ibm 1.78.0, Apr 30 25

ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud

ibm.HpcsKeystore

Explore with Pulumi AI

ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud

ibm-cloud/terraform-provider-ibm

Example Usage

AWS Keystore

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const keystoreInstance = new ibm.HpcsKeystore("keystoreInstance", {
    instanceId: ibm_hpcs_vault.vault_instance.instance_id,
    region: ibm_hpcs_vault.vault_instance.region,
    ukoVault: ibm_hpcs_vault.vault_instance.vault_id,
    type: "aws_kms",
    vaults: [{
        id: ibm_hpcs_vault.vault_instance.vault_id,
    }],
    description: "example keystore",
    groups: ["Production"],
    awsRegion: "eu_central_1",
    awsAccessKeyId: "***",
    awsSecretAccessKey: "***",
});

import pulumi
import pulumi_ibm as ibm

keystore_instance = ibm.HpcsKeystore("keystoreInstance",
    instance_id=ibm_hpcs_vault["vault_instance"]["instance_id"],
    region=ibm_hpcs_vault["vault_instance"]["region"],
    uko_vault=ibm_hpcs_vault["vault_instance"]["vault_id"],
    type="aws_kms",
    vaults=[{
        "id": ibm_hpcs_vault["vault_instance"]["vault_id"],
    }],
    description="example keystore",
    groups=["Production"],
    aws_region="eu_central_1",
    aws_access_key_id="***",
    aws_secret_access_key="***")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.NewHpcsKeystore(ctx, "keystoreInstance", &ibm.HpcsKeystoreArgs{
			InstanceId: pulumi.Any(ibm_hpcs_vault.Vault_instance.Instance_id),
			Region:     pulumi.Any(ibm_hpcs_vault.Vault_instance.Region),
			UkoVault:   pulumi.Any(ibm_hpcs_vault.Vault_instance.Vault_id),
			Type:       pulumi.String("aws_kms"),
			Vaults: ibm.HpcsKeystoreVaultArray{
				&ibm.HpcsKeystoreVaultArgs{
					Id: pulumi.Any(ibm_hpcs_vault.Vault_instance.Vault_id),
				},
			},
			Description: pulumi.String("example keystore"),
			Groups: pulumi.StringArray{
				pulumi.String("Production"),
			},
			AwsRegion:          pulumi.String("eu_central_1"),
			AwsAccessKeyId:     pulumi.String("***"),
			AwsSecretAccessKey: pulumi.String("***"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var keystoreInstance = new Ibm.HpcsKeystore("keystoreInstance", new()
    {
        InstanceId = ibm_hpcs_vault.Vault_instance.Instance_id,
        Region = ibm_hpcs_vault.Vault_instance.Region,
        UkoVault = ibm_hpcs_vault.Vault_instance.Vault_id,
        Type = "aws_kms",
        Vaults = new[]
        {
            new Ibm.Inputs.HpcsKeystoreVaultArgs
            {
                Id = ibm_hpcs_vault.Vault_instance.Vault_id,
            },
        },
        Description = "example keystore",
        Groups = new[]
        {
            "Production",
        },
        AwsRegion = "eu_central_1",
        AwsAccessKeyId = "***",
        AwsSecretAccessKey = "***",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.HpcsKeystore;
import com.pulumi.ibm.HpcsKeystoreArgs;
import com.pulumi.ibm.inputs.HpcsKeystoreVaultArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var keystoreInstance = new HpcsKeystore("keystoreInstance", HpcsKeystoreArgs.builder()
            .instanceId(ibm_hpcs_vault.vault_instance().instance_id())
            .region(ibm_hpcs_vault.vault_instance().region())
            .ukoVault(ibm_hpcs_vault.vault_instance().vault_id())
            .type("aws_kms")
            .vaults(HpcsKeystoreVaultArgs.builder()
                .id(ibm_hpcs_vault.vault_instance().vault_id())
                .build())
            .description("example keystore")
            .groups("Production")
            .awsRegion("eu_central_1")
            .awsAccessKeyId("***")
            .awsSecretAccessKey("***")
            .build());

    }
}

resources:
  keystoreInstance:
    type: ibm:HpcsKeystore
    properties:
      instanceId: ${ibm_hpcs_vault.vault_instance.instance_id}
      region: ${ibm_hpcs_vault.vault_instance.region}
      ukoVault: ${ibm_hpcs_vault.vault_instance.vault_id}
      type: aws_kms
      vaults:
        - id: ${ibm_hpcs_vault.vault_instance.vault_id}
      description: example keystore
      groups:
        - Production
      awsRegion: eu_central_1
      awsAccessKeyId: '***'
      awsSecretAccessKey: '***'

Azure Keystore

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const azureKeystoreInstance = new ibm.HpcsKeystore("azureKeystoreInstance", {
    instanceId: ibm_hpcs_vault.vault_instance.instance_id,
    region: ibm_hpcs_vault.vault_instance.region,
    ukoVault: ibm_hpcs_vault.vault_instance.vault_id,
    type: "azure_key_vault",
    vaults: [{
        id: ibm_hpcs_vault.vault_instance.vault_id,
    }],
    description: "example azure keystore",
    groups: ["Production-Azure"],
    azureResourceGroup: "EKMF-Web-Tests",
    azureLocation: "europe_north",
    azureServicePrincipalClientId: "c8e8540f-4f15-4b6b-8862-3ccdb389e35d",
    azureServicePrincipalPassword: "***",
    azureTenant: "fcf67057-50c9-4ad4-98f3-ffca64add9e9",
    azureSubscriptionId: "a9867d9b-582f-42f3-9392-26856b06b808",
    azureEnvironment: "azure",
    azureServiceName: "ekmf-test-in-ibm-1",
});

