1. Packages
  2. CockroachDB Cloud
  3. API Docs
  4. Cmek
CockroachDB v0.2.2 published on Monday, Mar 11, 2024 by pulumiverse

cockroach.Cmek

Explore with Pulumi AI

cockroach logo
CockroachDB v0.2.2 published on Monday, Mar 11, 2024 by pulumiverse

    Customer-managed encryption keys (CMEK) resource for a single cluster.

    Create Cmek Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Cmek(name: string, args: CmekArgs, opts?: CustomResourceOptions);
    @overload
    def Cmek(resource_name: str,
             args: CmekArgs,
             opts: Optional[ResourceOptions] = None)
    
    @overload
    def Cmek(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             cluster_id: Optional[str] = None,
             regions: Optional[Sequence[CmekRegionArgs]] = None,
             additional_regions: Optional[Sequence[CmekAdditionalRegionArgs]] = None,
             status: Optional[str] = None)
    func NewCmek(ctx *Context, name string, args CmekArgs, opts ...ResourceOption) (*Cmek, error)
    public Cmek(string name, CmekArgs args, CustomResourceOptions? opts = null)
    public Cmek(String name, CmekArgs args)
    public Cmek(String name, CmekArgs args, CustomResourceOptions options)
    
    type: cockroach:Cmek
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args CmekArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args CmekArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args CmekArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args CmekArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args CmekArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Example

    The following reference example uses placeholder values for all input properties.

    var cmekResource = new Cockroach.Cmek("cmekResource", new()
    {
        ClusterId = "string",
        Regions = new[]
        {
            new Cockroach.Inputs.CmekRegionArgs
            {
                Key = new Cockroach.Inputs.CmekRegionKeyArgs
                {
                    AuthPrincipal = "string",
                    Type = "string",
                    Uri = "string",
                    CreatedAt = "string",
                    Status = "string",
                    UpdatedAt = "string",
                    UserMessage = "string",
                },
                Region = "string",
                Status = "string",
            },
        },
        AdditionalRegions = new[]
        {
            new Cockroach.Inputs.CmekAdditionalRegionArgs
            {
                Name = "string",
                InternalDns = "string",
                NodeCount = 0,
                Primary = false,
                SqlDns = "string",
                UiDns = "string",
            },
        },
        Status = "string",
    });
    
    example, err := cockroach.NewCmek(ctx, "cmekResource", &cockroach.CmekArgs{
    	ClusterId: pulumi.String("string"),
    	Regions: cockroach.CmekRegionArray{
    		&cockroach.CmekRegionArgs{
    			Key: &cockroach.CmekRegionKeyArgs{
    				AuthPrincipal: pulumi.String("string"),
    				Type:          pulumi.String("string"),
    				Uri:           pulumi.String("string"),
    				CreatedAt:     pulumi.String("string"),
    				Status:        pulumi.String("string"),
    				UpdatedAt:     pulumi.String("string"),
    				UserMessage:   pulumi.String("string"),
    			},
    			Region: pulumi.String("string"),
    			Status: pulumi.String("string"),
    		},
    	},
    	AdditionalRegions: cockroach.CmekAdditionalRegionArray{
    		&cockroach.CmekAdditionalRegionArgs{
    			Name:        pulumi.String("string"),
    			InternalDns: pulumi.String("string"),
    			NodeCount:   pulumi.Int(0),
    			Primary:     pulumi.Bool(false),
    			SqlDns:      pulumi.String("string"),
    			UiDns:       pulumi.String("string"),
    		},
    	},
    	Status: pulumi.String("string"),
    })
    
