Yandex.Cloud
  • Services
  • Why Yandex.Cloud
  • Pricing
  • Documentation
  • Contact us
Get started
Yandex Key Management Service
  • Getting started
  • Step-by-step instructions
    • All instructions
    • Keys
    • Key version
    • Data encryption
  • Concepts
    • Overview
    • Keys
    • Key version
    • Encryption
    • Envelope encryption
    • Key consistency
    • Quotas and limits
  • Use cases
    • All use cases
    • Data encryption
      • Which encryption method should I choose?
      • Encrypting data using the Yandex.Cloud CLI and API
      • Encrypting data using the Yandex.Cloud SDK
      • Encrypting data using the AWS Encryption SDK
      • Encrypting data using Google Tink
    • Encrypting secrets in Managed Service for Kubernetes
    • KMS key management with Hashicorp Terraform
    • Encrypting secrets in Hashicorp Terraform
  • Access management
  • Pricing policy
  • API reference
    • Authentication in the API
    • gRPC
      • Overview
      • SymmetricCryptoService
      • SymmetricKeyService
      • OperationService
    • REST
      • Overview
      • SymmetricCrypto
        • Overview
        • decrypt
        • encrypt
        • generateDataKey
        • reEncrypt
      • SymmetricKey
        • Overview
        • cancelVersionDestruction
        • create
        • delete
        • get
        • list
        • listAccessBindings
        • listOperations
        • listVersions
        • rotate
        • scheduleVersionDestruction
        • setAccessBindings
        • setPrimaryVersion
        • update
        • updateAccessBindings
  • Questions and answers
  1. API reference
  2. REST
  3. SymmetricCrypto
  4. encrypt

Method encrypt

  • HTTP request
  • Path parameters
  • Body parameters
  • Response

Encrypts given plaintext with the specified key.

HTTP request

POST https://kms.yandex/kms/v1/keys/{keyId}:encrypt

Path parameters

Parameter Description
keyId Required. ID of the symmetric KMS key to use for encryption. The maximum string length in characters is 50.

Body parameters

{
  "versionId": "string",
  "aadContext": "string",
  "plaintext": "string"
}
Field Description
versionId string

ID of the key version to encrypt plaintext with. Defaults to the primary version if not specified.

The maximum string length in characters is 50.

aadContext string (byte)

Additional authenticated data (AAD context), optional. If specified, this data will be required for decryption with the SymmetricDecryptRequest. Should be encoded with base64.

The maximum string length in characters is 8192.

plaintext string (byte)

Required. Plaintext to be encrypted. Should be encoded with base64.

The maximum string length in characters is 32768.

Response

HTTP Code: 200 - OK

{
  "keyId": "string",
  "versionId": "string",
  "ciphertext": "string"
}
Field Description
keyId string

Required. ID of the symmetric KMS key that was used for encryption.

The maximum string length in characters is 50.

versionId string

ID of the key version that was used for encryption.

The maximum string length in characters is 50.

ciphertext string (byte)

Resulting ciphertext.

In this article:
  • HTTP request
  • Path parameters
  • Body parameters
  • Response
Language
Careers
Privacy policy
Terms of use
© 2021 Yandex.Cloud LLC