import pulumi
import pulumi_ibm as ibm

azure_keystore_instance = ibm.HpcsKeystore("azureKeystoreInstance",
    instance_id=ibm_hpcs_vault["vault_instance"]["instance_id"],
    region=ibm_hpcs_vault["vault_instance"]["region"],
    uko_vault=ibm_hpcs_vault["vault_instance"]["vault_id"],
    type="azure_key_vault",
    vaults=[{
        "id": ibm_hpcs_vault["vault_instance"]["vault_id"],
    }],
    description="example azure keystore",
    groups=["Production-Azure"],
    azure_resource_group="EKMF-Web-Tests",
    azure_location="europe_north",
    azure_service_principal_client_id="c8e8540f-4f15-4b6b-8862-3ccdb389e35d",
    azure_service_principal_password="***",
    azure_tenant="fcf67057-50c9-4ad4-98f3-ffca64add9e9",
    azure_subscription_id="a9867d9b-582f-42f3-9392-26856b06b808",
    azure_environment="azure",
    azure_service_name="ekmf-test-in-ibm-1")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.NewHpcsKeystore(ctx, "azureKeystoreInstance", &ibm.HpcsKeystoreArgs{
			InstanceId: pulumi.Any(ibm_hpcs_vault.Vault_instance.Instance_id),
			Region:     pulumi.Any(ibm_hpcs_vault.Vault_instance.Region),
			UkoVault:   pulumi.Any(ibm_hpcs_vault.Vault_instance.Vault_id),
			Type:       pulumi.String("azure_key_vault"),
			Vaults: ibm.HpcsKeystoreVaultArray{
				&ibm.HpcsKeystoreVaultArgs{
					Id: pulumi.Any(ibm_hpcs_vault.Vault_instance.Vault_id),
				},
			},
			Description: pulumi.String("example azure keystore"),
			Groups: pulumi.StringArray{
				pulumi.String("Production-Azure"),
			},
			AzureResourceGroup:            pulumi.String("EKMF-Web-Tests"),
			AzureLocation:                 pulumi.String("europe_north"),
			AzureServicePrincipalClientId: pulumi.String("c8e8540f-4f15-4b6b-8862-3ccdb389e35d"),
			AzureServicePrincipalPassword: pulumi.String("***"),
			AzureTenant:                   pulumi.String("fcf67057-50c9-4ad4-98f3-ffca64add9e9"),
			AzureSubscriptionId:           pulumi.String("a9867d9b-582f-42f3-9392-26856b06b808"),
			AzureEnvironment:              pulumi.String("azure"),
			AzureServiceName:              pulumi.String("ekmf-test-in-ibm-1"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var azureKeystoreInstance = new Ibm.HpcsKeystore("azureKeystoreInstance", new()
    {
        InstanceId = ibm_hpcs_vault.Vault_instance.Instance_id,
        Region = ibm_hpcs_vault.Vault_instance.Region,
        UkoVault = ibm_hpcs_vault.Vault_instance.Vault_id,
        Type = "azure_key_vault",
        Vaults = new[]
        {
            new Ibm.Inputs.HpcsKeystoreVaultArgs
            {
                Id = ibm_hpcs_vault.Vault_instance.Vault_id,
            },
        },
        Description = "example azure keystore",
        Groups = new[]
        {
            "Production-Azure",
        },
        AzureResourceGroup = "EKMF-Web-Tests",
        AzureLocation = "europe_north",
        AzureServicePrincipalClientId = "c8e8540f-4f15-4b6b-8862-3ccdb389e35d",
        AzureServicePrincipalPassword = "***",
        AzureTenant = "fcf67057-50c9-4ad4-98f3-ffca64add9e9",
        AzureSubscriptionId = "a9867d9b-582f-42f3-9392-26856b06b808",
        AzureEnvironment = "azure",
        AzureServiceName = "ekmf-test-in-ibm-1",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.HpcsKeystore;
import com.pulumi.ibm.HpcsKeystoreArgs;
import com.pulumi.ibm.inputs.HpcsKeystoreVaultArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var azureKeystoreInstance = new HpcsKeystore("azureKeystoreInstance", HpcsKeystoreArgs.builder()
            .instanceId(ibm_hpcs_vault.vault_instance().instance_id())
            .region(ibm_hpcs_vault.vault_instance().region())
            .ukoVault(ibm_hpcs_vault.vault_instance().vault_id())
            .type("azure_key_vault")
            .vaults(HpcsKeystoreVaultArgs.builder()
                .id(ibm_hpcs_vault.vault_instance().vault_id())
                .build())
            .description("example azure keystore")
            .groups("Production-Azure")
            .azureResourceGroup("EKMF-Web-Tests")
            .azureLocation("europe_north")
            .azureServicePrincipalClientId("c8e8540f-4f15-4b6b-8862-3ccdb389e35d")
            .azureServicePrincipalPassword("***")
            .azureTenant("fcf67057-50c9-4ad4-98f3-ffca64add9e9")
            .azureSubscriptionId("a9867d9b-582f-42f3-9392-26856b06b808")
            .azureEnvironment("azure")
            .azureServiceName("ekmf-test-in-ibm-1")
            .build());

    }
}

resources:
  azureKeystoreInstance:
    type: ibm:HpcsKeystore
    properties:
      instanceId: ${ibm_hpcs_vault.vault_instance.instance_id}
      region: ${ibm_hpcs_vault.vault_instance.region}
      ukoVault: ${ibm_hpcs_vault.vault_instance.vault_id}
      type: azure_key_vault
      vaults:
        - id: ${ibm_hpcs_vault.vault_instance.vault_id}
      description: example azure keystore
      groups:
        - Production-Azure
      azureResourceGroup: EKMF-Web-Tests
      azureLocation: europe_north
      azureServicePrincipalClientId: c8e8540f-4f15-4b6b-8862-3ccdb389e35d
      azureServicePrincipalPassword: '***'
      azureTenant: fcf67057-50c9-4ad4-98f3-ffca64add9e9
      azureSubscriptionId: a9867d9b-582f-42f3-9392-26856b06b808
      azureEnvironment: azure
      azureServiceName: ekmf-test-in-ibm-1

IBMCloud KMS Keystore

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const hpcsKeystoreInstance = new ibm.HpcsKeystore("hpcsKeystoreInstance", {
    instanceId: ibm_hpcs_vault.vault_instance.instance_id,
    region: ibm_hpcs_vault.vault_instance.region,
    ukoVault: ibm_hpcs_vault.vault_instance.vault_id,
    type: "ibm_cloud_kms",
    ibmVariant: "hpcs",
    ibmKeyRing: "IBM-Cloud-KMS-Internal",
    vaults: [{
        id: ibm_hpcs_vault.vault_instance.vault_id,
    }],
    description: "example internal hpcs keystore",
    groups: ["Production-HPCS"],
    ibmApiEndpoint: "https://api.us-south.hs-crypto.test.cloud.ibm.com:9105",
    ibmIamEndpoint: "https://iam.test.cloud.ibm.com",
    ibmApiKey: _var.ibmcloud_api_key,
    ibmInstanceId: ibm_hpcs_vault.vault_instance.instance_id,
});

import pulumi
import pulumi_ibm as ibm

hpcs_keystore_instance = ibm.HpcsKeystore("hpcsKeystoreInstance",
    instance_id=ibm_hpcs_vault["vault_instance"]["instance_id"],
    region=ibm_hpcs_vault["vault_instance"]["region"],
    uko_vault=ibm_hpcs_vault["vault_instance"]["vault_id"],
    type="ibm_cloud_kms",
    ibm_variant="hpcs",
    ibm_key_ring="IBM-Cloud-KMS-Internal",
    vaults=[{
        "id": ibm_hpcs_vault["vault_instance"]["vault_id"],
    }],
    description="example internal hpcs keystore",
    groups=["Production-HPCS"],
    ibm_api_endpoint="https://api.us-south.hs-crypto.test.cloud.ibm.com:9105",
    ibm_iam_endpoint="https://iam.test.cloud.ibm.com",
    ibm_api_key=var["ibmcloud_api_key"],
    ibm_instance_id=ibm_hpcs_vault["vault_instance"]["instance_id"])

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.NewHpcsKeystore(ctx, "hpcsKeystoreInstance", &ibm.HpcsKeystoreArgs{
			InstanceId: pulumi.Any(ibm_hpcs_vault.Vault_instance.Instance_id),
			Region:     pulumi.Any(ibm_hpcs_vault.Vault_instance.Region),
			UkoVault:   pulumi.Any(ibm_hpcs_vault.Vault_instance.Vault_id),
			Type:       pulumi.String("ibm_cloud_kms"),
			IbmVariant: pulumi.String("hpcs"),
			IbmKeyRing: pulumi.String("IBM-Cloud-KMS-Internal"),
			Vaults: ibm.HpcsKeystoreVaultArray{
				&ibm.HpcsKeystoreVaultArgs{
					Id: pulumi.Any(ibm_hpcs_vault.Vault_instance.Vault_id),
				},
			},
			Description: pulumi.String("example internal hpcs keystore"),
			Groups: pulumi.StringArray{
				pulumi.String("Production-HPCS"),
			},
			IbmApiEndpoint: pulumi.String("https://api.us-south.hs-crypto.test.cloud.ibm.com:9105"),
			IbmIamEndpoint: pulumi.String("https://iam.test.cloud.ibm.com"),
			IbmApiKey:      pulumi.Any(_var.Ibmcloud_api_key),
			IbmInstanceId:  pulumi.Any(ibm_hpcs_vault.Vault_instance.Instance_id),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var hpcsKeystoreInstance = new Ibm.HpcsKeystore("hpcsKeystoreInstance", new()
    {
        InstanceId = ibm_hpcs_vault.Vault_instance.Instance_id,
        Region = ibm_hpcs_vault.Vault_instance.Region,
        UkoVault = ibm_hpcs_vault.Vault_instance.Vault_id,
        Type = "ibm_cloud_kms",
        IbmVariant = "hpcs",
        IbmKeyRing = "IBM-Cloud-KMS-Internal",
        Vaults = new[]
        {
            new Ibm.Inputs.HpcsKeystoreVaultArgs
            {
                Id = ibm_hpcs_vault.Vault_instance.Vault_id,
            },
        },
        Description = "example internal hpcs keystore",
        Groups = new[]
        {
            "Production-HPCS",
        },
        IbmApiEndpoint = "https://api.us-south.hs-crypto.test.cloud.ibm.com:9105",
        IbmIamEndpoint = "https://iam.test.cloud.ibm.com",
        IbmApiKey = @var.Ibmcloud_api_key,
        IbmInstanceId = ibm_hpcs_vault.Vault_instance.Instance_id,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.HpcsKeystore;
import com.pulumi.ibm.HpcsKeystoreArgs;
import com.pulumi.ibm.inputs.HpcsKeystoreVaultArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var hpcsKeystoreInstance = new HpcsKeystore("hpcsKeystoreInstance", HpcsKeystoreArgs.builder()
            .instanceId(ibm_hpcs_vault.vault_instance().instance_id())
            .region(ibm_hpcs_vault.vault_instance().region())
            .ukoVault(ibm_hpcs_vault.vault_instance().vault_id())
            .type("ibm_cloud_kms")
            .ibmVariant("hpcs")
            .ibmKeyRing("IBM-Cloud-KMS-Internal")
            .vaults(HpcsKeystoreVaultArgs.builder()
                .id(ibm_hpcs_vault.vault_instance().vault_id())
                .build())
            .description("example internal hpcs keystore")
            .groups("Production-HPCS")
            .ibmApiEndpoint("https://api.us-south.hs-crypto.test.cloud.ibm.com:9105")
            .ibmIamEndpoint("https://iam.test.cloud.ibm.com")
            .ibmApiKey(var_.ibmcloud_api_key())
            .ibmInstanceId(ibm_hpcs_vault.vault_instance().instance_id())
            .build());

    }
}

resources:
  hpcsKeystoreInstance:
    type: ibm:HpcsKeystore
    properties:
      instanceId: ${ibm_hpcs_vault.vault_instance.instance_id}
      region: ${ibm_hpcs_vault.vault_instance.region}
      ukoVault: ${ibm_hpcs_vault.vault_instance.vault_id}
      type: ibm_cloud_kms
      ibmVariant: hpcs
      ibmKeyRing: IBM-Cloud-KMS-Internal
      vaults:
        - id: ${ibm_hpcs_vault.vault_instance.vault_id}
      description: example internal hpcs keystore
      groups:
        - Production-HPCS
      ibmApiEndpoint: https://api.us-south.hs-crypto.test.cloud.ibm.com:9105
      ibmIamEndpoint: https://iam.test.cloud.ibm.com
      ibmApiKey: ${var.ibmcloud_api_key}
      ibmInstanceId: ${ibm_hpcs_vault.vault_instance.instance_id}

IBMCloud Internal KMS Keystore

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const hpcsKeystoreInstance = new ibm.HpcsKeystore("hpcsKeystoreInstance", {
    instanceId: ibm_hpcs_vault.vault_instance.instance_id,
    region: ibm_hpcs_vault.vault_instance.region,
    ukoVault: ibm_hpcs_vault.vault_instance.vault_id,
    type: "ibm_cloud_kms",
    ibmVariant: "internal",
    vaults: [{
        id: ibm_hpcs_vault.vault_instance.vault_id,
    }],
    description: "example internal hpcs keystore",
    groups: ["Production-HPCS"],
});

import pulumi
import pulumi_ibm as ibm

hpcs_keystore_instance = ibm.HpcsKeystore("hpcsKeystoreInstance",
    instance_id=ibm_hpcs_vault["vault_instance"]["instance_id"],
    region=ibm_hpcs_vault["vault_instance"]["region"],
    uko_vault=ibm_hpcs_vault["vault_instance"]["vault_id"],
    type="ibm_cloud_kms",
    ibm_variant="internal",
    vaults=[{
        "id": ibm_hpcs_vault["vault_instance"]["vault_id"],
    }],
    description="example internal hpcs keystore",
    groups=["Production-HPCS"])

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.NewHpcsKeystore(ctx, "hpcsKeystoreInstance", &ibm.HpcsKeystoreArgs{
			InstanceId: pulumi.Any(ibm_hpcs_vault.Vault_instance.Instance_id),
			Region:     pulumi.Any(ibm_hpcs_vault.Vault_instance.Region),
			UkoVault:   pulumi.Any(ibm_hpcs_vault.Vault_instance.Vault_id),
			Type:       pulumi.String("ibm_cloud_kms"),
			IbmVariant: pulumi.String("internal"),
			Vaults: ibm.HpcsKeystoreVaultArray{
				&ibm.HpcsKeystoreVaultArgs{
					Id: pulumi.Any(ibm_hpcs_vault.Vault_instance.Vault_id),
				},
			},
			Description: pulumi.String("example internal hpcs keystore"),
			Groups: pulumi.StringArray{
				pulumi.String("Production-HPCS"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var hpcsKeystoreInstance = new Ibm.HpcsKeystore("hpcsKeystoreInstance", new()
    {
        InstanceId = ibm_hpcs_vault.Vault_instance.Instance_id,
        Region = ibm_hpcs_vault.Vault_instance.Region,
        UkoVault = ibm_hpcs_vault.Vault_instance.Vault_id,
        Type = "ibm_cloud_kms",
        IbmVariant = "internal",
        Vaults = new[]
        {
            new Ibm.Inputs.HpcsKeystoreVaultArgs
            {
                Id = ibm_hpcs_vault.Vault_instance.Vault_id,
            },
        },
        Description = "example internal hpcs keystore",
        Groups = new[]
        {
            "Production-HPCS",
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.HpcsKeystore;
import com.pulumi.ibm.HpcsKeystoreArgs;
import com.pulumi.ibm.inputs.HpcsKeystoreVaultArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var hpcsKeystoreInstance = new HpcsKeystore("hpcsKeystoreInstance", HpcsKeystoreArgs.builder()
            .instanceId(ibm_hpcs_vault.vault_instance().instance_id())
            .region(ibm_hpcs_vault.vault_instance().region())
            .ukoVault(ibm_hpcs_vault.vault_instance().vault_id())
            .type("ibm_cloud_kms")
            .ibmVariant("internal")
            .vaults(HpcsKeystoreVaultArgs.builder()
                .id(ibm_hpcs_vault.vault_instance().vault_id())
                .build())
            .description("example internal hpcs keystore")
            .groups("Production-HPCS")
            .build());

    }
}

resources:
  hpcsKeystoreInstance:
    type: ibm:HpcsKeystore
    properties:
      instanceId: ${ibm_hpcs_vault.vault_instance.instance_id}
      region: ${ibm_hpcs_vault.vault_instance.region}
      ukoVault: ${ibm_hpcs_vault.vault_instance.vault_id}
      type: ibm_cloud_kms
      ibmVariant: internal
      vaults:
        - id: ${ibm_hpcs_vault.vault_instance.vault_id}
      description: example internal hpcs keystore
      groups:
        - Production-HPCS

Google Keystore

import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const hpcsKeystoreInstance = new ibm.HpcsKeystore("hpcsKeystoreInstance", {
    instanceId: ibm_hpcs_vault.vault_instance.instance_id,
    region: ibm_hpcs_vault.vault_instance.region,
    ukoVault: ibm_hpcs_vault.vault_instance.vault_id,
    type: "ibm_cloud_kms",
    ibmVariant: "internal",
    vaults: [{
        id: ibm_hpcs_vault.vault_instance.vault_id,
    }],
    description: "example google keystore",
    groups: ["Production-Google"],
    googleKeyRing: "uko-ring",
    googleLocation: "europe-west3",
    googleCredentials: "credentials",
});

import pulumi
import pulumi_ibm as ibm

hpcs_keystore_instance = ibm.HpcsKeystore("hpcsKeystoreInstance",
    instance_id=ibm_hpcs_vault["vault_instance"]["instance_id"],
    region=ibm_hpcs_vault["vault_instance"]["region"],
    uko_vault=ibm_hpcs_vault["vault_instance"]["vault_id"],
    type="ibm_cloud_kms",
    ibm_variant="internal",
    vaults=[{
        "id": ibm_hpcs_vault["vault_instance"]["vault_id"],
    }],
    description="example google keystore",
    groups=["Production-Google"],
    google_key_ring="uko-ring",
    google_location="europe-west3",
    google_credentials="credentials")

package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.NewHpcsKeystore(ctx, "hpcsKeystoreInstance", &ibm.HpcsKeystoreArgs{
			InstanceId: pulumi.Any(ibm_hpcs_vault.Vault_instance.Instance_id),
			Region:     pulumi.Any(ibm_hpcs_vault.Vault_instance.Region),
			UkoVault:   pulumi.Any(ibm_hpcs_vault.Vault_instance.Vault_id),
			Type:       pulumi.String("ibm_cloud_kms"),
			IbmVariant: pulumi.String("internal"),
			Vaults: ibm.HpcsKeystoreVaultArray{
				&ibm.HpcsKeystoreVaultArgs{
					Id: pulumi.Any(ibm_hpcs_vault.Vault_instance.Vault_id),
				},
			},
			Description: pulumi.String("example google keystore"),
			Groups: pulumi.StringArray{
				pulumi.String("Production-Google"),
			},
			GoogleKeyRing:     pulumi.String("uko-ring"),
			GoogleLocation:    pulumi.String("europe-west3"),
			GoogleCredentials: pulumi.String("credentials"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var hpcsKeystoreInstance = new Ibm.HpcsKeystore("hpcsKeystoreInstance", new()
    {
        InstanceId = ibm_hpcs_vault.Vault_instance.Instance_id,
        Region = ibm_hpcs_vault.Vault_instance.Region,
        UkoVault = ibm_hpcs_vault.Vault_instance.Vault_id,
        Type = "ibm_cloud_kms",
        IbmVariant = "internal",
        Vaults = new[]
        {
            new Ibm.Inputs.HpcsKeystoreVaultArgs
            {
                Id = ibm_hpcs_vault.Vault_instance.Vault_id,
            },
        },
        Description = "example google keystore",
        Groups = new[]
        {
            "Production-Google",
        },
        GoogleKeyRing = "uko-ring",
        GoogleLocation = "europe-west3",
        GoogleCredentials = "credentials",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.HpcsKeystore;
import com.pulumi.ibm.HpcsKeystoreArgs;
import com.pulumi.ibm.inputs.HpcsKeystoreVaultArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var hpcsKeystoreInstance = new HpcsKeystore("hpcsKeystoreInstance", HpcsKeystoreArgs.builder()
            .instanceId(ibm_hpcs_vault.vault_instance().instance_id())
            .region(ibm_hpcs_vault.vault_instance().region())
            .ukoVault(ibm_hpcs_vault.vault_instance().vault_id())
            .type("ibm_cloud_kms")
            .ibmVariant("internal")
            .vaults(HpcsKeystoreVaultArgs.builder()
                .id(ibm_hpcs_vault.vault_instance().vault_id())
                .build())
            .description("example google keystore")
            .groups("Production-Google")
            .googleKeyRing("uko-ring")
            .googleLocation("europe-west3")
            .googleCredentials("credentials")
            .build());

    }
}

resources:
  hpcsKeystoreInstance:
    type: ibm:HpcsKeystore
    properties:
      instanceId: ${ibm_hpcs_vault.vault_instance.instance_id}
      region: ${ibm_hpcs_vault.vault_instance.region}
      ukoVault: ${ibm_hpcs_vault.vault_instance.vault_id}
      type: ibm_cloud_kms
      ibmVariant: internal
      vaults:
        - id: ${ibm_hpcs_vault.vault_instance.vault_id}
      description: example google keystore
      groups:
        - Production-Google
      googleKeyRing: uko-ring
      googleLocation: europe-west3
      googleCredentials: credentials

Create HpcsKeystore Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new HpcsKeystore(name: string, args: HpcsKeystoreArgs, opts?: CustomResourceOptions);

@overload
def HpcsKeystore(resource_name: str,
                 args: HpcsKeystoreArgs,
                 opts: Optional[ResourceOptions] = None)

@overload
def HpcsKeystore(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 instance_id: Optional[str] = None,
                 vaults: Optional[Sequence[HpcsKeystoreVaultArgs]] = None,
                 uko_vault: Optional[str] = None,
                 type: Optional[str] = None,
                 region: Optional[str] = None,
                 google_private_key_id: Optional[str] = None,
                 groups: Optional[Sequence[str]] = None,
                 azure_service_principal_client_id: Optional[str] = None,
                 azure_service_principal_password: Optional[str] = None,
                 azure_subscription_id: Optional[str] = None,
                 azure_tenant: Optional[str] = None,
                 description: Optional[str] = None,
                 dry_run: Optional[bool] = None,
                 google_credentials: Optional[str] = None,
                 google_key_ring: Optional[str] = None,
                 google_location: Optional[str] = None,
                 aws_access_key_id: Optional[str] = None,
                 google_project_id: Optional[str] = None,
                 azure_service_name: Optional[str] = None,
                 hpcs_keystore_id: Optional[str] = None,
                 ibm_api_endpoint: Optional[str] = None,
                 ibm_api_key: Optional[str] = None,
                 ibm_iam_endpoint: Optional[str] = None,
                 ibm_instance_id: Optional[str] = None,
                 ibm_key_ring: Optional[str] = None,
                 ibm_variant: Optional[str] = None,
                 azure_resource_group: Optional[str] = None,
                 name: Optional[str] = None,
                 azure_location: Optional[str] = None,
                 azure_environment: Optional[str] = None,
                 aws_secret_access_key: Optional[str] = None,
                 aws_region: Optional[str] = None)

func NewHpcsKeystore(ctx *Context, name string, args HpcsKeystoreArgs, opts ...ResourceOption) (*HpcsKeystore, error)

public HpcsKeystore(string name, HpcsKeystoreArgs args, CustomResourceOptions? opts = null)

public HpcsKeystore(String name, HpcsKeystoreArgs args)
public HpcsKeystore(String name, HpcsKeystoreArgs args, CustomResourceOptions options)

type: ibm:HpcsKeystore
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args HpcsKeystoreArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args HpcsKeystoreArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args HpcsKeystoreArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args HpcsKeystoreArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args HpcsKeystoreArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var hpcsKeystoreResource = new Ibm.HpcsKeystore("hpcsKeystoreResource", new()
{
    InstanceId = "string",
    Vaults = new[]
    {
        new Ibm.Inputs.HpcsKeystoreVaultArgs
        {
            Id = "string",
            Href = "string",
            Name = "string",
        },
    },
    UkoVault = "string",
    Type = "string",
    Region = "string",
    GooglePrivateKeyId = "string",
    Groups = new[]
    {
        "string",
    },
    AzureServicePrincipalClientId = "string",
    AzureServicePrincipalPassword = "string",
    AzureSubscriptionId = "string",
    AzureTenant = "string",
    Description = "string",
    DryRun = false,
    GoogleCredentials = "string",
    GoogleKeyRing = "string",
    GoogleLocation = "string",
    AwsAccessKeyId = "string",
    GoogleProjectId = "string",
    AzureServiceName = "string",
    HpcsKeystoreId = "string",
    IbmApiEndpoint = "string",
    IbmApiKey = "string",
    IbmIamEndpoint = "string",
    IbmInstanceId = "string",
    IbmKeyRing = "string",
    IbmVariant = "string",
    AzureResourceGroup = "string",
    Name = "string",
    AzureLocation = "string",
    AzureEnvironment = "string",
    AwsSecretAccessKey = "string",
    AwsRegion = "string",
});

example, err := ibm.NewHpcsKeystore(ctx, "hpcsKeystoreResource", &ibm.HpcsKeystoreArgs{
	InstanceId: pulumi.String("string"),
	Vaults: ibm.HpcsKeystoreVaultArray{
		&ibm.HpcsKeystoreVaultArgs{
			Id:   pulumi.String("string"),
			Href: pulumi.String("string"),
			Name: pulumi.String("string"),
		},
	},
	UkoVault:           pulumi.String("string"),
	Type:               pulumi.String("string"),
	Region:             pulumi.String("string"),
	GooglePrivateKeyId: pulumi.String("string"),
	Groups: pulumi.StringArray{
		pulumi.String("string"),
	},
	AzureServicePrincipalClientId: pulumi.String("string"),
	AzureServicePrincipalPassword: pulumi.String("string"),
	AzureSubscriptionId:           pulumi.String("string"),
	AzureTenant:                   pulumi.String("string"),
	Description:                   pulumi.String("string"),
	DryRun:                        pulumi.Bool(false),
	GoogleCredentials:             pulumi.String("string"),
	GoogleKeyRing:                 pulumi.String("string"),
	GoogleLocation:                pulumi.String("string"),
	AwsAccessKeyId:                pulumi.String("string"),
	GoogleProjectId:               pulumi.String("string"),
	AzureServiceName:              pulumi.String("string"),
	HpcsKeystoreId:                pulumi.String("string"),
	IbmApiEndpoint:                pulumi.String("string"),
	IbmApiKey:                     pulumi.String("string"),
	IbmIamEndpoint:                pulumi.String("string"),
	IbmInstanceId:                 pulumi.String("string"),
	IbmKeyRing:                    pulumi.String("string"),
	IbmVariant:                    pulumi.String("string"),
	AzureResourceGroup:            pulumi.String("string"),
	Name:                          pulumi.String("string"),
	AzureLocation:                 pulumi.String("string"),
	AzureEnvironment:              pulumi.String("string"),
	AwsSecretAccessKey:            pulumi.String("string"),
	AwsRegion:                     pulumi.String("string"),
})

var hpcsKeystoreResource = new HpcsKeystore("hpcsKeystoreResource", HpcsKeystoreArgs.builder()
    .instanceId("string")
    .vaults(HpcsKeystoreVaultArgs.builder()
        .id("string")
        .href("string")
        .name("string")
        .build())
    .ukoVault("string")
    .type("string")
    .region("string")
    .googlePrivateKeyId("string")
    .groups("string")
    .azureServicePrincipalClientId("string")
    .azureServicePrincipalPassword("string")
    .azureSubscriptionId("string")
    .azureTenant("string")
    .description("string")
    .dryRun(false)
    .googleCredentials("string")
    .googleKeyRing("string")
    .googleLocation("string")
    .awsAccessKeyId("string")
    .googleProjectId("string")
    .azureServiceName("string")
    .hpcsKeystoreId("string")
    .ibmApiEndpoint("string")
    .ibmApiKey("string")
    .ibmIamEndpoint("string")
    .ibmInstanceId("string")
    .ibmKeyRing("string")
    .ibmVariant("string")
    .azureResourceGroup("string")
    .name("string")
    .azureLocation("string")
    .azureEnvironment("string")
    .awsSecretAccessKey("string")
    .awsRegion("string")
    .build());

hpcs_keystore_resource = ibm.HpcsKeystore("hpcsKeystoreResource",
    instance_id="string",
    vaults=[{
        "id": "string",
        "href": "string",
        "name": "string",
    }],
    uko_vault="string",
    type="string",
    region="string",
    google_private_key_id="string",
    groups=["string"],
    azure_service_principal_client_id="string",
    azure_service_principal_password="string",
    azure_subscription_id="string",
    azure_tenant="string",
    description="string",
    dry_run=False,
    google_credentials="string",
    google_key_ring="string",
    google_location="string",
    aws_access_key_id="string",
    google_project_id="string",
    azure_service_name="string",
    hpcs_keystore_id="string",
    ibm_api_endpoint="string",
    ibm_api_key="string",
    ibm_iam_endpoint="string",
    ibm_instance_id="string",
    ibm_key_ring="string",
    ibm_variant="string",
    azure_resource_group="string",
    name="string",
    azure_location="string",
    azure_environment="string",
    aws_secret_access_key="string",
    aws_region="string")

const hpcsKeystoreResource = new ibm.HpcsKeystore("hpcsKeystoreResource", {
    instanceId: "string",
    vaults: [{
        id: "string",
        href: "string",
        name: "string",
    }],
    ukoVault: "string",
    type: "string",
    region: "string",
    googlePrivateKeyId: "string",
    groups: ["string"],
    azureServicePrincipalClientId: "string",
    azureServicePrincipalPassword: "string",
    azureSubscriptionId: "string",
    azureTenant: "string",
    description: "string",
    dryRun: false,
    googleCredentials: "string",
    googleKeyRing: "string",
    googleLocation: "string",
    awsAccessKeyId: "string",
    googleProjectId: "string",
    azureServiceName: "string",
    hpcsKeystoreId: "string",
    ibmApiEndpoint: "string",
    ibmApiKey: "string",
    ibmIamEndpoint: "string",
    ibmInstanceId: "string",
    ibmKeyRing: "string",
    ibmVariant: "string",
    azureResourceGroup: "string",
    name: "string",
    azureLocation: "string",
    azureEnvironment: "string",
    awsSecretAccessKey: "string",
    awsRegion: "string",
});

type: ibm:HpcsKeystore
properties:
    awsAccessKeyId: string
    awsRegion: string
    awsSecretAccessKey: string
    azureEnvironment: string
    azureLocation: string
    azureResourceGroup: string
    azureServiceName: string
    azureServicePrincipalClientId: string
    azureServicePrincipalPassword: string
    azureSubscriptionId: string
    azureTenant: string
    description: string
    dryRun: false
    googleCredentials: string
    googleKeyRing: string
    googleLocation: string
    googlePrivateKeyId: string
    googleProjectId: string
    groups:
        - string
    hpcsKeystoreId: string
    ibmApiEndpoint: string
    ibmApiKey: string
    ibmIamEndpoint: string
    ibmInstanceId: string
    ibmKeyRing: string
    ibmVariant: string
    instanceId: string
    name: string
    region: string
    type: string
    ukoVault: string
    vaults:
        - href: string
          id: string
          name: string

HpcsKeystore Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The HpcsKeystore resource accepts the following input properties:

InstanceId string

ID of UKO Instance

Constraints: Must match the ID of the UKO instance you are trying to work with.

Region string

Region of the UKO Instance

Constraints: Must match the region of the UKO instance you are trying to work with. Allowable values are: au-syd, in-che, jp-osa, jp-tok, kr-seo, eu-de, eu-gb, ca-tor, us-south, us-south-test, us-east, br-sao.

Type string

Type of keystore.

Constraints: Allowable values are: aws_kms, azure_key_vault, ibm_cloud_kms, google_kms.

UkoVault string

The UUID of the Vault in which the update is to take place.

Vaults List<HpcsKeystoreVault>

ID of the Vault where the entity is to be created in. Nested scheme for vault:

AwsAccessKeyId string

The access key id used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

AwsRegion string

AWS Region.

Constraints: Allowable values are: af_south_1, ap_east_1, ap_northeast_1, ap_northeast_2, ap_south_1, ap_southeast_1, ap_southeast_2, aws_cn_global, aws_global, aws_iso_global, aws_iso_b_global, aws_us_gov_global, ca_central_1, cn_north_1, cn_northwest_1, eu_central_1, eu_west_1, eu_west_2, eu_west_3, me_south_1, sa_east_1, us_east_1, us_east_2, us_gov_east_1, us_gov_west_1, us_iso_east_1, us_isob_east_1, us_west_1, us_west_2.

AwsSecretAccessKey string

The secret access key used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_\/]*$/.

AzureEnvironment string

Azure environment, usually 'Azure'.

Constraints: Allowable values are: azure, azure_china, azure_germany, azure_us_government.

AzureLocation string

Location of the Azure Key Vault.

Constraints: Allowable values are: asia_east, asia_southeast, australia_central, australia_central_2, australia_east, australia_southeast, brazil_south, canada_central, canada_east, china_east, china_east_2, china_north, china_north_2, europe_north, europe_west, france_central, france_south, germany_central, germany_northeast, india_central, india_south, india_west, japan_east, japan_west, korea_central, korea_south, south_africa_north, south_africa_west, uk_south, uk_west, us_central, us_dod_central, us_dod_east, us_east, us_east_2, us_gov_arizona, us_gov_iowa, us_gov_texas, us_gov_virginia, us_north_central, us_south_central, us_west, us_west_2, us_west_central.

AzureResourceGroup string

Resource group in Azure.

Constraints: The maximum length is 90 characters. The minimum length is 1 character. The value must match regular expression /^[-\\w\\._\$\$]*[^\\.]$/.

AzureServiceName string

Service name of the key vault instance from the Azure portal.

Constraints: The maximum length is 24 characters. The minimum length is 3 characters. The value must match regular expression /^[A-Za-z0-9-]+$/.

AzureServicePrincipalClientId string

Azure service principal client ID.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

AzureServicePrincipalPassword string

Azure service principal password.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z_.]+$/.

