1. Packages
  2. Google Cloud (GCP) Classic
  3. API Docs
  4. kms
  5. CryptoKeyVersion
Google Cloud Classic v6.67.0 published on Wednesday, Sep 27, 2023 by Pulumi

gcp.kms.CryptoKeyVersion

Explore with Pulumi AI

gcp logo
Google Cloud Classic v6.67.0 published on Wednesday, Sep 27, 2023 by Pulumi

    A CryptoKeyVersion represents an individual cryptographic key, and the associated key material.

    Destroying a cryptoKeyVersion will not delete the resource from the project.

    To get more information about CryptoKeyVersion, see:

    Example Usage

    Kms Crypto Key Version Basic

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    
    return await Deployment.RunAsync(() => 
    {
        var keyring = new Gcp.Kms.KeyRing("keyring", new()
        {
            Location = "global",
        });
    
        var cryptokey = new Gcp.Kms.CryptoKey("cryptokey", new()
        {
            KeyRing = keyring.Id,
            RotationPeriod = "100000s",
        });
    
        var example_key = new Gcp.Kms.CryptoKeyVersion("example-key", new()
        {
            CryptoKey = cryptokey.Id,
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/kms"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		keyring, err := kms.NewKeyRing(ctx, "keyring", &kms.KeyRingArgs{
    			Location: pulumi.String("global"),
    		})
    		if err != nil {
    			return err
    		}
    		cryptokey, err := kms.NewCryptoKey(ctx, "cryptokey", &kms.CryptoKeyArgs{
    			KeyRing:        keyring.ID(),
    			RotationPeriod: pulumi.String("100000s"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = kms.NewCryptoKeyVersion(ctx, "example-key", &kms.CryptoKeyVersionArgs{
    			CryptoKey: cryptokey.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.kms.KeyRing;
    import com.pulumi.gcp.kms.KeyRingArgs;
    import com.pulumi.gcp.kms.CryptoKey;
    import com.pulumi.gcp.kms.CryptoKeyArgs;
    import com.pulumi.gcp.kms.CryptoKeyVersion;
    import com.pulumi.gcp.kms.CryptoKeyVersionArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var keyring = new KeyRing("keyring", KeyRingArgs.builder()        
                .location("global")
                .build());
    
            var cryptokey = new CryptoKey("cryptokey", CryptoKeyArgs.builder()        
                .keyRing(keyring.id())
                .rotationPeriod("100000s")
                .build());
    
            var example_key = new CryptoKeyVersion("example-key", CryptoKeyVersionArgs.builder()        
                .cryptoKey(cryptokey.id())
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_gcp as gcp
    
    keyring = gcp.kms.KeyRing("keyring", location="global")
    cryptokey = gcp.kms.CryptoKey("cryptokey",
        key_ring=keyring.id,
        rotation_period="100000s")
    example_key = gcp.kms.CryptoKeyVersion("example-key", crypto_key=cryptokey.id)
    
    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    
    const keyring = new gcp.kms.KeyRing("keyring", {location: "global"});
    const cryptokey = new gcp.kms.CryptoKey("cryptokey", {
        keyRing: keyring.id,
        rotationPeriod: "100000s",
    });
    const example_key = new gcp.kms.CryptoKeyVersion("example-key", {cryptoKey: cryptokey.id});
    
    resources:
      keyring:
        type: gcp:kms:KeyRing
        properties:
          location: global
      cryptokey:
        type: gcp:kms:CryptoKey
        properties:
          keyRing: ${keyring.id}
          rotationPeriod: 100000s
      example-key:
        type: gcp:kms:CryptoKeyVersion
        properties:
          cryptoKey: ${cryptokey.id}
    

    Create CryptoKeyVersion Resource

    new CryptoKeyVersion(name: string, args: CryptoKeyVersionArgs, opts?: CustomResourceOptions);
    @overload
    def CryptoKeyVersion(resource_name: str,
                         opts: Optional[ResourceOptions] = None,
                         crypto_key: Optional[str] = None,
                         state: Optional[str] = None)
    @overload
    def CryptoKeyVersion(resource_name: str,
                         args: CryptoKeyVersionArgs,
                         opts: Optional[ResourceOptions] = None)
    func NewCryptoKeyVersion(ctx *Context, name string, args CryptoKeyVersionArgs, opts ...ResourceOption) (*CryptoKeyVersion, error)
    public CryptoKeyVersion(string name, CryptoKeyVersionArgs args, CustomResourceOptions? opts = null)
    public CryptoKeyVersion(String name, CryptoKeyVersionArgs args)
    public CryptoKeyVersion(String name, CryptoKeyVersionArgs args, CustomResourceOptions options)
    
    type: gcp:kms:CryptoKeyVersion
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args CryptoKeyVersionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args CryptoKeyVersionArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args CryptoKeyVersionArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args CryptoKeyVersionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args CryptoKeyVersionArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    CryptoKeyVersion Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The CryptoKeyVersion resource accepts the following input properties:

    CryptoKey string

    The name of the cryptoKey associated with the CryptoKeyVersions. Format: 'projects/{{project}}/locations/{{location}}/keyRings/{{keyring}}/cryptoKeys/{{cryptoKey}}'


    State string

    The current state of the CryptoKeyVersion. Possible values are: PENDING_GENERATION, ENABLED, DISABLED, DESTROYED, DESTROY_SCHEDULED, PENDING_IMPORT, IMPORT_FAILED.

    CryptoKey string

    The name of the cryptoKey associated with the CryptoKeyVersions. Format: 'projects/{{project}}/locations/{{location}}/keyRings/{{keyring}}/cryptoKeys/{{cryptoKey}}'


    State string

    The current state of the CryptoKeyVersion. Possible values are: PENDING_GENERATION, ENABLED, DISABLED, DESTROYED, DESTROY_SCHEDULED, PENDING_IMPORT, IMPORT_FAILED.

    cryptoKey String

    The name of the cryptoKey associated with the CryptoKeyVersions. Format: 'projects/{{project}}/locations/{{location}}/keyRings/{{keyring}}/cryptoKeys/{{cryptoKey}}'


    state String

    The current state of the CryptoKeyVersion. Possible values are: PENDING_GENERATION, ENABLED, DISABLED, DESTROYED, DESTROY_SCHEDULED, PENDING_IMPORT, IMPORT_FAILED.

    cryptoKey string

    The name of the cryptoKey associated with the CryptoKeyVersions. Format: 'projects/{{project}}/locations/{{location}}/keyRings/{{keyring}}/cryptoKeys/{{cryptoKey}}'


    state string

    The current state of the CryptoKeyVersion. Possible values are: PENDING_GENERATION, ENABLED, DISABLED, DESTROYED, DESTROY_SCHEDULED, PENDING_IMPORT, IMPORT_FAILED.

    crypto_key str

    The name of the cryptoKey associated with the CryptoKeyVersions. Format: 'projects/{{project}}/locations/{{location}}/keyRings/{{keyring}}/cryptoKeys/{{cryptoKey}}'


    state str

    The current state of the CryptoKeyVersion. Possible values are: PENDING_GENERATION, ENABLED, DISABLED, DESTROYED, DESTROY_SCHEDULED, PENDING_IMPORT, IMPORT_FAILED.

    cryptoKey String

    The name of the cryptoKey associated with the CryptoKeyVersions. Format: 'projects/{{project}}/locations/{{location}}/keyRings/{{keyring}}/cryptoKeys/{{cryptoKey}}'


    state String

    The current state of the CryptoKeyVersion. Possible values are: PENDING_GENERATION, ENABLED, DISABLED, DESTROYED, DESTROY_SCHEDULED, PENDING_IMPORT, IMPORT_FAILED.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the CryptoKeyVersion resource produces the following output properties:

    Algorithm string

    The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.

    Attestations List<CryptoKeyVersionAttestation>

    Statement that was generated and signed by the HSM at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google. Only provided for key versions with protectionLevel HSM. Structure is documented below.

    GenerateTime string

    The time this CryptoKeyVersion key material was generated

    Id string

    The provider-assigned unique ID for this managed resource.

    Name string

    The resource name for this CryptoKeyVersion.

    ProtectionLevel string

    The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion.

    Algorithm string

    The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.

    Attestations []CryptoKeyVersionAttestation

    Statement that was generated and signed by the HSM at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google. Only provided for key versions with protectionLevel HSM. Structure is documented below.

    GenerateTime string

    The time this CryptoKeyVersion key material was generated

    Id string

    The provider-assigned unique ID for this managed resource.

    Name string

    The resource name for this CryptoKeyVersion.

    ProtectionLevel string

    The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion.

    algorithm String

    The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.

    attestations List<CryptoKeyVersionAttestation>

    Statement that was generated and signed by the HSM at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google. Only provided for key versions with protectionLevel HSM. Structure is documented below.

    generateTime String

    The time this CryptoKeyVersion key material was generated

    id String

    The provider-assigned unique ID for this managed resource.

    name String

    The resource name for this CryptoKeyVersion.

    protectionLevel String

    The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion.

    algorithm string

    The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.

    attestations CryptoKeyVersionAttestation[]

    Statement that was generated and signed by the HSM at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google. Only provided for key versions with protectionLevel HSM. Structure is documented below.

    generateTime string

    The time this CryptoKeyVersion key material was generated

    id string

    The provider-assigned unique ID for this managed resource.

    name string

    The resource name for this CryptoKeyVersion.

    protectionLevel string

    The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion.

    algorithm str

    The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.

    attestations Sequence[CryptoKeyVersionAttestation]

    Statement that was generated and signed by the HSM at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google. Only provided for key versions with protectionLevel HSM. Structure is documented below.

    generate_time str

    The time this CryptoKeyVersion key material was generated

    id str

    The provider-assigned unique ID for this managed resource.

    name str

    The resource name for this CryptoKeyVersion.

    protection_level str

    The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion.

    algorithm String

    The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.

    attestations List<Property Map>

    Statement that was generated and signed by the HSM at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google. Only provided for key versions with protectionLevel HSM. Structure is documented below.

    generateTime String

    The time this CryptoKeyVersion key material was generated

    id String

    The provider-assigned unique ID for this managed resource.

    name String

    The resource name for this CryptoKeyVersion.

    protectionLevel String

    The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion.

    Look up Existing CryptoKeyVersion Resource

    Get an existing CryptoKeyVersion resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: CryptoKeyVersionState, opts?: CustomResourceOptions): CryptoKeyVersion
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            algorithm: Optional[str] = None,
            attestations: Optional[Sequence[CryptoKeyVersionAttestationArgs]] = None,
            crypto_key: Optional[str] = None,
            generate_time: Optional[str] = None,
            name: Optional[str] = None,
            protection_level: Optional[str] = None,
            state: Optional[str] = None) -> CryptoKeyVersion
    func GetCryptoKeyVersion(ctx *Context, name string, id IDInput, state *CryptoKeyVersionState, opts ...ResourceOption) (*CryptoKeyVersion, error)
    public static CryptoKeyVersion Get(string name, Input<string> id, CryptoKeyVersionState? state, CustomResourceOptions? opts = null)
    public static CryptoKeyVersion get(String name, Output<String> id, CryptoKeyVersionState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Algorithm string

    The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.

    Attestations List<CryptoKeyVersionAttestation>

    Statement that was generated and signed by the HSM at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google. Only provided for key versions with protectionLevel HSM. Structure is documented below.

    CryptoKey string

    The name of the cryptoKey associated with the CryptoKeyVersions. Format: 'projects/{{project}}/locations/{{location}}/keyRings/{{keyring}}/cryptoKeys/{{cryptoKey}}'


    GenerateTime string

    The time this CryptoKeyVersion key material was generated

    Name string

    The resource name for this CryptoKeyVersion.

    ProtectionLevel string

    The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion.

    State string

    The current state of the CryptoKeyVersion. Possible values are: PENDING_GENERATION, ENABLED, DISABLED, DESTROYED, DESTROY_SCHEDULED, PENDING_IMPORT, IMPORT_FAILED.

    Algorithm string

    The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.

    Attestations []CryptoKeyVersionAttestationArgs

    Statement that was generated and signed by the HSM at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google. Only provided for key versions with protectionLevel HSM. Structure is documented below.

    CryptoKey string

    The name of the cryptoKey associated with the CryptoKeyVersions. Format: 'projects/{{project}}/locations/{{location}}/keyRings/{{keyring}}/cryptoKeys/{{cryptoKey}}'


    GenerateTime string

    The time this CryptoKeyVersion key material was generated

    Name string

    The resource name for this CryptoKeyVersion.

    ProtectionLevel string

    The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion.

    State string

    The current state of the CryptoKeyVersion. Possible values are: PENDING_GENERATION, ENABLED, DISABLED, DESTROYED, DESTROY_SCHEDULED, PENDING_IMPORT, IMPORT_FAILED.

    algorithm String

    The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.

    attestations List<CryptoKeyVersionAttestation>

    Statement that was generated and signed by the HSM at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google. Only provided for key versions with protectionLevel HSM. Structure is documented below.

    cryptoKey String

    The name of the cryptoKey associated with the CryptoKeyVersions. Format: 'projects/{{project}}/locations/{{location}}/keyRings/{{keyring}}/cryptoKeys/{{cryptoKey}}'


    generateTime String

    The time this CryptoKeyVersion key material was generated

    name String

    The resource name for this CryptoKeyVersion.

    protectionLevel String

    The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion.

    state String

    The current state of the CryptoKeyVersion. Possible values are: PENDING_GENERATION, ENABLED, DISABLED, DESTROYED, DESTROY_SCHEDULED, PENDING_IMPORT, IMPORT_FAILED.

    algorithm string

    The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.

    attestations CryptoKeyVersionAttestation[]

    Statement that was generated and signed by the HSM at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google. Only provided for key versions with protectionLevel HSM. Structure is documented below.

    cryptoKey string

    The name of the cryptoKey associated with the CryptoKeyVersions. Format: 'projects/{{project}}/locations/{{location}}/keyRings/{{keyring}}/cryptoKeys/{{cryptoKey}}'


    generateTime string

    The time this CryptoKeyVersion key material was generated

    name string

    The resource name for this CryptoKeyVersion.

    protectionLevel string

    The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion.

    state string

    The current state of the CryptoKeyVersion. Possible values are: PENDING_GENERATION, ENABLED, DISABLED, DESTROYED, DESTROY_SCHEDULED, PENDING_IMPORT, IMPORT_FAILED.

    algorithm str

    The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.

    attestations Sequence[CryptoKeyVersionAttestationArgs]

    Statement that was generated and signed by the HSM at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google. Only provided for key versions with protectionLevel HSM. Structure is documented below.

    crypto_key str

    The name of the cryptoKey associated with the CryptoKeyVersions. Format: 'projects/{{project}}/locations/{{location}}/keyRings/{{keyring}}/cryptoKeys/{{cryptoKey}}'


    generate_time str

    The time this CryptoKeyVersion key material was generated

    name str

    The resource name for this CryptoKeyVersion.

    protection_level str

    The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion.

    state str

    The current state of the CryptoKeyVersion. Possible values are: PENDING_GENERATION, ENABLED, DISABLED, DESTROYED, DESTROY_SCHEDULED, PENDING_IMPORT, IMPORT_FAILED.

    algorithm String

    The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.

    attestations List<Property Map>

    Statement that was generated and signed by the HSM at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google. Only provided for key versions with protectionLevel HSM. Structure is documented below.

    cryptoKey String

    The name of the cryptoKey associated with the CryptoKeyVersions. Format: 'projects/{{project}}/locations/{{location}}/keyRings/{{keyring}}/cryptoKeys/{{cryptoKey}}'


    generateTime String

    The time this CryptoKeyVersion key material was generated

    name String

    The resource name for this CryptoKeyVersion.

    protectionLevel String

    The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion.

    state String

    The current state of the CryptoKeyVersion. Possible values are: PENDING_GENERATION, ENABLED, DISABLED, DESTROYED, DESTROY_SCHEDULED, PENDING_IMPORT, IMPORT_FAILED.

    Supporting Types

    CryptoKeyVersionAttestation, CryptoKeyVersionAttestationArgs

    CertChains CryptoKeyVersionAttestationCertChains

    The certificate chains needed to validate the attestation Structure is documented below.

    Content string

    (Output) The attestation data provided by the HSM when the key operation was performed.

    ExternalProtectionLevelOptions CryptoKeyVersionAttestationExternalProtectionLevelOptions

    ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level and EXTERNAL_VPC protection levels. Structure is documented below.

    Format string

    (Output) The format of the attestation data.

    CertChains CryptoKeyVersionAttestationCertChains

    The certificate chains needed to validate the attestation Structure is documented below.

    Content string

    (Output) The attestation data provided by the HSM when the key operation was performed.

    ExternalProtectionLevelOptions CryptoKeyVersionAttestationExternalProtectionLevelOptions

    ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level and EXTERNAL_VPC protection levels. Structure is documented below.

    Format string

    (Output) The format of the attestation data.

    certChains CryptoKeyVersionAttestationCertChains

    The certificate chains needed to validate the attestation Structure is documented below.

    content String

    (Output) The attestation data provided by the HSM when the key operation was performed.

    externalProtectionLevelOptions CryptoKeyVersionAttestationExternalProtectionLevelOptions

    ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level and EXTERNAL_VPC protection levels. Structure is documented below.

    format String

    (Output) The format of the attestation data.

    certChains CryptoKeyVersionAttestationCertChains

    The certificate chains needed to validate the attestation Structure is documented below.

    content string

    (Output) The attestation data provided by the HSM when the key operation was performed.

    externalProtectionLevelOptions CryptoKeyVersionAttestationExternalProtectionLevelOptions

    ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level and EXTERNAL_VPC protection levels. Structure is documented below.

