Cloud service providers offer cloud storage for data, encryption and decryption services, key production services, and even key management services. Usually, each of these services has an application programming interface (API) specific to that service. This situation burdens the user with the responsibility of learning each of these APIs and interacting with multiple service providers, with overhead for each addition of or change to a service, and each change in user needs. Key management services, while addressing and alleviating some of this burden, still have APIs unique to different key management service providers. It is within this context that the embodiments arise.