AzureSubscriptionId string

Subscription ID in Azure.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

AzureTenant string

Azure tenant that the Key Vault is associated with,.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

Description string

Description of the keystore.

Constraints: The maximum length is 200 characters. The minimum length is 0 characters. The value must match regular expression /(.|\\n)*/.

DryRun bool

Do not create a keystore, only verify if keystore created with given parameters can be communciated with successfully.

Constraints: The default value is false.

GoogleCredentials string

The value of the JSON key represented in the Base64 format.

Constraints: The maximum length is 524288 characters. The minimum length is 1 character. The value must match regular expression /^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/.

GoogleKeyRing string

A key ring organizes keys in a specific Google Cloud location and allows you to manage access control on groups of keys.

Constraints: The maximum length is 1024 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

GoogleLocation string

Location represents the geographical region where a Cloud KMS resource is stored and can be accessed. A key's location impacts the performance of applications using the key.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

GooglePrivateKeyId string

The private key id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

GoogleProjectId string

The project id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

Groups List<string>

A list of groups that this keystore belongs to.

Constraints: The list items must match regular expression /^[A-Za-z0-9][A-Za-z0-9-_ ]+$/. The maximum length is 128 items. The minimum length is 1 item.

HpcsKeystoreId string

(String) The v4 UUID used to uniquely identify the resource, as specified by RFC 4122.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[-0-9a-z]+$/.

IbmApiEndpoint string

API endpoint of the IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

IbmApiKey string

The IBM Cloud API key to be used for connecting to this IBM Cloud keystore.

Constraints: The maximum length is 64 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_&.]*$/.

IbmIamEndpoint string

Endpoint of the IAM service for this IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

IbmInstanceId string

The instance ID of the IBM Cloud keystore.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

IbmKeyRing string

The key ring of an IBM Cloud KMS Keystore.

Constraints: The default value is Default. The maximum length is 100 characters. The minimum length is 2 characters. The value must match regular expression /^[a-zA-Z0-9-]*$/.

IbmVariant string

Possible IBM Cloud KMS variants.

Constraints: Allowable values are: hpcs, internal, key_protect.

Name string

Name of a target keystore.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9 .-_]*$/.

InstanceId string

ID of UKO Instance

Constraints: Must match the ID of the UKO instance you are trying to work with.

Region string

Region of the UKO Instance

Constraints: Must match the region of the UKO instance you are trying to work with. Allowable values are: au-syd, in-che, jp-osa, jp-tok, kr-seo, eu-de, eu-gb, ca-tor, us-south, us-south-test, us-east, br-sao.

Type string

Type of keystore.

Constraints: Allowable values are: aws_kms, azure_key_vault, ibm_cloud_kms, google_kms.

UkoVault string

The UUID of the Vault in which the update is to take place.

Vaults []HpcsKeystoreVaultArgs

ID of the Vault where the entity is to be created in. Nested scheme for vault:

AwsAccessKeyId string

The access key id used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

AwsRegion string

AWS Region.

Constraints: Allowable values are: af_south_1, ap_east_1, ap_northeast_1, ap_northeast_2, ap_south_1, ap_southeast_1, ap_southeast_2, aws_cn_global, aws_global, aws_iso_global, aws_iso_b_global, aws_us_gov_global, ca_central_1, cn_north_1, cn_northwest_1, eu_central_1, eu_west_1, eu_west_2, eu_west_3, me_south_1, sa_east_1, us_east_1, us_east_2, us_gov_east_1, us_gov_west_1, us_iso_east_1, us_isob_east_1, us_west_1, us_west_2.

AwsSecretAccessKey string

The secret access key used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_\/]*$/.

AzureEnvironment string

Azure environment, usually 'Azure'.

Constraints: Allowable values are: azure, azure_china, azure_germany, azure_us_government.

AzureLocation string

Location of the Azure Key Vault.

Constraints: Allowable values are: asia_east, asia_southeast, australia_central, australia_central_2, australia_east, australia_southeast, brazil_south, canada_central, canada_east, china_east, china_east_2, china_north, china_north_2, europe_north, europe_west, france_central, france_south, germany_central, germany_northeast, india_central, india_south, india_west, japan_east, japan_west, korea_central, korea_south, south_africa_north, south_africa_west, uk_south, uk_west, us_central, us_dod_central, us_dod_east, us_east, us_east_2, us_gov_arizona, us_gov_iowa, us_gov_texas, us_gov_virginia, us_north_central, us_south_central, us_west, us_west_2, us_west_central.

AzureResourceGroup string

Resource group in Azure.

Constraints: The maximum length is 90 characters. The minimum length is 1 character. The value must match regular expression /^[-\\w\\._\$\$]*[^\\.]$/.

AzureServiceName string

Service name of the key vault instance from the Azure portal.

Constraints: The maximum length is 24 characters. The minimum length is 3 characters. The value must match regular expression /^[A-Za-z0-9-]+$/.

AzureServicePrincipalClientId string

Azure service principal client ID.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

AzureServicePrincipalPassword string

Azure service principal password.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z_.]+$/.

AzureSubscriptionId string

Subscription ID in Azure.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

AzureTenant string

Azure tenant that the Key Vault is associated with,.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

Description string

Description of the keystore.

Constraints: The maximum length is 200 characters. The minimum length is 0 characters. The value must match regular expression /(.|\\n)*/.

DryRun bool

Do not create a keystore, only verify if keystore created with given parameters can be communciated with successfully.

Constraints: The default value is false.

GoogleCredentials string

The value of the JSON key represented in the Base64 format.

Constraints: The maximum length is 524288 characters. The minimum length is 1 character. The value must match regular expression /^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/.

GoogleKeyRing string

A key ring organizes keys in a specific Google Cloud location and allows you to manage access control on groups of keys.

Constraints: The maximum length is 1024 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

GoogleLocation string

Location represents the geographical region where a Cloud KMS resource is stored and can be accessed. A key's location impacts the performance of applications using the key.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

GooglePrivateKeyId string

The private key id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

GoogleProjectId string

The project id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

Groups []string

A list of groups that this keystore belongs to.

Constraints: The list items must match regular expression /^[A-Za-z0-9][A-Za-z0-9-_ ]+$/. The maximum length is 128 items. The minimum length is 1 item.

HpcsKeystoreId string

(String) The v4 UUID used to uniquely identify the resource, as specified by RFC 4122.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[-0-9a-z]+$/.

IbmApiEndpoint string

API endpoint of the IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

IbmApiKey string

The IBM Cloud API key to be used for connecting to this IBM Cloud keystore.

Constraints: The maximum length is 64 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_&.]*$/.

IbmIamEndpoint string

Endpoint of the IAM service for this IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

IbmInstanceId string

The instance ID of the IBM Cloud keystore.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

IbmKeyRing string

The key ring of an IBM Cloud KMS Keystore.

Constraints: The default value is Default. The maximum length is 100 characters. The minimum length is 2 characters. The value must match regular expression /^[a-zA-Z0-9-]*$/.

IbmVariant string

Possible IBM Cloud KMS variants.

Constraints: Allowable values are: hpcs, internal, key_protect.

Name string

Name of a target keystore.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9 .-_]*$/.

instanceId String

ID of UKO Instance

Constraints: Must match the ID of the UKO instance you are trying to work with.

region String

Region of the UKO Instance

Constraints: Must match the region of the UKO instance you are trying to work with. Allowable values are: au-syd, in-che, jp-osa, jp-tok, kr-seo, eu-de, eu-gb, ca-tor, us-south, us-south-test, us-east, br-sao.

type String

Type of keystore.

Constraints: Allowable values are: aws_kms, azure_key_vault, ibm_cloud_kms, google_kms.

ukoVault String

The UUID of the Vault in which the update is to take place.

vaults List<HpcsKeystoreVault>

ID of the Vault where the entity is to be created in. Nested scheme for vault:

awsAccessKeyId String

The access key id used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

awsRegion String

AWS Region.

