google-native logo
Google Cloud Native v0.30.0, Apr 14 23

google-native.cloudkms/v1.EkmConnection

Explore with Pulumi AI

Creates a new EkmConnection in a given Project and Location. Note - this resource’s API doesn’t support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.

Create EkmConnection Resource

new EkmConnection(name: string, args?: EkmConnectionArgs, opts?: CustomResourceOptions);
@overload
def EkmConnection(resource_name: str,
                  opts: Optional[ResourceOptions] = None,
                  crypto_space_path: Optional[str] = None,
                  ekm_connection_id: Optional[str] = None,
                  etag: Optional[str] = None,
                  key_management_mode: Optional[EkmConnectionKeyManagementMode] = None,
                  location: Optional[str] = None,
                  project: Optional[str] = None,
                  service_resolvers: Optional[Sequence[ServiceResolverArgs]] = None)
@overload
def EkmConnection(resource_name: str,
                  args: Optional[EkmConnectionArgs] = None,
                  opts: Optional[ResourceOptions] = None)
func NewEkmConnection(ctx *Context, name string, args *EkmConnectionArgs, opts ...ResourceOption) (*EkmConnection, error)
public EkmConnection(string name, EkmConnectionArgs? args = null, CustomResourceOptions? opts = null)
public EkmConnection(String name, EkmConnectionArgs args)
public EkmConnection(String name, EkmConnectionArgs args, CustomResourceOptions options)
type: google-native:cloudkms/v1:EkmConnection
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args EkmConnectionArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args EkmConnectionArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args EkmConnectionArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args EkmConnectionArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args EkmConnectionArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

EkmConnection Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The EkmConnection resource accepts the following input properties:

CryptoSpacePath string

Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.

EkmConnectionId string

Required. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}.

Etag string

Optional. Etag of the currently stored EkmConnection.

KeyManagementMode Pulumi.GoogleNative.Cloudkms.V1.EkmConnectionKeyManagementMode

Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.

Location string
Project string
ServiceResolvers List<Pulumi.GoogleNative.Cloudkms.V1.Inputs.ServiceResolverArgs>

A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.

CryptoSpacePath string

Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.

EkmConnectionId string

Required. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}.

Etag string

Optional. Etag of the currently stored EkmConnection.

KeyManagementMode EkmConnectionKeyManagementMode

Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.

Location string
Project string
ServiceResolvers []ServiceResolverArgs

A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.

cryptoSpacePath String

Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.

ekmConnectionId String

Required. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}.

etag String

Optional. Etag of the currently stored EkmConnection.

keyManagementMode EkmConnectionKeyManagementMode

Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.

location String
project String
serviceResolvers List<ServiceResolverArgs>

A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.

cryptoSpacePath string

Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.

ekmConnectionId string

Required. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}.

etag string

Optional. Etag of the currently stored EkmConnection.

keyManagementMode EkmConnectionKeyManagementMode

Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.

location string
project string
serviceResolvers ServiceResolverArgs[]

A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.

crypto_space_path str

Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.

ekm_connection_id str

Required. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}.

etag str

Optional. Etag of the currently stored EkmConnection.

key_management_mode EkmConnectionKeyManagementMode

Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.

location str
project str
service_resolvers Sequence[ServiceResolverArgs]

A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.

cryptoSpacePath String

Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.

ekmConnectionId String

Required. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}.

etag String

Optional. Etag of the currently stored EkmConnection.

keyManagementMode "KEY_MANAGEMENT_MODE_UNSPECIFIED" | "MANUAL" | "CLOUD_KMS"

Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.

location String
project String
serviceResolvers List<Property Map>

A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.

Outputs

All input properties are implicitly available as output properties. Additionally, the EkmConnection resource produces the following output properties:

CreateTime string

The time at which the EkmConnection was created.

Id string

The provider-assigned unique ID for this managed resource.

Name string

The resource name for the EkmConnection in the format projects/*/locations/*/ekmConnections/*.

CreateTime string

The time at which the EkmConnection was created.

Id string

The provider-assigned unique ID for this managed resource.

Name string

The resource name for the EkmConnection in the format projects/*/locations/*/ekmConnections/*.

createTime String

The time at which the EkmConnection was created.

id String

The provider-assigned unique ID for this managed resource.

name String

The resource name for the EkmConnection in the format projects/*/locations/*/ekmConnections/*.

createTime string

The time at which the EkmConnection was created.

id string

The provider-assigned unique ID for this managed resource.

name string

The resource name for the EkmConnection in the format projects/*/locations/*/ekmConnections/*.

create_time str

The time at which the EkmConnection was created.

id str

The provider-assigned unique ID for this managed resource.

name str

The resource name for the EkmConnection in the format projects/*/locations/*/ekmConnections/*.

createTime String

The time at which the EkmConnection was created.

id String

The provider-assigned unique ID for this managed resource.

name String

The resource name for the EkmConnection in the format projects/*/locations/*/ekmConnections/*.

Supporting Types

Certificate

RawDer string

The raw certificate bytes in DER format.

RawDer string

The raw certificate bytes in DER format.

rawDer String

The raw certificate bytes in DER format.

rawDer string

The raw certificate bytes in DER format.

raw_der str

The raw certificate bytes in DER format.

rawDer String

The raw certificate bytes in DER format.

CertificateResponse

Issuer string

The issuer distinguished name in RFC 2253 format. Only present if parsed is true.

NotAfterTime string

The certificate is not valid after this time. Only present if parsed is true.

NotBeforeTime string

The certificate is not valid before this time. Only present if parsed is true.

Parsed bool

True if the certificate was parsed successfully.

RawDer string

The raw certificate bytes in DER format.

SerialNumber string

The certificate serial number as a hex string. Only present if parsed is true.

Sha256Fingerprint string

The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.

Subject string

The subject distinguished name in RFC 2253 format. Only present if parsed is true.

SubjectAlternativeDnsNames List<string>

The subject Alternative DNS names. Only present if parsed is true.

Issuer string

The issuer distinguished name in RFC 2253 format. Only present if parsed is true.

NotAfterTime string

The certificate is not valid after this time. Only present if parsed is true.

NotBeforeTime string

The certificate is not valid before this time. Only present if parsed is true.

Parsed bool

True if the certificate was parsed successfully.

RawDer string

The raw certificate bytes in DER format.

SerialNumber string

The certificate serial number as a hex string. Only present if parsed is true.

Sha256Fingerprint string

The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.

Subject string

The subject distinguished name in RFC 2253 format. Only present if parsed is true.

SubjectAlternativeDnsNames []string

The subject Alternative DNS names. Only present if parsed is true.

issuer String

The issuer distinguished name in RFC 2253 format. Only present if parsed is true.

notAfterTime String

The certificate is not valid after this time. Only present if parsed is true.

notBeforeTime String

The certificate is not valid before this time. Only present if parsed is true.

parsed Boolean

True if the certificate was parsed successfully.

rawDer String

The raw certificate bytes in DER format.

serialNumber String

The certificate serial number as a hex string. Only present if parsed is true.

sha256Fingerprint String

The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.

subject String

The subject distinguished name in RFC 2253 format. Only present if parsed is true.

subjectAlternativeDnsNames List<String>

The subject Alternative DNS names. Only present if parsed is true.

issuer string

The issuer distinguished name in RFC 2253 format. Only present if parsed is true.

notAfterTime string

The certificate is not valid after this time. Only present if parsed is true.

notBeforeTime string

The certificate is not valid before this time. Only present if parsed is true.

parsed boolean

True if the certificate was parsed successfully.

rawDer string

The raw certificate bytes in DER format.

serialNumber string

The certificate serial number as a hex string. Only present if parsed is true.

sha256Fingerprint string

The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.

subject string

The subject distinguished name in RFC 2253 format. Only present if parsed is true.

subjectAlternativeDnsNames string[]

The subject Alternative DNS names. Only present if parsed is true.

issuer str

The issuer distinguished name in RFC 2253 format. Only present if parsed is true.

not_after_time str

The certificate is not valid after this time. Only present if parsed is true.

not_before_time str

The certificate is not valid before this time. Only present if parsed is true.

parsed bool

True if the certificate was parsed successfully.

raw_der str

The raw certificate bytes in DER format.

serial_number str

The certificate serial number as a hex string. Only present if parsed is true.

sha256_fingerprint str

The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.

subject str

The subject distinguished name in RFC 2253 format. Only present if parsed is true.

subject_alternative_dns_names Sequence[str]

The subject Alternative DNS names. Only present if parsed is true.

issuer String

The issuer distinguished name in RFC 2253 format. Only present if parsed is true.

notAfterTime String

The certificate is not valid after this time. Only present if parsed is true.

notBeforeTime String

The certificate is not valid before this time. Only present if parsed is true.

parsed Boolean

True if the certificate was parsed successfully.

rawDer String

The raw certificate bytes in DER format.

serialNumber String

The certificate serial number as a hex string. Only present if parsed is true.

sha256Fingerprint String

The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.

subject String

The subject distinguished name in RFC 2253 format. Only present if parsed is true.

subjectAlternativeDnsNames List<String>

The subject Alternative DNS names. Only present if parsed is true.

