Version
- Workspace
- tessl
- Visibility
- Public
- Created
- Last updated
tessl/golang-cloud-google-com--go--kms
tessl install tessl/golang-cloud-google-com--go--kms@1.24.0Go Client Library for Google Cloud Key Management Service (KMS) API for managing cryptographic keys and performing cryptographic operations
request-response-types.mddocs/
Request and Response Types Reference
Overview
This document provides a comprehensive reference for all request and response message types in the Cloud KMS Go client library. These types are used with client methods to perform KMS operations.
Package: cloud.google.com/go/kms/apiv1/kmspb and cloud.google.com/go/kms/inventory/apiv1/inventorypb
All types implement protocol buffer interfaces: ProtoMessage, ProtoReflect, Descriptor, Reset, and String.
KeyRing Operations
CreateKeyRingRequest
type CreateKeyRingRequest struct {
Parent string // Required: "projects/{project}/locations/{location}"
KeyRingId string // Required: Must be unique within location
KeyRing *KeyRing // Required: KeyRing with initial field values
}Used with: KeyManagementClient.CreateKeyRing()
GetKeyRingRequest
type GetKeyRingRequest struct {
Name string // Required: "projects/{project}/locations/{location}/keyRings/{keyRing}"
}Used with: KeyManagementClient.GetKeyRing()
ListKeyRingsRequest
type ListKeyRingsRequest struct {
Parent string // Required: "projects/{project}/locations/{location}"
PageSize int32 // Optional: Maximum number of items to return
PageToken string // Optional: Token from previous ListKeyRingsResponse
Filter string // Optional: Filter expression
OrderBy string // Optional: Ordering specification
}Used with: KeyManagementClient.ListKeyRings()
ListKeyRingsResponse
type ListKeyRingsResponse struct {
KeyRings []*KeyRing // The list of KeyRings
NextPageToken string // Token for next page
TotalSize int32 // Total number of KeyRings (may be estimate)
}CryptoKey Operations
CreateCryptoKeyRequest
type CreateCryptoKeyRequest struct {
Parent string // Required: KeyRing name
CryptoKeyId string // Required: CryptoKey ID
CryptoKey *CryptoKey // Required: Initial field values
SkipInitialVersionCreation bool // Optional: Skip creating initial version
}Used with: KeyManagementClient.CreateCryptoKey()
GetCryptoKeyRequest
type GetCryptoKeyRequest struct {
Name string // Required: CryptoKey resource name
}Used with: KeyManagementClient.GetCryptoKey()
ListCryptoKeysRequest
type ListCryptoKeysRequest struct {
Parent string // Required: KeyRing name
PageSize int32 // Optional: Max items per page
PageToken string // Optional: Pagination token
VersionView CryptoKeyVersion_CryptoKeyVersionView // Optional: View for versions
Filter string // Optional: Filter expression
OrderBy string // Optional: Ordering specification
}Used with: KeyManagementClient.ListCryptoKeys(), KeyDashboardClient.ListCryptoKeys()
ListCryptoKeysResponse
type ListCryptoKeysResponse struct {
CryptoKeys []*CryptoKey // The list of CryptoKeys
NextPageToken string // Token for next page
TotalSize int32 // Total number of CryptoKeys
}UpdateCryptoKeyRequest
type UpdateCryptoKeyRequest struct {
CryptoKey *CryptoKey // Required: CryptoKey with updated values
UpdateMask *fieldmaskpb.FieldMask // Required: Fields to update
}Used with: KeyManagementClient.UpdateCryptoKey()
Common UpdateMask Paths:
"labels""rotation_period""next_rotation_time""version_template.algorithm""version_template.protection_level"
UpdateCryptoKeyPrimaryVersionRequest
type UpdateCryptoKeyPrimaryVersionRequest struct {
Name string // Required: CryptoKey resource name
CryptoKeyVersionId string // Required: ID of version to make primary
}Used with: KeyManagementClient.UpdateCryptoKeyPrimaryVersion()
CryptoKeyVersion Operations
CreateCryptoKeyVersionRequest
type CreateCryptoKeyVersionRequest struct {
Parent string // Required: CryptoKey name
CryptoKeyVersion *CryptoKeyVersion // Required: Initial field values
}Used with: KeyManagementClient.CreateCryptoKeyVersion()
GetCryptoKeyVersionRequest
type GetCryptoKeyVersionRequest struct {
Name string // Required: CryptoKeyVersion resource name
}Used with: KeyManagementClient.GetCryptoKeyVersion()
ListCryptoKeyVersionsRequest
type ListCryptoKeyVersionsRequest struct {
Parent string // Required: CryptoKey name
PageSize int32 // Optional: Max items per page
PageToken string // Optional: Pagination token
View CryptoKeyVersion_CryptoKeyVersionView // Optional: View specification
Filter string // Optional: Filter expression
OrderBy string // Optional: Ordering specification
}Used with: KeyManagementClient.ListCryptoKeyVersions()
ListCryptoKeyVersionsResponse
type ListCryptoKeyVersionsResponse struct {
CryptoKeyVersions []*CryptoKeyVersion // The list of CryptoKeyVersions
NextPageToken string // Token for next page
TotalSize int32 // Total number of versions
}UpdateCryptoKeyVersionRequest
type UpdateCryptoKeyVersionRequest struct {
CryptoKeyVersion *CryptoKeyVersion // Required: Updated values
UpdateMask *fieldmaskpb.FieldMask // Required: Fields to update
}Used with: KeyManagementClient.UpdateCryptoKeyVersion()
Common UpdateMask Paths:
"state"- Change between ENABLED and DISABLED"external_protection_level_options.external_key_uri"
DestroyCryptoKeyVersionRequest
type DestroyCryptoKeyVersionRequest struct {
Name string // Required: CryptoKeyVersion resource name
}Used with: KeyManagementClient.DestroyCryptoKeyVersion()
RestoreCryptoKeyVersionRequest
type RestoreCryptoKeyVersionRequest struct {
Name string // Required: CryptoKeyVersion resource name
}Used with: KeyManagementClient.RestoreCryptoKeyVersion()
GetPublicKeyRequest
type GetPublicKeyRequest struct {
Name string // Required: CryptoKeyVersion name
}Used with: KeyManagementClient.GetPublicKey()
Cryptographic Operations
EncryptRequest
type EncryptRequest struct {
Name string // Required: CryptoKey or CryptoKeyVersion name
Plaintext []byte // Required: Data to encrypt (≤64KiB)
AdditionalAuthenticatedData []byte // Optional: AAD for AEAD ciphers
PlaintextCrc32C *wrapperspb.Int64Value // Optional: CRC32C checksum
AdditionalAuthenticatedDataCrc32C *wrapperspb.Int64Value // Optional: CRC32C checksum
}Used with: KeyManagementClient.Encrypt()
EncryptResponse
type EncryptResponse struct {
Name string // CryptoKeyVersion used
Ciphertext []byte // Encrypted data
CiphertextCrc32C *wrapperspb.Int64Value // Integrity verification
VerifiedPlaintextCrc32C bool // Whether plaintext CRC32C was verified
VerifiedAdditionalAuthenticatedDataCrc32C bool // Whether AAD CRC32C was verified
ProtectionLevel ProtectionLevel // Protection level used
}DecryptRequest
type DecryptRequest struct {
Name string // Required: CryptoKey name
Ciphertext []byte // Required: Encrypted data from Encrypt
AdditionalAuthenticatedData []byte // Optional: AAD (must match Encrypt)
CiphertextCrc32C *wrapperspb.Int64Value // Optional: CRC32C checksum
AdditionalAuthenticatedDataCrc32C *wrapperspb.Int64Value // Optional: CRC32C checksum
}Used with: KeyManagementClient.Decrypt()
DecryptResponse
type DecryptResponse struct {