Constraints: Allowable values are: af_south_1, ap_east_1, ap_northeast_1, ap_northeast_2, ap_south_1, ap_southeast_1, ap_southeast_2, aws_cn_global, aws_global, aws_iso_global, aws_iso_b_global, aws_us_gov_global, ca_central_1, cn_north_1, cn_northwest_1, eu_central_1, eu_west_1, eu_west_2, eu_west_3, me_south_1, sa_east_1, us_east_1, us_east_2, us_gov_east_1, us_gov_west_1, us_iso_east_1, us_isob_east_1, us_west_1, us_west_2.

awsSecretAccessKey String

The secret access key used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_\/]*$/.

azureEnvironment String

Azure environment, usually 'Azure'.

Constraints: Allowable values are: azure, azure_china, azure_germany, azure_us_government.

azureLocation String

Location of the Azure Key Vault.

Constraints: Allowable values are: asia_east, asia_southeast, australia_central, australia_central_2, australia_east, australia_southeast, brazil_south, canada_central, canada_east, china_east, china_east_2, china_north, china_north_2, europe_north, europe_west, france_central, france_south, germany_central, germany_northeast, india_central, india_south, india_west, japan_east, japan_west, korea_central, korea_south, south_africa_north, south_africa_west, uk_south, uk_west, us_central, us_dod_central, us_dod_east, us_east, us_east_2, us_gov_arizona, us_gov_iowa, us_gov_texas, us_gov_virginia, us_north_central, us_south_central, us_west, us_west_2, us_west_central.

azureResourceGroup String

Resource group in Azure.

Constraints: The maximum length is 90 characters. The minimum length is 1 character. The value must match regular expression /^[-\\w\\._\$\$]*[^\\.]$/.

azureServiceName String

Service name of the key vault instance from the Azure portal.

Constraints: The maximum length is 24 characters. The minimum length is 3 characters. The value must match regular expression /^[A-Za-z0-9-]+$/.

azureServicePrincipalClientId String

Azure service principal client ID.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

azureServicePrincipalPassword String

Azure service principal password.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z_.]+$/.

azureSubscriptionId String

Subscription ID in Azure.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

azureTenant String

Azure tenant that the Key Vault is associated with,.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

description String

Description of the keystore.

Constraints: The maximum length is 200 characters. The minimum length is 0 characters. The value must match regular expression /(.|\\n)*/.

dryRun Boolean

Do not create a keystore, only verify if keystore created with given parameters can be communciated with successfully.

Constraints: The default value is false.

googleCredentials String

The value of the JSON key represented in the Base64 format.

Constraints: The maximum length is 524288 characters. The minimum length is 1 character. The value must match regular expression /^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/.

googleKeyRing String

A key ring organizes keys in a specific Google Cloud location and allows you to manage access control on groups of keys.

Constraints: The maximum length is 1024 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

googleLocation String

Location represents the geographical region where a Cloud KMS resource is stored and can be accessed. A key's location impacts the performance of applications using the key.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

googlePrivateKeyId String

The private key id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

googleProjectId String

The project id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

groups List<String>

A list of groups that this keystore belongs to.

Constraints: The list items must match regular expression /^[A-Za-z0-9][A-Za-z0-9-_ ]+$/. The maximum length is 128 items. The minimum length is 1 item.

hpcsKeystoreId String

(String) The v4 UUID used to uniquely identify the resource, as specified by RFC 4122.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[-0-9a-z]+$/.

ibmApiEndpoint String

API endpoint of the IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

ibmApiKey String

The IBM Cloud API key to be used for connecting to this IBM Cloud keystore.

Constraints: The maximum length is 64 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_&.]*$/.

ibmIamEndpoint String

Endpoint of the IAM service for this IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

ibmInstanceId String

The instance ID of the IBM Cloud keystore.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

ibmKeyRing String

The key ring of an IBM Cloud KMS Keystore.

Constraints: The default value is Default. The maximum length is 100 characters. The minimum length is 2 characters. The value must match regular expression /^[a-zA-Z0-9-]*$/.

ibmVariant String

Possible IBM Cloud KMS variants.

Constraints: Allowable values are: hpcs, internal, key_protect.

name String

Name of a target keystore.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9 .-_]*$/.

instanceId string

ID of UKO Instance

Constraints: Must match the ID of the UKO instance you are trying to work with.

region string

Region of the UKO Instance

Constraints: Must match the region of the UKO instance you are trying to work with. Allowable values are: au-syd, in-che, jp-osa, jp-tok, kr-seo, eu-de, eu-gb, ca-tor, us-south, us-south-test, us-east, br-sao.

type string

Type of keystore.

Constraints: Allowable values are: aws_kms, azure_key_vault, ibm_cloud_kms, google_kms.

ukoVault string

The UUID of the Vault in which the update is to take place.

vaults HpcsKeystoreVault[]

ID of the Vault where the entity is to be created in. Nested scheme for vault:

awsAccessKeyId string

The access key id used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

awsRegion string

AWS Region.

Constraints: Allowable values are: af_south_1, ap_east_1, ap_northeast_1, ap_northeast_2, ap_south_1, ap_southeast_1, ap_southeast_2, aws_cn_global, aws_global, aws_iso_global, aws_iso_b_global, aws_us_gov_global, ca_central_1, cn_north_1, cn_northwest_1, eu_central_1, eu_west_1, eu_west_2, eu_west_3, me_south_1, sa_east_1, us_east_1, us_east_2, us_gov_east_1, us_gov_west_1, us_iso_east_1, us_isob_east_1, us_west_1, us_west_2.

awsSecretAccessKey string

The secret access key used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_\/]*$/.

azureEnvironment string

Azure environment, usually 'Azure'.

Constraints: Allowable values are: azure, azure_china, azure_germany, azure_us_government.

azureLocation string

Location of the Azure Key Vault.

Constraints: Allowable values are: asia_east, asia_southeast, australia_central, australia_central_2, australia_east, australia_southeast, brazil_south, canada_central, canada_east, china_east, china_east_2, china_north, china_north_2, europe_north, europe_west, france_central, france_south, germany_central, germany_northeast, india_central, india_south, india_west, japan_east, japan_west, korea_central, korea_south, south_africa_north, south_africa_west, uk_south, uk_west, us_central, us_dod_central, us_dod_east, us_east, us_east_2, us_gov_arizona, us_gov_iowa, us_gov_texas, us_gov_virginia, us_north_central, us_south_central, us_west, us_west_2, us_west_central.

azureResourceGroup string

Resource group in Azure.

Constraints: The maximum length is 90 characters. The minimum length is 1 character. The value must match regular expression /^[-\\w\\._\$\$]*[^\\.]$/.

azureServiceName string

Service name of the key vault instance from the Azure portal.

Constraints: The maximum length is 24 characters. The minimum length is 3 characters. The value must match regular expression /^[A-Za-z0-9-]+$/.

azureServicePrincipalClientId string

Azure service principal client ID.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

azureServicePrincipalPassword string

Azure service principal password.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z_.]+$/.

azureSubscriptionId string

Subscription ID in Azure.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

azureTenant string

Azure tenant that the Key Vault is associated with,.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

description string

Description of the keystore.

Constraints: The maximum length is 200 characters. The minimum length is 0 characters. The value must match regular expression /(.|\\n)*/.

dryRun boolean

Do not create a keystore, only verify if keystore created with given parameters can be communciated with successfully.

Constraints: The default value is false.

googleCredentials string

The value of the JSON key represented in the Base64 format.

Constraints: The maximum length is 524288 characters. The minimum length is 1 character. The value must match regular expression /^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/.

googleKeyRing string

A key ring organizes keys in a specific Google Cloud location and allows you to manage access control on groups of keys.

Constraints: The maximum length is 1024 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

googleLocation string

Location represents the geographical region where a Cloud KMS resource is stored and can be accessed. A key's location impacts the performance of applications using the key.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

googlePrivateKeyId string

The private key id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

googleProjectId string

The project id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

groups string[]

A list of groups that this keystore belongs to.

Constraints: The list items must match regular expression /^[A-Za-z0-9][A-Za-z0-9-_ ]+$/. The maximum length is 128 items. The minimum length is 1 item.

hpcsKeystoreId string

(String) The v4 UUID used to uniquely identify the resource, as specified by RFC 4122.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[-0-9a-z]+$/.

ibmApiEndpoint string

API endpoint of the IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

ibmApiKey string

The IBM Cloud API key to be used for connecting to this IBM Cloud keystore.