    var cmekResource = new Cmek("cmekResource", CmekArgs.builder()        
        .clusterId("string")
        .regions(CmekRegionArgs.builder()
            .key(CmekRegionKeyArgs.builder()
                .authPrincipal("string")
                .type("string")
                .uri("string")
                .createdAt("string")
                .status("string")
                .updatedAt("string")
                .userMessage("string")
                .build())
            .region("string")
            .status("string")
            .build())
        .additionalRegions(CmekAdditionalRegionArgs.builder()
            .name("string")
            .internalDns("string")
            .nodeCount(0)
            .primary(false)
            .sqlDns("string")
            .uiDns("string")
            .build())
        .status("string")
        .build());
    
    cmek_resource = cockroach.Cmek("cmekResource",
        cluster_id="string",
        regions=[cockroach.CmekRegionArgs(
            key=cockroach.CmekRegionKeyArgs(
                auth_principal="string",
                type="string",
                uri="string",
                created_at="string",
                status="string",
                updated_at="string",
                user_message="string",
            ),
            region="string",
            status="string",
        )],
        additional_regions=[cockroach.CmekAdditionalRegionArgs(
            name="string",
            internal_dns="string",
            node_count=0,
            primary=False,
            sql_dns="string",
            ui_dns="string",
        )],
        status="string")
    
    const cmekResource = new cockroach.Cmek("cmekResource", {
        clusterId: "string",
        regions: [{
            key: {
                authPrincipal: "string",
                type: "string",
                uri: "string",
                createdAt: "string",
                status: "string",
                updatedAt: "string",
                userMessage: "string",
            },
            region: "string",
            status: "string",
        }],
        additionalRegions: [{
            name: "string",
            internalDns: "string",
            nodeCount: 0,
            primary: false,
            sqlDns: "string",
            uiDns: "string",
        }],
        status: "string",
    });
    
    type: cockroach:Cmek
    properties:
        additionalRegions:
            - internalDns: string
              name: string
              nodeCount: 0
              primary: false
              sqlDns: string
              uiDns: string
        clusterId: string
        regions:
            - key:
                authPrincipal: string
                createdAt: string
                status: string
                type: string
                updatedAt: string
                uri: string
                userMessage: string
              region: string
              status: string
        status: string
    

    Cmek Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Cmek resource accepts the following input properties:

    ClusterId string
    Cluster ID.
    Regions List<Pulumiverse.Cockroach.Inputs.CmekRegion>
    AdditionalRegions List<Pulumiverse.Cockroach.Inputs.CmekAdditionalRegion>
    Once CMEK is enabled for a cluster, no new regions can be added to the cluster resource, since they need encryption key info stored in the CMEK resource. New regions can be added and maintained here instead.
    Status string
    Aggregated status of the cluster's encryption key(s).
    ClusterId string
    Cluster ID.
    Regions []CmekRegionArgs
    AdditionalRegions []CmekAdditionalRegionArgs
    Once CMEK is enabled for a cluster, no new regions can be added to the cluster resource, since they need encryption key info stored in the CMEK resource. New regions can be added and maintained here instead.
    Status string
    Aggregated status of the cluster's encryption key(s).
    clusterId String
    Cluster ID.
    regions List<CmekRegion>
    additionalRegions List<CmekAdditionalRegion>
    Once CMEK is enabled for a cluster, no new regions can be added to the cluster resource, since they need encryption key info stored in the CMEK resource. New regions can be added and maintained here instead.
    status String
    Aggregated status of the cluster's encryption key(s).
    clusterId string
    Cluster ID.
    regions CmekRegion[]
    additionalRegions CmekAdditionalRegion[]
    Once CMEK is enabled for a cluster, no new regions can be added to the cluster resource, since they need encryption key info stored in the CMEK resource. New regions can be added and maintained here instead.
    status string
    Aggregated status of the cluster's encryption key(s).
    cluster_id str
    Cluster ID.
    regions Sequence[CmekRegionArgs]
    additional_regions Sequence[CmekAdditionalRegionArgs]
    Once CMEK is enabled for a cluster, no new regions can be added to the cluster resource, since they need encryption key info stored in the CMEK resource. New regions can be added and maintained here instead.
    status str
    Aggregated status of the cluster's encryption key(s).
    clusterId String
    Cluster ID.
    regions List<Property Map>
    additionalRegions List<Property Map>
    Once CMEK is enabled for a cluster, no new regions can be added to the cluster resource, since they need encryption key info stored in the CMEK resource. New regions can be added and maintained here instead.
    status String
    Aggregated status of the cluster's encryption key(s).

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Cmek resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Cmek Resource

    Get an existing Cmek resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: CmekState, opts?: CustomResourceOptions): Cmek
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            additional_regions: Optional[Sequence[CmekAdditionalRegionArgs]] = None,
            cluster_id: Optional[str] = None,
            regions: Optional[Sequence[CmekRegionArgs]] = None,
            status: Optional[str] = None) -> Cmek
    func GetCmek(ctx *Context, name string, id IDInput, state *CmekState, opts ...ResourceOption) (*Cmek, error)
    public static Cmek Get(string name, Input<string> id, CmekState? state, CustomResourceOptions? opts = null)
    public static Cmek get(String name, Output<String> id, CmekState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AdditionalRegions List<Pulumiverse.Cockroach.Inputs.CmekAdditionalRegion>
    Once CMEK is enabled for a cluster, no new regions can be added to the cluster resource, since they need encryption key info stored in the CMEK resource. New regions can be added and maintained here instead.
    ClusterId string
    Cluster ID.
    Regions List<Pulumiverse.Cockroach.Inputs.CmekRegion>
    Status string
    Aggregated status of the cluster's encryption key(s).
    AdditionalRegions []CmekAdditionalRegionArgs
    Once CMEK is enabled for a cluster, no new regions can be added to the cluster resource, since they need encryption key info stored in the CMEK resource. New regions can be added and maintained here instead.
    ClusterId string
    Cluster ID.
    Regions []CmekRegionArgs
    Status string
    Aggregated status of the cluster's encryption key(s).
    additionalRegions List<CmekAdditionalRegion>
    Once CMEK is enabled for a cluster, no new regions can be added to the cluster resource, since they need encryption key info stored in the CMEK resource. New regions can be added and maintained here instead.
    clusterId String
    Cluster ID.
    regions List<CmekRegion>
    status String
    Aggregated status of the cluster's encryption key(s).
    additionalRegions CmekAdditionalRegion[]
    Once CMEK is enabled for a cluster, no new regions can be added to the cluster resource, since they need encryption key info stored in the CMEK resource. New regions can be added and maintained here instead.
    clusterId string
    Cluster ID.
    regions CmekRegion[]
    status string
    Aggregated status of the cluster's encryption key(s).
    additional_regions Sequence[CmekAdditionalRegionArgs]
    Once CMEK is enabled for a cluster, no new regions can be added to the cluster resource, since they need encryption key info stored in the CMEK resource. New regions can be added and maintained here instead.
    cluster_id str
    Cluster ID.
    regions Sequence[CmekRegionArgs]
    status str
    Aggregated status of the cluster's encryption key(s).
    additionalRegions List<Property Map>
    Once CMEK is enabled for a cluster, no new regions can be added to the cluster resource, since they need encryption key info stored in the CMEK resource. New regions can be added and maintained here instead.
    clusterId String
    Cluster ID.
    regions List<Property Map>
    status String
    Aggregated status of the cluster's encryption key(s).

    Supporting Types

    CmekAdditionalRegion, CmekAdditionalRegionArgs

    Name string
    Name of the region. Should match the region code used by the cluster's cloud provider.
    InternalDns string
    Internal DNS name of the cluster within the cloud provider's network. Used to connect to the cluster with PrivateLink or VPC peering.
    NodeCount int
    Number of nodes in the region. Will always be 0 for serverless clusters.
    Primary bool
    Set to true to mark this region as the primary for a Serverless cluster. Exactly one region must be primary. Dedicated clusters expect to have no primary region.
    SqlDns string
    DNS name of the cluster's SQL interface. Used to connect to the cluster with IP allowlisting.
    UiDns string
    DNS name used when connecting to the DB Console for the cluster.
    Name string
    Name of the region. Should match the region code used by the cluster's cloud provider.
    InternalDns string
    Internal DNS name of the cluster within the cloud provider's network. Used to connect to the cluster with PrivateLink or VPC peering.
    NodeCount int
    Number of nodes in the region. Will always be 0 for serverless clusters.
    Primary bool
    Set to true to mark this region as the primary for a Serverless cluster. Exactly one region must be primary. Dedicated clusters expect to have no primary region.
    SqlDns string
    DNS name of the cluster's SQL interface. Used to connect to the cluster with IP allowlisting.
    UiDns string
    DNS name used when connecting to the DB Console for the cluster.
    name String
    Name of the region. Should match the region code used by the cluster's cloud provider.
    internalDns String
    Internal DNS name of the cluster within the cloud provider's network. Used to connect to the cluster with PrivateLink or VPC peering.
    nodeCount Integer
    Number of nodes in the region. Will always be 0 for serverless clusters.
    primary Boolean
    Set to true to mark this region as the primary for a Serverless cluster. Exactly one region must be primary. Dedicated clusters expect to have no primary region.
    sqlDns String
    DNS name of the cluster's SQL interface. Used to connect to the cluster with IP allowlisting.
    uiDns String
    DNS name used when connecting to the DB Console for the cluster.
    name string
    Name of the region. Should match the region code used by the cluster's cloud provider.
    internalDns string
    Internal DNS name of the cluster within the cloud provider's network. Used to connect to the cluster with PrivateLink or VPC peering.
    nodeCount number
    Number of nodes in the region. Will always be 0 for serverless clusters.
    primary boolean
    Set to true to mark this region as the primary for a Serverless cluster. Exactly one region must be primary. Dedicated clusters expect to have no primary region.
    sqlDns string
    DNS name of the cluster's SQL interface. Used to connect to the cluster with IP allowlisting.
    uiDns string
    DNS name used when connecting to the DB Console for the cluster.
    name str
    Name of the region. Should match the region code used by the cluster's cloud provider.
    internal_dns str
    Internal DNS name of the cluster within the cloud provider's network. Used to connect to the cluster with PrivateLink or VPC peering.
    node_count int
    Number of nodes in the region. Will always be 0 for serverless clusters.
    primary bool
    Set to true to mark this region as the primary for a Serverless cluster. Exactly one region must be primary. Dedicated clusters expect to have no primary region.
    sql_dns str
    DNS name of the cluster's SQL interface. Used to connect to the cluster with IP allowlisting.
    ui_dns str
    DNS name used when connecting to the DB Console for the cluster.
    name String
    Name of the region. Should match the region code used by the cluster's cloud provider.
    internalDns String
    Internal DNS name of the cluster within the cloud provider's network. Used to connect to the cluster with PrivateLink or VPC peering.
    nodeCount Number
    Number of nodes in the region. Will always be 0 for serverless clusters.
    primary Boolean
    Set to true to mark this region as the primary for a Serverless cluster. Exactly one region must be primary. Dedicated clusters expect to have no primary region.
    sqlDns String
    DNS name of the cluster's SQL interface. Used to connect to the cluster with IP allowlisting.
    uiDns String
    DNS name used when connecting to the DB Console for the cluster.

    CmekRegion, CmekRegionArgs

    Key Pulumiverse.Cockroach.Inputs.CmekRegionKey
    Region string
    Cloud provider region code.
    Status string
    Describes the status of the current encryption key within the region.
    Key CmekRegionKey
    Region string
    Cloud provider region code.
    Status string
    Describes the status of the current encryption key within the region.
    key CmekRegionKey
    region String
    Cloud provider region code.
    status String
    Describes the status of the current encryption key within the region.
    key CmekRegionKey
    region string
    Cloud provider region code.
    status string
    Describes the status of the current encryption key within the region.
    key CmekRegionKey
    region str
    Cloud provider region code.
    status str
    Describes the status of the current encryption key within the region.
    key Property Map
    region String
    Cloud provider region code.
    status String
    Describes the status of the current encryption key within the region.

    CmekRegionKey, CmekRegionKeyArgs

    AuthPrincipal string
    Principal to authenticate as in order to access the key.
    Type string
    Type of encryption key. Current allowed values are:

    • AWS_KMS
    • GCP_CLOUD_KMS
    • NULL_KMS
    Uri string
    Provider-specific URI pointing to the encryption key.
    CreatedAt string
    Indicates when the key was created.
    Status string
    Current status of this key.
    UpdatedAt string
    Indicates when the key was last updated.
    UserMessage string
    Elaborates on the key's status and hints at how to fix issues that may have occurred during asynchronous key operations.
    AuthPrincipal string
    Principal to authenticate as in order to access the key.
    Type string
    Type of encryption key. Current allowed values are:

    • AWS_KMS
    • GCP_CLOUD_KMS
    • NULL_KMS
    Uri string
    Provider-specific URI pointing to the encryption key.
    CreatedAt string
    Indicates when the key was created.
    Status string
    Current status of this key.
    UpdatedAt string
    Indicates when the key was last updated.
    UserMessage string
    Elaborates on the key's status and hints at how to fix issues that may have occurred during asynchronous key operations.
    authPrincipal String
    Principal to authenticate as in order to access the key.
    type String
    Type of encryption key. Current allowed values are:

    • AWS_KMS
    • GCP_CLOUD_KMS
    • NULL_KMS
    uri String
    Provider-specific URI pointing to the encryption key.
    createdAt String
    Indicates when the key was created.
    status String
    Current status of this key.
    updatedAt String
    Indicates when the key was last updated.
    userMessage String
    Elaborates on the key's status and hints at how to fix issues that may have occurred during asynchronous key operations.
    authPrincipal string
    Principal to authenticate as in order to access the key.
    type string
    Type of encryption key. Current allowed values are:

    • AWS_KMS
    • GCP_CLOUD_KMS
    • NULL_KMS
    uri string
    Provider-specific URI pointing to the encryption key.
    createdAt string
    Indicates when the key was created.
    status string
    Current status of this key.
    updatedAt string
    Indicates when the key was last updated.
    userMessage string
    Elaborates on the key's status and hints at how to fix issues that may have occurred during asynchronous key operations.
    auth_principal str
    Principal to authenticate as in order to access the key.
    type str
    Type of encryption key. Current allowed values are:

    • AWS_KMS
    • GCP_CLOUD_KMS
    • NULL_KMS
    uri str
    Provider-specific URI pointing to the encryption key.
    created_at str
    Indicates when the key was created.
    status str
    Current status of this key.
    updated_at str
    Indicates when the key was last updated.
    user_message str
    Elaborates on the key's status and hints at how to fix issues that may have occurred during asynchronous key operations.
    authPrincipal String
    Principal to authenticate as in order to access the key.
    type String
    Type of encryption key. Current allowed values are:

    • AWS_KMS
    • GCP_CLOUD_KMS
    • NULL_KMS
    uri String
    Provider-specific URI pointing to the encryption key.
    createdAt String
    Indicates when the key was created.
    status String
    Current status of this key.
    updatedAt String
    Indicates when the key was last updated.
    userMessage String
    Elaborates on the key's status and hints at how to fix issues that may have occurred during asynchronous key operations.

    Package Details

    Repository
    cockroach pulumiverse/pulumi-cockroach
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the cockroach Terraform Provider.
    cockroach logo
    CockroachDB v0.2.2 published on Monday, Mar 11, 2024 by pulumiverse