Plaintext []byte // Decrypted data
PlaintextCrc32C *wrapperspb.Int64Value // Integrity verification
UsedPrimary bool // Whether primary version was used
ProtectionLevel ProtectionLevel // Protection level used
}RawEncryptRequest
type RawEncryptRequest struct {
Name string // Required: CryptoKeyVersion name
Plaintext []byte // Required: ≤64KiB for AES-GCM, ≤8KiB for AES-CBC/CTR
AdditionalAuthenticatedData []byte // Optional: AAD (AES-GCM only)
PlaintextCrc32C *wrapperspb.Int64Value // Optional: CRC32C checksum
AdditionalAuthenticatedDataCrc32C *wrapperspb.Int64Value // Optional: CRC32C checksum
InitializationVector []byte // Optional: IV (AES-CBC/CTR, exactly 16 bytes)
InitializationVectorCrc32C *wrapperspb.Int64Value // Optional: CRC32C checksum
}Used with: KeyManagementClient.RawEncrypt()
RawEncryptResponse
type RawEncryptResponse struct {
Ciphertext []byte // Encrypted data
InitializationVector []byte // IV used
TagLength int32 // AEAD tag length
CiphertextCrc32C *wrapperspb.Int64Value // Integrity verification
InitializationVectorCrc32C *wrapperspb.Int64Value // Integrity verification
VerifiedPlaintextCrc32C bool // Whether verified
VerifiedAdditionalAuthenticatedDataCrc32C bool // Whether verified
VerifiedInitializationVectorCrc32C bool // Whether verified
Name string // CryptoKeyVersion used
ProtectionLevel ProtectionLevel // Protection level
}RawDecryptRequest
type RawDecryptRequest struct {
Name string // Required: CryptoKeyVersion name
Ciphertext []byte // Required: Encrypted data from RawEncrypt
AdditionalAuthenticatedData []byte // Optional: AAD (AES-GCM only)
InitializationVector []byte // Required: IV (AES-CBC/CTR)
TagLength int32 // Required: Auth tag length (AES-GCM)
CiphertextCrc32C *wrapperspb.Int64Value // Optional: CRC32C checksum
AdditionalAuthenticatedDataCrc32C *wrapperspb.Int64Value // Optional: CRC32C checksum
InitializationVectorCrc32C *wrapperspb.Int64Value // Optional: CRC32C checksum
}Used with: KeyManagementClient.RawDecrypt()
RawDecryptResponse
type RawDecryptResponse struct {
Plaintext []byte // Decrypted data
PlaintextCrc32C *wrapperspb.Int64Value // Integrity verification
ProtectionLevel ProtectionLevel // Protection level
VerifiedCiphertextCrc32C bool // Whether verified
VerifiedAdditionalAuthenticatedDataCrc32C bool // Whether verified
VerifiedInitializationVectorCrc32C bool // Whether verified
}Asymmetric Operations
AsymmetricSignRequest
type AsymmetricSignRequest struct {
Name string // Required: CryptoKeyVersion name
Digest *Digest // Optional: Digest of data to sign
DigestCrc32C *wrapperspb.Int64Value // Optional: CRC32C checksum of digest
Data []byte // Optional: Raw data to sign (Raw PKCS#1 only)
DataCrc32C *wrapperspb.Int64Value // Optional: CRC32C checksum of data
}Used with: KeyManagementClient.AsymmetricSign()
Digest
type Digest struct {
Sha256 []byte // SHA-256 hash (exactly 32 bytes)
Sha384 []byte // SHA-384 hash (exactly 48 bytes)
Sha512 []byte // SHA-512 hash (exactly 64 bytes)
}A Digest holds a cryptographic message digest. The digest field is a oneof, so only one hash algorithm field should be set.
Nested Types:
type Digest_Sha256 struct {
Sha256 []byte // A message digest produced with the SHA-256 algorithm
}
type Digest_Sha384 struct {
Sha384 []byte // A message digest produced with the SHA-384 algorithm
}
type Digest_Sha512 struct {
Sha512 []byte // A message digest produced with the SHA-512 algorithm
}These types implement the isDigest_Digest interface for the protobuf oneof field.
