docs(key_manager): add documentation (#4997)

scaleway-bot · web-flow · commit c3e9dd42b23b · 2025-09-11T15:14:54.000Z
diff --git a/cmd/scw/testdata/test-all-usage-keymanager-key-create-usage.golden b/cmd/scw/testdata/test-all-usage-keymanager-key-create-usage.golden
@@ -1,16 +1,16 @@
 🎲🎲🎲 EXIT CODE: 0 🎲🎲🎲
 🟥🟥🟥 STDERR️️ 🟥🟥🟥️
-Create a key in a given region specified by the `region` parameter. Keys only support symmetric encryption. You can use keys to encrypt or decrypt arbitrary payloads, or to generate data encryption keys. **Data encryption keys are not stored in Key Manager**.
+Create a key in a given region specified by the `region` parameter. You can use keys to encrypt or decrypt arbitrary payloads, to sign and verify messages or to generate data encryption keys. **Data encryption keys are not stored in Key Manager**.
 
 USAGE:
   scw keymanager key create [arg=value ...]
 
 ARGS:
   [project-id]                         Project ID to use. If none is passed the default project ID will be used
   [name]                               (Optional) Name of the key
-  [usage.symmetric-encryption]         Algorithm used to encrypt and decrypt arbitrary payloads. (unknown_symmetric_encryption | aes_256_gcm)
-  [usage.asymmetric-encryption]         (unknown_asymmetric_encryption | rsa_oaep_2048_sha256 | rsa_oaep_3072_sha256 | rsa_oaep_4096_sha256)
-  [usage.asymmetric-signing]            (unknown_asymmetric_signing | ec_p256_sha256 | ec_p384_sha384 | rsa_pss_2048_sha256 | rsa_pss_3072_sha256 | rsa_pss_4096_sha256 | rsa_pkcs1_2048_sha256 | rsa_pkcs1_3072_sha256 | rsa_pkcs1_4096_sha256)
+  [usage.symmetric-encryption]         Encrypt and decrypt arbitrary payloads using a symmetric encryption algorithm. (unknown_symmetric_encryption | aes_256_gcm)
+  [usage.asymmetric-encryption]        Encrypt and decrypt arbitrary payloads using an asymmetric encryption algorithm. (unknown_asymmetric_encryption | rsa_oaep_2048_sha256 | rsa_oaep_3072_sha256 | rsa_oaep_4096_sha256)
+  [usage.asymmetric-signing]           Sign and verify arbitrary messages using an asymmetric signing algorithm. (unknown_asymmetric_signing | ec_p256_sha256 | ec_p384_sha384 | rsa_pss_2048_sha256 | rsa_pss_3072_sha256 | rsa_pss_4096_sha256 | rsa_pkcs1_2048_sha256 | rsa_pkcs1_3072_sha256 | rsa_pkcs1_4096_sha256)
   [description]                        (Optional) Description of the key
   [tags.{index}]                       (Optional) List of the key's tags
   [rotation-policy.rotation-period]    Rotation period
diff --git a/docs/commands/keymanager.md b/docs/commands/keymanager.md
@@ -27,7 +27,7 @@ Keys are logical containers which store cryptographic keys.
 
 ### Create a key
 
-Create a key in a given region specified by the `region` parameter. Keys only support symmetric encryption. You can use keys to encrypt or decrypt arbitrary payloads, or to generate data encryption keys. **Data encryption keys are not stored in Key Manager**.
+Create a key in a given region specified by the `region` parameter. You can use keys to encrypt or decrypt arbitrary payloads, to sign and verify messages or to generate data encryption keys. **Data encryption keys are not stored in Key Manager**.
 
