Docs
Packages
Google Cloud Classic v6.57.0, May 30 23
Google Cloud Classic v6.57.0, May 30 23
gcp.kms.getKMSCryptoKey
Explore with Pulumi AI
Provides access to a Google Cloud Platform KMS CryptoKey. For more information see the official documentation and API.
A CryptoKey is an interface to key material which can be used to encrypt and decrypt data. A CryptoKey belongs to a Google Cloud KMS KeyRing.
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var myKeyRing = Gcp.Kms.GetKMSKeyRing.Invoke(new()
{
Name = "my-key-ring",
Location = "us-central1",
});
var myCryptoKey = Gcp.Kms.GetKMSCryptoKey.Invoke(new()
{
Name = "my-crypto-key",
KeyRing = myKeyRing.Apply(getKMSKeyRingResult => getKMSKeyRingResult.Id),
});
});
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
myKeyRing, err := kms.GetKMSKeyRing(ctx, &kms.GetKMSKeyRingArgs{
Name: "my-key-ring",
Location: "us-central1",
}, nil)
if err != nil {
return err
}
_, err = kms.GetKMSCryptoKey(ctx, &kms.GetKMSCryptoKeyArgs{
Name: "my-crypto-key",
KeyRing: myKeyRing.Id,
}, nil)
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.kms.KmsFunctions;
import com.pulumi.gcp.kms.inputs.GetKMSKeyRingArgs;
import com.pulumi.gcp.kms.inputs.GetKMSCryptoKeyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var myKeyRing = KmsFunctions.getKMSKeyRing(GetKMSKeyRingArgs.builder()
.name("my-key-ring")
.location("us-central1")
.build());
final var myCryptoKey = KmsFunctions.getKMSCryptoKey(GetKMSCryptoKeyArgs.builder()
.name("my-crypto-key")
.keyRing(myKeyRing.applyValue(getKMSKeyRingResult -> getKMSKeyRingResult.id()))
.build());
}
}
import pulumi
import pulumi_gcp as gcp
my_key_ring = gcp.kms.get_kms_key_ring(name="my-key-ring",
location="us-central1")
my_crypto_key = gcp.kms.get_kms_crypto_key(name="my-crypto-key",
key_ring=my_key_ring.id)
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const myKeyRing = gcp.kms.getKMSKeyRing({
name: "my-key-ring",
location: "us-central1",
});
const myCryptoKey = myKeyRing.then(myKeyRing => gcp.kms.getKMSCryptoKey({
name: "my-crypto-key",
keyRing: myKeyRing.id,
}));
variables:
myKeyRing:
fn::invoke:
Function: gcp:kms:getKMSKeyRing
Arguments:
name: my-key-ring
location: us-central1
myCryptoKey:
fn::invoke:
Function: gcp:kms:getKMSCryptoKey
Arguments:
name: my-crypto-key
keyRing: ${myKeyRing.id}
Using getKMSCryptoKey
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getKMSCryptoKey(args: GetKMSCryptoKeyArgs, opts?: InvokeOptions): Promise<GetKMSCryptoKeyResult>
function getKMSCryptoKeyOutput(args: GetKMSCryptoKeyOutputArgs, opts?: InvokeOptions): Output<GetKMSCryptoKeyResult>def get_kms_crypto_key(key_ring: Optional[str] = None,
name: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetKMSCryptoKeyResult
def get_kms_crypto_key_output(key_ring: Optional[pulumi.Input[str]] = None,
name: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetKMSCryptoKeyResult]func GetKMSCryptoKey(ctx *Context, args *GetKMSCryptoKeyArgs, opts ...InvokeOption) (*GetKMSCryptoKeyResult, error)
func GetKMSCryptoKeyOutput(ctx *Context, args *GetKMSCryptoKeyOutputArgs, opts ...InvokeOption) GetKMSCryptoKeyResultOutput> Note: This function is named GetKMSCryptoKey in the Go SDK.
