Google Cloud Native v0.32.0, Nov 29 23

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

pulumi/pulumi-google-native

google-native.cloudkms/v1.getEkmConnection

Explore with Pulumi AI

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

pulumi/pulumi-google-native

Using getEkmConnection

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getEkmConnection(args: GetEkmConnectionArgs, opts?: InvokeOptions): Promise<GetEkmConnectionResult>
function getEkmConnectionOutput(args: GetEkmConnectionOutputArgs, opts?: InvokeOptions): Output<GetEkmConnectionResult>

def get_ekm_connection(ekm_connection_id: Optional[str] = None,
                       location: Optional[str] = None,
                       project: Optional[str] = None,
                       opts: Optional[InvokeOptions] = None) -> GetEkmConnectionResult
def get_ekm_connection_output(ekm_connection_id: Optional[pulumi.Input[str]] = None,
                       location: Optional[pulumi.Input[str]] = None,
                       project: Optional[pulumi.Input[str]] = None,
                       opts: Optional[InvokeOptions] = None) -> Output[GetEkmConnectionResult]

func LookupEkmConnection(ctx *Context, args *LookupEkmConnectionArgs, opts ...InvokeOption) (*LookupEkmConnectionResult, error)
func LookupEkmConnectionOutput(ctx *Context, args *LookupEkmConnectionOutputArgs, opts ...InvokeOption) LookupEkmConnectionResultOutput

> Note: This function is named LookupEkmConnection in the Go SDK.

public static class GetEkmConnection 
{
    public static Task<GetEkmConnectionResult> InvokeAsync(GetEkmConnectionArgs args, InvokeOptions? opts = null)
    public static Output<GetEkmConnectionResult> Invoke(GetEkmConnectionInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetEkmConnectionResult> getEkmConnection(GetEkmConnectionArgs args, InvokeOptions options)
// Output-based functions aren't available in Java yet

fn::invoke:
  function: google-native:cloudkms/v1:getEkmConnection
  arguments:
    # arguments dictionary

The following arguments are supported:

EkmConnectionId string
Location string
Project string

EkmConnectionId string
Location string
Project string

ekmConnectionId String
location String
project String

ekmConnectionId string
location string
project string

ekm_connection_id str
location str
project str

ekmConnectionId String
location String
project String

getEkmConnection Result

The following output properties are available:

CreateTime string: The time at which the EkmConnection was created.
CryptoSpacePath string: Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.
Etag string: Optional. Etag of the currently stored EkmConnection.
KeyManagementMode string: Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.
Name string: The resource name for the EkmConnection in the format projects/*/locations/*/ekmConnections/*.
ServiceResolvers List<Pulumi.GoogleNative.Cloudkms.V1.Outputs.ServiceResolverResponse>: A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.

CreateTime string: The time at which the EkmConnection was created.
CryptoSpacePath string: Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.
Etag string: Optional. Etag of the currently stored EkmConnection.
KeyManagementMode string: Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.
Name string: The resource name for the EkmConnection in the format projects/*/locations/*/ekmConnections/*.
ServiceResolvers []ServiceResolverResponse: A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.

createTime String: The time at which the EkmConnection was created.
cryptoSpacePath String: Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.
etag String: Optional. Etag of the currently stored EkmConnection.
keyManagementMode String: Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.
name String: The resource name for the EkmConnection in the format projects/*/locations/*/ekmConnections/*.
serviceResolvers List<ServiceResolverResponse>: A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.

createTime string: The time at which the EkmConnection was created.
cryptoSpacePath string: Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.
etag string: Optional. Etag of the currently stored EkmConnection.
keyManagementMode string: Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.
name string: The resource name for the EkmConnection in the format projects/*/locations/*/ekmConnections/*.
serviceResolvers ServiceResolverResponse[]: A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.

create_time str: The time at which the EkmConnection was created.
crypto_space_path str: Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.
etag str: Optional. Etag of the currently stored EkmConnection.
key_management_mode str: Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.
name str: The resource name for the EkmConnection in the format projects/*/locations/*/ekmConnections/*.
service_resolvers Sequence[ServiceResolverResponse]: A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.

createTime String: The time at which the EkmConnection was created.
cryptoSpacePath String: Optional. Identifies the EKM Crypto Space that this EkmConnection maps to. Note: This field is required if KeyManagementMode is CLOUD_KMS.
etag String: Optional. Etag of the currently stored EkmConnection.
keyManagementMode String: Optional. Describes who can perform control plane operations on the EKM. If unset, this defaults to MANUAL.
name String: The resource name for the EkmConnection in the format projects/*/locations/*/ekmConnections/*.
serviceResolvers List<Property Map>: A list of ServiceResolvers where the EKM can be reached. There should be one ServiceResolver per EKM replica. Currently, only a single ServiceResolver is supported.

Supporting Types

CertificateResponse

Issuer string: The issuer distinguished name in RFC 2253 format. Only present if parsed is true.
NotAfterTime string: The certificate is not valid after this time. Only present if parsed is true.
NotBeforeTime string: The certificate is not valid before this time. Only present if parsed is true.
Parsed bool: True if the certificate was parsed successfully.
RawDer string: The raw certificate bytes in DER format.
SerialNumber string: The certificate serial number as a hex string. Only present if parsed is true.
Sha256Fingerprint string: The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.
Subject string: The subject distinguished name in RFC 2253 format. Only present if parsed is true.
SubjectAlternativeDnsNames List<string>: The subject Alternative DNS names. Only present if parsed is true.

