Google Cloud Native v0.30.0, Apr 14 23
Google Cloud Native v0.30.0, Apr 14 23
google-native.cloudkms/v1.EkmConnection
Explore with Pulumi AI
Creates a new EkmConnection in a given Project and Location. Note - this resource’s API doesn’t support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.
Create EkmConnection Resource
new EkmConnection(name: string, args?: EkmConnectionArgs, opts?: CustomResourceOptions);
@overload
def EkmConnection(resource_name: str,
opts: Optional[ResourceOptions] = None,
crypto_space_path: Optional[str] = None,
ekm_connection_id: Optional[str] = None,
etag: Optional[str] = None,
key_management_mode: Optional[EkmConnectionKeyManagementMode] = None,
location: Optional[str] = None,
project: Optional[str] = None,
service_resolvers: Optional[Sequence[ServiceResolverArgs]] = None)
@overload
def EkmConnection(resource_name: str,
args: Optional[EkmConnectionArgs] = None,
opts: Optional[ResourceOptions] = None)
func NewEkmConnection(ctx *Context, name string, args *EkmConnectionArgs, opts ...ResourceOption) (*EkmConnection, error)
public EkmConnection(string name, EkmConnectionArgs? args = null, CustomResourceOptions? opts = null)
public EkmConnection(String name, EkmConnectionArgs args)
public EkmConnection(String name, EkmConnectionArgs args, CustomResourceOptions options)
type: google-native:cloudkms/v1:EkmConnection
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args EkmConnectionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args EkmConnectionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args EkmConnectionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args EkmConnectionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args EkmConnectionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
EkmConnection Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The EkmConnection resource accepts the following input properties:
- Crypto
Space stringPath Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.
- Ekm
Connection stringId Required. It must be unique within a location and match the regular expression
[a-zA-Z0-9_-]{1,63}
.- Etag string
Optional. Etag of the currently stored EkmConnection.
- Key
Management Pulumi.Mode Google Native. Cloudkms. V1. Ekm Connection Key Management Mode Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.
- Location string
- Project string
- Service
Resolvers List<Pulumi.Google Native. Cloudkms. V1. Inputs. Service Resolver Args> A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.
- Crypto
Space stringPath Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.
- Ekm
Connection stringId Required. It must be unique within a location and match the regular expression
[a-zA-Z0-9_-]{1,63}
.- Etag string
Optional. Etag of the currently stored EkmConnection.
- Key
Management EkmMode Connection Key Management Mode Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.
- Location string
- Project string
- Service
Resolvers []ServiceResolver Args A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.
- crypto
Space StringPath Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.
- ekm
Connection StringId Required. It must be unique within a location and match the regular expression
[a-zA-Z0-9_-]{1,63}
.- etag String
Optional. Etag of the currently stored EkmConnection.
- key
Management EkmMode Connection Key Management Mode Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.
- location String
- project String
- service
Resolvers List<ServiceResolver Args> A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.
- crypto
Space stringPath Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.
- ekm
Connection stringId Required. It must be unique within a location and match the regular expression
[a-zA-Z0-9_-]{1,63}
.- etag string
Optional. Etag of the currently stored EkmConnection.
- key
Management EkmMode Connection Key Management Mode Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.
- location string
- project string
- service
Resolvers ServiceResolver Args[] A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.
- crypto_
space_ strpath Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.
- ekm_
connection_ strid Required. It must be unique within a location and match the regular expression
[a-zA-Z0-9_-]{1,63}
.- etag str
Optional. Etag of the currently stored EkmConnection.
- key_
management_ Ekmmode Connection Key Management Mode Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.
- location str
- project str
- service_
resolvers Sequence[ServiceResolver Args] A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.
- crypto
Space StringPath Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.
- ekm
Connection StringId Required. It must be unique within a location and match the regular expression
[a-zA-Z0-9_-]{1,63}
.- etag String
Optional. Etag of the currently stored EkmConnection.
- key
Management "KEY_MANAGEMENT_MODE_UNSPECIFIED" | "MANUAL" | "CLOUD_KMS"Mode Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.
- location String
- project String
- service
Resolvers List<Property Map> A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.
Outputs
All input properties are implicitly available as output properties. Additionally, the EkmConnection resource produces the following output properties:
- Create
Time string The time at which the EkmConnection was created.
- Id string
The provider-assigned unique ID for this managed resource.
- Name string
The resource name for the EkmConnection in the format
projects/*/locations/*/ekmConnections/*
.
- Create
Time string The time at which the EkmConnection was created.
- Id string
The provider-assigned unique ID for this managed resource.
- Name string
The resource name for the EkmConnection in the format
projects/*/locations/*/ekmConnections/*
.
- create
Time String The time at which the EkmConnection was created.
- id String
The provider-assigned unique ID for this managed resource.
- name String
The resource name for the EkmConnection in the format
projects/*/locations/*/ekmConnections/*
.
- create
Time string The time at which the EkmConnection was created.
- id string
The provider-assigned unique ID for this managed resource.
- name string
The resource name for the EkmConnection in the format
projects/*/locations/*/ekmConnections/*
.
- create_
time str The time at which the EkmConnection was created.
- id str
The provider-assigned unique ID for this managed resource.
- name str
The resource name for the EkmConnection in the format
projects/*/locations/*/ekmConnections/*
.
- create
Time String The time at which the EkmConnection was created.
- id String
The provider-assigned unique ID for this managed resource.
- name String
The resource name for the EkmConnection in the format
projects/*/locations/*/ekmConnections/*
.
Supporting Types
Certificate
- Raw
Der string The raw certificate bytes in DER format.
- Raw
Der string The raw certificate bytes in DER format.
- raw
Der String The raw certificate bytes in DER format.
- raw
Der string The raw certificate bytes in DER format.
- raw_
der str The raw certificate bytes in DER format.
- raw
Der String The raw certificate bytes in DER format.
CertificateResponse
- Issuer string
The issuer distinguished name in RFC 2253 format. Only present if parsed is true.
- Not
After stringTime The certificate is not valid after this time. Only present if parsed is true.
- Not
Before stringTime The certificate is not valid before this time. Only present if parsed is true.
- Parsed bool
True if the certificate was parsed successfully.
- Raw
Der string The raw certificate bytes in DER format.
- Serial
Number string The certificate serial number as a hex string. Only present if parsed is true.
- Sha256Fingerprint string
The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.
- Subject string
The subject distinguished name in RFC 2253 format. Only present if parsed is true.
- Subject
Alternative List<string>Dns Names The subject Alternative DNS names. Only present if parsed is true.
- Issuer string
The issuer distinguished name in RFC 2253 format. Only present if parsed is true.
- Not
After stringTime The certificate is not valid after this time. Only present if parsed is true.
- Not
Before stringTime The certificate is not valid before this time. Only present if parsed is true.
- Parsed bool
True if the certificate was parsed successfully.
- Raw
Der string The raw certificate bytes in DER format.
- Serial
Number string The certificate serial number as a hex string. Only present if parsed is true.
- Sha256Fingerprint string
The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.
- Subject string
The subject distinguished name in RFC 2253 format. Only present if parsed is true.
- Subject
Alternative []stringDns Names The subject Alternative DNS names. Only present if parsed is true.
- issuer String
The issuer distinguished name in RFC 2253 format. Only present if parsed is true.
- not
After StringTime The certificate is not valid after this time. Only present if parsed is true.
- not
Before StringTime The certificate is not valid before this time. Only present if parsed is true.
- parsed Boolean
True if the certificate was parsed successfully.
- raw
Der String The raw certificate bytes in DER format.
- serial
Number String The certificate serial number as a hex string. Only present if parsed is true.
- sha256Fingerprint String
The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.
- subject String
The subject distinguished name in RFC 2253 format. Only present if parsed is true.
- subject
Alternative List<String>Dns Names The subject Alternative DNS names. Only present if parsed is true.
- issuer string
The issuer distinguished name in RFC 2253 format. Only present if parsed is true.
- not
After stringTime The certificate is not valid after this time. Only present if parsed is true.
- not
Before stringTime The certificate is not valid before this time. Only present if parsed is true.