public static class GetKMSCryptoKey
{
public static Task<GetKMSCryptoKeyResult> InvokeAsync(GetKMSCryptoKeyArgs args, InvokeOptions? opts = null)
public static Output<GetKMSCryptoKeyResult> Invoke(GetKMSCryptoKeyInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetKMSCryptoKeyResult> getKMSCryptoKey(GetKMSCryptoKeyArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet
fn::invoke:
function: gcp:kms/getKMSCryptoKey:getKMSCryptoKey
arguments:
# arguments dictionaryThe following arguments are supported:
getKMSCryptoKey Result
The following output properties are available:
- Destroy
Scheduled stringDuration - Id string
The provider-assigned unique ID for this managed resource.
- Import
Only bool - Key
Ring string - Labels Dictionary<string, string>
- Name string
- Purpose string
Defines the cryptographic capabilities of the key.
- Rotation
Period string Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. The first rotation will take place after the specified period. The rotation period has the format of a decimal number with up to 9 fractional digits, followed by the letter s (seconds).
- Skip
Initial boolVersion Creation - Version
Templates List<GetKMSCrypto Key Version Template>
- Destroy
Scheduled stringDuration - Id string
The provider-assigned unique ID for this managed resource.
- Import
Only bool - Key
Ring string - Labels map[string]string
- Name string
- Purpose string
Defines the cryptographic capabilities of the key.
- Rotation
Period string Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. The first rotation will take place after the specified period. The rotation period has the format of a decimal number with up to 9 fractional digits, followed by the letter s (seconds).
- Skip
Initial boolVersion Creation - Version
Templates []GetKMSCrypto Key Version Template
- destroy
Scheduled StringDuration - id String
The provider-assigned unique ID for this managed resource.
- import
Only Boolean - key
Ring String - labels Map<String,String>
- name String
- purpose String
Defines the cryptographic capabilities of the key.
- rotation
Period String Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. The first rotation will take place after the specified period. The rotation period has the format of a decimal number with up to 9 fractional digits, followed by the letter s (seconds).
- skip
Initial BooleanVersion Creation - version
Templates List<GetKMSCrypto Key Version Template>
- destroy
Scheduled stringDuration - id string
The provider-assigned unique ID for this managed resource.
- import
Only boolean - key
Ring string - labels {[key: string]: string}
- name string
- purpose string
Defines the cryptographic capabilities of the key.
- rotation
Period string Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. The first rotation will take place after the specified period. The rotation period has the format of a decimal number with up to 9 fractional digits, followed by the letter s (seconds).
- skip
Initial booleanVersion Creation - version
Templates GetKMSCrypto Key Version Template[]
- destroy_
scheduled_ strduration - id str
The provider-assigned unique ID for this managed resource.
- import_
only bool - key_
ring str - labels Mapping[str, str]
- name str
- purpose str
Defines the cryptographic capabilities of the key.
- rotation_
period str Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. The first rotation will take place after the specified period. The rotation period has the format of a decimal number with up to 9 fractional digits, followed by the letter s (seconds).
- skip_
initial_ boolversion_ creation - version_
templates Sequence[GetKMSCrypto Key Version Template]
- destroy
Scheduled StringDuration - id String
The provider-assigned unique ID for this managed resource.
- import
Only Boolean - key
Ring String - labels Map<String>
- name String
- purpose String
Defines the cryptographic capabilities of the key.
- rotation
Period String Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. The first rotation will take place after the specified period. The rotation period has the format of a decimal number with up to 9 fractional digits, followed by the letter s (seconds).
- skip
Initial BooleanVersion Creation - version
Templates List<Property Map>
Supporting Types
GetKMSCryptoKeyVersionTemplate
- Algorithm string
- Protection
Level string
- Algorithm string
- Protection
Level string
- algorithm String
- protection
Level String
- algorithm string
- protection
Level string
- algorithm str
- protection_
level str
- algorithm String
- protection
Level String
Package Details
- Repository
- Google Cloud (GCP) Classic pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
google-betaTerraform Provider.