KmsAeadKeyManager

java.lang.Object
- com.google.crypto.tink.aead.KmsAeadKeyManager

```
public final class KmsAeadKeyManager
extends java.lang.Object
```
This key manager produces new instances of Aead that forwards encrypt/decrypt requests to a key residing in a remote KMS.

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method	Description
`static KeyTemplate`	`createKeyTemplate(java.lang.String keyUri)`	Returns a new `KeyTemplate` that can generate a `KmsAeadKey` whose key is pointing to `keyUri`.
`static void`	`register(boolean newKeyAllowed)`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Method Detail
  - register
```
public static void register(boolean newKeyAllowed)
                     throws java.security.GeneralSecurityException
```
    Throws:
    
    java.security.GeneralSecurityException
  - createKeyTemplate
```
public static KeyTemplate createKeyTemplate(java.lang.String keyUri)
```
    Returns a new KeyTemplate that can generate a KmsAeadKey whose key is pointing to keyUri. Keys generated by this key template use the RAW output prefix to make them compatible with the remote KMS' encrypt/decrypt operations.
    It requires that a KmsClient that can handle keyUri is registered. Avoid registering it more than once.
    Note: Unlike other templates, when you call KeysetHandle#generateNew with this template, Tink does not generate new key material, but only creates a reference to the remote key.
    It is often not necessary to use this function. Instead of registering a KmsClient, and creating an Aead using KeysetHandle.generateNew(KmsAeadKeyManager.createKeyTemplate(keyUri)).getPrimitive(RegistryConfiguration.get(), Aead.class), you can create the Aead directly using kmsClient.getAead(kekUri), without registering any KmsClient.