 **Usage:**
 
@@ -42,9 +42,9 @@ scw keymanager key create [arg=value ...]
 |------|---|-------------|
 | project-id |  | Project ID to use. If none is passed the default project ID will be used |
 | name |  | (Optional) Name of the key |
-| usage.symmetric-encryption | One of: `unknown_symmetric_encryption`, `aes_256_gcm` | Algorithm used to encrypt and decrypt arbitrary payloads. |
-| usage.asymmetric-encryption | One of: `unknown_asymmetric_encryption`, `rsa_oaep_2048_sha256`, `rsa_oaep_3072_sha256`, `rsa_oaep_4096_sha256` |  |
-| usage.asymmetric-signing | One of: `unknown_asymmetric_signing`, `ec_p256_sha256`, `ec_p384_sha384`, `rsa_pss_2048_sha256`, `rsa_pss_3072_sha256`, `rsa_pss_4096_sha256`, `rsa_pkcs1_2048_sha256`, `rsa_pkcs1_3072_sha256`, `rsa_pkcs1_4096_sha256` |  |
+| usage.symmetric-encryption | One of: `unknown_symmetric_encryption`, `aes_256_gcm` | Encrypt and decrypt arbitrary payloads using a symmetric encryption algorithm. |
+| usage.asymmetric-encryption | One of: `unknown_asymmetric_encryption`, `rsa_oaep_2048_sha256`, `rsa_oaep_3072_sha256`, `rsa_oaep_4096_sha256` | Encrypt and decrypt arbitrary payloads using an asymmetric encryption algorithm. |
+| usage.asymmetric-signing | One of: `unknown_asymmetric_signing`, `ec_p256_sha256`, `ec_p384_sha384`, `rsa_pss_2048_sha256`, `rsa_pss_3072_sha256`, `rsa_pss_4096_sha256`, `rsa_pkcs1_2048_sha256`, `rsa_pkcs1_3072_sha256`, `rsa_pkcs1_4096_sha256` | Sign and verify arbitrary messages using an asymmetric signing algorithm. |
 | description |  | (Optional) Description of the key |
 | tags.{index} |  | (Optional) List of the key's tags |
 | rotation-policy.rotation-period |  | Rotation period |
diff --git a/go.mod b/go.mod
@@ -23,7 +23,7 @@ require (
 	github.com/mattn/go-isatty v0.0.20
 	github.com/moby/buildkit v0.24.0
 	github.com/opencontainers/go-digest v1.0.0
-	github.com/scaleway/scaleway-sdk-go v1.0.0-beta.34.0.20250909122954-71c9aae6a7e3
+	github.com/scaleway/scaleway-sdk-go v1.0.0-beta.34.0.20250911091431-3c6786e253d0
 	github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966
 	github.com/spf13/cobra v1.10.1
 	github.com/spf13/pflag v1.0.10
diff --git a/go.sum b/go.sum
@@ -460,8 +460,8 @@ github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 h1:OkMGxebDjyw0ULyrTYWeN0UNCCkmCWfjPnIA2W6oviI=
 github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06/go.mod h1:+ePHsJ1keEjQtpvf9HHw0f4ZeJ0TLRsxhunSI2hYJSs=
-github.com/scaleway/scaleway-sdk-go v1.0.0-beta.34.0.20250909122954-71c9aae6a7e3 h1:bUgIIouQdnYoZ95+pB/WYEZh20P/So2sUZ44NaWEIBU=
-github.com/scaleway/scaleway-sdk-go v1.0.0-beta.34.0.20250909122954-71c9aae6a7e3/go.mod h1:2Cfo14o/ZO3hZg9GjbyD/BHKbyri3K5BiEHq4fBcUHY=
+github.com/scaleway/scaleway-sdk-go v1.0.0-beta.34.0.20250911091431-3c6786e253d0 h1:EOCbW0MnUjNKndDwoWiGwXix7no3Fe74sVDiXp8wMag=
+github.com/scaleway/scaleway-sdk-go v1.0.0-beta.34.0.20250911091431-3c6786e253d0/go.mod h1:47B1d/YXmSAxlJxUJxClzHR6b3T4M1WyCvwENPQNBWc=
 github.com/sclevine/spec v1.4.0 h1:z/Q9idDcay5m5irkZ28M7PtQM4aOISzOpj4bUPkDee8=
 github.com/sclevine/spec v1.4.0/go.mod h1:LvpgJaFyvQzRvc1kaDs0bulYwzC70PbiYjC4QnFHkOM=
 github.com/secure-systems-lab/go-securesystemslib v0.8.0 h1:mr5An6X45Kb2nddcFlbmfHkLguCE9laoZCUzEEpIZXA=
diff --git a/internal/namespaces/key_manager/v1alpha1/key_manager_cli.go b/internal/namespaces/key_manager/v1alpha1/key_manager_cli.go
@@ -59,7 +59,7 @@ func keymanagerKey() *core.Command {
 func keymanagerKeyCreate() *core.Command {
 	return &core.Command{
 		Short:     `Create a key`,
-		Long:      `Create a key in a given region specified by the ` + "`" + `region` + "`" + ` parameter. Keys only support symmetric encryption. You can use keys to encrypt or decrypt arbitrary payloads, or to generate data encryption keys. **Data encryption keys are not stored in Key Manager**.`,
+		Long:      `Create a key in a given region specified by the ` + "`" + `region` + "`" + ` parameter. You can use keys to encrypt or decrypt arbitrary payloads, to sign and verify messages or to generate data encryption keys. **Data encryption keys are not stored in Key Manager**.`,
 		Namespace: "keymanager",
 		Resource:  "key",
 		Verb:      "create",
@@ -76,7 +76,7 @@ func keymanagerKeyCreate() *core.Command {
 			},
 			{
 				Name:       "usage.symmetric-encryption",
-				Short:      `Algorithm used to encrypt and decrypt arbitrary payloads.`,
+				Short:      `Encrypt and decrypt arbitrary payloads using a symmetric encryption algorithm.`,
 				Required:   false,
 				Deprecated: false,
 				Positional: false,
@@ -87,6 +87,7 @@ func keymanagerKeyCreate() *core.Command {
 			},
 			{
 				Name:       "usage.asymmetric-encryption",
+				Short:      `Encrypt and decrypt arbitrary payloads using an asymmetric encryption algorithm.`,
 				Required:   false,
 				Deprecated: false,
 				Positional: false,
@@ -99,6 +100,7 @@ func keymanagerKeyCreate() *core.Command {
 			},
 			{
 				Name:       "usage.asymmetric-signing",
+				Short:      `Sign and verify arbitrary messages using an asymmetric signing algorithm.`,
 				Required:   false,
 				Deprecated: false,
 				Positional: false,

-Original file line number
+Diff line change
 	github.com/mattn/go-isatty v0.0.20
 	github.com/moby/buildkit v0.24.0
 	github.com/opencontainers/go-digest v1.0.0
 -	github.com/scaleway/scaleway-sdk-go v1.0.0-beta.34.0.20250909122954-71c9aae6a7e3
 +	github.com/scaleway/scaleway-sdk-go v1.0.0-beta.34.0.20250911091431-3c6786e253d0
 	github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966
 	github.com/spf13/cobra v1.10.1
 	github.com/spf13/pflag v1.0.10