Issuer string: The issuer distinguished name in RFC 2253 format. Only present if parsed is true.
NotAfterTime string: The certificate is not valid after this time. Only present if parsed is true.
NotBeforeTime string: The certificate is not valid before this time. Only present if parsed is true.
Parsed bool: True if the certificate was parsed successfully.
RawDer string: The raw certificate bytes in DER format.
SerialNumber string: The certificate serial number as a hex string. Only present if parsed is true.
Sha256Fingerprint string: The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.
Subject string: The subject distinguished name in RFC 2253 format. Only present if parsed is true.
SubjectAlternativeDnsNames []string: The subject Alternative DNS names. Only present if parsed is true.

issuer String: The issuer distinguished name in RFC 2253 format. Only present if parsed is true.
notAfterTime String: The certificate is not valid after this time. Only present if parsed is true.
notBeforeTime String: The certificate is not valid before this time. Only present if parsed is true.
parsed Boolean: True if the certificate was parsed successfully.
rawDer String: The raw certificate bytes in DER format.
serialNumber String: The certificate serial number as a hex string. Only present if parsed is true.
sha256Fingerprint String: The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.
subject String: The subject distinguished name in RFC 2253 format. Only present if parsed is true.
subjectAlternativeDnsNames List<String>: The subject Alternative DNS names. Only present if parsed is true.

issuer string: The issuer distinguished name in RFC 2253 format. Only present if parsed is true.
notAfterTime string: The certificate is not valid after this time. Only present if parsed is true.
notBeforeTime string: The certificate is not valid before this time. Only present if parsed is true.
parsed boolean: True if the certificate was parsed successfully.
rawDer string: The raw certificate bytes in DER format.
serialNumber string: The certificate serial number as a hex string. Only present if parsed is true.
sha256Fingerprint string: The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.
subject string: The subject distinguished name in RFC 2253 format. Only present if parsed is true.
subjectAlternativeDnsNames string[]: The subject Alternative DNS names. Only present if parsed is true.

issuer str: The issuer distinguished name in RFC 2253 format. Only present if parsed is true.
not_after_time str: The certificate is not valid after this time. Only present if parsed is true.
not_before_time str: The certificate is not valid before this time. Only present if parsed is true.
parsed bool: True if the certificate was parsed successfully.
raw_der str: The raw certificate bytes in DER format.
serial_number str: The certificate serial number as a hex string. Only present if parsed is true.
sha256_fingerprint str: The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.
subject str: The subject distinguished name in RFC 2253 format. Only present if parsed is true.
subject_alternative_dns_names Sequence[str]: The subject Alternative DNS names. Only present if parsed is true.

issuer String: The issuer distinguished name in RFC 2253 format. Only present if parsed is true.
notAfterTime String: The certificate is not valid after this time. Only present if parsed is true.
notBeforeTime String: The certificate is not valid before this time. Only present if parsed is true.
parsed Boolean: True if the certificate was parsed successfully.
rawDer String: The raw certificate bytes in DER format.
serialNumber String: The certificate serial number as a hex string. Only present if parsed is true.
sha256Fingerprint String: The SHA-256 certificate fingerprint as a hex string. Only present if parsed is true.
subject String: The subject distinguished name in RFC 2253 format. Only present if parsed is true.
subjectAlternativeDnsNames List<String>: The subject Alternative DNS names. Only present if parsed is true.

ServiceResolverResponse

EndpointFilter string: Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
Hostname string: The hostname of the EKM replica used at TLS and HTTP layers.
ServerCertificates List<Pulumi.GoogleNative.Cloudkms.V1.Inputs.CertificateResponse>: A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
ServiceDirectoryService string: The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

EndpointFilter string: Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
Hostname string: The hostname of the EKM replica used at TLS and HTTP layers.
ServerCertificates []CertificateResponse: A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
ServiceDirectoryService string: The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

endpointFilter String: Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
hostname String: The hostname of the EKM replica used at TLS and HTTP layers.
serverCertificates List<CertificateResponse>: A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
serviceDirectoryService String: The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

endpointFilter string: Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
hostname string: The hostname of the EKM replica used at TLS and HTTP layers.
serverCertificates CertificateResponse[]: A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
serviceDirectoryService string: The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

endpoint_filter str: Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
hostname str: The hostname of the EKM replica used at TLS and HTTP layers.
server_certificates Sequence[CertificateResponse]: A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
service_directory_service str: The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

endpointFilter String: Optional. The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered. An endpoint will be chosen arbitrarily from the filtered list for each request. For endpoint filter syntax and examples, see https://cloud.google.com/service-directory/docs/reference/rpc/google.cloud.servicedirectory.v1#resolveservicerequest.
hostname String: The hostname of the EKM replica used at TLS and HTTP layers.
serverCertificates List<Property Map>: A list of leaf server certificates used to authenticate HTTPS connections to the EKM replica. Currently, a maximum of 10 Certificate is supported.
serviceDirectoryService String: The resource name of the Service Directory service pointing to an EKM replica, in the format projects/*/locations/*/namespaces/*/services/*.

Package Details

Repository: Google Cloud Native pulumi/pulumi-google-native
License: Apache-2.0

Google Cloud Native is in preview. Google Cloud Classic is fully supported.

Google Cloud Native v0.32.0 published on Wednesday, Nov 29, 2023 by Pulumi

pulumi/pulumi-google-native

google-native.cloudkms/v1.getEkmConnection

On this page

On this page

Using getEkmConnection

getEkmConnection Result

Supporting Types

CertificateResponse

ServiceResolverResponse

Package Details

On this page

On this page