Docs Home
Google Cloud v8.30.1 published on Tuesday, May 13, 2025 by Pulumi
gcp.networkservices.EdgeCacheKeyset
Explore with Pulumi AI
EdgeCacheKeyset represents a collection of public keys used for validating signed requests.
To get more information about EdgeCacheKeyset, see:
- API documentation
- How-to Guides
Example Usage
Network Services Edge Cache Keyset Basic
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const _default = new gcp.networkservices.EdgeCacheKeyset("default", {
name: "my-keyset",
description: "The default keyset",
publicKeys: [
{
id: "my-public-key",
value: "FHsTyFHNmvNpw4o7-rp-M1yqMyBF8vXSBRkZtkQ0RKY",
},
{
id: "my-public-key-2",
value: "hzd03llxB1u5FOLKFkZ6_wCJqC7jtN0bg7xlBqS6WVM",
},
],
});
import pulumi
import pulumi_gcp as gcp
default = gcp.networkservices.EdgeCacheKeyset("default",
name="my-keyset",
description="The default keyset",
public_keys=[
{
"id": "my-public-key",
"value": "FHsTyFHNmvNpw4o7-rp-M1yqMyBF8vXSBRkZtkQ0RKY",
},
{
"id": "my-public-key-2",
"value": "hzd03llxB1u5FOLKFkZ6_wCJqC7jtN0bg7xlBqS6WVM",
},
])
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networkservices"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := networkservices.NewEdgeCacheKeyset(ctx, "default", &networkservices.EdgeCacheKeysetArgs{
Name: pulumi.String("my-keyset"),
Description: pulumi.String("The default keyset"),
PublicKeys: networkservices.EdgeCacheKeysetPublicKeyArray{
&networkservices.EdgeCacheKeysetPublicKeyArgs{
Id: pulumi.String("my-public-key"),
Value: pulumi.String("FHsTyFHNmvNpw4o7-rp-M1yqMyBF8vXSBRkZtkQ0RKY"),
},
&networkservices.EdgeCacheKeysetPublicKeyArgs{
Id: pulumi.String("my-public-key-2"),
Value: pulumi.String("hzd03llxB1u5FOLKFkZ6_wCJqC7jtN0bg7xlBqS6WVM"),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var @default = new Gcp.NetworkServices.EdgeCacheKeyset("default", new()
{
Name = "my-keyset",
Description = "The default keyset",
PublicKeys = new[]
{
new Gcp.NetworkServices.Inputs.EdgeCacheKeysetPublicKeyArgs
{
Id = "my-public-key",
Value = "FHsTyFHNmvNpw4o7-rp-M1yqMyBF8vXSBRkZtkQ0RKY",
},
new Gcp.NetworkServices.Inputs.EdgeCacheKeysetPublicKeyArgs
{
Id = "my-public-key-2",
Value = "hzd03llxB1u5FOLKFkZ6_wCJqC7jtN0bg7xlBqS6WVM",
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.networkservices.EdgeCacheKeyset;
import com.pulumi.gcp.networkservices.EdgeCacheKeysetArgs;
import com.pulumi.gcp.networkservices.inputs.EdgeCacheKeysetPublicKeyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new EdgeCacheKeyset("default", EdgeCacheKeysetArgs.builder()
.name("my-keyset")
.description("The default keyset")
.publicKeys(
EdgeCacheKeysetPublicKeyArgs.builder()
.id("my-public-key")
.value("FHsTyFHNmvNpw4o7-rp-M1yqMyBF8vXSBRkZtkQ0RKY")
.build(),
EdgeCacheKeysetPublicKeyArgs.builder()
.id("my-public-key-2")
.value("hzd03llxB1u5FOLKFkZ6_wCJqC7jtN0bg7xlBqS6WVM")
.build())
.build());
}
}
resources:
default:
type: gcp:networkservices:EdgeCacheKeyset
properties:
name: my-keyset
description: The default keyset
publicKeys:
- id: my-public-key
value: FHsTyFHNmvNpw4o7-rp-M1yqMyBF8vXSBRkZtkQ0RKY
- id: my-public-key-2
value: hzd03llxB1u5FOLKFkZ6_wCJqC7jtN0bg7xlBqS6WVM
Network Services Edge Cache Keyset Dual Token
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const secret_basic = new gcp.secretmanager.Secret("secret-basic", {
secretId: "secret-name",
replication: {
auto: {},
},
});
const secret_version_basic = new gcp.secretmanager.SecretVersion("secret-version-basic", {
secret: secret_basic.id,
secretData: "secret-data",
});
const _default = new gcp.networkservices.EdgeCacheKeyset("default", {
name: "my-keyset",
description: "The default keyset",
publicKeys: [{
id: "my-public-key",
managed: true,
}],
validationSharedKeys: [{
secretVersion: secret_version_basic.id,
}],
});
import pulumi
import pulumi_gcp as gcp
secret_basic = gcp.secretmanager.Secret("secret-basic",
secret_id="secret-name",
replication={
"auto": {},
})
secret_version_basic = gcp.secretmanager.SecretVersion("secret-version-basic",
secret=secret_basic.id,
secret_data="secret-data")
default = gcp.networkservices.EdgeCacheKeyset("default",