EkmConnectionKeyManagementMode

KeyManagementModeUnspecified
KEY_MANAGEMENT_MODE_UNSPECIFIED

Not specified.

Manual
MANUAL

EKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.

CloudKms
CLOUD_KMS

All CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.

EkmConnectionKeyManagementModeKeyManagementModeUnspecified
KEY_MANAGEMENT_MODE_UNSPECIFIED

Not specified.

EkmConnectionKeyManagementModeManual
MANUAL

EKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.

EkmConnectionKeyManagementModeCloudKms
CLOUD_KMS

All CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.

KeyManagementModeUnspecified
KEY_MANAGEMENT_MODE_UNSPECIFIED

Not specified.

Manual
MANUAL

EKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.

CloudKms
CLOUD_KMS

All CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.

KeyManagementModeUnspecified
KEY_MANAGEMENT_MODE_UNSPECIFIED

Not specified.

Manual
MANUAL

EKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.

CloudKms
CLOUD_KMS

All CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.

KEY_MANAGEMENT_MODE_UNSPECIFIED
KEY_MANAGEMENT_MODE_UNSPECIFIED

Not specified.

MANUAL
MANUAL

EKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.

CLOUD_KMS
CLOUD_KMS

All CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.

"KEY_MANAGEMENT_MODE_UNSPECIFIED"
KEY_MANAGEMENT_MODE_UNSPECIFIED

Not specified.

"MANUAL"
MANUAL

EKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.

"CLOUD_KMS"
CLOUD_KMS

All CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.

ServiceResolver

Hostname string

The hostname of the EKM replica used at TLS and HTTP layers.

ServerCertificates List<Pulumi.GoogleNative.Cloudkms.V1.Inputs.Certificate>

A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.

ServiceDirectoryService string

The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

EndpointFilter string

Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.

Hostname string

The hostname of the EKM replica used at TLS and HTTP layers.

ServerCertificates []Certificate

A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.

ServiceDirectoryService string

The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

EndpointFilter string

Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.

hostname String

The hostname of the EKM replica used at TLS and HTTP layers.

serverCertificates List<Certificate>

A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.

serviceDirectoryService String

The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

endpointFilter String

Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.

hostname string

The hostname of the EKM replica used at TLS and HTTP layers.

serverCertificates Certificate[]

A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.

serviceDirectoryService string

The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

endpointFilter string

Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.

hostname str

The hostname of the EKM replica used at TLS and HTTP layers.

server_certificates Sequence[Certificate]

A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.

service_directory_service str

The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

endpoint_filter str

Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.

hostname String

The hostname of the EKM replica used at TLS and HTTP layers.

serverCertificates List<Property Map>

A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.

serviceDirectoryService String

The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

endpointFilter String

Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.

ServiceResolverResponse

EndpointFilter string

Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.

Hostname string

The hostname of the EKM replica used at TLS and HTTP layers.

ServerCertificates List<Pulumi.GoogleNative.Cloudkms.V1.Inputs.CertificateResponse>

A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.

ServiceDirectoryService string

The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

EndpointFilter string

Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.

Hostname string

The hostname of the EKM replica used at TLS and HTTP layers.

ServerCertificates []CertificateResponse

A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.

ServiceDirectoryService string

The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

endpointFilter String

Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.

hostname String

The hostname of the EKM replica used at TLS and HTTP layers.

serverCertificates List<CertificateResponse>

A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.

serviceDirectoryService String

The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

endpointFilter string

Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.

hostname string

The hostname of the EKM replica used at TLS and HTTP layers.

serverCertificates CertificateResponse[]

A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.

serviceDirectoryService string

The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

endpoint_filter str

Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.

hostname str

The hostname of the EKM replica used at TLS and HTTP layers.

server_certificates Sequence[CertificateResponse]

A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.

service_directory_service str

The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

endpointFilter String

Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.

hostname String

The hostname of the EKM replica used at TLS and HTTP layers.

serverCertificates List<Property Map>

A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.

serviceDirectoryService String

The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

Package Details

Repository
Google Cloud Native pulumi/pulumi-google-native
License
Apache-2.0