Google Cloud (GCP) Classic
getKMSCryptoKey
Provides access to a Google Cloud Platform KMS CryptoKey. For more information see the official documentation and API.
A CryptoKey is an interface to key material which can be used to encrypt and decrypt data. A CryptoKey belongs to a Google Cloud KMS KeyRing.
Example Usage
using Pulumi;
using Gcp = Pulumi.Gcp;
class MyStack : Stack
{
public MyStack()
{
var myKeyRing = Output.Create(Gcp.Kms.GetKMSKeyRing.InvokeAsync(new Gcp.Kms.GetKMSKeyRingArgs
{
Name = "my-key-ring",
Location = "us-central1",
}));
var myCryptoKey = myKeyRing.Apply(myKeyRing => Output.Create(Gcp.Kms.GetKMSCryptoKey.InvokeAsync(new Gcp.Kms.GetKMSCryptoKeyArgs
{
Name = "my-crypto-key",
KeyRing = myKeyRing.Id,
})));
}
}
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
myKeyRing, err := kms.GetKMSKeyRing(ctx, &kms.GetKMSKeyRingArgs{
Name: "my-key-ring",
Location: "us-central1",
}, nil)
if err != nil {
return err
}
_, err = kms.GetKMSCryptoKey(ctx, &kms.GetKMSCryptoKeyArgs{
Name: "my-crypto-key",
KeyRing: myKeyRing.Id,
}, nil)
if err != nil {
return err
}
return nil
})
}
package generated_program;
import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var myKeyRing = Output.of(KmsFunctions.getKMSKeyRing(GetKMSKeyRingArgs.builder()
.name("my-key-ring")
.location("us-central1")
.build()));
final var myCryptoKey = Output.of(KmsFunctions.getKMSCryptoKey(GetKMSCryptoKeyArgs.builder()
.name("my-crypto-key")
.keyRing(myKeyRing.apply(getKMSKeyRingResult -> getKMSKeyRingResult.getId()))
.build()));
}
}
import pulumi
import pulumi_gcp as gcp
my_key_ring = gcp.kms.get_kms_key_ring(name="my-key-ring",
location="us-central1")
my_crypto_key = gcp.kms.get_kms_crypto_key(name="my-crypto-key",
key_ring=my_key_ring.id)
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const myKeyRing = gcp.kms.getKMSKeyRing({
name: "my-key-ring",
location: "us-central1",
});
const myCryptoKey = myKeyRing.then(myKeyRing => gcp.kms.getKMSCryptoKey({
name: "my-crypto-key",
keyRing: myKeyRing.id,
}));
variables:
myKeyRing:
Fn::Invoke:
Function: gcp:kms:getKMSKeyRing
Arguments:
name: my-key-ring
location: us-central1
myCryptoKey:
Fn::Invoke:
Function: gcp:kms:getKMSCryptoKey
Arguments:
name: my-crypto-key
keyRing: ${myKeyRing.id}
Using getKMSCryptoKey
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getKMSCryptoKey(args: GetKMSCryptoKeyArgs, opts?: InvokeOptions): Promise<GetKMSCryptoKeyResult>
function getKMSCryptoKeyOutput(args: GetKMSCryptoKeyOutputArgs, opts?: InvokeOptions): Output<GetKMSCryptoKeyResult>
def get_kms_crypto_key(key_ring: Optional[str] = None,
name: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetKMSCryptoKeyResult
def get_kms_crypto_key_output(key_ring: Optional[pulumi.Input[str]] = None,
name: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetKMSCryptoKeyResult]
func GetKMSCryptoKey(ctx *Context, args *GetKMSCryptoKeyArgs, opts ...InvokeOption) (*GetKMSCryptoKeyResult, error)
func GetKMSCryptoKeyOutput(ctx *Context, args *GetKMSCryptoKeyOutputArgs, opts ...InvokeOption) GetKMSCryptoKeyResultOutput
> Note: This function is named GetKMSCryptoKey
in the Go SDK.
public static class GetKMSCryptoKey
{
public static Task<GetKMSCryptoKeyResult> InvokeAsync(GetKMSCryptoKeyArgs args, InvokeOptions? opts = null)
public static Output<GetKMSCryptoKeyResult> Invoke(GetKMSCryptoKeyInvokeArgs args, InvokeOptions? opts = null)
}
public static CompletableFuture<GetKMSCryptoKeyResult> getKMSCryptoKey(GetKMSCryptoKeyArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
Fn::Invoke:
Function: gcp:kms/getKMSCryptoKey:getKMSCryptoKey
Arguments:
# Arguments dictionary
The following arguments are supported:
getKMSCryptoKey Result
The following output properties are available:
- Destroy
Scheduled stringDuration - Id string
The provider-assigned unique ID for this managed resource.
- Import
Only bool - Key
Ring string - Labels Dictionary<string, string>
- Name string
- Purpose string
Defines the cryptographic capabilities of the key.
- Rotation
Period string Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. The first rotation will take place after the specified period. The rotation period has the format of a decimal number with up to 9 fractional digits, followed by the letter s (seconds).
- Skip
Initial boolVersion Creation - Version
Templates List<GetKMSCrypto Key Version Template>
- Destroy
Scheduled stringDuration - Id string
The provider-assigned unique ID for this managed resource.
- Import
Only bool - Key
Ring string - Labels map[string]string
- Name string
- Purpose string
Defines the cryptographic capabilities of the key.
- Rotation
Period string Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. The first rotation will take place after the specified period. The rotation period has the format of a decimal number with up to 9 fractional digits, followed by the letter s (seconds).
- Skip
Initial boolVersion Creation - Version
Templates []GetKMSCrypto Key Version Template
- destroy
Scheduled StringDuration - id String
The provider-assigned unique ID for this managed resource.
- import
Only Boolean - key
Ring String - labels
Map
- name String
- purpose String
Defines the cryptographic capabilities of the key.
- rotation
Period String Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. The first rotation will take place after the specified period. The rotation period has the format of a decimal number with up to 9 fractional digits, followed by the letter s (seconds).
- skip
Initial BooleanVersion Creation - version
Templates ListKMSCrypto Key Version Template>
- destroy
Scheduled stringDuration - id string
The provider-assigned unique ID for this managed resource.
- import
Only boolean - key
Ring string - labels {[key: string]: string}
- name string
- purpose string
Defines the cryptographic capabilities of the key.
- rotation
Period string Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. The first rotation will take place after the specified period. The rotation period has the format of a decimal number with up to 9 fractional digits, followed by the letter s (seconds).
- skip
Initial booleanVersion Creation - version
Templates GetKMSCrypto Key Version Template[]
- destroy_
scheduled_ strduration - id str
The provider-assigned unique ID for this managed resource.
- import_
only bool - key_
ring str - labels Mapping[str, str]
- name str
- purpose str
Defines the cryptographic capabilities of the key.
- rotation_
period str Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. The first rotation will take place after the specified period. The rotation period has the format of a decimal number with up to 9 fractional digits, followed by the letter s (seconds).
- skip_
initial_ boolversion_ creation - version_
templates Sequence[GetKMSCrypto Key Version Template]
- destroy
Scheduled StringDuration - id String
The provider-assigned unique ID for this managed resource.
- import
Only Boolean - key
Ring String - labels
Map
- name String
- purpose String
Defines the cryptographic capabilities of the key.
- rotation
Period String Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. The first rotation will take place after the specified period. The rotation period has the format of a decimal number with up to 9 fractional digits, followed by the letter s (seconds).
- skip
Initial BooleanVersion Creation - version
Templates List
Supporting Types
GetKMSCryptoKeyVersionTemplate
- Algorithm string
- Protection
Level string
- Algorithm string
- Protection
Level string
- algorithm String
- protection
Level String
- algorithm string
- protection
Level string
- algorithm str
- protection_
level str
- algorithm String
- protection
Level String
Package Details
- Repository
- https://github.com/pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
google-beta
Terraform Provider.