLocationsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/location#ListLocationsRequest. } for resp, err := range c.ListLocations(ctx, req).All() { if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp } }
Output:
func (*AutokeyClient) SetIamPolicy ¶ added in v1.17.0
func (c *AutokeyClient) SetIamPolicy(ctx context.Context, req *iampb.SetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error)
SetIamPolicy sets the access control policy on the specified resource. Replaces any existing policy.
Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIED errors.
Example ¶
package main import ( "context" iampb "cloud.google.com/go/iam/apiv1/iampb" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &iampb.SetIamPolicyRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/iam/apiv1/iampb#SetIamPolicyRequest. } resp, err := c.SetIamPolicy(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*AutokeyClient) TestIamPermissions ¶ added in v1.17.0
func (c *AutokeyClient) TestIamPermissions(ctx context.Context, req *iampb.TestIamPermissionsRequest, opts ...gax.CallOption) (*iampb.TestIamPermissionsResponse, error)
TestIamPermissions returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may “fail open” without warning.
Example ¶
package main import ( "context" iampb "cloud.google.com/go/iam/apiv1/iampb" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewAutokeyClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &iampb.TestIamPermissionsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/iam/apiv1/iampb#TestIamPermissionsRequest. } resp, err := c.TestIamPermissions(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
type CreateKeyHandleOperation ¶ added in v1.17.0
type CreateKeyHandleOperation struct {
// contains filtered or unexported fields
}
CreateKeyHandleOperation manages a long-running operation from CreateKeyHandle.
func (*CreateKeyHandleOperation) Done ¶ added in v1.17.0
func (op *CreateKeyHandleOperation) Done() bool
Done reports whether the long-running operation has completed.
func (*CreateKeyHandleOperation) Metadata ¶ added in v1.17.0
func (op *CreateKeyHandleOperation) Metadata() (*kmspb.CreateKeyHandleMetadata, error)
Metadata returns metadata associated with the long-running operation. Metadata itself does not contact the server, but Poll does. To get the latest metadata, call this method after a successful call to Poll. If the metadata is not available, the returned metadata and error are both nil.
func (*CreateKeyHandleOperation) Name ¶ added in v1.17.0
func (op *CreateKeyHandleOperation) Name() string
Name returns the name of the long-running operation. The name is assigned by the server and is unique within the service from which the operation is created.
func (*CreateKeyHandleOperation) Poll ¶ added in v1.17.0
func (op *CreateKeyHandleOperation) Poll(ctx context.Context, opts ...gax.CallOption) (*kmspb.KeyHandle, error)
Poll fetches the latest state of the long-running operation.
Poll also fetches the latest metadata, which can be retrieved by Metadata.
If Poll fails, the error is returned and op is unmodified. If Poll succeeds and the operation has completed with failure, the error is returned and op.Done will return true. If Poll succeeds and the operation has completed successfully, op.Done will return true, and the response of the operation is returned. If Poll succeeds and the operation has not completed, the returned response and error are both nil.
func (*CreateKeyHandleOperation) Wait ¶ added in v1.17.0
func (op *CreateKeyHandleOperation) Wait(ctx context.Context, opts ...gax.CallOption) (*kmspb.KeyHandle, error)
Wait blocks until the long-running operation is completed, returning the response and any errors encountered.
See documentation of Poll for error-handling information.
type CryptoKeyIterator ¶
type CryptoKeyIterator struct { // Response is the raw response for the current page. // It must be cast to the RPC response type. // Calling Next() or InternalFetch() updates this value. Response interface{} // InternalFetch is for use by the Google Cloud Libraries only. // It is not part of the stable interface of this package. // // InternalFetch returns results from a single call to the underlying RPC. // The number of results is no greater than pageSize. // If there are no more results, nextPageToken is empty and err is nil. InternalFetch func(pageSize int, pageToken string) (results []*kmspb.CryptoKey, nextPageToken string, err error) // contains filtered or unexported fields }
CryptoKeyIterator manages a stream of *kmspb.CryptoKey.
func (*CryptoKeyIterator) All ¶ added in v1.19.1
All returns an iterator. If an error is returned by the iterator, the iterator will stop after that iteration.
func (*CryptoKeyIterator) Next ¶
func (it *CryptoKeyIterator) Next() (*kmspb.CryptoKey, error)
Next returns the next result. Its second return value is iterator.Done if there are no more results. Once Next returns Done, all subsequent calls will return Done.
func (*CryptoKeyIterator) PageInfo ¶
func (it *CryptoKeyIterator) PageInfo() *iterator.PageInfo
PageInfo supports pagination. See the google.golang.org/api/iterator package for details.
type CryptoKeyVersionIterator ¶
type CryptoKeyVersionIterator struct { // Response is the raw response for the current page. // It must be cast to the RPC response type. // Calling Next() or InternalFetch() updates this value. Response interface{} // InternalFetch is for use by the Google Cloud Libraries only. // It is not part of the stable interface of this package. // // InternalFetch returns results from a single call to the underlying RPC. // The number of results is no greater than pageSize. // If there are no more results, nextPageToken is empty and err is nil. InternalFetch func(pageSize int, pageToken string) (results []*kmspb.CryptoKeyVersion, nextPageToken string, err error) // contains filtered or unexported fields }
CryptoKeyVersionIterator manages a stream of *kmspb.CryptoKeyVersion.
func (*CryptoKeyVersionIterator) All ¶ added in v1.19.1
func (it *CryptoKeyVersionIterator) All() iter.Seq2[*kmspb.CryptoKeyVersion, error]
All returns an iterator. If an error is returned by the iterator, the iterator will stop after that iteration.
func (*CryptoKeyVersionIterator) Next ¶
func (it *CryptoKeyVersionIterator) Next() (*kmspb.CryptoKeyVersion, error)
Next returns the next result. Its second return value is iterator.Done if there are no more results. Once Next returns Done, all subsequent calls will return Done.
func (*CryptoKeyVersionIterator) PageInfo ¶
func (it *CryptoKeyVersionIterator) PageInfo() *iterator.PageInfo
PageInfo supports pagination. See the google.golang.org/api/iterator package for details.
type EkmCallOptions ¶ added in v1.2.0
type EkmCallOptions struct { ListEkmConnections []gax.CallOption GetEkmConnection []gax.CallOption CreateEkmConnection []gax.CallOption UpdateEkmConnection []gax.CallOption GetEkmConfig []gax.CallOption UpdateEkmConfig []gax.CallOption VerifyConnectivity []gax.CallOption GetLocation []gax.CallOption ListLocations []gax.CallOption GetIamPolicy []gax.CallOption SetIamPolicy []gax.CallOption TestIamPermissions []gax.CallOption GetOperation []gax.CallOption }
EkmCallOptions contains the retry settings for each method of EkmClient.
type EkmClient ¶ added in v1.2.0
type EkmClient struct { // The call options for this service. CallOptions *EkmCallOptions // contains filtered or unexported fields }
EkmClient is a client for interacting with Cloud Key Management Service (KMS) API. Methods, except Close, may be called concurrently. However, fields must not be modified concurrently with method calls.
Google Cloud Key Management EKM Service ¶
Manages external cryptographic keys and operations using those keys. Implements a REST model with the following objects:
EkmConnection
func NewEkmClient ¶ added in v1.2.0
NewEkmClient creates a new ekm service client based on gRPC. The returned client must be Closed when it is done being used to clean up its underlying connections.
Google Cloud Key Management EKM Service ¶
Manages external cryptographic keys and operations using those keys. Implements a REST model with the following objects:
EkmConnection
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewEkmClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() // TODO: Use client. _ = c }
Output:
func NewEkmRESTClient ¶ added in v1.8.0
NewEkmRESTClient creates a new ekm service rest client.
Google Cloud Key Management EKM Service ¶
Manages external cryptographic keys and operations using those keys. Implements a REST model with the following objects:
EkmConnection
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewEkmRESTClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() // TODO: Use client. _ = c }
Output:
func (*EkmClient) Close ¶ added in v1.2.0
Close closes the connection to the API service. The user should invoke this when the client is no longer required.
func (*EkmClient) Connection
deprecated
added in
v1.2.0
func (c *EkmClient) Connection() *grpc.ClientConn
Connection returns a connection to the API service.
Deprecated: Connections are now pooled so this method does not always return the same resource.
func (*EkmClient) CreateEkmConnection ¶ added in v1.2.0
func (c *EkmClient) CreateEkmConnection(ctx context.Context, req *kmspb.CreateEkmConnectionRequest, opts ...gax.CallOption) (*kmspb.EkmConnection, error)
CreateEkmConnection creates a new EkmConnection in a given Project and Location.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewEkmClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.CreateEkmConnectionRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#CreateEkmConnectionRequest. } resp, err := c.CreateEkmConnection(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*EkmClient) GetEkmConfig ¶ added in v1.10.0
func (c *EkmClient) GetEkmConfig(ctx context.Context, req *kmspb.GetEkmConfigRequest, opts ...gax.CallOption) (*kmspb.EkmConfig, error)
GetEkmConfig returns the EkmConfig singleton resource for a given project and location.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewEkmClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.GetEkmConfigRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#GetEkmConfigRequest. } resp, err := c.GetEkmConfig(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*EkmClient) GetEkmConnection ¶ added in v1.2.0
func (c *EkmClient) GetEkmConnection(ctx context.Context, req *kmspb.GetEkmConnectionRequest, opts ...gax.CallOption) (*kmspb.EkmConnection, error)
GetEkmConnection returns metadata for a given EkmConnection.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewEkmClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.GetEkmConnectionRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#GetEkmConnectionRequest. } resp, err := c.GetEkmConnection(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*EkmClient) GetIamPolicy ¶ added in v1.2.0
func (c *EkmClient) GetIamPolicy(ctx context.Context, req *iampb.GetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error)
GetIamPolicy gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.
Example ¶
package main import ( "context" iampb "cloud.google.com/go/iam/apiv1/iampb" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewEkmClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &iampb.GetIamPolicyRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/iam/apiv1/iampb#GetIamPolicyRequest. } resp, err := c.GetIamPolicy(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*EkmClient) GetLocation ¶ added in v1.5.0
func (c *EkmClient) GetLocation(ctx context.Context, req *locationpb.GetLocationRequest, opts ...gax.CallOption) (*locationpb.Location, error)
GetLocation gets information about a location.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" locationpb "google.golang.org/genproto/googleapis/cloud/location" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewEkmClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &locationpb.GetLocationRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/location#GetLocationRequest. } resp, err := c.GetLocation(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*EkmClient) GetOperation ¶ added in v1.16.0
func (c *EkmClient) GetOperation(ctx context.Context, req *longrunningpb.GetOperationRequest, opts ...gax.CallOption) (*longrunningpb.Operation, error)
GetOperation is a utility method from google.longrunning.Operations.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" longrunningpb "cloud.google.com/go/longrunning/autogen/longrunningpb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewEkmClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &longrunningpb.GetOperationRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/longrunning/autogen/longrunningpb#GetOperationRequest. } resp, err := c.GetOperation(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*EkmClient) ListEkmConnections ¶ added in v1.2.0
func (c *EkmClient) ListEkmConnections(ctx context.Context, req *kmspb.ListEkmConnectionsRequest, opts ...gax.CallOption) *EkmConnectionIterator
ListEkmConnections lists EkmConnections.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" "google.golang.org/api/iterator" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewEkmClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.ListEkmConnectionsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#ListEkmConnectionsRequest. } it := c.ListEkmConnections(ctx, req) for { resp, err := it.Next() if err == iterator.Done { break } if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp // If you need to access the underlying RPC response, // you can do so by casting the `Response` as below. // Otherwise, remove this line. Only populated after // first call to Next(). Not safe for concurrent access. _ = it.Response.(*kmspb.ListEkmConnectionsResponse) } }
Output:
Example (All) ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewEkmClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.ListEkmConnectionsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#ListEkmConnectionsRequest. } for resp, err := range c.ListEkmConnections(ctx, req).All() { if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp } }
Output:
func (*EkmClient) ListLocations ¶ added in v1.5.0
func (c *EkmClient) ListLocations(ctx context.Context, req *locationpb.ListLocationsRequest, opts ...gax.CallOption) *LocationIterator
ListLocations lists information about the supported locations for this service.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" "google.golang.org/api/iterator" locationpb "google.golang.org/genproto/googleapis/cloud/location" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewEkmClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &locationpb.ListLocationsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/location#ListLocationsRequest. } it := c.ListLocations(ctx, req) for { resp, err := it.Next() if err == iterator.Done { break } if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp // If you need to access the underlying RPC response, // you can do so by casting the `Response` as below. // Otherwise, remove this line. Only populated after // first call to Next(). Not safe for concurrent access. _ = it.Response.(*locationpb.ListLocationsResponse) } }
Output:
Example (All) ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" locationpb "google.golang.org/genproto/googleapis/cloud/location" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewEkmClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &locationpb.ListLocationsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/location#ListLocationsRequest. } for resp, err := range c.ListLocations(ctx, req).All() { if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp } }
Output:
func (*EkmClient) SetIamPolicy ¶ added in v1.2.0
func (c *EkmClient) SetIamPolicy(ctx context.Context, req *iampb.SetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error)
SetIamPolicy sets the access control policy on the specified resource. Replaces any existing policy.
Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIED errors.
Example ¶
package main import ( "context" iampb "cloud.google.com/go/iam/apiv1/iampb" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewEkmClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &iampb.SetIamPolicyRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/iam/apiv1/iampb#SetIamPolicyRequest. } resp, err := c.SetIamPolicy(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*EkmClient) TestIamPermissions ¶ added in v1.2.0
func (c *EkmClient) TestIamPermissions(ctx context.Context, req *iampb.TestIamPermissionsRequest, opts ...gax.CallOption) (*iampb.TestIamPermissionsResponse, error)
TestIamPermissions returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may “fail open” without warning.
Example ¶
package main import ( "context" iampb "cloud.google.com/go/iam/apiv1/iampb" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewEkmClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &iampb.TestIamPermissionsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/iam/apiv1/iampb#TestIamPermissionsRequest. } resp, err := c.TestIamPermissions(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*EkmClient) UpdateEkmConfig ¶ added in v1.10.0
func (c *EkmClient) UpdateEkmConfig(ctx context.Context, req *kmspb.UpdateEkmConfigRequest, opts ...gax.CallOption) (*kmspb.EkmConfig, error)
UpdateEkmConfig updates the EkmConfig singleton resource for a given project and location.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewEkmClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.UpdateEkmConfigRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#UpdateEkmConfigRequest. } resp, err := c.UpdateEkmConfig(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*EkmClient) UpdateEkmConnection ¶ added in v1.2.0
func (c *EkmClient) UpdateEkmConnection(ctx context.Context, req *kmspb.UpdateEkmConnectionRequest, opts ...gax.CallOption) (*kmspb.EkmConnection, error)
UpdateEkmConnection updates an EkmConnection's metadata.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewEkmClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.UpdateEkmConnectionRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#UpdateEkmConnectionRequest. } resp, err := c.UpdateEkmConnection(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*EkmClient) VerifyConnectivity ¶ added in v1.11.0
func (c *EkmClient) VerifyConnectivity(ctx context.Context, req *kmspb.VerifyConnectivityRequest, opts ...gax.CallOption) (*kmspb.VerifyConnectivityResponse, error)
VerifyConnectivity verifies that Cloud KMS can successfully connect to the external key manager specified by an EkmConnection. If there is an error connecting to the EKM, this method returns a FAILED_PRECONDITION status containing structured information as described at https://cloud.google.com/kms/docs/reference/ekm_errors (at https://cloud.google.com/kms/docs/reference/ekm_errors).
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewEkmClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.VerifyConnectivityRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#VerifyConnectivityRequest. } resp, err := c.VerifyConnectivity(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
type EkmConnectionIterator ¶ added in v1.2.0
type EkmConnectionIterator struct { // Response is the raw response for the current page. // It must be cast to the RPC response type. // Calling Next() or InternalFetch() updates this value. Response interface{} // InternalFetch is for use by the Google Cloud Libraries only. // It is not part of the stable interface of this package. // // InternalFetch returns results from a single call to the underlying RPC. // The number of results is no greater than pageSize. // If there are no more results, nextPageToken is empty and err is nil. InternalFetch func(pageSize int, pageToken string) (results []*kmspb.EkmConnection, nextPageToken string, err error) // contains filtered or unexported fields }
EkmConnectionIterator manages a stream of *kmspb.EkmConnection.
func (*EkmConnectionIterator) All ¶ added in v1.19.1
func (it *EkmConnectionIterator) All() iter.Seq2[*kmspb.EkmConnection, error]
All returns an iterator. If an error is returned by the iterator, the iterator will stop after that iteration.
func (*EkmConnectionIterator) Next ¶ added in v1.2.0
func (it *EkmConnectionIterator) Next() (*kmspb.EkmConnection, error)
Next returns the next result. Its second return value is iterator.Done if there are no more results. Once Next returns Done, all subsequent calls will return Done.
func (*EkmConnectionIterator) PageInfo ¶ added in v1.2.0
func (it *EkmConnectionIterator) PageInfo() *iterator.PageInfo
PageInfo supports pagination. See the google.golang.org/api/iterator package for details.
type ImportJobIterator ¶
type ImportJobIterator struct { // Response is the raw response for the current page. // It must be cast to the RPC response type. // Calling Next() or InternalFetch() updates this value. Response interface{} // InternalFetch is for use by the Google Cloud Libraries only. // It is not part of the stable interface of this package. // // InternalFetch returns results from a single call to the underlying RPC. // The number of results is no greater than pageSize. // If there are no more results, nextPageToken is empty and err is nil. InternalFetch func(pageSize int, pageToken string) (results []*kmspb.ImportJob, nextPageToken string, err error) // contains filtered or unexported fields }
ImportJobIterator manages a stream of *kmspb.ImportJob.
func (*ImportJobIterator) All ¶ added in v1.19.1
All returns an iterator. If an error is returned by the iterator, the iterator will stop after that iteration.
func (*ImportJobIterator) Next ¶
func (it *ImportJobIterator) Next() (*kmspb.ImportJob, error)
Next returns the next result. Its second return value is iterator.Done if there are no more results. Once Next returns Done, all subsequent calls will return Done.
func (*ImportJobIterator) PageInfo ¶
func (it *ImportJobIterator) PageInfo() *iterator.PageInfo
PageInfo supports pagination. See the google.golang.org/api/iterator package for details.
type KeyHandleIterator ¶ added in v1.20.0
type KeyHandleIterator struct { // Response is the raw response for the current page. // It must be cast to the RPC response type. // Calling Next() or InternalFetch() updates this value. Response interface{} // InternalFetch is for use by the Google Cloud Libraries only. // It is not part of the stable interface of this package. // // InternalFetch returns results from a single call to the underlying RPC. // The number of results is no greater than pageSize. // If there are no more results, nextPageToken is empty and err is nil. InternalFetch func(pageSize int, pageToken string) (results []*kmspb.KeyHandle, nextPageToken string, err error) // contains filtered or unexported fields }
KeyHandleIterator manages a stream of *kmspb.KeyHandle.
func (*KeyHandleIterator) All ¶ added in v1.20.0
All returns an iterator. If an error is returned by the iterator, the iterator will stop after that iteration.
func (*KeyHandleIterator) Next ¶ added in v1.20.0
func (it *KeyHandleIterator) Next() (*kmspb.KeyHandle, error)
Next returns the next result. Its second return value is iterator.Done if there are no more results. Once Next returns Done, all subsequent calls will return Done.
func (*KeyHandleIterator) PageInfo ¶ added in v1.20.0
func (it *KeyHandleIterator) PageInfo() *iterator.PageInfo
PageInfo supports pagination. See the google.golang.org/api/iterator package for details.
type KeyManagementCallOptions ¶
type KeyManagementCallOptions struct { ListKeyRings []gax.CallOption ListCryptoKeys []gax.CallOption ListCryptoKeyVersions []gax.CallOption ListImportJobs []gax.CallOption GetKeyRing []gax.CallOption GetCryptoKey []gax.CallOption GetCryptoKeyVersion []gax.CallOption GetPublicKey []gax.CallOption GetImportJob []gax.CallOption CreateKeyRing []gax.CallOption CreateCryptoKey []gax.CallOption CreateCryptoKeyVersion []gax.CallOption ImportCryptoKeyVersion []gax.CallOption CreateImportJob []gax.CallOption UpdateCryptoKey []gax.CallOption UpdateCryptoKeyVersion []gax.CallOption UpdateCryptoKeyPrimaryVersion []gax.CallOption DestroyCryptoKeyVersion []gax.CallOption RestoreCryptoKeyVersion []gax.CallOption Encrypt []gax.CallOption Decrypt []gax.CallOption RawEncrypt []gax.CallOption RawDecrypt []gax.CallOption AsymmetricSign []gax.CallOption AsymmetricDecrypt []gax.CallOption MacSign []gax.CallOption MacVerify []gax.CallOption GenerateRandomBytes []gax.CallOption GetLocation []gax.CallOption ListLocations []gax.CallOption GetIamPolicy []gax.CallOption SetIamPolicy []gax.CallOption TestIamPermissions []gax.CallOption GetOperation []gax.CallOption }
KeyManagementCallOptions contains the retry settings for each method of KeyManagementClient.
type KeyManagementClient ¶
type KeyManagementClient struct { // The call options for this service. CallOptions *KeyManagementCallOptions // contains filtered or unexported fields }
KeyManagementClient is a client for interacting with Cloud Key Management Service (KMS) API. Methods, except Close, may be called concurrently. However, fields must not be modified concurrently with method calls.
Google Cloud Key Management Service ¶
Manages cryptographic keys and operations using those keys. Implements a REST model with the following objects:
KeyRing CryptoKey CryptoKeyVersion ImportJob
If you are using manual gRPC libraries, see Using gRPC with Cloud KMS (at https://cloud.google.com/kms/docs/grpc).
func NewKeyManagementClient ¶
func NewKeyManagementClient(ctx context.Context, opts ...option.ClientOption) (*KeyManagementClient, error)
NewKeyManagementClient creates a new key management service client based on gRPC. The returned client must be Closed when it is done being used to clean up its underlying connections.
Google Cloud Key Management Service ¶
Manages cryptographic keys and operations using those keys. Implements a REST model with the following objects:
KeyRing CryptoKey CryptoKeyVersion ImportJob
If you are using manual gRPC libraries, see Using gRPC with Cloud KMS (at https://cloud.google.com/kms/docs/grpc).
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() // TODO: Use client. _ = c }
Output:
func NewKeyManagementRESTClient ¶ added in v1.8.0
func NewKeyManagementRESTClient(ctx context.Context, opts ...option.ClientOption) (*KeyManagementClient, error)
NewKeyManagementRESTClient creates a new key management service rest client.
Google Cloud Key Management Service ¶
Manages cryptographic keys and operations using those keys. Implements a REST model with the following objects:
KeyRing CryptoKey CryptoKeyVersion ImportJob
If you are using manual gRPC libraries, see Using gRPC with Cloud KMS (at https://cloud.google.com/kms/docs/grpc).
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementRESTClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() // TODO: Use client. _ = c }
Output:
func (*KeyManagementClient) AsymmetricDecrypt ¶
func (c *KeyManagementClient) AsymmetricDecrypt(ctx context.Context, req *kmspb.AsymmetricDecryptRequest, opts ...gax.CallOption) (*kmspb.AsymmetricDecryptResponse, error)
AsymmetricDecrypt decrypts data that was encrypted with a public key retrieved from GetPublicKey corresponding to a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_DECRYPT.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.AsymmetricDecryptRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#AsymmetricDecryptRequest. } resp, err := c.AsymmetricDecrypt(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) AsymmetricSign ¶
func (c *KeyManagementClient) AsymmetricSign(ctx context.Context, req *kmspb.AsymmetricSignRequest, opts ...gax.CallOption) (*kmspb.AsymmetricSignResponse, error)
AsymmetricSign signs data using a CryptoKeyVersion with CryptoKey.purpose ASYMMETRIC_SIGN, producing a signature that can be verified with the public key retrieved from GetPublicKey.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.AsymmetricSignRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#AsymmetricSignRequest. } resp, err := c.AsymmetricSign(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) Close ¶
func (c *KeyManagementClient) Close() error
Close closes the connection to the API service. The user should invoke this when the client is no longer required.
func (*KeyManagementClient) Connection
deprecated
func (c *KeyManagementClient) Connection() *grpc.ClientConn
Connection returns a connection to the API service.
Deprecated: Connections are now pooled so this method does not always return the same resource.
func (*KeyManagementClient) CreateCryptoKey ¶
func (c *KeyManagementClient) CreateCryptoKey(ctx context.Context, req *kmspb.CreateCryptoKeyRequest, opts ...gax.CallOption) (*kmspb.CryptoKey, error)
CreateCryptoKey create a new CryptoKey within a KeyRing.
CryptoKey.purpose and CryptoKey.version_template.algorithm are required.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.CreateCryptoKeyRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#CreateCryptoKeyRequest. } resp, err := c.CreateCryptoKey(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) CreateCryptoKeyVersion ¶
func (c *KeyManagementClient) CreateCryptoKeyVersion(ctx context.Context, req *kmspb.CreateCryptoKeyVersionRequest, opts ...gax.CallOption) (*kmspb.CryptoKeyVersion, error)
CreateCryptoKeyVersion create a new CryptoKeyVersion in a CryptoKey.
The server will assign the next sequential id. If unset, state will be set to ENABLED.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.CreateCryptoKeyVersionRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#CreateCryptoKeyVersionRequest. } resp, err := c.CreateCryptoKeyVersion(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) CreateImportJob ¶
func (c *KeyManagementClient) CreateImportJob(ctx context.Context, req *kmspb.CreateImportJobRequest, opts ...gax.CallOption) (*kmspb.ImportJob, error)
CreateImportJob create a new ImportJob within a KeyRing.
ImportJob.import_method is required.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.CreateImportJobRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#CreateImportJobRequest. } resp, err := c.CreateImportJob(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) CreateKeyRing ¶
func (c *KeyManagementClient) CreateKeyRing(ctx context.Context, req *kmspb.CreateKeyRingRequest, opts ...gax.CallOption) (*kmspb.KeyRing, error)
CreateKeyRing create a new KeyRing in a given Project and Location.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.CreateKeyRingRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#CreateKeyRingRequest. } resp, err := c.CreateKeyRing(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) CryptoKeyIAM
deprecated
func (c *KeyManagementClient) CryptoKeyIAM(cryptoKey *kmspb.CryptoKey) *iam.Handle
CryptoKeyIAM returns a handle to inspect and change permissions of a CryptoKey.
Deprecated: Please use ResourceIAM and provide the CryptoKey.Name as input.
func (*KeyManagementClient) Decrypt ¶
func (c *KeyManagementClient) Decrypt(ctx context.Context, req *kmspb.DecryptRequest, opts ...gax.CallOption) (*kmspb.DecryptResponse, error)
Decrypt decrypts data that was protected by Encrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.DecryptRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#DecryptRequest. } resp, err := c.Decrypt(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) DestroyCryptoKeyVersion ¶
func (c *KeyManagementClient) DestroyCryptoKeyVersion(ctx context.Context, req *kmspb.DestroyCryptoKeyVersionRequest, opts ...gax.CallOption) (*kmspb.CryptoKeyVersion, error)
DestroyCryptoKeyVersion schedule a CryptoKeyVersion for destruction.
Upon calling this method, CryptoKeyVersion.state will be set to DESTROY_SCHEDULED, and destroy_time will be set to the time destroy_scheduled_duration in the future. At that time, the state will automatically change to DESTROYED, and the key material will be irrevocably destroyed.
Before the destroy_time is reached, RestoreCryptoKeyVersion may be called to reverse the process.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.DestroyCryptoKeyVersionRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#DestroyCryptoKeyVersionRequest. } resp, err := c.DestroyCryptoKeyVersion(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) Encrypt ¶
func (c *KeyManagementClient) Encrypt(ctx context.Context, req *kmspb.EncryptRequest, opts ...gax.CallOption) (*kmspb.EncryptResponse, error)
Encrypt encrypts data, so that it can only be recovered by a call to Decrypt. The CryptoKey.purpose must be ENCRYPT_DECRYPT.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.EncryptRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#EncryptRequest. } resp, err := c.Encrypt(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) GenerateRandomBytes ¶
func (c *KeyManagementClient) GenerateRandomBytes(ctx context.Context, req *kmspb.GenerateRandomBytesRequest, opts ...gax.CallOption) (*kmspb.GenerateRandomBytesResponse, error)
GenerateRandomBytes generate random bytes using the Cloud KMS randomness source in the provided location.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.GenerateRandomBytesRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#GenerateRandomBytesRequest. } resp, err := c.GenerateRandomBytes(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) GetCryptoKey ¶
func (c *KeyManagementClient) GetCryptoKey(ctx context.Context, req *kmspb.GetCryptoKeyRequest, opts ...gax.CallOption) (*kmspb.CryptoKey, error)
GetCryptoKey returns metadata for a given CryptoKey, as well as its primary CryptoKeyVersion.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.GetCryptoKeyRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#GetCryptoKeyRequest. } resp, err := c.GetCryptoKey(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) GetCryptoKeyVersion ¶
func (c *KeyManagementClient) GetCryptoKeyVersion(ctx context.Context, req *kmspb.GetCryptoKeyVersionRequest, opts ...gax.CallOption) (*kmspb.CryptoKeyVersion, error)
GetCryptoKeyVersion returns metadata for a given CryptoKeyVersion.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.GetCryptoKeyVersionRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#GetCryptoKeyVersionRequest. } resp, err := c.GetCryptoKeyVersion(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) GetIamPolicy ¶
func (c *KeyManagementClient) GetIamPolicy(ctx context.Context, req *iampb.GetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error)
GetIamPolicy gets the access control policy for a resource. Returns an empty policy if the resource exists and does not have a policy set.
Example ¶
package main import ( "context" iampb "cloud.google.com/go/iam/apiv1/iampb" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &iampb.GetIamPolicyRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/iam/apiv1/iampb#GetIamPolicyRequest. } resp, err := c.GetIamPolicy(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) GetImportJob ¶
func (c *KeyManagementClient) GetImportJob(ctx context.Context, req *kmspb.GetImportJobRequest, opts ...gax.CallOption) (*kmspb.ImportJob, error)
GetImportJob returns metadata for a given ImportJob.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.GetImportJobRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#GetImportJobRequest. } resp, err := c.GetImportJob(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) GetKeyRing ¶
func (c *KeyManagementClient) GetKeyRing(ctx context.Context, req *kmspb.GetKeyRingRequest, opts ...gax.CallOption) (*kmspb.KeyRing, error)
GetKeyRing returns metadata for a given KeyRing.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.GetKeyRingRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#GetKeyRingRequest. } resp, err := c.GetKeyRing(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) GetLocation ¶ added in v1.5.0
func (c *KeyManagementClient) GetLocation(ctx context.Context, req *locationpb.GetLocationRequest, opts ...gax.CallOption) (*locationpb.Location, error)
GetLocation gets information about a location.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" locationpb "google.golang.org/genproto/googleapis/cloud/location" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &locationpb.GetLocationRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/location#GetLocationRequest. } resp, err := c.GetLocation(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) GetOperation ¶ added in v1.16.0
func (c *KeyManagementClient) GetOperation(ctx context.Context, req *longrunningpb.GetOperationRequest, opts ...gax.CallOption) (*longrunningpb.Operation, error)
GetOperation is a utility method from google.longrunning.Operations.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" longrunningpb "cloud.google.com/go/longrunning/autogen/longrunningpb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &longrunningpb.GetOperationRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/longrunning/autogen/longrunningpb#GetOperationRequest. } resp, err := c.GetOperation(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) GetPublicKey ¶
func (c *KeyManagementClient) GetPublicKey(ctx context.Context, req *kmspb.GetPublicKeyRequest, opts ...gax.CallOption) (*kmspb.PublicKey, error)
GetPublicKey returns the public key for the given CryptoKeyVersion. The CryptoKey.purpose must be ASYMMETRIC_SIGN or ASYMMETRIC_DECRYPT.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.GetPublicKeyRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#GetPublicKeyRequest. } resp, err := c.GetPublicKey(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) ImportCryptoKeyVersion ¶
func (c *KeyManagementClient) ImportCryptoKeyVersion(ctx context.Context, req *kmspb.ImportCryptoKeyVersionRequest, opts ...gax.CallOption) (*kmspb.CryptoKeyVersion, error)
ImportCryptoKeyVersion import wrapped key material into a CryptoKeyVersion.
All requests must specify a CryptoKey. If a CryptoKeyVersion is additionally specified in the request, key material will be reimported into that version. Otherwise, a new version will be created, and will be assigned the next sequential id within the CryptoKey.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.ImportCryptoKeyVersionRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#ImportCryptoKeyVersionRequest. } resp, err := c.ImportCryptoKeyVersion(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) KeyRingIAM
deprecated
func (c *KeyManagementClient) KeyRingIAM(keyRing *kmspb.KeyRing) *iam.Handle
KeyRingIAM returns a handle to inspect and change permissions of a KeyRing.
Deprecated: Please use ResourceIAM and provide the KeyRing.Name as input.
func (*KeyManagementClient) ListCryptoKeyVersions ¶
func (c *KeyManagementClient) ListCryptoKeyVersions(ctx context.Context, req *kmspb.ListCryptoKeyVersionsRequest, opts ...gax.CallOption) *CryptoKeyVersionIterator
ListCryptoKeyVersions lists CryptoKeyVersions.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" "google.golang.org/api/iterator" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.ListCryptoKeyVersionsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#ListCryptoKeyVersionsRequest. } it := c.ListCryptoKeyVersions(ctx, req) for { resp, err := it.Next() if err == iterator.Done { break } if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp // If you need to access the underlying RPC response, // you can do so by casting the `Response` as below. // Otherwise, remove this line. Only populated after // first call to Next(). Not safe for concurrent access. _ = it.Response.(*kmspb.ListCryptoKeyVersionsResponse) } }
Output:
Example (All) ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.ListCryptoKeyVersionsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#ListCryptoKeyVersionsRequest. } for resp, err := range c.ListCryptoKeyVersions(ctx, req).All() { if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp } }
Output:
func (*KeyManagementClient) ListCryptoKeys ¶
func (c *KeyManagementClient) ListCryptoKeys(ctx context.Context, req *kmspb.ListCryptoKeysRequest, opts ...gax.CallOption) *CryptoKeyIterator
ListCryptoKeys lists CryptoKeys.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" "google.golang.org/api/iterator" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.ListCryptoKeysRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#ListCryptoKeysRequest. } it := c.ListCryptoKeys(ctx, req) for { resp, err := it.Next() if err == iterator.Done { break } if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp // If you need to access the underlying RPC response, // you can do so by casting the `Response` as below. // Otherwise, remove this line. Only populated after // first call to Next(). Not safe for concurrent access. _ = it.Response.(*kmspb.ListCryptoKeysResponse) } }
Output:
Example (All) ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.ListCryptoKeysRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#ListCryptoKeysRequest. } for resp, err := range c.ListCryptoKeys(ctx, req).All() { if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp } }
Output:
func (*KeyManagementClient) ListImportJobs ¶
func (c *KeyManagementClient) ListImportJobs(ctx context.Context, req *kmspb.ListImportJobsRequest, opts ...gax.CallOption) *ImportJobIterator
ListImportJobs lists ImportJobs.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" "google.golang.org/api/iterator" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.ListImportJobsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#ListImportJobsRequest. } it := c.ListImportJobs(ctx, req) for { resp, err := it.Next() if err == iterator.Done { break } if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp // If you need to access the underlying RPC response, // you can do so by casting the `Response` as below. // Otherwise, remove this line. Only populated after // first call to Next(). Not safe for concurrent access. _ = it.Response.(*kmspb.ListImportJobsResponse) } }
Output:
Example (All) ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.ListImportJobsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#ListImportJobsRequest. } for resp, err := range c.ListImportJobs(ctx, req).All() { if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp } }
Output:
func (*KeyManagementClient) ListKeyRings ¶
func (c *KeyManagementClient) ListKeyRings(ctx context.Context, req *kmspb.ListKeyRingsRequest, opts ...gax.CallOption) *KeyRingIterator
ListKeyRings lists KeyRings.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" "google.golang.org/api/iterator" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.ListKeyRingsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#ListKeyRingsRequest. } it := c.ListKeyRings(ctx, req) for { resp, err := it.Next() if err == iterator.Done { break } if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp // If you need to access the underlying RPC response, // you can do so by casting the `Response` as below. // Otherwise, remove this line. Only populated after // first call to Next(). Not safe for concurrent access. _ = it.Response.(*kmspb.ListKeyRingsResponse) } }
Output:
Example (All) ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.ListKeyRingsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#ListKeyRingsRequest. } for resp, err := range c.ListKeyRings(ctx, req).All() { if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp } }
Output:
func (*KeyManagementClient) ListLocations ¶ added in v1.5.0
func (c *KeyManagementClient) ListLocations(ctx context.Context, req *locationpb.ListLocationsRequest, opts ...gax.CallOption) *LocationIterator
ListLocations lists information about the supported locations for this service.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" "google.golang.org/api/iterator" locationpb "google.golang.org/genproto/googleapis/cloud/location" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &locationpb.ListLocationsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/location#ListLocationsRequest. } it := c.ListLocations(ctx, req) for { resp, err := it.Next() if err == iterator.Done { break } if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp // If you need to access the underlying RPC response, // you can do so by casting the `Response` as below. // Otherwise, remove this line. Only populated after // first call to Next(). Not safe for concurrent access. _ = it.Response.(*locationpb.ListLocationsResponse) } }
Output:
Example (All) ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" locationpb "google.golang.org/genproto/googleapis/cloud/location" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &locationpb.ListLocationsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/google.golang.org/genproto/googleapis/cloud/location#ListLocationsRequest. } for resp, err := range c.ListLocations(ctx, req).All() { if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp } }
Output:
func (*KeyManagementClient) MacSign ¶
func (c *KeyManagementClient) MacSign(ctx context.Context, req *kmspb.MacSignRequest, opts ...gax.CallOption) (*kmspb.MacSignResponse, error)
MacSign signs data using a CryptoKeyVersion with CryptoKey.purpose MAC, producing a tag that can be verified by another source with the same key.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.MacSignRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#MacSignRequest. } resp, err := c.MacSign(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) MacVerify ¶
func (c *KeyManagementClient) MacVerify(ctx context.Context, req *kmspb.MacVerifyRequest, opts ...gax.CallOption) (*kmspb.MacVerifyResponse, error)
MacVerify verifies MAC tag using a CryptoKeyVersion with CryptoKey.purpose MAC, and returns a response that indicates whether or not the verification was successful.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.MacVerifyRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#MacVerifyRequest. } resp, err := c.MacVerify(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) RawDecrypt ¶ added in v1.13.0
func (c *KeyManagementClient) RawDecrypt(ctx context.Context, req *kmspb.RawDecryptRequest, opts ...gax.CallOption) (*kmspb.RawDecryptResponse, error)
RawDecrypt decrypts data that was originally encrypted using a raw cryptographic mechanism. The CryptoKey.purpose must be RAW_ENCRYPT_DECRYPT.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.RawDecryptRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#RawDecryptRequest. } resp, err := c.RawDecrypt(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) RawEncrypt ¶ added in v1.13.0
func (c *KeyManagementClient) RawEncrypt(ctx context.Context, req *kmspb.RawEncryptRequest, opts ...gax.CallOption) (*kmspb.RawEncryptResponse, error)
RawEncrypt encrypts data using portable cryptographic primitives. Most users should choose Encrypt and Decrypt rather than their raw counterparts. The CryptoKey.purpose must be RAW_ENCRYPT_DECRYPT.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.RawEncryptRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#RawEncryptRequest. } resp, err := c.RawEncrypt(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) ResourceIAM ¶
func (c *KeyManagementClient) ResourceIAM(resourcePath string) *iam.Handle
ResourceIAM returns a handle to inspect and change permissions of the resource indicated by the given resource path.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } // TODO: fill in key ring resource path keyRing := "projects/[PROJECT_ID]/locations/[LOCATION]/keyRings/[KEY_RING]" handle := c.ResourceIAM(keyRing) policy, err := handle.Policy(ctx) if err != nil { // TODO: Handle error. } // TODO: Use policy. _ = policy }
Output:
func (*KeyManagementClient) RestoreCryptoKeyVersion ¶
func (c *KeyManagementClient) RestoreCryptoKeyVersion(ctx context.Context, req *kmspb.RestoreCryptoKeyVersionRequest, opts ...gax.CallOption) (*kmspb.CryptoKeyVersion, error)
RestoreCryptoKeyVersion restore a CryptoKeyVersion in the DESTROY_SCHEDULED state.
Upon restoration of the CryptoKeyVersion, state will be set to DISABLED, and destroy_time will be cleared.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.RestoreCryptoKeyVersionRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#RestoreCryptoKeyVersionRequest. } resp, err := c.RestoreCryptoKeyVersion(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) SetIamPolicy ¶
func (c *KeyManagementClient) SetIamPolicy(ctx context.Context, req *iampb.SetIamPolicyRequest, opts ...gax.CallOption) (*iampb.Policy, error)
SetIamPolicy sets the access control policy on the specified resource. Replaces any existing policy.
Can return NOT_FOUND, INVALID_ARGUMENT, and PERMISSION_DENIED errors.
Example ¶
package main import ( "context" iampb "cloud.google.com/go/iam/apiv1/iampb" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &iampb.SetIamPolicyRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/iam/apiv1/iampb#SetIamPolicyRequest. } resp, err := c.SetIamPolicy(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) TestIamPermissions ¶
func (c *KeyManagementClient) TestIamPermissions(ctx context.Context, req *iampb.TestIamPermissionsRequest, opts ...gax.CallOption) (*iampb.TestIamPermissionsResponse, error)
TestIamPermissions returns permissions that a caller has on the specified resource. If the resource does not exist, this will return an empty set of permissions, not a NOT_FOUND error.
Note: This operation is designed to be used for building permission-aware UIs and command-line tools, not for authorization checking. This operation may “fail open” without warning.
Example ¶
package main import ( "context" iampb "cloud.google.com/go/iam/apiv1/iampb" kms "cloud.google.com/go/kms/apiv1" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &iampb.TestIamPermissionsRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/iam/apiv1/iampb#TestIamPermissionsRequest. } resp, err := c.TestIamPermissions(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) UpdateCryptoKey ¶
func (c *KeyManagementClient) UpdateCryptoKey(ctx context.Context, req *kmspb.UpdateCryptoKeyRequest, opts ...gax.CallOption) (*kmspb.CryptoKey, error)
UpdateCryptoKey update a CryptoKey.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.UpdateCryptoKeyRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#UpdateCryptoKeyRequest. } resp, err := c.UpdateCryptoKey(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) UpdateCryptoKeyPrimaryVersion ¶
func (c *KeyManagementClient) UpdateCryptoKeyPrimaryVersion(ctx context.Context, req *kmspb.UpdateCryptoKeyPrimaryVersionRequest, opts ...gax.CallOption) (*kmspb.CryptoKey, error)
UpdateCryptoKeyPrimaryVersion update the version of a CryptoKey that will be used in Encrypt.
Returns an error if called on a key whose purpose is not ENCRYPT_DECRYPT.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.UpdateCryptoKeyPrimaryVersionRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#UpdateCryptoKeyPrimaryVersionRequest. } resp, err := c.UpdateCryptoKeyPrimaryVersion(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
func (*KeyManagementClient) UpdateCryptoKeyVersion ¶
func (c *KeyManagementClient) UpdateCryptoKeyVersion(ctx context.Context, req *kmspb.UpdateCryptoKeyVersionRequest, opts ...gax.CallOption) (*kmspb.CryptoKeyVersion, error)
UpdateCryptoKeyVersion update a CryptoKeyVersion's metadata.
state may be changed between ENABLED and DISABLED using this method. See DestroyCryptoKeyVersion and RestoreCryptoKeyVersion to move between other states.
Example ¶
package main import ( "context" kms "cloud.google.com/go/kms/apiv1" kmspb "cloud.google.com/go/kms/apiv1/kmspb" ) func main() { ctx := context.Background() // This snippet has been automatically generated and should be regarded as a code template only. // It will require modifications to work: // - It may require correct/in-range values for request initialization. // - It may require specifying regional endpoints when creating the service client as shown in: // https://pkg.go.dev/cloud.google.com/go#hdr-Client_Options c, err := kms.NewKeyManagementClient(ctx) if err != nil { // TODO: Handle error. } defer c.Close() req := &kmspb.UpdateCryptoKeyVersionRequest{ // TODO: Fill request struct fields. // See https://pkg.go.dev/cloud.google.com/go/kms/apiv1/kmspb#UpdateCryptoKeyVersionRequest. } resp, err := c.UpdateCryptoKeyVersion(ctx, req) if err != nil { // TODO: Handle error. } // TODO: Use resp. _ = resp }
Output:
type KeyRingIterator ¶
type KeyRingIterator struct { // Response is the raw response for the current page. // It must be cast to the RPC response type. // Calling Next() or InternalFetch() updates this value. Response interface{} // InternalFetch is for use by the Google Cloud Libraries only. // It is not part of the stable interface of this package. // // InternalFetch returns results from a single call to the underlying RPC. // The number of results is no greater than pageSize. // If there are no more results, nextPageToken is empty and err is nil. InternalFetch func(pageSize int, pageToken string) (results []*kmspb.KeyRing, nextPageToken string, err error) // contains filtered or unexported fields }
KeyRingIterator manages a stream of *kmspb.KeyRing.
func (*KeyRingIterator) All ¶ added in v1.19.1
All returns an iterator. If an error is returned by the iterator, the iterator will stop after that iteration.
func (*KeyRingIterator) Next ¶
func (it *KeyRingIterator) Next() (*kmspb.KeyRing, error)
Next returns the next result. Its second return value is iterator.Done if there are no more results. Once Next returns Done, all subsequent calls will return Done.
func (*KeyRingIterator) PageInfo ¶
func (it *KeyRingIterator) PageInfo() *iterator.PageInfo
PageInfo supports pagination. See the google.golang.org/api/iterator package for details.
type LocationIterator ¶ added in v1.5.0
type LocationIterator struct { // Response is the raw response for the current page. // It must be cast to the RPC response type. // Calling Next() or InternalFetch() updates this value. Response interface{} // InternalFetch is for use by the Google Cloud Libraries only. // It is not part of the stable interface of this package. // // InternalFetch returns results from a single call to the underlying RPC. // The number of results is no greater than pageSize. // If there are no more results, nextPageToken is empty and err is nil. InternalFetch func(pageSize int, pageToken string) (results []*locationpb.Location, nextPageToken string, err error) // contains filtered or unexported fields }
LocationIterator manages a stream of *locationpb.Location.
func (*LocationIterator) All ¶ added in v1.19.1
func (it *LocationIterator) All() iter.Seq2[*locationpb.Location, error]
All returns an iterator. If an error is returned by the iterator, the iterator will stop after that iteration.
func (*LocationIterator) Next ¶ added in v1.5.0
func (it *LocationIterator) Next() (*locationpb.Location, error)
Next returns the next result. Its second return value is iterator.Done if there are no more results. Once Next returns Done, all subsequent calls will return Done.
func (*LocationIterator) PageInfo ¶ added in v1.5.0
func (it *LocationIterator) PageInfo() *iterator.PageInfo
PageInfo supports pagination. See the google.golang.org/api/iterator package for details.