- parsed boolean
True if the certificate was parsed successfully.
- raw
Der string The raw certificate bytes in DER format.
- serial
Number string The certificate serial number as a hex string. Only present if parsed is true.
- sha256Fingerprint string
The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.
- subject string
The subject distinguished name in RFC 2253 format. Only present if parsed is true.
- subject
Alternative string[]Dns Names The subject Alternative DNS names. Only present if parsed is true.
- issuer str
The issuer distinguished name in RFC 2253 format. Only present if parsed is true.
- not_
after_ strtime The certificate is not valid after this time. Only present if parsed is true.
- not_
before_ strtime The certificate is not valid before this time. Only present if parsed is true.
- parsed bool
True if the certificate was parsed successfully.
- raw_
der str The raw certificate bytes in DER format.
- serial_
number str The certificate serial number as a hex string. Only present if parsed is true.
- sha256_
fingerprint str The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.
- subject str
The subject distinguished name in RFC 2253 format. Only present if parsed is true.
- subject_
alternative_ Sequence[str]dns_ names The subject Alternative DNS names. Only present if parsed is true.
- issuer String
The issuer distinguished name in RFC 2253 format. Only present if parsed is true.
- not
After StringTime The certificate is not valid after this time. Only present if parsed is true.
- not
Before StringTime The certificate is not valid before this time. Only present if parsed is true.
- parsed Boolean
True if the certificate was parsed successfully.
- raw
Der String The raw certificate bytes in DER format.
- serial
Number String The certificate serial number as a hex string. Only present if parsed is true.
- sha256Fingerprint String
The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.
- subject String
The subject distinguished name in RFC 2253 format. Only present if parsed is true.
- subject
Alternative List<String>Dns Names The subject Alternative DNS names. Only present if parsed is true.
EkmConnectionKeyManagementMode
- Key
Management Mode Unspecified - KEY_MANAGEMENT_MODE_UNSPECIFIED
Not specified.
- Manual
- MANUAL
EKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.
- Cloud
Kms - CLOUD_KMS
All CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.
- Ekm
Connection Key Management Mode Key Management Mode Unspecified - KEY_MANAGEMENT_MODE_UNSPECIFIED
Not specified.
- Ekm
Connection Key Management Mode Manual - MANUAL
EKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.
- Ekm
Connection Key Management Mode Cloud Kms - CLOUD_KMS
All CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.
- Key
Management Mode Unspecified - KEY_MANAGEMENT_MODE_UNSPECIFIED
Not specified.
- Manual
- MANUAL
EKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.
- Cloud
Kms - CLOUD_KMS
All CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.
- Key
Management Mode Unspecified - KEY_MANAGEMENT_MODE_UNSPECIFIED
Not specified.
- Manual
- MANUAL
EKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.
- Cloud
Kms - CLOUD_KMS
All CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.
- KEY_MANAGEMENT_MODE_UNSPECIFIED
- KEY_MANAGEMENT_MODE_UNSPECIFIED
Not specified.
- MANUAL
- MANUAL
EKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.
- CLOUD_KMS
- CLOUD_KMS
All CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.
- "KEY_MANAGEMENT_MODE_UNSPECIFIED"
- KEY_MANAGEMENT_MODE_UNSPECIFIED
Not specified.
- "MANUAL"
- MANUAL
EKM-side key management operations on CryptoKeys created with this EkmConnection must be initiated from the EKM directly and cannot be performed from Cloud KMS. This means that: * When creating a CryptoKeyVersion associated with this EkmConnection, the caller must supply the key path of pre-existing external key material that will be linked to the CryptoKeyVersion. * Destruction of external key material cannot be requested via the Cloud KMS API and must be performed directly in the EKM. * Automatic rotation of key material is not supported.
- "CLOUD_KMS"
- CLOUD_KMS
All CryptoKeys created with this EkmConnection use EKM-side key management operations initiated from Cloud KMS. This means that: * When a CryptoKeyVersion associated with this EkmConnection is created, the EKM automatically generates new key material and a new key path. The caller cannot supply the key path of pre-existing external key material. * Destruction of external key material associated with this EkmConnection can be requested by calling DestroyCryptoKeyVersion. * Automatic rotation of key material is supported.
