ibm 1.80.0-beta0, Jun 24 25

ibm 1.80.0-beta0 published on Tuesday, Jun 24, 2025 by ibm-cloud

ibm.getDlGatewayMacsecCaks

Explore with Pulumi AI

ibm 1.80.0-beta0 published on Tuesday, Jun 24, 2025 by ibm-cloud

List the CAKs associated with the MACsec configuration of a IBM Cloud Infrastructure Direct Link. A connectivity association key (CAK) used in the MACsec Key Agreement (MKA) protocol. MACsec CAKs consist of both a name and key. The CAK’s name must be a hexadecimal string of even lengths between 2 to 64 inclusive. The CAK’s key must be a Hyper Protect Crypto Service Standard Key type=standard with key material a hexadecimal string exactly 64 characters in length.

For more information, about IBM Cloud Direct Link, see getting started with IBM Cloud Direct Link.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const test = ibm.getDlGatewayMacsecCaks({
    gateway: "0a06fb9b-820f-4c44-8a31-77f1f0806d28",
});

import pulumi
import pulumi_ibm as ibm

test = ibm.get_dl_gateway_macsec_caks(gateway="0a06fb9b-820f-4c44-8a31-77f1f0806d28")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.GetDlGatewayMacsecCaks(ctx, &ibm.GetDlGatewayMacsecCaksArgs{
			Gateway: "0a06fb9b-820f-4c44-8a31-77f1f0806d28",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var test = Ibm.GetDlGatewayMacsecCaks.Invoke(new()
    {
        Gateway = "0a06fb9b-820f-4c44-8a31-77f1f0806d28",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.IbmFunctions;
import com.pulumi.ibm.inputs.GetDlGatewayMacsecCaksArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var test = IbmFunctions.getDlGatewayMacsecCaks(GetDlGatewayMacsecCaksArgs.builder()
            .gateway("0a06fb9b-820f-4c44-8a31-77f1f0806d28")
            .build());

    }
}

variables:
  test:
    fn::invoke:
      function: ibm:getDlGatewayMacsecCaks
      arguments:
        gateway: 0a06fb9b-820f-4c44-8a31-77f1f0806d28

Using getDlGatewayMacsecCaks

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getDlGatewayMacsecCaks(args: GetDlGatewayMacsecCaksArgs, opts?: InvokeOptions): Promise<GetDlGatewayMacsecCaksResult>
function getDlGatewayMacsecCaksOutput(args: GetDlGatewayMacsecCaksOutputArgs, opts?: InvokeOptions): Output<GetDlGatewayMacsecCaksResult>

def get_dl_gateway_macsec_caks(gateway: Optional[str] = None,
                               id: Optional[str] = None,
                               opts: Optional[InvokeOptions] = None) -> GetDlGatewayMacsecCaksResult
def get_dl_gateway_macsec_caks_output(gateway: Optional[pulumi.Input[str]] = None,
                               id: Optional[pulumi.Input[str]] = None,
                               opts: Optional[InvokeOptions] = None) -> Output[GetDlGatewayMacsecCaksResult]

func GetDlGatewayMacsecCaks(ctx *Context, args *GetDlGatewayMacsecCaksArgs, opts ...InvokeOption) (*GetDlGatewayMacsecCaksResult, error)
func GetDlGatewayMacsecCaksOutput(ctx *Context, args *GetDlGatewayMacsecCaksOutputArgs, opts ...InvokeOption) GetDlGatewayMacsecCaksResultOutput

> Note: This function is named GetDlGatewayMacsecCaks in the Go SDK.

public static class GetDlGatewayMacsecCaks 
{
    public static Task<GetDlGatewayMacsecCaksResult> InvokeAsync(GetDlGatewayMacsecCaksArgs args, InvokeOptions? opts = null)
    public static Output<GetDlGatewayMacsecCaksResult> Invoke(GetDlGatewayMacsecCaksInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetDlGatewayMacsecCaksResult> getDlGatewayMacsecCaks(GetDlGatewayMacsecCaksArgs args, InvokeOptions options)
public static Output<GetDlGatewayMacsecCaksResult> getDlGatewayMacsecCaks(GetDlGatewayMacsecCaksArgs args, InvokeOptions options)

fn::invoke:
  function: ibm:index/getDlGatewayMacsecCaks:getDlGatewayMacsecCaks
  arguments:
    # arguments dictionary

The following arguments are supported:

Gateway string: Direct Link gateway identifier.
Id string

Gateway string: Direct Link gateway identifier.
Id string

gateway String: Direct Link gateway identifier.
id String

gateway string: Direct Link gateway identifier.
id string

gateway str: Direct Link gateway identifier.
id str

gateway String: Direct Link gateway identifier.
id String

getDlGatewayMacsecCaks Result

The following output properties are available:

Caks List<GetDlGatewayMacsecCaksCak>: (List) List of all connectivity association keys (CAKs) associated with the MACsec feature on a direct link. Nested scheme for caks:
Gateway string
Id string

Caks []GetDlGatewayMacsecCaksCak: (List) List of all connectivity association keys (CAKs) associated with the MACsec feature on a direct link. Nested scheme for caks:
Gateway string
Id string

caks List<GetDlGatewayMacsecCaksCak>: (List) List of all connectivity association keys (CAKs) associated with the MACsec feature on a direct link. Nested scheme for caks:
gateway String
id String

caks GetDlGatewayMacsecCaksCak[]: (List) List of all connectivity association keys (CAKs) associated with the MACsec feature on a direct link. Nested scheme for caks:
gateway string
id string

caks Sequence[GetDlGatewayMacsecCaksCak]: (List) List of all connectivity association keys (CAKs) associated with the MACsec feature on a direct link. Nested scheme for caks:
gateway str
id str

caks List<Property Map>: (List) List of all connectivity association keys (CAKs) associated with the MACsec feature on a direct link. Nested scheme for caks:
gateway String
id String

Supporting Types

GetDlGatewayMacsecCaksCak

ActiveDeltas List<GetDlGatewayMacsecCaksCakActiveDelta>

(List) This field will be present when the status of the MACsec CAK is rotating or inactive. It may be present when the CAK status is failed. Nested schema for active_delta:

CakId string

CreatedAt string

(String) The date and time the resource was created.

Keys List<GetDlGatewayMacsecCaksCakKey>

(List) A reference to a Hyper Protect Crypto Service Standard Key. Nested schema for key:

Name string

(String) The name identifies the connectivity association key (CAK) within the MACsec key chain. The CAK's name must be a hexadecimal string of even lengths between 2 to 64 inclusive. This value, along with the material of the key, must match on the MACsec peers.

Session string

(String) The intended session the key will be used to secure. If the primary MACsec session fails due to a key/key name mismatch on the peers, the fallback session can take over. There must be a primary session CAK. A fallback CAK is optional

Status string

(String) Current status of the CAK.

Status operational is returned when the CAK is configured - successfully.
Status rotating is returned during a key rotation. The CAK defined by active_delta is still configured on the device and could be securing the MACsec session. In the case of a primary CAK, the status will be rotating for a period of time while waiting for the MACsec session to be secured with the new CAK. After that time, the CAK will either enter active or inactive status.
Status active is returned when the CAK is configured successfully and is currently used to secure the MACsec session.
Status inactive is returned when the CAK is configured successfully, but is not currently used to secure the MACsec session. The CAK may enter rotating status, and ultimately the active status, if it is found to be used to secure the MACsec session. The CAK may never leave this status on its own (e.g. if there is a key/key name mismatch). You are allowed to patch the CAK in this state to start the rotation procedure again.
Status failed is returned when the CAK cannot be configured. To recover, first resolve any issues with your HPCS key, then patch this CAK with the same or new key. Alternatively, you can delete this CAK if used for the fallback session.

UpdatedAt string

(String) The date and time the resource was last updated.

ActiveDeltas []GetDlGatewayMacsecCaksCakActiveDelta

(List) This field will be present when the status of the MACsec CAK is rotating or inactive. It may be present when the CAK status is failed. Nested schema for active_delta:

CakId string

CreatedAt string

(String) The date and time the resource was created.

Keys []GetDlGatewayMacsecCaksCakKey

(List) A reference to a Hyper Protect Crypto Service Standard Key. Nested schema for key:

Name string

Session string

Status string

(String) Current status of the CAK.

Status operational is returned when the CAK is configured - successfully.
Status rotating is returned during a key rotation. The CAK defined by active_delta is still configured on the device and could be securing the MACsec session. In the case of a primary CAK, the status will be rotating for a period of time while waiting for the MACsec session to be secured with the new CAK. After that time, the CAK will either enter active or inactive status.
Status active is returned when the CAK is configured successfully and is currently used to secure the MACsec session.
Status inactive is returned when the CAK is configured successfully, but is not currently used to secure the MACsec session. The CAK may enter rotating status, and ultimately the active status, if it is found to be used to secure the MACsec session. The CAK may never leave this status on its own (e.g. if there is a key/key name mismatch). You are allowed to patch the CAK in this state to start the rotation procedure again.
Status failed is returned when the CAK cannot be configured. To recover, first resolve any issues with your HPCS key, then patch this CAK with the same or new key. Alternatively, you can delete this CAK if used for the fallback session.