name="my-keyset",
description="The default keyset",
public_keys=[{
"id": "my-public-key",
"managed": True,
}],
validation_shared_keys=[{
"secret_version": secret_version_basic.id,
}])
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networkservices"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
secret_basic, err := secretmanager.NewSecret(ctx, "secret-basic", &secretmanager.SecretArgs{
SecretId: pulumi.String("secret-name"),
Replication: &secretmanager.SecretReplicationArgs{
Auto: &secretmanager.SecretReplicationAutoArgs{},
},
})
if err != nil {
return err
}
secret_version_basic, err := secretmanager.NewSecretVersion(ctx, "secret-version-basic", &secretmanager.SecretVersionArgs{
Secret: secret_basic.ID(),
SecretData: pulumi.String("secret-data"),
})
if err != nil {
return err
}
_, err = networkservices.NewEdgeCacheKeyset(ctx, "default", &networkservices.EdgeCacheKeysetArgs{
Name: pulumi.String("my-keyset"),
Description: pulumi.String("The default keyset"),
PublicKeys: networkservices.EdgeCacheKeysetPublicKeyArray{
&networkservices.EdgeCacheKeysetPublicKeyArgs{
Id: pulumi.String("my-public-key"),
Managed: pulumi.Bool(true),
},
},
ValidationSharedKeys: networkservices.EdgeCacheKeysetValidationSharedKeyArray{
&networkservices.EdgeCacheKeysetValidationSharedKeyArgs{
SecretVersion: secret_version_basic.ID(),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var secret_basic = new Gcp.SecretManager.Secret("secret-basic", new()
{
SecretId = "secret-name",
Replication = new Gcp.SecretManager.Inputs.SecretReplicationArgs
{
Auto = null,
},
});
var secret_version_basic = new Gcp.SecretManager.SecretVersion("secret-version-basic", new()
{
Secret = secret_basic.Id,
SecretData = "secret-data",
});
var @default = new Gcp.NetworkServices.EdgeCacheKeyset("default", new()
{
Name = "my-keyset",
Description = "The default keyset",
PublicKeys = new[]
{
new Gcp.NetworkServices.Inputs.EdgeCacheKeysetPublicKeyArgs
{
Id = "my-public-key",
Managed = true,
},
},
ValidationSharedKeys = new[]
{
new Gcp.NetworkServices.Inputs.EdgeCacheKeysetValidationSharedKeyArgs
{
SecretVersion = secret_version_basic.Id,
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.secretmanager.Secret;
import com.pulumi.gcp.secretmanager.SecretArgs;
import com.pulumi.gcp.secretmanager.inputs.SecretReplicationArgs;
import com.pulumi.gcp.secretmanager.inputs.SecretReplicationAutoArgs;
import com.pulumi.gcp.secretmanager.SecretVersion;
import com.pulumi.gcp.secretmanager.SecretVersionArgs;
import com.pulumi.gcp.networkservices.EdgeCacheKeyset;
import com.pulumi.gcp.networkservices.EdgeCacheKeysetArgs;
import com.pulumi.gcp.networkservices.inputs.EdgeCacheKeysetPublicKeyArgs;
import com.pulumi.gcp.networkservices.inputs.EdgeCacheKeysetValidationSharedKeyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var secret_basic = new Secret("secret-basic", SecretArgs.builder()
.secretId("secret-name")
.replication(SecretReplicationArgs.builder()
.auto(SecretReplicationAutoArgs.builder()
.build())
.build())
.build());
var secret_version_basic = new SecretVersion("secret-version-basic", SecretVersionArgs.builder()
.secret(secret_basic.id())
.secretData("secret-data")
.build());
var default_ = new EdgeCacheKeyset("default", EdgeCacheKeysetArgs.builder()
.name("my-keyset")
.description("The default keyset")
.publicKeys(EdgeCacheKeysetPublicKeyArgs.builder()
.id("my-public-key")
.managed(true)
.build())
.validationSharedKeys(EdgeCacheKeysetValidationSharedKeyArgs.builder()
.secretVersion(secret_version_basic.id())
.build())
.build());
}
}
resources:
secret-basic:
type: gcp:secretmanager:Secret
properties:
secretId: secret-name
replication:
auto: {}
secret-version-basic:
type: gcp:secretmanager:SecretVersion
properties:
secret: ${["secret-basic"].id}
secretData: secret-data
default:
type: gcp:networkservices:EdgeCacheKeyset
properties:
name: my-keyset
description: The default keyset
publicKeys:
- id: my-public-key
managed: true
validationSharedKeys:
- secretVersion: ${["secret-version-basic"].id}
Create EdgeCacheKeyset Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new EdgeCacheKeyset(name: string, args?: EdgeCacheKeysetArgs, opts?: CustomResourceOptions);@overload
def EdgeCacheKeyset(resource_name: str,
args: Optional[EdgeCacheKeysetArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def EdgeCacheKeyset(resource_name: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
labels: Optional[Mapping[str, str]] = None,
name: Optional[str] = None,
project: Optional[str] = None,
public_keys: Optional[Sequence[EdgeCacheKeysetPublicKeyArgs]] = None,
validation_shared_keys: Optional[Sequence[EdgeCacheKeysetValidationSharedKeyArgs]] = None)func NewEdgeCacheKeyset(ctx *Context, name string, args *EdgeCacheKeysetArgs, opts ...ResourceOption) (*EdgeCacheKeyset, error)public EdgeCacheKeyset(string name, EdgeCacheKeysetArgs? args = null, CustomResourceOptions? opts = null)
public EdgeCacheKeyset(String name, EdgeCacheKeysetArgs args)
public EdgeCacheKeyset(String name, EdgeCacheKeysetArgs args, CustomResourceOptions options)
type: gcp:networkservices:EdgeCacheKeyset
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args EdgeCacheKeysetArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args EdgeCacheKeysetArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args EdgeCacheKeysetArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args EdgeCacheKeysetArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args EdgeCacheKeysetArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var edgeCacheKeysetResource = new Gcp.NetworkServices.EdgeCacheKeyset("edgeCacheKeysetResource", new()
{
Description = "string",
Labels =
{
{ "string", "string" },
},
Name = "string",
Project = "string",
PublicKeys = new[]
{
new Gcp.NetworkServices.Inputs.EdgeCacheKeysetPublicKeyArgs
{
Id = "string",
Managed = false,
Value = "string",
},
},
ValidationSharedKeys = new[]
{
new Gcp.NetworkServices.Inputs.EdgeCacheKeysetValidationSharedKeyArgs
{
SecretVersion = "string",
},
},
});
example, err := networkservices.NewEdgeCacheKeyset(ctx, "edgeCacheKeysetResource", &networkservices.EdgeCacheKeysetArgs{
Description: pulumi.String("string"),
Labels: pulumi.StringMap{
"string": pulumi.String("string"),
},
Name: pulumi.String("string"),
Project: pulumi.String("string"),
PublicKeys: networkservices.EdgeCacheKeysetPublicKeyArray{
&networkservices.EdgeCacheKeysetPublicKeyArgs{
Id: pulumi.String("string"),
Managed: pulumi.Bool(false),
Value: pulumi.String("string"),
},
},
ValidationSharedKeys: networkservices.EdgeCacheKeysetValidationSharedKeyArray{
&networkservices.EdgeCacheKeysetValidationSharedKeyArgs{
SecretVersion: pulumi.String("string"),
},
},
})
var edgeCacheKeysetResource = new EdgeCacheKeyset("edgeCacheKeysetResource", EdgeCacheKeysetArgs.builder()
.description("string")
.labels(Map.of("string", "string"))
.name("string")
.project("string")
.publicKeys(EdgeCacheKeysetPublicKeyArgs.builder()
.id("string")
.managed(false)
.value("string")
.build())
.validationSharedKeys(EdgeCacheKeysetValidationSharedKeyArgs.builder()
.secretVersion("string")
.build())
.build());
edge_cache_keyset_resource = gcp.networkservices.EdgeCacheKeyset("edgeCacheKeysetResource",
description="string",
labels={
"string": "string",
},
name="string",
project="string",
public_keys=[{
"id": "string",
"managed": False,
"value": "string",
}],
validation_shared_keys=[{
"secret_version": "string",
}])
const edgeCacheKeysetResource = new gcp.networkservices.EdgeCacheKeyset("edgeCacheKeysetResource", {
description: "string",
labels: {
string: "string",
},
name: "string",
project: "string",
publicKeys: [{
id: "string",
managed: false,
value: "string",
}],
validationSharedKeys: [{
secretVersion: "string",
}],
});
type: gcp:networkservices:EdgeCacheKeyset
properties:
description: string
labels:
string: string
name: string
project: string
publicKeys:
- id: string
managed: false
value: string
validationSharedKeys:
- secretVersion: string
EdgeCacheKeyset Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The EdgeCacheKeyset resource accepts the following input properties:
- Description string
- A human-readable description of the resource.
- Labels Dictionary<string, string>
- Set of label tags associated with the EdgeCache resource.
Note: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field
effective_labelsfor all of the labels present on the resource. - Name string
- Name of the resource; provided by the client when the resource is created.
The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter,
and all following characters must be a dash, underscore, letter or digit.
- Project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Public
Keys List<EdgeCache Keyset Public Key> - An ordered list of Ed25519 public keys to use for validating signed requests.
You must specify
public_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. You may specify no more than one Google-managed public key. If you specifypublic_keys, you must specify at least one (1) key and may specify up to three (3) keys. Ed25519 public keys are not secret, and only allow Google to validate a request was signed by your corresponding private key. Ensure that the private key is kept secret, and that only authorized users can add public keys to a keyset. Structure is documented below. -
List<Edge
Cache Keyset Validation Shared Key> - An ordered list of shared keys to use for validating signed requests.
Shared keys are secret. Ensure that only authorized users can add
validation_shared_keysto a keyset. You can rotate keys by appending (pushing) a new key to the list ofvalidation_shared_keysand removing any superseded keys. You must specifypublic_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. Structure is documented below.
- Description string
- A human-readable description of the resource.
- Labels map[string]string
- Set of label tags associated with the EdgeCache resource.
Note: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field
effective_labelsfor all of the labels present on the resource. - Name string
- Name of the resource; provided by the client when the resource is created.
The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter,
and all following characters must be a dash, underscore, letter or digit.
- Project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Public
Keys []EdgeCache Keyset Public Key Args - An ordered list of Ed25519 public keys to use for validating signed requests.
You must specify
public_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. You may specify no more than one Google-managed public key. If you specifypublic_keys, you must specify at least one (1) key and may specify up to three (3) keys. Ed25519 public keys are not secret, and only allow Google to validate a request was signed by your corresponding private key. Ensure that the private key is kept secret, and that only authorized users can add public keys to a keyset. Structure is documented below. -
[]Edge
Cache Keyset Validation Shared Key Args - An ordered list of shared keys to use for validating signed requests.
Shared keys are secret. Ensure that only authorized users can add
validation_shared_keysto a keyset. You can rotate keys by appending (pushing) a new key to the list ofvalidation_shared_keysand removing any superseded keys. You must specifypublic_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. Structure is documented below.
- description String
- A human-readable description of the resource.
- labels Map<String,String>
- Set of label tags associated with the EdgeCache resource.
Note: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field
effective_labelsfor all of the labels present on the resource. - name String
- Name of the resource; provided by the client when the resource is created.
The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter,
and all following characters must be a dash, underscore, letter or digit.
- project String
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- public
Keys List<EdgeCache Keyset Public Key> - An ordered list of Ed25519 public keys to use for validating signed requests.
You must specify
public_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. You may specify no more than one Google-managed public key. If you specifypublic_keys, you must specify at least one (1) key and may specify up to three (3) keys. Ed25519 public keys are not secret, and only allow Google to validate a request was signed by your corresponding private key. Ensure that the private key is kept secret, and that only authorized users can add public keys to a keyset. Structure is documented below. -
List<Edge
Cache Keyset Validation Shared Key> - An ordered list of shared keys to use for validating signed requests.
Shared keys are secret. Ensure that only authorized users can add
validation_shared_keysto a keyset. You can rotate keys by appending (pushing) a new key to the list ofvalidation_shared_keysand removing any superseded keys. You must specifypublic_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. Structure is documented below.
- description string
- A human-readable description of the resource.
- labels {[key: string]: string}
- Set of label tags associated with the EdgeCache resource.
Note: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field
effective_labelsfor all of the labels present on the resource. - name string
- Name of the resource; provided by the client when the resource is created.
The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter,
and all following characters must be a dash, underscore, letter or digit.
- project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- public
Keys EdgeCache Keyset Public Key[] - An ordered list of Ed25519 public keys to use for validating signed requests.
You must specify
public_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. You may specify no more than one Google-managed public key. If you specifypublic_keys, you must specify at least one (1) key and may specify up to three (3) keys. Ed25519 public keys are not secret, and only allow Google to validate a request was signed by your corresponding private key. Ensure that the private key is kept secret, and that only authorized users can add public keys to a keyset. Structure is documented below. -
Edge
Cache Keyset Validation Shared Key[] - An ordered list of shared keys to use for validating signed requests.
Shared keys are secret. Ensure that only authorized users can add
validation_shared_keysto a keyset. You can rotate keys by appending (pushing) a new key to the list ofvalidation_shared_keysand removing any superseded keys. You must specifypublic_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. Structure is documented below.
- description str
- A human-readable description of the resource.
- labels Mapping[str, str]
- Set of label tags associated with the EdgeCache resource.
Note: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field
effective_labelsfor all of the labels present on the resource. - name str
- Name of the resource; provided by the client when the resource is created.
The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter,
and all following characters must be a dash, underscore, letter or digit.
- project str
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- public_
keys Sequence[EdgeCache Keyset Public Key Args] - An ordered list of Ed25519 public keys to use for validating signed requests.
You must specify
public_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. You may specify no more than one Google-managed public key. If you specifypublic_keys, you must specify at least one (1) key and may specify up to three (3) keys. Ed25519 public keys are not secret, and only allow Google to validate a request was signed by your corresponding private key. Ensure that the private key is kept secret, and that only authorized users can add public keys to a keyset. Structure is documented below. -
Sequence[Edge
Cache Keyset Validation Shared Key Args] - An ordered list of shared keys to use for validating signed requests.
Shared keys are secret. Ensure that only authorized users can add
validation_shared_keysto a keyset. You can rotate keys by appending (pushing) a new key to the list ofvalidation_shared_keysand removing any superseded keys. You must specifypublic_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. Structure is documented below.
- description String
- A human-readable description of the resource.
- labels Map<String>
- Set of label tags associated with the EdgeCache resource.
Note: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field
effective_labelsfor all of the labels present on the resource. - name String
- Name of the resource; provided by the client when the resource is created.
The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter,
and all following characters must be a dash, underscore, letter or digit.
- project String
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- public
Keys List<Property Map> - An ordered list of Ed25519 public keys to use for validating signed requests.
You must specify
public_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. You may specify no more than one Google-managed public key. If you specifypublic_keys, you must specify at least one (1) key and may specify up to three (3) keys. Ed25519 public keys are not secret, and only allow Google to validate a request was signed by your corresponding private key. Ensure that the private key is kept secret, and that only authorized users can add public keys to a keyset. Structure is documented below. - List<Property Map>
- An ordered list of shared keys to use for validating signed requests.
Shared keys are secret. Ensure that only authorized users can add
validation_shared_keysto a keyset. You can rotate keys by appending (pushing) a new key to the list ofvalidation_shared_keysand removing any superseded keys. You must specifypublic_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. Structure is documented below.
Outputs
All input properties are implicitly available as output properties. Additionally, the EdgeCacheKeyset resource produces the following output properties:
- Effective
Labels Dictionary<string, string> - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- Id string
- The provider-assigned unique ID for this managed resource.
- Pulumi
Labels Dictionary<string, string> - The combination of labels configured directly on the resource and default labels configured on the provider.
- Effective
Labels map[string]string - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- Id string
- The provider-assigned unique ID for this managed resource.
- Pulumi
Labels map[string]string - The combination of labels configured directly on the resource and default labels configured on the provider.
- effective
Labels Map<String,String> - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- id String
- The provider-assigned unique ID for this managed resource.
- pulumi
Labels Map<String,String> - The combination of labels configured directly on the resource and default labels configured on the provider.
- effective
Labels {[key: string]: string} - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- id string
- The provider-assigned unique ID for this managed resource.
- pulumi
Labels {[key: string]: string} - The combination of labels configured directly on the resource and default labels configured on the provider.
- effective_
labels Mapping[str, str] - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- id str
- The provider-assigned unique ID for this managed resource.
- pulumi_
labels Mapping[str, str] - The combination of labels configured directly on the resource and default labels configured on the provider.
- effective
Labels Map<String> - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- id String
- The provider-assigned unique ID for this managed resource.
- pulumi
Labels Map<String> - The combination of labels configured directly on the resource and default labels configured on the provider.
Look up Existing EdgeCacheKeyset Resource
Get an existing EdgeCacheKeyset resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: EdgeCacheKeysetState, opts?: CustomResourceOptions): EdgeCacheKeyset@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
effective_labels: Optional[Mapping[str, str]] = None,
labels: Optional[Mapping[str, str]] = None,
name: Optional[str] = None,
project: Optional[str] = None,
public_keys: Optional[Sequence[EdgeCacheKeysetPublicKeyArgs]] = None,
pulumi_labels: Optional[Mapping[str, str]] = None,
validation_shared_keys: Optional[Sequence[EdgeCacheKeysetValidationSharedKeyArgs]] = None) -> EdgeCacheKeysetfunc GetEdgeCacheKeyset(ctx *Context, name string, id IDInput, state *EdgeCacheKeysetState, opts ...ResourceOption) (*EdgeCacheKeyset, error)public static EdgeCacheKeyset Get(string name, Input<string> id, EdgeCacheKeysetState? state, CustomResourceOptions? opts = null)public static EdgeCacheKeyset get(String name, Output<String> id, EdgeCacheKeysetState state, CustomResourceOptions options)resources: _: type: gcp:networkservices:EdgeCacheKeyset get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Description string
- A human-readable description of the resource.
- Effective
Labels Dictionary<string, string> - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- Labels Dictionary<string, string>
- Set of label tags associated with the EdgeCache resource.
Note: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field
effective_labelsfor all of the labels present on the resource. - Name string
- Name of the resource; provided by the client when the resource is created.
The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter,
and all following characters must be a dash, underscore, letter or digit.
- Project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Public
Keys List<EdgeCache Keyset Public Key> - An ordered list of Ed25519 public keys to use for validating signed requests.
You must specify
public_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. You may specify no more than one Google-managed public key. If you specifypublic_keys, you must specify at least one (1) key and may specify up to three (3) keys. Ed25519 public keys are not secret, and only allow Google to validate a request was signed by your corresponding private key. Ensure that the private key is kept secret, and that only authorized users can add public keys to a keyset. Structure is documented below. - Pulumi
Labels Dictionary<string, string> - The combination of labels configured directly on the resource and default labels configured on the provider.
-
List<Edge
Cache Keyset Validation Shared Key> - An ordered list of shared keys to use for validating signed requests.
Shared keys are secret. Ensure that only authorized users can add
validation_shared_keysto a keyset. You can rotate keys by appending (pushing) a new key to the list ofvalidation_shared_keysand removing any superseded keys. You must specifypublic_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. Structure is documented below.
- Description string
- A human-readable description of the resource.
- Effective
Labels map[string]string - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- Labels map[string]string
- Set of label tags associated with the EdgeCache resource.
Note: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field
effective_labelsfor all of the labels present on the resource. - Name string
- Name of the resource; provided by the client when the resource is created.
The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter,
and all following characters must be a dash, underscore, letter or digit.
- Project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Public
Keys []EdgeCache Keyset Public Key Args - An ordered list of Ed25519 public keys to use for validating signed requests.
You must specify
public_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. You may specify no more than one Google-managed public key. If you specifypublic_keys, you must specify at least one (1) key and may specify up to three (3) keys. Ed25519 public keys are not secret, and only allow Google to validate a request was signed by your corresponding private key. Ensure that the private key is kept secret, and that only authorized users can add public keys to a keyset. Structure is documented below. - Pulumi
Labels map[string]string - The combination of labels configured directly on the resource and default labels configured on the provider.
-
[]Edge
Cache Keyset Validation Shared Key Args - An ordered list of shared keys to use for validating signed requests.
Shared keys are secret. Ensure that only authorized users can add
validation_shared_keysto a keyset. You can rotate keys by appending (pushing) a new key to the list ofvalidation_shared_keysand removing any superseded keys. You must specifypublic_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. Structure is documented below.
- description String
- A human-readable description of the resource.
- effective
Labels Map<String,String> - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- labels Map<String,String>
- Set of label tags associated with the EdgeCache resource.
Note: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field
effective_labelsfor all of the labels present on the resource. - name String
- Name of the resource; provided by the client when the resource is created.
The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter,
and all following characters must be a dash, underscore, letter or digit.
- project String
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- public
Keys List<EdgeCache Keyset Public Key> - An ordered list of Ed25519 public keys to use for validating signed requests.
You must specify
public_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. You may specify no more than one Google-managed public key. If you specifypublic_keys, you must specify at least one (1) key and may specify up to three (3) keys. Ed25519 public keys are not secret, and only allow Google to validate a request was signed by your corresponding private key. Ensure that the private key is kept secret, and that only authorized users can add public keys to a keyset. Structure is documented below. - pulumi
Labels Map<String,String> - The combination of labels configured directly on the resource and default labels configured on the provider.
-
List<Edge
Cache Keyset Validation Shared Key> - An ordered list of shared keys to use for validating signed requests.
Shared keys are secret. Ensure that only authorized users can add
validation_shared_keysto a keyset. You can rotate keys by appending (pushing) a new key to the list ofvalidation_shared_keysand removing any superseded keys. You must specifypublic_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. Structure is documented below.
- description string
- A human-readable description of the resource.
- effective
Labels {[key: string]: string} - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- labels {[key: string]: string}
- Set of label tags associated with the EdgeCache resource.
Note: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field
effective_labelsfor all of the labels present on the resource. - name string
- Name of the resource; provided by the client when the resource is created.
The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter,
and all following characters must be a dash, underscore, letter or digit.
- project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- public
Keys EdgeCache Keyset Public Key[] - An ordered list of Ed25519 public keys to use for validating signed requests.
You must specify
public_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. You may specify no more than one Google-managed public key. If you specifypublic_keys, you must specify at least one (1) key and may specify up to three (3) keys. Ed25519 public keys are not secret, and only allow Google to validate a request was signed by your corresponding private key. Ensure that the private key is kept secret, and that only authorized users can add public keys to a keyset. Structure is documented below. - pulumi
Labels {[key: string]: string} - The combination of labels configured directly on the resource and default labels configured on the provider.
-
Edge
Cache Keyset Validation Shared Key[] - An ordered list of shared keys to use for validating signed requests.
Shared keys are secret. Ensure that only authorized users can add
validation_shared_keysto a keyset. You can rotate keys by appending (pushing) a new key to the list ofvalidation_shared_keysand removing any superseded keys. You must specifypublic_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. Structure is documented below.
- description str
- A human-readable description of the resource.
- effective_
labels Mapping[str, str] - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- labels Mapping[str, str]
- Set of label tags associated with the EdgeCache resource.
Note: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field
effective_labelsfor all of the labels present on the resource. - name str
- Name of the resource; provided by the client when the resource is created.
The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter,
and all following characters must be a dash, underscore, letter or digit.
- project str
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- public_
keys Sequence[EdgeCache Keyset Public Key Args] - An ordered list of Ed25519 public keys to use for validating signed requests.
You must specify
public_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. You may specify no more than one Google-managed public key. If you specifypublic_keys, you must specify at least one (1) key and may specify up to three (3) keys. Ed25519 public keys are not secret, and only allow Google to validate a request was signed by your corresponding private key. Ensure that the private key is kept secret, and that only authorized users can add public keys to a keyset. Structure is documented below. - pulumi_
labels Mapping[str, str] - The combination of labels configured directly on the resource and default labels configured on the provider.
-
Sequence[Edge
Cache Keyset Validation Shared Key Args] - An ordered list of shared keys to use for validating signed requests.
Shared keys are secret. Ensure that only authorized users can add
validation_shared_keysto a keyset. You can rotate keys by appending (pushing) a new key to the list ofvalidation_shared_keysand removing any superseded keys. You must specifypublic_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. Structure is documented below.
- description String
- A human-readable description of the resource.
- effective
Labels Map<String> - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
- labels Map<String>
- Set of label tags associated with the EdgeCache resource.
Note: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field
effective_labelsfor all of the labels present on the resource. - name String
- Name of the resource; provided by the client when the resource is created.
The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter,
and all following characters must be a dash, underscore, letter or digit.
- project String
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- public
Keys List<Property Map> - An ordered list of Ed25519 public keys to use for validating signed requests.
You must specify
public_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. You may specify no more than one Google-managed public key. If you specifypublic_keys, you must specify at least one (1) key and may specify up to three (3) keys. Ed25519 public keys are not secret, and only allow Google to validate a request was signed by your corresponding private key. Ensure that the private key is kept secret, and that only authorized users can add public keys to a keyset. Structure is documented below. - pulumi
Labels Map<String> - The combination of labels configured directly on the resource and default labels configured on the provider.
- List<Property Map>
- An ordered list of shared keys to use for validating signed requests.
Shared keys are secret. Ensure that only authorized users can add
validation_shared_keysto a keyset. You can rotate keys by appending (pushing) a new key to the list ofvalidation_shared_keysand removing any superseded keys. You must specifypublic_keysorvalidation_shared_keys(or both). The keys inpublic_keysare checked first. Structure is documented below.
Supporting Types
EdgeCacheKeysetPublicKey, EdgeCacheKeysetPublicKeyArgs
- Id string
- The ID of the public key. The ID must be 1-63 characters long, and comply with RFC1035. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.
- Managed bool
- Set to true to have the CDN automatically manage this public key value.
- Value string
- The base64-encoded value of the Ed25519 public key. The base64 encoding can be padded (44 bytes) or unpadded (43 bytes). Representations or encodings of the public key other than this will be rejected with an error. Note: This property is sensitive and will not be displayed in the plan.
- Id string
- The ID of the public key. The ID must be 1-63 characters long, and comply with RFC1035. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.
- Managed bool
- Set to true to have the CDN automatically manage this public key value.
- Value string
- The base64-encoded value of the Ed25519 public key. The base64 encoding can be padded (44 bytes) or unpadded (43 bytes). Representations or encodings of the public key other than this will be rejected with an error. Note: This property is sensitive and will not be displayed in the plan.
- id String
- The ID of the public key. The ID must be 1-63 characters long, and comply with RFC1035. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.
- managed Boolean
- Set to true to have the CDN automatically manage this public key value.
- value String
- The base64-encoded value of the Ed25519 public key. The base64 encoding can be padded (44 bytes) or unpadded (43 bytes). Representations or encodings of the public key other than this will be rejected with an error. Note: This property is sensitive and will not be displayed in the plan.
- id string
- The ID of the public key. The ID must be 1-63 characters long, and comply with RFC1035. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.
- managed boolean
- Set to true to have the CDN automatically manage this public key value.
- value string
- The base64-encoded value of the Ed25519 public key. The base64 encoding can be padded (44 bytes) or unpadded (43 bytes). Representations or encodings of the public key other than this will be rejected with an error. Note: This property is sensitive and will not be displayed in the plan.
- id str
- The ID of the public key. The ID must be 1-63 characters long, and comply with RFC1035. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.
- managed bool
- Set to true to have the CDN automatically manage this public key value.
- value str
- The base64-encoded value of the Ed25519 public key. The base64 encoding can be padded (44 bytes) or unpadded (43 bytes). Representations or encodings of the public key other than this will be rejected with an error. Note: This property is sensitive and will not be displayed in the plan.
- id String
- The ID of the public key. The ID must be 1-63 characters long, and comply with RFC1035. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.
- managed Boolean
- Set to true to have the CDN automatically manage this public key value.
- value String
- The base64-encoded value of the Ed25519 public key. The base64 encoding can be padded (44 bytes) or unpadded (43 bytes). Representations or encodings of the public key other than this will be rejected with an error. Note: This property is sensitive and will not be displayed in the plan.
EdgeCacheKeysetValidationSharedKey, EdgeCacheKeysetValidationSharedKeyArgs
- Secret
Version string - The name of the secret version in Secret Manager.
The resource name of the secret version must be in the format
projects/*/secrets/*/versions/*where the*values are replaced by the secrets themselves. The secrets must be at least 16 bytes large. The recommended secret size depends on the signature algorithm you are using.- If you are using HMAC-SHA1, we suggest 20-byte secrets.
- If you are using HMAC-SHA256, we suggest 32-byte secrets. See RFC 2104, Section 3 for more details on these recommendations.
- Secret
Version string - The name of the secret version in Secret Manager.
The resource name of the secret version must be in the format
projects/*/secrets/*/versions/*where the*values are replaced by the secrets themselves. The secrets must be at least 16 bytes large. The recommended secret size depends on the signature algorithm you are using.- If you are using HMAC-SHA1, we suggest 20-byte secrets.
- If you are using HMAC-SHA256, we suggest 32-byte secrets. See RFC 2104, Section 3 for more details on these recommendations.
- secret
Version String - The name of the secret version in Secret Manager.
The resource name of the secret version must be in the format
projects/*/secrets/*/versions/*where the*values are replaced by the secrets themselves. The secrets must be at least 16 bytes large. The recommended secret size depends on the signature algorithm you are using.- If you are using HMAC-SHA1, we suggest 20-byte secrets.
- If you are using HMAC-SHA256, we suggest 32-byte secrets. See RFC 2104, Section 3 for more details on these recommendations.
- secret
Version string - The name of the secret version in Secret Manager.
The resource name of the secret version must be in the format
projects/*/secrets/*/versions/*where the*values are replaced by the secrets themselves. The secrets must be at least 16 bytes large. The recommended secret size depends on the signature algorithm you are using.- If you are using HMAC-SHA1, we suggest 20-byte secrets.
- If you are using HMAC-SHA256, we suggest 32-byte secrets. See RFC 2104, Section 3 for more details on these recommendations.
- secret_
version str - The name of the secret version in Secret Manager.
The resource name of the secret version must be in the format
projects/*/secrets/*/versions/*where the*values are replaced by the secrets themselves. The secrets must be at least 16 bytes large. The recommended secret size depends on the signature algorithm you are using.- If you are using HMAC-SHA1, we suggest 20-byte secrets.
- If you are using HMAC-SHA256, we suggest 32-byte secrets. See RFC 2104, Section 3 for more details on these recommendations.
- secret
Version String - The name of the secret version in Secret Manager.
The resource name of the secret version must be in the format
projects/*/secrets/*/versions/*where the*values are replaced by the secrets themselves. The secrets must be at least 16 bytes large. The recommended secret size depends on the signature algorithm you are using.- If you are using HMAC-SHA1, we suggest 20-byte secrets.
- If you are using HMAC-SHA256, we suggest 32-byte secrets. See RFC 2104, Section 3 for more details on these recommendations.
Import
EdgeCacheKeyset can be imported using any of these accepted formats:
projects/{{project}}/locations/global/edgeCacheKeysets/{{name}}{{project}}/{{name}}{{name}}
When using the pulumi import command, EdgeCacheKeyset can be imported using one of the formats above. For example:
$ pulumi import gcp:networkservices/edgeCacheKeyset:EdgeCacheKeyset default projects/{{project}}/locations/global/edgeCacheKeysets/{{name}}
$ pulumi import gcp:networkservices/edgeCacheKeyset:EdgeCacheKeyset default {{project}}/{{name}}
$ pulumi import gcp:networkservices/edgeCacheKeyset:EdgeCacheKeyset default {{name}}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Google Cloud (GCP) Classic pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
google-betaTerraform Provider.