ServiceResolver
- Hostname string
The hostname of the EKM replica used at TLS and HTTP layers.
- Server
Certificates List<Pulumi.Google Native. Cloudkms. V1. Inputs. Certificate> A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
- Service
Directory stringService The resource name of the Service Directory service pointing to an EKM replica, in the format
projects/*/locations/*/namespaces/*/services/*
.- Endpoint
Filter string Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
- Hostname string
The hostname of the EKM replica used at TLS and HTTP layers.
- Server
Certificates []Certificate A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
- Service
Directory stringService The resource name of the Service Directory service pointing to an EKM replica, in the format
projects/*/locations/*/namespaces/*/services/*
.- Endpoint
Filter string Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
- hostname String
The hostname of the EKM replica used at TLS and HTTP layers.
- server
Certificates List<Certificate> A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
- service
Directory StringService The resource name of the Service Directory service pointing to an EKM replica, in the format
projects/*/locations/*/namespaces/*/services/*
.- endpoint
Filter String Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
- hostname string
The hostname of the EKM replica used at TLS and HTTP layers.
- server
Certificates Certificate[] A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
- service
Directory stringService The resource name of the Service Directory service pointing to an EKM replica, in the format
projects/*/locations/*/namespaces/*/services/*
.- endpoint
Filter string Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
- hostname str
The hostname of the EKM replica used at TLS and HTTP layers.
- server_
certificates Sequence[Certificate] A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
- service_
directory_ strservice The resource name of the Service Directory service pointing to an EKM replica, in the format
projects/*/locations/*/namespaces/*/services/*
.- endpoint_
filter str Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
- hostname String
The hostname of the EKM replica used at TLS and HTTP layers.
- server
Certificates List<Property Map> A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
- service
Directory StringService The resource name of the Service Directory service pointing to an EKM replica, in the format
projects/*/locations/*/namespaces/*/services/*
.- endpoint
Filter String Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
ServiceResolverResponse
- Endpoint
Filter string Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
- Hostname string
The hostname of the EKM replica used at TLS and HTTP layers.
- Server
Certificates List<Pulumi.Google Native. Cloudkms. V1. Inputs. Certificate Response> A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
- Service
Directory stringService The resource name of the Service Directory service pointing to an EKM replica, in the format
projects/*/locations/*/namespaces/*/services/*
.
- Endpoint
Filter string Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
- Hostname string
The hostname of the EKM replica used at TLS and HTTP layers.
- Server
Certificates []CertificateResponse A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
- Service
Directory stringService The resource name of the Service Directory service pointing to an EKM replica, in the format
projects/*/locations/*/namespaces/*/services/*
.
- endpoint
Filter String Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
- hostname String
The hostname of the EKM replica used at TLS and HTTP layers.
- server
Certificates List<CertificateResponse> A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
- service
Directory StringService The resource name of the Service Directory service pointing to an EKM replica, in the format
projects/*/locations/*/namespaces/*/services/*
.
- endpoint
Filter string Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
- hostname string
The hostname of the EKM replica used at TLS and HTTP layers.
- server
Certificates CertificateResponse[] A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
- service
Directory stringService The resource name of the Service Directory service pointing to an EKM replica, in the format
projects/*/locations/*/namespaces/*/services/*
.
- endpoint_
filter str Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
- hostname str
The hostname of the EKM replica used at TLS and HTTP layers.
- server_
certificates Sequence[CertificateResponse] A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
- service_
directory_ strservice The resource name of the Service Directory service pointing to an EKM replica, in the format
projects/*/locations/*/namespaces/*/services/*
.
- endpoint
Filter String Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
- hostname String
The hostname of the EKM replica used at TLS and HTTP layers.
- server
Certificates List<Property Map> A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
- service
Directory StringService The resource name of the Service Directory service pointing to an EKM replica, in the format
projects/*/locations/*/namespaces/*/services/*
.
Package Details
- Repository
- Google Cloud Native pulumi/pulumi-google-native
- License
- Apache-2.0