gcloud kms --help
Jump to navigation
Jump to search
gcloud kms - manage cryptographic keys in the cloud
SYNOPSIS
gcloud kms GROUP | COMMAND [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
The gcloud kms command group lets you generate, use, rotate and destroy
Google Cloud KMS keys.
Cloud KMS is a cloud-hosted key management service that lets you manage
encryption for your cloud services the same way you do on-premises. You can
generate, use, rotate and destroy AES256 encryption keys. Cloud KMS is
integrated with IAM and Cloud Audit Logging so that you can manage
permissions on individual keys, and monitor how these are used. Use Cloud
KMS to protect secrets and other sensitive data which you need to store in
Google Cloud Platform.
More information on Cloud KMS can be found here:
https://cloud.google.com/kms/ and detailed documentation can be found here:
https://cloud.google.com/kms/docs/
GCLOUD WIDE FLAGS
These flags are available to all commands: --help.
Run $ gcloud help for details.
GROUPS
GROUP is one of the following:
ekm-connections
Create and manage ekm connections.
import-jobs
Create and manage import jobs.
keyrings
Create and manage keyrings.
keys
Create and manage keys.
locations
View locations available for a project.
COMMANDS
COMMAND is one of the following:
asymmetric-decrypt
Decrypt an input file using an asymmetric-encryption key version.
asymmetric-sign
Sign a user input file using an asymmetric-signing key version.
decrypt
Decrypt a ciphertext file using a Cloud KMS key.
encrypt
Encrypt a plaintext file using a key.
mac-sign
Sign a user input file using a MAC key version.
mac-verify
Verify a user signature file using a MAC key version.
NOTES
These variants are also available:
$ gcloud alpha kms
$ gcloud beta kms
Advertising:
