diff --git a/Gopkg.toml b/Gopkg.toml
index 8e8e9943dd0a00009a9626d49bf8a20ae8e28e05..1e6c89ba9c34ad9a363f8a8670152fc4e1c13322 100644
--- a/Gopkg.toml
+++ b/Gopkg.toml
@@ -1,15 +1,11 @@
 [[constraint]]
-  branch = "master"
+  branch = "added_key_suspend"
   name = "code.vereign.com/code/viam-apis"
 
 [[constraint]]
   name = "github.com/golang/protobuf"
   version = "1.1.0"
 
-[[constraint]]
-  name = "github.com/grpc-ecosystem/grpc-gateway"
-  version = "1.4.1"
-
 [[constraint]]
   branch = "master"
   name = "golang.org/x/net"
diff --git a/handler/revoke.go b/handler/revoke.go
index 002c797b3b6d5979269da0153af61a6e798784f9..0d6a36c24b36a97171f49749d9d09153836f927b 100644
--- a/handler/revoke.go
+++ b/handler/revoke.go
@@ -27,40 +27,74 @@ import (
 )
 
 func (s *KeyStorageServerImpl) Revoke(ctx context.Context, in *api.RevokeRequest) (*api.RevokeResponse, error) {
-	auth := s.CreateAuthentication(ctx)
-
-	client := keyutils.CreateDataStorageClient(auth)
-	defer client.CloseClient()
-
 	revokeResponse := &api.RevokeResponse{}
 
-	revokeResponse.StatusList = revokeKey(client, in.Uuid, api.KeyType_PRIVATE)
+	revokeResponse.StatusList = s.updateAll(ctx, in.Uuid, func(k *api.Key) { k.Revoked = true })
 	if revokeResponse.StatusList != nil {
 		return revokeResponse, nil
 	}
+	revokeResponse.StatusList = utils.AddStatus(revokeResponse.StatusList, "200", api.StatusType_INFO, "Keys revoked")
+	return revokeResponse, nil
+}
 
-	revokeResponse.StatusList = revokeKey(client, in.Uuid, api.KeyType_PUBLIC)
-	if revokeResponse.StatusList != nil {
-		return revokeResponse, nil
+func (s *KeyStorageServerImpl) Suspend(ctx context.Context, in *api.SuspendRequest) (*api.SuspendResponse, error) {
+	suspendResponse := &api.SuspendResponse{}
+
+	suspendResponse.StatusList = s.updateAll(ctx, in.Uuid, func(k *api.Key) { k.Suspended = true })
+	if suspendResponse.StatusList != nil {
+		return suspendResponse, nil
 	}
+	suspendResponse.StatusList = utils.AddStatus(suspendResponse.StatusList, "200", api.StatusType_INFO, "Keys suspended")
+	return suspendResponse, nil
+}
 
-	revokeResponse.StatusList = revokeKey(client, in.Uuid, api.KeyType_CERTIFICATE)
-	if revokeResponse.StatusList != nil {
-		return revokeResponse, nil
+func (s *KeyStorageServerImpl) Resume(ctx context.Context, in *api.ResumeRequest) (*api.ResumeResponse, error) {
+	resumeResponse := &api.ResumeResponse{}
+
+	resumeResponse.StatusList = s.updateAll(ctx, in.Uuid, func(k *api.Key) { k.Suspended = false })
+	if resumeResponse.StatusList != nil {
+		return resumeResponse, nil
 	}
+	resumeResponse.StatusList = utils.AddStatus(resumeResponse.StatusList, "200", api.StatusType_INFO, "Keys resumed")
+	return resumeResponse, nil
+}
 
-	revokeResponse.StatusList = utils.AddStatus(revokeResponse.StatusList, "200", api.StatusType_INFO, "Keys revoked")
-	return revokeResponse, nil
+func (s *KeyStorageServerImpl) Rename(ctx context.Context, in *api.RenameRequest) (*api.RenameResponse, error) {
+	renameResponse := &api.RenameResponse{}
+
+	renameResponse.StatusList = s.updateAll(ctx, in.Uuid, func(k *api.Key) { k.Name = in.Name })
+	if renameResponse.StatusList != nil {
+		return renameResponse, nil
+	}
+	renameResponse.StatusList = utils.AddStatus(renameResponse.StatusList, "200", api.StatusType_INFO, "Keys renamed")
+	return renameResponse, nil
 }
 
-func revokeKey(client *client.DataStorageClientImpl, uuid string, keyType api.KeyType) []*api.Status {
+func (s *KeyStorageServerImpl) updateAll(ctx context.Context, uuid string, update func(*api.Key)) []*api.Status {
+	auth := s.CreateAuthentication(ctx)
+
+	client := keyutils.CreateDataStorageClient(auth)
+	defer client.CloseClient()
+
+	client.SetUpClient(auth, s.DataStorageUrl, s.CertPEM, s.KeyPEM, s.CaCertPEM, s.MaxMessageSize)
+
+	for _, kType := range []api.KeyType{api.KeyType_PRIVATE, api.KeyType_PUBLIC, api.KeyType_CERTIFICATE} {
+		statusList := updateKey(client, uuid, kType, update)
+		if statusList != nil {
+			return statusList
+		}
+	}
+
+	return nil
+}
 
+func updateKey(client *client.DataStorageClientImpl, uuid string, keyType api.KeyType, update func(*api.Key)) []*api.Status {
 	key, statusList := keyutils.GetKey(client, uuid, keyType)
 	if statusList != nil {
 		return statusList
 	}
 
-	key.Revoked = true
+	update(key)
 
 	_, errors, err := client.DoPutDataCall("keys", uuid+"/"+api.KeyType.String(keyType), key, versions.EntitiesManagementAgentApiVersion)
 	statusList = keyutils.HandlePutDataErrors(statusList, errors, err)