1. Packages
  2. Google Cloud Native
  3. API Docs
  4. cloudkms
  5. cloudkms/v1
  6. EkmConnection

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

google-native.cloudkms/v1.EkmConnection

Explore with Pulumi AI

google-native logo

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

    Creates a new EkmConnection in a given Project and Location. Note - this resource’s API doesn’t support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.

    Create EkmConnection Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new EkmConnection(name: string, args?: EkmConnectionArgs, opts?: CustomResourceOptions);
    @overload
    def EkmConnection(resource_name: str,
                      args: Optional[EkmConnectionArgs] = None,
                      opts: Optional[ResourceOptions] = None)
    
    @overload
    def EkmConnection(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      crypto_space_path: Optional[str] = None,
                      ekm_connection_id: Optional[str] = None,
                      etag: Optional[str] = None,
                      key_management_mode: Optional[EkmConnectionKeyManagementMode] = None,
                      location: Optional[str] = None,
                      project: Optional[str] = None,
                      service_resolvers: Optional[Sequence[ServiceResolverArgs]] = None)
    func NewEkmConnection(ctx *Context, name string, args *EkmConnectionArgs, opts ...ResourceOption) (*EkmConnection, error)
    public EkmConnection(string name, EkmConnectionArgs? args = null, CustomResourceOptions? opts = null)
    public EkmConnection(String name, EkmConnectionArgs args)
    public EkmConnection(String name, EkmConnectionArgs args, CustomResourceOptions options)
    
    type: google-native:cloudkms/v1:EkmConnection
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args EkmConnectionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args EkmConnectionArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args EkmConnectionArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args EkmConnectionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args EkmConnectionArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var ekmConnectionResource = new GoogleNative.Cloudkms.V1.EkmConnection("ekmConnectionResource", new()
    {
        CryptoSpacePath = "string",
        EkmConnectionId = "string",
        Etag = "string",
        KeyManagementMode = GoogleNative.Cloudkms.V1.EkmConnectionKeyManagementMode.KeyManagementModeUnspecified,
        Location = "string",
        Project = "string",
        ServiceResolvers = new[]
        {
            new GoogleNative.Cloudkms.V1.Inputs.ServiceResolverArgs
            {
                Hostname = "string",
                ServerCertificates = new[]
                {
                    new GoogleNative.Cloudkms.V1.Inputs.CertificateArgs
                    {
                        RawDer = "string",
                    },
                },
                ServiceDirectoryService = "string",
                EndpointFilter = "string",
            },
        },
    });
    
    example, err := cloudkms.NewEkmConnection(ctx, "ekmConnectionResource", &cloudkms.EkmConnectionArgs{
    	CryptoSpacePath:   pulumi.String("string"),
    	EkmConnectionId:   pulumi.String("string"),
    	Etag:              pulumi.String("string"),
    	KeyManagementMode: cloudkms.EkmConnectionKeyManagementModeKeyManagementModeUnspecified,
    	Location:          pulumi.String("string"),
    	Project:           pulumi.String("string"),
    	ServiceResolvers: cloudkms.ServiceResolverArray{
    		&cloudkms.ServiceResolverArgs{
    			Hostname: pulumi.String("string"),
    			ServerCertificates: cloudkms.CertificateArray{
    				&cloudkms.CertificateArgs{
    					RawDer: pulumi.String("string"),
    				},
    			},
    			ServiceDirectoryService: pulumi.String("string"),
    			EndpointFilter:          pulumi.String("string"),
    		},
    	},
    })
    
    var ekmConnectionResource = new EkmConnection("ekmConnectionResource", EkmConnectionArgs.builder()
        .cryptoSpacePath("string")
        .ekmConnectionId("string")
        .etag("string")
        .keyManagementMode("KEY_MANAGEMENT_MODE_UNSPECIFIED")
        .location("string")
        .project("string")
        .serviceResolvers(ServiceResolverArgs.builder()
            .hostname("string")
            .serverCertificates(CertificateArgs.builder()
                .rawDer("string")
                .build())
            .serviceDirectoryService("string")
            .endpointFilter("string")
            .build())
        .build());
    
    ekm_connection_resource = google_native.cloudkms.v1.EkmConnection("ekmConnectionResource",
        crypto_space_path="string",
        ekm_connection_id="string",
        etag="string",
        key_management_mode=google_native.cloudkms.v1.EkmConnectionKeyManagementMode.KEY_MANAGEMENT_MODE_UNSPECIFIED,
        location="string",
        project="string",
        service_resolvers=[google_native.cloudkms.v1.ServiceResolverArgs(
            hostname="string",
            server_certificates=[google_native.cloudkms.v1.CertificateArgs(
                raw_der="string",
            )],
            service_directory_service="string",
            endpoint_filter="string",
        )])
    
    const ekmConnectionResource = new google_native.cloudkms.v1.EkmConnection("ekmConnectionResource", {
        cryptoSpacePath: "string",
        ekmConnectionId: "string",
        etag: "string",
        keyManagementMode: google_native.cloudkms.v1.EkmConnectionKeyManagementMode.KeyManagementModeUnspecified,
        location: "string",
        project: "string",
        serviceResolvers: [{
            hostname: "string",
            serverCertificates: [{
                rawDer: "string",
            }],
            serviceDirectoryService: "string",
            endpointFilter: "string",
        }],
    });
    
    type: google-native:cloudkms/v1:EkmConnection
    properties:
        cryptoSpacePath: string
        ekmConnectionId: string
        etag: string
        keyManagementMode: KEY_MANAGEMENT_MODE_UNSPECIFIED
        location: string
        project: string
        serviceResolvers:
            - endpointFilter: string
              hostname: string
              serverCertificates:
                - rawDer: string
              serviceDirectoryService: string
    

    EkmConnection Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The EkmConnection resource accepts the following input properties:

    CryptoSpacePath string
    Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.
    EkmConnectionId string
    Required. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}.
    Etag string
    Optional. Etag of the currently stored EkmConnection.
    KeyManagementMode Pulumi.GoogleNative.Cloudkms.V1.EkmConnectionKeyManagementMode
    Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.
    Location string
    Project string
    ServiceResolvers List<Pulumi.GoogleNative.Cloudkms.V1.Inputs.ServiceResolver>
    A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.
    CryptoSpacePath string
    Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.
    EkmConnectionId string
    Required. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}.
    Etag string
    Optional. Etag of the currently stored EkmConnection.
    KeyManagementMode EkmConnectionKeyManagementMode
    Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.
    Location string
    Project string
    ServiceResolvers []ServiceResolverArgs
    A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.
    cryptoSpacePath String
    Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.
    ekmConnectionId String
    Required. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}.
    etag String
    Optional. Etag of the currently stored EkmConnection.
    keyManagementMode EkmConnectionKeyManagementMode
    Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.
    location String
    project String
    serviceResolvers List<ServiceResolver>
    A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.
    cryptoSpacePath string
    Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.
    ekmConnectionId string
    Required. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}.
    etag string
    Optional. Etag of the currently stored EkmConnection.
    keyManagementMode EkmConnectionKeyManagementMode
    Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.
    location string
    project string
    serviceResolvers ServiceResolver[]
    A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.
    crypto_space_path str
    Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.
    ekm_connection_id str
    Required. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}.
    etag str
    Optional. Etag of the currently stored EkmConnection.
    key_management_mode EkmConnectionKeyManagementMode
    Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.
    location str
    project str
    service_resolvers Sequence[ServiceResolverArgs]
    A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.
    cryptoSpacePath String
    Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.
    ekmConnectionId String
    Required. It must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}.
    etag String
    Optional. Etag of the currently stored EkmConnection.
    keyManagementMode "KEY_MANAGEMENT_MODE_UNSPECIFIED" | "MANUAL" | "CLOUD_KMS"
    Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.
    location String
    project String
    serviceResolvers List<Property Map>
    A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the EkmConnection resource produces the following output properties:

    CreateTime string
    The time at which the EkmConnection was created.
    Id string
    The provider-assigned unique ID for this managed resource.
    Name string
    The resource name for the EkmConnection in the format projects/*/locations/*/ekmConnections/*.
    CreateTime string
    The time at which the EkmConnection was created.
    Id string
    The provider-assigned unique ID for this managed resource.
    Name string
    The resource name for the EkmConnection in the format projects/*/locations/*/ekmConnections/*.
    createTime String
    The time at which the EkmConnection was created.
    id String
    The provider-assigned unique ID for this managed resource.
    name String
    The resource name for the EkmConnection in the format projects/*/locations/*/ekmConnections/*.
    createTime string
    The time at which the EkmConnection was created.
    id string
    The provider-assigned unique ID for this managed resource.
    name string
    The resource name for the EkmConnection in the format projects/*/locations/*/ekmConnections/*.
    create_time str
    The time at which the EkmConnection was created.
    id str
    The provider-assigned unique ID for this managed resource.
    name str
    The resource name for the EkmConnection in the format projects/*/locations/*/ekmConnections/*.
    createTime String
    The time at which the EkmConnection was created.
    id String
    The provider-assigned unique ID for this managed resource.
    name String
    The resource name for the EkmConnection in the format projects/*/locations/*/ekmConnections/*.

    Supporting Types

    Certificate, CertificateArgs

    RawDer string
    The raw certificate bytes in DER format.
    RawDer string
    The raw certificate bytes in DER format.
    rawDer String
    The raw certificate bytes in DER format.
    rawDer string
    The raw certificate bytes in DER format.
    raw_der str
    The raw certificate bytes in DER format.
    rawDer String
    The raw certificate bytes in DER format.

    CertificateResponse, CertificateResponseArgs

    Issuer string
    The issuer distinguished name in RFC 2253 format. Only present if parsed is true.
    NotAfterTime string
    The certificate is not valid after this time. Only present if parsed is true.
    NotBeforeTime string
    The certificate is not valid before this time. Only present if parsed is true.
    Parsed bool
    True if the certificate was parsed successfully.
    RawDer string
    The raw certificate bytes in DER format.
    SerialNumber string
    The certificate serial number as a hex string. Only present if parsed is true.
    Sha256Fingerprint string
    The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.
    Subject string
    The subject distinguished name in RFC 2253 format. Only present if parsed is true.
    SubjectAlternativeDnsNames List<string>
    The subject Alternative DNS names. Only present if parsed is true.
    Issuer string
    The issuer distinguished name in RFC 2253 format. Only present if parsed is true.
    NotAfterTime string
    The certificate is not valid after this time. Only present if parsed is true.
    NotBeforeTime string
    The certificate is not valid before this time. Only present if parsed is true.
    Parsed bool
    True if the certificate was parsed successfully.
    RawDer string
    The raw certificate bytes in DER format.
    SerialNumber string
    The certificate serial number as a hex string. Only present if parsed is true.
    Sha256Fingerprint string
    The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.
    Subject string
    The subject distinguished name in RFC 2253 format. Only present if parsed is true.
    SubjectAlternativeDnsNames []string
    The subject Alternative DNS names. Only present if parsed is true.
    issuer String
    The issuer distinguished name in RFC 2253 format. Only present if parsed is true.
    notAfterTime String
    The certificate is not valid after this time. Only present if parsed is true.
    notBeforeTime String
    The certificate is not valid before this time. Only present if parsed is true.
    parsed Boolean
    True if the certificate was parsed successfully.
    rawDer String
    The raw certificate bytes in DER format.
    serialNumber String
    The certificate serial number as a hex string. Only present if parsed is true.
    sha256Fingerprint String
    The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.
    subject String
    The subject distinguished name in RFC 2253 format. Only present if parsed is true.
    subjectAlternativeDnsNames List<String>
    The subject Alternative DNS names. Only present if parsed is true.
    issuer string
    The issuer distinguished name in RFC 2253 format. Only present if parsed is true.
    notAfterTime string
    The certificate is not valid after this time. Only present if parsed is true.
    notBeforeTime string
    The certificate is not valid before this time. Only present if parsed is true.
    parsed boolean
    True if the certificate was parsed successfully.
    rawDer string
    The raw certificate bytes in DER format.
    serialNumber string
    The certificate serial number as a hex string. Only present if parsed is true.
    sha256Fingerprint string
    The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.
    subject string
    The subject distinguished name in RFC 2253 format. Only present if parsed is true.
    subjectAlternativeDnsNames string[]
    The subject Alternative DNS names. Only present if parsed is true.
    issuer str
    The issuer distinguished name in RFC 2253 format. Only present if parsed is true.
    not_after_time str
    The certificate is not valid after this time. Only present if parsed is true.
    not_before_time str
    The certificate is not valid before this time. Only present if parsed is true.
    parsed bool
    True if the certificate was parsed successfully.
    raw_der str
    The raw certificate bytes in DER format.
    serial_number str
    The certificate serial number as a hex string. Only present if parsed is true.
    sha256_fingerprint str
    The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.
    subject str
    The subject distinguished name in RFC 2253 format. Only present if parsed is true.
    subject_alternative_dns_names Sequence[str]
    The subject Alternative DNS names. Only present if parsed is true.
    issuer String
    The issuer distinguished name in RFC 2253 format. Only present if parsed is true.
    notAfterTime String
    The certificate is not valid after this time. Only present if parsed is true.
    notBeforeTime String
    The certificate is not valid before this time. Only present if parsed is true.
    parsed Boolean
    True if the certificate was parsed successfully.
    rawDer String
    The raw certificate bytes in DER format.
    serialNumber String
    The certificate serial number as a hex string. Only present if parsed is true.
    sha256Fingerprint String
    The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.
    subject String
    The subject distinguished name in RFC 2253 format. Only present if parsed is true.
    subjectAlternativeDnsNames List<String>
    The subject Alternative DNS names. Only present if parsed is true.

    EkmConnectionKeyManagementMode, EkmConnectionKeyManagementModeArgs

    KeyManagementModeUnspecified
    KEY_MANAGEMENT_MODE_UNSPECIFIEDNot specified.
    Manual
    MANUALEKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.
    CloudKms
    CLOUD_KMSAll CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.
    EkmConnectionKeyManagementModeKeyManagementModeUnspecified
    KEY_MANAGEMENT_MODE_UNSPECIFIEDNot specified.
    EkmConnectionKeyManagementModeManual
    MANUALEKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.
    EkmConnectionKeyManagementModeCloudKms
    CLOUD_KMSAll CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.
    KeyManagementModeUnspecified
    KEY_MANAGEMENT_MODE_UNSPECIFIEDNot specified.
    Manual
    MANUALEKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.
    CloudKms
    CLOUD_KMSAll CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.
    KeyManagementModeUnspecified
    KEY_MANAGEMENT_MODE_UNSPECIFIEDNot specified.
    Manual
    MANUALEKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.
    CloudKms
    CLOUD_KMSAll CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.
    KEY_MANAGEMENT_MODE_UNSPECIFIED
    KEY_MANAGEMENT_MODE_UNSPECIFIEDNot specified.
    MANUAL
    MANUALEKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.
    CLOUD_KMS
    CLOUD_KMSAll CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.
    "KEY_MANAGEMENT_MODE_UNSPECIFIED"
    KEY_MANAGEMENT_MODE_UNSPECIFIEDNot specified.
    "MANUAL"
    MANUALEKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.
    "CLOUD_KMS"
    CLOUD_KMSAll CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.

    ServiceResolver, ServiceResolverArgs

    Hostname string
    The hostname of the EKM replica used at TLS and HTTP layers.
    ServerCertificates List<Pulumi.GoogleNative.Cloudkms.V1.Inputs.Certificate>
    A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
    ServiceDirectoryService string
    The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.
    EndpointFilter string
    Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
    Hostname string
    The hostname of the EKM replica used at TLS and HTTP layers.
    ServerCertificates []Certificate
    A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
    ServiceDirectoryService string
    The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.
    EndpointFilter string
    Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
    hostname String
    The hostname of the EKM replica used at TLS and HTTP layers.
    serverCertificates List<Certificate>
    A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
    serviceDirectoryService String
    The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.
    endpointFilter String
    Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
    hostname string
    The hostname of the EKM replica used at TLS and HTTP layers.
    serverCertificates Certificate[]
    A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
    serviceDirectoryService string
    The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.
    endpointFilter string
    Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
    hostname str
    The hostname of the EKM replica used at TLS and HTTP layers.
    server_certificates Sequence[Certificate]
    A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
    service_directory_service str
    The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.
    endpoint_filter str
    Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
    hostname String
    The hostname of the EKM replica used at TLS and HTTP layers.
    serverCertificates List<Property Map>
    A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
    serviceDirectoryService String
    The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.
    endpointFilter String
    Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.

    ServiceResolverResponse, ServiceResolverResponseArgs

    EndpointFilter string
    Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
    Hostname string
    The hostname of the EKM replica used at TLS and HTTP layers.
    ServerCertificates List<Pulumi.GoogleNative.Cloudkms.V1.Inputs.CertificateResponse>
    A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
    ServiceDirectoryService string
    The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.
    EndpointFilter string
    Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
    Hostname string
    The hostname of the EKM replica used at TLS and HTTP layers.
    ServerCertificates []CertificateResponse
    A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
    ServiceDirectoryService string
    The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.
    endpointFilter String
    Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
    hostname String
    The hostname of the EKM replica used at TLS and HTTP layers.
    serverCertificates List<CertificateResponse>
    A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
    serviceDirectoryService String
    The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.
    endpointFilter string
    Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
    hostname string
    The hostname of the EKM replica used at TLS and HTTP layers.
    serverCertificates CertificateResponse[]
    A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
    serviceDirectoryService string
    The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.
    endpoint_filter str
    Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
    hostname str
    The hostname of the EKM replica used at TLS and HTTP layers.
    server_certificates Sequence[CertificateResponse]
    A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
    service_directory_service str
    The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.
    endpointFilter String
    Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
    hostname String
    The hostname of the EKM replica used at TLS and HTTP layers.
    serverCertificates List<Property Map>
    A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
    serviceDirectoryService String
    The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

    Package Details

    Repository
    Google Cloud Native pulumi/pulumi-google-native
    License
    Apache-2.0
    google-native logo

    Google Cloud Native is in preview. Google Cloud Classic is fully supported.

    Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi