google-cloud-platformgcloudgoogle-cloud-kms

List the keys (key name and versions) based on keyring using java


I'm using a java client to retreive available keyrings from google KMS based on https://cloud.google.com/kms/docs/samples/kms-quickstart#kms_quickstart-java

below gcould command will list the available beys and versions for a specific keyRing

gcloud kms keys list --keyring keyring --location location 

but I'm able to find any documentation about the java client to retrieve key names and versions from the keyring. is there any option available in gogle KMS java client ?


Solution

  • See Cloud KMS Client Library

    The example in the page you referenced includes listKeyRings.

    To enumerate a specific keyring's (crypto) keys, I think (!?) you can use listCryptoKeys to (also) get pages (!) of ListCryptoKeysPagedResponse that you should be able to iterateAll().

    NOTE These examples don't (!?) fetch subsequent pages of results; you will need to do this.

    Unless you're familiar with the auto-generated javadocs, navigating these APIs can be gnarly.

    A few things to know:

    1. Google (almost without exception) does an excellent job with its SDKs. If an API method exists, you can be very confident that the functionality is present in a Google SDK of your choosing; you just need to find it!
    2. APIs Explorer is an excellent tool for understanding Google's APIs (it used to do a better job referencing SDKs too). In this case, Cloud KMS keyRings.list and keyRings.cryptoKeys.list not only document the method functionality but summarize the request|response objects.
    3. Any (!) gcloud command can be tweaked with --log-http to show which underlying REST API calls are being made, i.e. gcloud kms keys list --keyring=${KEYRING} --location=${LOCATION} --log-http should (!) reference back to keyRings.cryptoKeys.list