AsymmetricSignResponse
type AsymmetricSignResponse struct {
Signature []byte // Created signature
SignatureCrc32C *wrapperspb.Int64Value // Integrity verification
VerifiedDigestCrc32C bool // Whether digest CRC32C was verified
VerifiedDataCrc32C bool // Whether data CRC32C was verified
Name string // CryptoKeyVersion used
ProtectionLevel ProtectionLevel // Protection level
}AsymmetricDecryptRequest
type AsymmetricDecryptRequest struct {
Name string // Required: CryptoKeyVersion name
Ciphertext []byte // Required: Data encrypted with public key
CiphertextCrc32C *wrapperspb.Int64Value // Optional: CRC32C checksum
}Used with: KeyManagementClient.AsymmetricDecrypt()
AsymmetricDecryptResponse
type AsymmetricDecryptResponse struct {
Plaintext []byte // Decrypted data
PlaintextCrc32C *wrapperspb.Int64Value // Integrity verification
VerifiedCiphertextCrc32C bool // Whether ciphertext CRC32C was verified
ProtectionLevel ProtectionLevel // Protection level
}MAC Operations
MacSignRequest
type MacSignRequest struct {
Name string // Required: CryptoKeyVersion name
Data []byte // Required: Data to sign (≤64KiB)
DataCrc32C *wrapperspb.Int64Value // Optional: CRC32C checksum
}Used with: KeyManagementClient.MacSign()
MacSignResponse
type MacSignResponse struct {
Name string // CryptoKeyVersion used
Mac []byte // Generated signature
MacCrc32C *wrapperspb.Int64Value // Integrity verification
VerifiedDataCrc32C bool // Whether data CRC32C was verified
ProtectionLevel ProtectionLevel // Protection level
}MacVerifyRequest
type MacVerifyRequest struct {
Name string // Required: CryptoKeyVersion name
Data []byte // Required: Data used to generate MAC
DataCrc32C *wrapperspb.Int64Value // Optional: CRC32C checksum
Mac []byte // Required: Signature to verify
MacCrc32C *wrapperspb.Int64Value // Optional: CRC32C checksum
}Used with: KeyManagementClient.MacVerify()
MacVerifyResponse
type MacVerifyResponse struct {
Name string // CryptoKeyVersion used
Success bool // Whether MAC is valid
VerifiedDataCrc32C bool // Whether data CRC32C was verified
VerifiedMacCrc32C bool // Whether MAC CRC32C was verified
VerifiedSuccessIntegrity bool // Whether success integrity was verified
ProtectionLevel ProtectionLevel // Protection level
}Key Encapsulation
DecapsulateRequest
type DecapsulateRequest struct {
Name string // Required: CryptoKeyVersion name
CiphertextDataCrc32C *wrapperspb.Int64Value // Optional: CRC32C checksum
}Used with: KeyManagementClient.Decapsulate()
DecapsulateResponse
type DecapsulateResponse struct {
Plaintext []byte // Decrypted data
PlaintextCrc32C *wrapperspb.Int64Value // Integrity verification
VerifiedCiphertextCrc32C bool // Whether ciphertext CRC32C was verified
ProtectionLevel ProtectionLevel // Protection level
}Random Number Generation
GenerateRandomBytesRequest
type GenerateRandomBytesRequest struct {
Location string // Required: Project or organization location
LengthBytes int32 // Required: Number of bytes (≥1, ≤1024)
ProtectionLevel ProtectionLevel // Required: Protection level to use
}Used with: KeyManagementClient.GenerateRandomBytes()
GenerateRandomBytesResponse
type GenerateRandomBytesResponse struct {
Data []byte // Generated random bytes
DataCrc32C *wrapperspb.Int64Value // Integrity verification
}ImportJob Operations
CreateImportJobRequest
type CreateImportJobRequest struct {
Parent string // Required: KeyRing name
ImportJobId string // Required: ImportJob ID
ImportJob *ImportJob // Required: Initial field values
}Used with: KeyManagementClient.CreateImportJob()
GetImportJobRequest
type GetImportJobRequest struct {
Name string // Required: ImportJob resource name
}Used with: KeyManagementClient.GetImportJob()
ListImportJobsRequest
type ListImportJobsRequest struct {
Parent string // Required: KeyRing name
PageSize int32 // Optional: Max items per page
PageToken string // Optional: Pagination token
Filter string // Optional: Filter expression
OrderBy string // Optional: Ordering specification
}Used with: KeyManagementClient.ListImportJobs()
ListImportJobsResponse
type ListImportJobsResponse struct {
ImportJobs []*ImportJob // The list of ImportJobs
NextPageToken string // Token for next page
TotalSize int32 // Total number of ImportJobs
}ImportCryptoKeyVersionRequest
type ImportCryptoKeyVersionRequest struct {
Parent string // Required: CryptoKey name
CryptoKeyVersion string // Optional: Version name (for reimport)
Algorithm CryptoKeyVersion_CryptoKeyVersionAlgorithm // Required: Algorithm of key being imported
ImportJob string // Required: ImportJob name
WrappedKey []byte // Optional: Wrapped key material
RsaAesWrappedKey []byte // Optional: RSA/AES wrapped key material
}Used with: KeyManagementClient.ImportCryptoKeyVersion()
Nested Types:
type ImportCryptoKeyVersionRequest_RsaAesWrappedKey struct {
RsaAesWrappedKey []byte // RSA/AES wrapped key material
}This nested type implements the isImportCryptoKeyVersionRequest_WrappedKeyMaterial interface for the protobuf oneof field. Prefer using the WrappedKey field in the main request struct in new work.
Autokey Operations
CreateKeyHandleRequest
type CreateKeyHandleRequest struct {
Parent string // Required: "projects/{project}/locations/{location}"
KeyHandleId string // Optional: ID for the KeyHandle
KeyHandle *KeyHandle // Required: KeyHandle with initial field values
}Used with: AutokeyClient.CreateKeyHandle()
GetKeyHandleRequest
type GetKeyHandleRequest struct {
Name string // Required: KeyHandle resource name
}Used with: AutokeyClient.GetKeyHandle()
ListKeyHandlesRequest
type ListKeyHandlesRequest struct {
Parent string // Required: "projects/{project}/locations/{location}"
PageSize int32 // Optional: Max 1000, default 500
PageToken string // Optional: Pagination token
Filter string // Optional: Filter expression
}Used with: AutokeyClient.ListKeyHandles()
ListKeyHandlesResponse
type ListKeyHandlesResponse struct {
KeyHandles []*KeyHandle // Resulting list of KeyHandles
}CreateKeyHandleMetadata
type CreateKeyHandleMetadata struct {
// Empty message - metadata for CreateKeyHandle long-running operation
}UpdateAutokeyConfigRequest
type UpdateAutokeyConfigRequest struct {
AutokeyConfig *AutokeyConfig // Required: AutokeyConfig with updated values
UpdateMask *fieldmaskpb.FieldMask // Required: Fields to update
}Used with: AutokeyAdminClient.UpdateAutokeyConfig()
GetAutokeyConfigRequest
type GetAutokeyConfigRequest struct {
Name string // Required: "folders/{folder}/autokeyConfig"
}Used with: AutokeyAdminClient.GetAutokeyConfig()
ShowEffectiveAutokeyConfigRequest
type ShowEffectiveAutokeyConfigRequest struct {
Parent string // Required: "projects/{PROJECT_ID}" or "projects/{PROJECT_NUMBER}"
}Used with: AutokeyAdminClient.ShowEffectiveAutokeyConfig()
ShowEffectiveAutokeyConfigResponse
type ShowEffectiveAutokeyConfigResponse struct {
KeyProject string // Name of key project configured in folder ancestry
}EKM Operations
ListEkmConnectionsRequest
type ListEkmConnectionsRequest struct {
Parent string // Required: "projects/{project}/locations/{location}"
PageSize int32 // Optional: Max items per page
PageToken string // Optional: Pagination token
Filter string // Optional: Filter expression
OrderBy string // Optional: Ordering specification
}Used with: EkmClient.ListEkmConnections()
ListEkmConnectionsResponse
type ListEkmConnectionsResponse struct {
EkmConnections []*EkmConnection // The list of EkmConnections
NextPageToken string // Token for next page
TotalSize int32 // Total number of EkmConnections
}GetEkmConnectionRequest
type GetEkmConnectionRequest struct {
Name string // Required: EkmConnection resource name
}Used with: EkmClient.GetEkmConnection()
CreateEkmConnectionRequest
type CreateEkmConnectionRequest struct {
Parent string // Required: "projects/{project}/locations/{location}"
EkmConnectionId string // Required: EkmConnection ID
EkmConnection *EkmConnection // Required: Initial field values
}Used with: EkmClient.CreateEkmConnection()
UpdateEkmConnectionRequest
type UpdateEkmConnectionRequest struct {
EkmConnection *EkmConnection // Required: Updated values
UpdateMask *fieldmaskpb.FieldMask // Required: Fields to update
}Used with: EkmClient.UpdateEkmConnection()
GetEkmConfigRequest
type GetEkmConfigRequest struct {
Name string // Required: "projects/{project}/locations/{location}/ekmConfig"
}Used with: EkmClient.GetEkmConfig()
UpdateEkmConfigRequest
type UpdateEkmConfigRequest struct {
EkmConfig *EkmConfig // Required: Updated values
UpdateMask *fieldmaskpb.FieldMask // Required: Fields to update
}Used with: EkmClient.UpdateEkmConfig()
VerifyConnectivityRequest
type VerifyConnectivityRequest struct {
Name string // Required: EkmConnection resource name
}Used with: EkmClient.VerifyConnectivity()
VerifyConnectivityResponse
type VerifyConnectivityResponse struct {
// Empty message - successful verification
}Inventory Operations
ListCryptoKeysRequest (Inventory)
type ListCryptoKeysRequest struct {
Parent string // Required: "projects/{project}"
PageSize int32 // Optional: Max 1000
PageToken string // Optional: Pagination token
}Used with: KeyDashboardClient.ListCryptoKeys()
ListCryptoKeysResponse (Inventory)
type ListCryptoKeysResponse struct {
CryptoKeys []*kmspb.CryptoKey // The list of CryptoKeys
NextPageToken string // Token for next page
}GetProtectedResourcesSummaryRequest
type GetProtectedResourcesSummaryRequest struct {
Name string // Required: "projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{cryptoKey}/protectedResourcesSummary"
}Used with: KeyTrackingClient.GetProtectedResourcesSummary()
SearchProtectedResourcesRequest
type SearchProtectedResourcesRequest struct {
Scope string // Required: "organizations/{organization}"
CryptoKey string // Required: CryptoKey name
PageSize int32 // Optional: Max 500
PageToken string // Optional: Pagination token
ResourceTypes []string // Optional: Filter by resource types
}Used with: KeyTrackingClient.SearchProtectedResources()
SearchProtectedResourcesResponse
type SearchProtectedResourcesResponse struct {
ProtectedResources []*ProtectedResource // The list of protected resources
NextPageToken string // Token for next page
}gRPC Service Client Interfaces
The following are low-level gRPC service client interfaces generated from protocol buffer definitions. Most users should use the higher-level client wrappers (KeyManagementClient, AutokeyClient, etc.) from cloud.google.com/go/kms/apiv1 instead.
