man-page

GCLOUD_ALPHA_KMS_KEYS_VERSIONS_CREATE(1)
GCLOUD_ALPHA_KMS_KEYS_VERSIONS_CREATE(1)

NAME

gcloud alpha kms keys versions create - create a new version

gcloud alpha kms keys versions create [--ekm-connection-key-path=EKM_CONNECTION_KEY_PATH] [--external-key-uri=EXTERNAL_KEY_URI] [--key=KEY] [--keyring=KEYRING] [--location=LOCATION] [--primary] [GCLOUD_WIDE_FLAG ...]

DESCRIPTION

(ALPHA) Creates a new version within the given key.

EXAMPLES

The following command creates a new version within the frodo key, fellowship keyring, and global location and sets it as the primary version:

$ gcloud alpha kms keys versions create --location=global \ --keyring=fellowship --key=frodo --primary

The following command creates a new version within the legolas key, fellowship keyring, us-central1 location, https://example.kms/v0/some/key/path as the address for its external key, and sets it as the key's primary version:

$ gcloud alpha kms keys versions create --location=us-central1 \ --keyring=fellowship --key=legolas \ --external-key-uri=https://example.kms/v0/some/key/path \ --primary

The following command creates a new version within the bilbo key, fellowship keyring, us-central1 location, v0/some/key/path as the ekm connection key path for its external key, and sets it as the key's primary version:

$ gcloud alpha kms keys versions create --location=us-central1 \ --keyring=fellowship --key=bilbo \ --ekm-connection-key-path=v0/some/key/path --primary

FLAGS

--ekm-connection-key-path=EKM_CONNECTION_KEY_PATH

The path to the external key material on the EKM for keys with protection level "external-vpc".

--external-key-uri=EXTERNAL_KEY_URI

The URI of the external key for keys with protection level "external".

--key=KEY

The containing key.

--keyring=KEYRING

Key ring of the key.

--location=LOCATION

Location of the keyring.

--primary

If specified, immediately make the new version primary.

GCLOUD WIDE FLAGS

These flags are available to all commands: --access-token-file, --account, --billing-project, --configuration, --flags-file, --flatten, --format, --help, --impersonate-service-account, --log-http, --project, --quiet, --trace-token, --user-output-enabled, --verbosity.

Run $ gcloud help for details.

NOTES

This command is currently in alpha and might change without notice. If this command fails with API permission errors despite specifying the correct project, you might be trying to access an API with an invitation-only early access allowlist. These variants are also available:

$ gcloud kms keys versions create