UpdatedAt string

(String) The date and time the resource was last updated.

activeDeltas List<GetDlGatewayMacsecCaksCakActiveDelta>

(List) This field will be present when the status of the MACsec CAK is rotating or inactive. It may be present when the CAK status is failed. Nested schema for active_delta:

cakId String

createdAt String

(String) The date and time the resource was created.

keys List<GetDlGatewayMacsecCaksCakKey>

(List) A reference to a Hyper Protect Crypto Service Standard Key. Nested schema for key:

name String

session String

status String

(String) Current status of the CAK.

Status operational is returned when the CAK is configured - successfully.
Status rotating is returned during a key rotation. The CAK defined by active_delta is still configured on the device and could be securing the MACsec session. In the case of a primary CAK, the status will be rotating for a period of time while waiting for the MACsec session to be secured with the new CAK. After that time, the CAK will either enter active or inactive status.
Status active is returned when the CAK is configured successfully and is currently used to secure the MACsec session.
Status inactive is returned when the CAK is configured successfully, but is not currently used to secure the MACsec session. The CAK may enter rotating status, and ultimately the active status, if it is found to be used to secure the MACsec session. The CAK may never leave this status on its own (e.g. if there is a key/key name mismatch). You are allowed to patch the CAK in this state to start the rotation procedure again.
Status failed is returned when the CAK cannot be configured. To recover, first resolve any issues with your HPCS key, then patch this CAK with the same or new key. Alternatively, you can delete this CAK if used for the fallback session.

updatedAt String

(String) The date and time the resource was last updated.

activeDeltas GetDlGatewayMacsecCaksCakActiveDelta[]

(List) This field will be present when the status of the MACsec CAK is rotating or inactive. It may be present when the CAK status is failed. Nested schema for active_delta:

cakId string

createdAt string

(String) The date and time the resource was created.

keys GetDlGatewayMacsecCaksCakKey[]

(List) A reference to a Hyper Protect Crypto Service Standard Key. Nested schema for key:

name string

session string

status string

(String) Current status of the CAK.

Status operational is returned when the CAK is configured - successfully.
Status rotating is returned during a key rotation. The CAK defined by active_delta is still configured on the device and could be securing the MACsec session. In the case of a primary CAK, the status will be rotating for a period of time while waiting for the MACsec session to be secured with the new CAK. After that time, the CAK will either enter active or inactive status.
Status active is returned when the CAK is configured successfully and is currently used to secure the MACsec session.
Status inactive is returned when the CAK is configured successfully, but is not currently used to secure the MACsec session. The CAK may enter rotating status, and ultimately the active status, if it is found to be used to secure the MACsec session. The CAK may never leave this status on its own (e.g. if there is a key/key name mismatch). You are allowed to patch the CAK in this state to start the rotation procedure again.
Status failed is returned when the CAK cannot be configured. To recover, first resolve any issues with your HPCS key, then patch this CAK with the same or new key. Alternatively, you can delete this CAK if used for the fallback session.

updatedAt string

(String) The date and time the resource was last updated.

active_deltas Sequence[GetDlGatewayMacsecCaksCakActiveDelta]

(List) This field will be present when the status of the MACsec CAK is rotating or inactive. It may be present when the CAK status is failed. Nested schema for active_delta:

cak_id str

created_at str

(String) The date and time the resource was created.

keys Sequence[GetDlGatewayMacsecCaksCakKey]

(List) A reference to a Hyper Protect Crypto Service Standard Key. Nested schema for key:

name str

session str

status str

(String) Current status of the CAK.

Status operational is returned when the CAK is configured - successfully.
Status rotating is returned during a key rotation. The CAK defined by active_delta is still configured on the device and could be securing the MACsec session. In the case of a primary CAK, the status will be rotating for a period of time while waiting for the MACsec session to be secured with the new CAK. After that time, the CAK will either enter active or inactive status.
Status active is returned when the CAK is configured successfully and is currently used to secure the MACsec session.
Status inactive is returned when the CAK is configured successfully, but is not currently used to secure the MACsec session. The CAK may enter rotating status, and ultimately the active status, if it is found to be used to secure the MACsec session. The CAK may never leave this status on its own (e.g. if there is a key/key name mismatch). You are allowed to patch the CAK in this state to start the rotation procedure again.
Status failed is returned when the CAK cannot be configured. To recover, first resolve any issues with your HPCS key, then patch this CAK with the same or new key. Alternatively, you can delete this CAK if used for the fallback session.

updated_at str

(String) The date and time the resource was last updated.

activeDeltas List<Property Map>

(List) This field will be present when the status of the MACsec CAK is rotating or inactive. It may be present when the CAK status is failed. Nested schema for active_delta:

cakId String

createdAt String

(String) The date and time the resource was created.

keys List<Property Map>

(List) A reference to a Hyper Protect Crypto Service Standard Key. Nested schema for key:

name String

session String

status String

(String) Current status of the CAK.

Status operational is returned when the CAK is configured - successfully.
Status rotating is returned during a key rotation. The CAK defined by active_delta is still configured on the device and could be securing the MACsec session. In the case of a primary CAK, the status will be rotating for a period of time while waiting for the MACsec session to be secured with the new CAK. After that time, the CAK will either enter active or inactive status.
Status active is returned when the CAK is configured successfully and is currently used to secure the MACsec session.
Status inactive is returned when the CAK is configured successfully, but is not currently used to secure the MACsec session. The CAK may enter rotating status, and ultimately the active status, if it is found to be used to secure the MACsec session. The CAK may never leave this status on its own (e.g. if there is a key/key name mismatch). You are allowed to patch the CAK in this state to start the rotation procedure again.
Status failed is returned when the CAK cannot be configured. To recover, first resolve any issues with your HPCS key, then patch this CAK with the same or new key. Alternatively, you can delete this CAK if used for the fallback session.

updatedAt String

(String) The date and time the resource was last updated.

GetDlGatewayMacsecCaksCakActiveDelta

Keys List<GetDlGatewayMacsecCaksCakActiveDeltaKey>: (List) A reference to a Hyper Protect Crypto Service Standard Key. Nested schema for key:
Name string: (String) The name identifies the connectivity association key (CAK) within the MACsec key chain. The CAK's name must be a hexadecimal string of even lengths between 2 to 64 inclusive. This value, along with the material of the key, must match on the MACsec peers.

Keys []GetDlGatewayMacsecCaksCakActiveDeltaKey: (List) A reference to a Hyper Protect Crypto Service Standard Key. Nested schema for key:
Name string: (String) The name identifies the connectivity association key (CAK) within the MACsec key chain. The CAK's name must be a hexadecimal string of even lengths between 2 to 64 inclusive. This value, along with the material of the key, must match on the MACsec peers.

keys List<GetDlGatewayMacsecCaksCakActiveDeltaKey>: (List) A reference to a Hyper Protect Crypto Service Standard Key. Nested schema for key:
name String: (String) The name identifies the connectivity association key (CAK) within the MACsec key chain. The CAK's name must be a hexadecimal string of even lengths between 2 to 64 inclusive. This value, along with the material of the key, must match on the MACsec peers.

keys GetDlGatewayMacsecCaksCakActiveDeltaKey[]: (List) A reference to a Hyper Protect Crypto Service Standard Key. Nested schema for key:
name string: (String) The name identifies the connectivity association key (CAK) within the MACsec key chain. The CAK's name must be a hexadecimal string of even lengths between 2 to 64 inclusive. This value, along with the material of the key, must match on the MACsec peers.

keys Sequence[GetDlGatewayMacsecCaksCakActiveDeltaKey]: (List) A reference to a Hyper Protect Crypto Service Standard Key. Nested schema for key:
name str: (String) The name identifies the connectivity association key (CAK) within the MACsec key chain. The CAK's name must be a hexadecimal string of even lengths between 2 to 64 inclusive. This value, along with the material of the key, must match on the MACsec peers.

keys List<Property Map>: (List) A reference to a Hyper Protect Crypto Service Standard Key. Nested schema for key:
name String: (String) The name identifies the connectivity association key (CAK) within the MACsec key chain. The CAK's name must be a hexadecimal string of even lengths between 2 to 64 inclusive. This value, along with the material of the key, must match on the MACsec peers.

GetDlGatewayMacsecCaksCakActiveDeltaKey

Crn string: (String) The CRN of the referenced key.

Crn string: (String) The CRN of the referenced key.

crn String: (String) The CRN of the referenced key.

crn string: (String) The CRN of the referenced key.

crn str: (String) The CRN of the referenced key.

crn String: (String) The CRN of the referenced key.

GetDlGatewayMacsecCaksCakKey

Crn string: (String) The CRN of the referenced key.

Crn string: (String) The CRN of the referenced key.

crn String: (String) The CRN of the referenced key.

crn string: (String) The CRN of the referenced key.

crn str: (String) The CRN of the referenced key.

crn String: (String) The CRN of the referenced key.

Package Details

Repository: ibm ibm-cloud/terraform-provider-ibm
License
Notes: This Pulumi package is based on the ibm Terraform Provider.

ibm 1.80.0-beta0 published on Tuesday, Jun 24, 2025 by ibm-cloud

ibm-cloud/terraform-provider-ibm

ibm.getDlGatewayMacsecCaks

On this page

On this page

Example Usage

Using getDlGatewayMacsecCaks

getDlGatewayMacsecCaks Result

Supporting Types

GetDlGatewayMacsecCaksCak

GetDlGatewayMacsecCaksCakActiveDelta

GetDlGatewayMacsecCaksCakActiveDeltaKey

GetDlGatewayMacsecCaksCakKey

Package Details

On this page

On this page