KeyManagementServiceClient
type KeyManagementServiceClient interface {
// Methods for KeyRing operations
ListKeyRings(ctx context.Context, in *ListKeyRingsRequest, opts ...grpc.CallOption) (*ListKeyRingsResponse, error)
GetKeyRing(ctx context.Context, in *GetKeyRingRequest, opts ...grpc.CallOption) (*KeyRing, error)
CreateKeyRing(ctx context.Context, in *CreateKeyRingRequest, opts ...grpc.CallOption) (*KeyRing, error)
// Methods for CryptoKey and CryptoKeyVersion operations
ListCryptoKeys(ctx context.Context, in *ListCryptoKeysRequest, opts ...grpc.CallOption) (*ListCryptoKeysResponse, error)
GetCryptoKey(ctx context.Context, in *GetCryptoKeyRequest, opts ...grpc.CallOption) (*CryptoKey, error)
CreateCryptoKey(ctx context.Context, in *CreateCryptoKeyRequest, opts ...grpc.CallOption) (*CryptoKey, error)
// ... and many more methods
}Constructor: NewKeyManagementServiceClient(cc grpc.ClientConnInterface) KeyManagementServiceClient
EkmServiceClient
type EkmServiceClient interface {
ListEkmConnections(ctx context.Context, in *ListEkmConnectionsRequest, opts ...grpc.CallOption) (*ListEkmConnectionsResponse, error)
GetEkmConnection(ctx context.Context, in *GetEkmConnectionRequest, opts ...grpc.CallOption) (*EkmConnection, error)
CreateEkmConnection(ctx context.Context, in *CreateEkmConnectionRequest, opts ...grpc.CallOption) (*EkmConnection, error)
UpdateEkmConnection(ctx context.Context, in *UpdateEkmConnectionRequest, opts ...grpc.CallOption) (*EkmConnection, error)
GetEkmConfig(ctx context.Context, in *GetEkmConfigRequest, opts ...grpc.CallOption) (*EkmConfig, error)
UpdateEkmConfig(ctx context.Context, in *UpdateEkmConfigRequest, opts ...grpc.CallOption) (*EkmConfig, error)
VerifyConnectivity(ctx context.Context, in *VerifyConnectivityRequest, opts ...grpc.CallOption) (*VerifyConnectivityResponse, error)
}Constructor: NewEkmServiceClient(cc grpc.ClientConnInterface) EkmServiceClient
KeyDashboardServiceClient
type KeyDashboardServiceClient interface {
ListCryptoKeys(ctx context.Context, in *ListCryptoKeysRequest, opts ...grpc.CallOption) (*ListCryptoKeysResponse, error)
}Constructor: NewKeyDashboardServiceClient(cc grpc.ClientConnInterface) KeyDashboardServiceClient
KeyTrackingServiceClient
type KeyTrackingServiceClient interface {
GetProtectedResourcesSummary(ctx context.Context, in *GetProtectedResourcesSummaryRequest, opts ...grpc.CallOption) (*ProtectedResourcesSummary, error)
SearchProtectedResources(ctx context.Context, in *SearchProtectedResourcesRequest, opts ...grpc.CallOption) (*SearchProtectedResourcesResponse, error)
}Constructor: NewKeyTrackingServiceClient(cc grpc.ClientConnInterface) KeyTrackingServiceClient
Note: These interfaces are primarily for advanced use cases. Most applications should use the high-level clients:
- Use
kms.NewKeyManagementClient()instead ofNewKeyManagementServiceClient() - Use
kms.NewEkmClient()instead ofNewEkmServiceClient() - Use
inventory.NewKeyDashboardClient()instead ofNewKeyDashboardServiceClient() - Use
inventory.NewKeyTrackingClient()instead ofNewKeyTrackingServiceClient()
Summary by Category
Resource Management (15 types)
- KeyRing: Create, Get, List
- CryptoKey: Create, Get, List, Update, UpdatePrimaryVersion
- CryptoKeyVersion: Create, Get, List, Update, Destroy, Restore
- ImportJob: Create, Get, List
- GetPublicKey
Cryptographic Operations (14 types)
- Encrypt/Decrypt
- RawEncrypt/RawDecrypt
- AsymmetricSign/AsymmetricDecrypt
- MacSign/MacVerify
- Decapsulate
- GenerateRandomBytes
- Import
Autokey (7 types)
- CreateKeyHandle, GetKeyHandle, ListKeyHandles
- UpdateAutokeyConfig, GetAutokeyConfig, ShowEffectiveAutokeyConfig
EKM (7 types)
- CreateEkmConnection, GetEkmConnection, ListEkmConnections, UpdateEkmConnection
- GetEkmConfig, UpdateEkmConfig, VerifyConnectivity
Inventory (4 types)
- ListCryptoKeys (inventory)
- GetProtectedResourcesSummary
- SearchProtectedResources