Get a key URI
Stay organized with collections
Save and categorize content based on your preferences.
External KMSs assign a unique identifier to each key when it is
created . You can use this identifier to form a
Uniform Resource Identifier (URI) by adding an appropriate KMS-specific prefix.
Tink uses URIs to work with KMS keys.
The following table shows the format of supported key URIs:
KMS
KMS identifier prefix
Key URI format
AWS KMS
aws-kms://aws-kms://arn:aws:kms:<region>:<account-id>:key/<key-id>
GCP KMS
gcp-kms://gcp-kms://projects/*/locations/*/keyRings/*/cryptoKeys/*
HashiCorp Vault
hcvault://hcvault://<key-id>
Note: HashiCorp Vault is only supported by
tink-go . Other KMSs are
supported in all Tink implementations, and by Tinkey . Next:
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License , and code samples are licensed under the Apache 2.0 License . For details, see the Google Developers Site Policies . Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2023-08-21 UTC.
[{
"type": "thumb-down",
"id": "missingTheInformationINeed",
"label":"Missing the information I need"
},{
"type": "thumb-down",
"id": "tooComplicatedTooManySteps",
"label":"Too complicated / too many steps"
},{
"type": "thumb-down",
"id": "outOfDate",
"label":"Out of date"
},{
"type": "thumb-down",
"id": "samplesCodeIssue",
"label":"Samples / code issue"
},{
"type": "thumb-down",
"id": "otherDown",
"label":"Other"
}]
[{
"type": "thumb-up",
"id": "easyToUnderstand",
"label":"Easy to understand"
},{
"type": "thumb-up",
"id": "solvedMyProblem",
"label":"Solved my problem"
},{
"type": "thumb-up",
"id": "otherUp",
"label":"Other"
}]