    format string

    (Output) The format of the attestation data.

    cert_chains CryptoKeyVersionAttestationCertChains

    The certificate chains needed to validate the attestation Structure is documented below.

    content str

    (Output) The attestation data provided by the HSM when the key operation was performed.

    external_protection_level_options CryptoKeyVersionAttestationExternalProtectionLevelOptions

    ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level and EXTERNAL_VPC protection levels. Structure is documented below.

    format str

    (Output) The format of the attestation data.

    certChains Property Map

    The certificate chains needed to validate the attestation Structure is documented below.

    content String

    (Output) The attestation data provided by the HSM when the key operation was performed.

    externalProtectionLevelOptions Property Map

    ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level and EXTERNAL_VPC protection levels. Structure is documented below.

    format String

    (Output) The format of the attestation data.

    CryptoKeyVersionAttestationCertChains, CryptoKeyVersionAttestationCertChainsArgs

    CaviumCerts string

    Cavium certificate chain corresponding to the attestation.

    GoogleCardCerts string

    Google card certificate chain corresponding to the attestation.

    GooglePartitionCerts string

    Google partition certificate chain corresponding to the attestation.

    CaviumCerts string

    Cavium certificate chain corresponding to the attestation.

    GoogleCardCerts string

    Google card certificate chain corresponding to the attestation.

    GooglePartitionCerts string

    Google partition certificate chain corresponding to the attestation.

    caviumCerts String

    Cavium certificate chain corresponding to the attestation.

    googleCardCerts String

    Google card certificate chain corresponding to the attestation.

    googlePartitionCerts String

    Google partition certificate chain corresponding to the attestation.

    caviumCerts string

    Cavium certificate chain corresponding to the attestation.

    googleCardCerts string

    Google card certificate chain corresponding to the attestation.

    googlePartitionCerts string

    Google partition certificate chain corresponding to the attestation.

    cavium_certs str

    Cavium certificate chain corresponding to the attestation.

    google_card_certs str

    Google card certificate chain corresponding to the attestation.

    google_partition_certs str

    Google partition certificate chain corresponding to the attestation.

    caviumCerts String

    Cavium certificate chain corresponding to the attestation.

    googleCardCerts String

    Google card certificate chain corresponding to the attestation.

    googlePartitionCerts String

    Google partition certificate chain corresponding to the attestation.

    CryptoKeyVersionAttestationExternalProtectionLevelOptions, CryptoKeyVersionAttestationExternalProtectionLevelOptionsArgs

    EkmConnectionKeyPath string

    The path to the external key material on the EKM when using EkmConnection e.g., "v0/my/key". Set this field instead of externalKeyUri when using an EkmConnection.

    ExternalKeyUri string

    The URI for an external resource that this CryptoKeyVersion represents.

    EkmConnectionKeyPath string

    The path to the external key material on the EKM when using EkmConnection e.g., "v0/my/key". Set this field instead of externalKeyUri when using an EkmConnection.

    ExternalKeyUri string

    The URI for an external resource that this CryptoKeyVersion represents.

    ekmConnectionKeyPath String

    The path to the external key material on the EKM when using EkmConnection e.g., "v0/my/key". Set this field instead of externalKeyUri when using an EkmConnection.

    externalKeyUri String

    The URI for an external resource that this CryptoKeyVersion represents.

    ekmConnectionKeyPath string

    The path to the external key material on the EKM when using EkmConnection e.g., "v0/my/key". Set this field instead of externalKeyUri when using an EkmConnection.

    externalKeyUri string

    The URI for an external resource that this CryptoKeyVersion represents.

    ekm_connection_key_path str

    The path to the external key material on the EKM when using EkmConnection e.g., "v0/my/key". Set this field instead of externalKeyUri when using an EkmConnection.

    external_key_uri str

    The URI for an external resource that this CryptoKeyVersion represents.

    ekmConnectionKeyPath String

    The path to the external key material on the EKM when using EkmConnection e.g., "v0/my/key". Set this field instead of externalKeyUri when using an EkmConnection.

    externalKeyUri String

    The URI for an external resource that this CryptoKeyVersion represents.

    Import

    CryptoKeyVersion can be imported using any of these accepted formats:

     $ pulumi import gcp:kms/cryptoKeyVersion:CryptoKeyVersion default {{name}}
    

    Package Details

    Repository
    Google Cloud (GCP) Classic pulumi/pulumi-gcp
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the google-beta Terraform Provider.

    gcp logo
    Google Cloud Classic v6.67.0 published on Wednesday, Sep 27, 2023 by Pulumi