SymmetricKey
Set of methods for managing symmetric KMS keys.
JSON Representation
{
"id": "string",
"folderId": "string",
"createdAt": "string",
"name": "string",
"description": "string",
"labels": "object",
"status": "string",
"primaryVersion": {
"id": "string",
"keyId": "string",
"status": "string",
"algorithm": "string",
"createdAt": "string",
"primary": true,
"destroyAt": "string",
"hostedByHsm": true
},
"defaultAlgorithm": "string",
"rotatedAt": "string",
"rotationPeriod": "string",
"deletionProtection": true
}
| Field | Description |
|---|---|
| id | string ID of the key. |
| folderId | string ID of the folder that the key belongs to. |
| createdAt | string (date-time) Time when the key was created. String in RFC3339 text format. |
| name | string Name of the key. |
| description | string Description of the key. |
| labels | object Custom labels for the key as |
| status | string Current status of the key. |
| primaryVersion | object Primary version of the key, used as the default for all encrypt/decrypt operations, when no version ID is specified. Symmetric KMS key version: metadata about actual cryptographic data. |
| primaryVersion. id |
string ID of the key version. |
| primaryVersion. keyId |
string ID of the symmetric KMS key that the version belongs to. |
| primaryVersion. status |
string Status of the key version. Possible version status.
|
| primaryVersion. algorithm |
string Encryption algorithm that should be used when using the key version to encrypt plaintext. Supported symmetric encryption algorithms.
|
| primaryVersion. createdAt |
string (date-time) Time when the key version was created. String in RFC3339 text format. |
| primaryVersion. primary |
boolean (boolean) Indication of a primary version, that is to be used by default for all cryptographic operations that don't have a key version explicitly specified. |
| primaryVersion. destroyAt |
string (date-time) Time when the key version is going to be destroyed. Empty unless the status is String in RFC3339 text format. |
| primaryVersion. hostedByHsm |
boolean (boolean) Indication of the version that is hosted by HSM. |
| defaultAlgorithm | string Default encryption algorithm to be used with new versions of the key. Supported symmetric encryption algorithms.
|
| rotatedAt | string (date-time) Time of the last key rotation (time when the last version was created). Empty if the key does not have versions yet. String in RFC3339 text format. |
| rotationPeriod | string Time period between automatic key rotations. |
| deletionProtection | boolean (boolean) Flag that inhibits deletion of the key |
Methods
| Method | Description |
|---|---|
| cancelVersionDestruction | Cancels previously scheduled version destruction, if the version hasn't been destroyed yet. |
| create | Creates a symmetric KMS key in the specified folder. |
| delete | Deletes the specified symmetric KMS key. This action also automatically schedules the destruction of all of the key's versions in 72 hours. |
| get | Returns the specified symmetric KMS key. |
| list | Returns the list of symmetric KMS keys in the specified folder. |
| listAccessBindings | Lists existing access bindings for the specified key. |
| listOperations | Lists operations for the specified symmetric KMS key. |
| listVersions | Returns the list of versions of the specified symmetric KMS key. |
| rotate | Rotates the specified key: creates a new key version and makes it the primary version. The old version remains available for decryption of ciphertext encrypted with it. |
| scheduleVersionDestruction | Schedules the specified key version for destruction. |
| setAccessBindings | Sets access bindings for the key. |
| setPrimaryVersion | Sets the primary version for the specified key. The primary version is used by default for all encrypt/decrypt operations where no version ID is specified. |
| update | Updates the specified symmetric KMS key. |
| updateAccessBindings | Updates access bindings for the specified key. |