Cloud KMS allows you to keep encryption keys in one central cloud service, for direct use by other cloud resources and applications. With Cloud KMS you are the ultimate custodian of your data, you can manage encryption in the cloud the same way you do on-premises, and you have a provable and monitorable root of trust over your data.
-
Set up authentication with a service account so you can access the API from your local workstation.
-
Install the client library:
npm install --save @google-cloud/kms -
Try an example:
async function quickstart(
projectId = 'your-project-id' // Your GCP projectId
) {
// Imports the @google-cloud/kms client library
const kms = require('@google-cloud/kms');
// Instantiates an authorized client
const client = new kms.KeyManagementServiceClient();
// Lists keys in the "global" location.
const locationId = 'global';
// Lists key rings
const parent = client.locationPath(projectId, locationId);
const [keyRings] = await client.listKeyRings({parent});
// Display the results
if (keyRings.length) {
console.log('Key rings:');
keyRings.forEach(keyRing => console.log(keyRing.name));
} else {
console.log(`No key rings found.`);
}
}Samples are in the samples/ directory. The samples' README.md
has instructions for running the samples.
| Sample | Source Code | Try it |
|---|---|---|
| KMS | source code |  |
The Cloud KMS Node.js Client API Reference documentation also contains samples.
This library follows Semantic Versioning.
This library is considered to be in beta. This means it is expected to be mostly stable while we work toward a general availability release; however, complete stability is not guaranteed. We will address issues and requests against beta libraries with a high priority.
More Information: Google Cloud Platform Launch Stages
Contributions welcome! See the Contributing Guide.
Apache Version 2.0
See LICENSE
Read more about the client libraries for Cloud APIs, including the older Google APIs Client Libraries, in Client Libraries Explained.