Constraints: The maximum length is 64 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_&.]*$/.

ibmIamEndpoint string

Endpoint of the IAM service for this IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

ibmInstanceId string

The instance ID of the IBM Cloud keystore.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

ibmKeyRing string

The key ring of an IBM Cloud KMS Keystore.

Constraints: The default value is Default. The maximum length is 100 characters. The minimum length is 2 characters. The value must match regular expression /^[a-zA-Z0-9-]*$/.

ibmVariant string

Possible IBM Cloud KMS variants.

Constraints: Allowable values are: hpcs, internal, key_protect.

name string

Name of a target keystore.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9 .-_]*$/.

instance_id str

ID of UKO Instance

Constraints: Must match the ID of the UKO instance you are trying to work with.

region str

Region of the UKO Instance

Constraints: Must match the region of the UKO instance you are trying to work with. Allowable values are: au-syd, in-che, jp-osa, jp-tok, kr-seo, eu-de, eu-gb, ca-tor, us-south, us-south-test, us-east, br-sao.

type str

Type of keystore.

Constraints: Allowable values are: aws_kms, azure_key_vault, ibm_cloud_kms, google_kms.

uko_vault str

The UUID of the Vault in which the update is to take place.

vaults Sequence[HpcsKeystoreVaultArgs]

ID of the Vault where the entity is to be created in. Nested scheme for vault:

aws_access_key_id str

The access key id used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

aws_region str

AWS Region.

Constraints: Allowable values are: af_south_1, ap_east_1, ap_northeast_1, ap_northeast_2, ap_south_1, ap_southeast_1, ap_southeast_2, aws_cn_global, aws_global, aws_iso_global, aws_iso_b_global, aws_us_gov_global, ca_central_1, cn_north_1, cn_northwest_1, eu_central_1, eu_west_1, eu_west_2, eu_west_3, me_south_1, sa_east_1, us_east_1, us_east_2, us_gov_east_1, us_gov_west_1, us_iso_east_1, us_isob_east_1, us_west_1, us_west_2.

aws_secret_access_key str

The secret access key used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_\/]*$/.

azure_environment str

Azure environment, usually 'Azure'.

Constraints: Allowable values are: azure, azure_china, azure_germany, azure_us_government.

azure_location str

Location of the Azure Key Vault.

Constraints: Allowable values are: asia_east, asia_southeast, australia_central, australia_central_2, australia_east, australia_southeast, brazil_south, canada_central, canada_east, china_east, china_east_2, china_north, china_north_2, europe_north, europe_west, france_central, france_south, germany_central, germany_northeast, india_central, india_south, india_west, japan_east, japan_west, korea_central, korea_south, south_africa_north, south_africa_west, uk_south, uk_west, us_central, us_dod_central, us_dod_east, us_east, us_east_2, us_gov_arizona, us_gov_iowa, us_gov_texas, us_gov_virginia, us_north_central, us_south_central, us_west, us_west_2, us_west_central.

azure_resource_group str

Resource group in Azure.

Constraints: The maximum length is 90 characters. The minimum length is 1 character. The value must match regular expression /^[-\\w\\._\$\$]*[^\\.]$/.

azure_service_name str

Service name of the key vault instance from the Azure portal.

Constraints: The maximum length is 24 characters. The minimum length is 3 characters. The value must match regular expression /^[A-Za-z0-9-]+$/.

azure_service_principal_client_id str

Azure service principal client ID.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

azure_service_principal_password str

Azure service principal password.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z_.]+$/.

azure_subscription_id str

Subscription ID in Azure.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

azure_tenant str

Azure tenant that the Key Vault is associated with,.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

description str

Description of the keystore.

Constraints: The maximum length is 200 characters. The minimum length is 0 characters. The value must match regular expression /(.|\\n)*/.

dry_run bool

Do not create a keystore, only verify if keystore created with given parameters can be communciated with successfully.

Constraints: The default value is false.

google_credentials str

The value of the JSON key represented in the Base64 format.

Constraints: The maximum length is 524288 characters. The minimum length is 1 character. The value must match regular expression /^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/.

google_key_ring str

A key ring organizes keys in a specific Google Cloud location and allows you to manage access control on groups of keys.

Constraints: The maximum length is 1024 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

google_location str

Location represents the geographical region where a Cloud KMS resource is stored and can be accessed. A key's location impacts the performance of applications using the key.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

google_private_key_id str

The private key id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

google_project_id str

The project id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

groups Sequence[str]

A list of groups that this keystore belongs to.

Constraints: The list items must match regular expression /^[A-Za-z0-9][A-Za-z0-9-_ ]+$/. The maximum length is 128 items. The minimum length is 1 item.

hpcs_keystore_id str

(String) The v4 UUID used to uniquely identify the resource, as specified by RFC 4122.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[-0-9a-z]+$/.

ibm_api_endpoint str

API endpoint of the IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

ibm_api_key str

The IBM Cloud API key to be used for connecting to this IBM Cloud keystore.

Constraints: The maximum length is 64 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_&.]*$/.

ibm_iam_endpoint str

Endpoint of the IAM service for this IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

ibm_instance_id str

The instance ID of the IBM Cloud keystore.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

ibm_key_ring str

The key ring of an IBM Cloud KMS Keystore.

Constraints: The default value is Default. The maximum length is 100 characters. The minimum length is 2 characters. The value must match regular expression /^[a-zA-Z0-9-]*$/.

ibm_variant str

Possible IBM Cloud KMS variants.

Constraints: Allowable values are: hpcs, internal, key_protect.

name str

Name of a target keystore.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9 .-_]*$/.

instanceId String

ID of UKO Instance

Constraints: Must match the ID of the UKO instance you are trying to work with.

region String

Region of the UKO Instance

Constraints: Must match the region of the UKO instance you are trying to work with. Allowable values are: au-syd, in-che, jp-osa, jp-tok, kr-seo, eu-de, eu-gb, ca-tor, us-south, us-south-test, us-east, br-sao.

type String

Type of keystore.

Constraints: Allowable values are: aws_kms, azure_key_vault, ibm_cloud_kms, google_kms.

ukoVault String

The UUID of the Vault in which the update is to take place.

vaults List<Property Map>

ID of the Vault where the entity is to be created in. Nested scheme for vault:

awsAccessKeyId String

The access key id used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

awsRegion String

AWS Region.

Constraints: Allowable values are: af_south_1, ap_east_1, ap_northeast_1, ap_northeast_2, ap_south_1, ap_southeast_1, ap_southeast_2, aws_cn_global, aws_global, aws_iso_global, aws_iso_b_global, aws_us_gov_global, ca_central_1, cn_north_1, cn_northwest_1, eu_central_1, eu_west_1, eu_west_2, eu_west_3, me_south_1, sa_east_1, us_east_1, us_east_2, us_gov_east_1, us_gov_west_1, us_iso_east_1, us_isob_east_1, us_west_1, us_west_2.

awsSecretAccessKey String

The secret access key used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_\/]*$/.

azureEnvironment String

Azure environment, usually 'Azure'.

Constraints: Allowable values are: azure, azure_china, azure_germany, azure_us_government.

azureLocation String

Location of the Azure Key Vault.

Constraints: Allowable values are: asia_east, asia_southeast, australia_central, australia_central_2, australia_east, australia_southeast, brazil_south, canada_central, canada_east, china_east, china_east_2, china_north, china_north_2, europe_north, europe_west, france_central, france_south, germany_central, germany_northeast, india_central, india_south, india_west, japan_east, japan_west, korea_central, korea_south, south_africa_north, south_africa_west, uk_south, uk_west, us_central, us_dod_central, us_dod_east, us_east, us_east_2, us_gov_arizona, us_gov_iowa, us_gov_texas, us_gov_virginia, us_north_central, us_south_central, us_west, us_west_2, us_west_central.

azureResourceGroup String

Resource group in Azure.

Constraints: The maximum length is 90 characters. The minimum length is 1 character. The value must match regular expression /^[-\\w\\._\$\$]*[^\\.]$/.

azureServiceName String

Service name of the key vault instance from the Azure portal.

Constraints: The maximum length is 24 characters. The minimum length is 3 characters. The value must match regular expression /^[A-Za-z0-9-]+$/.

azureServicePrincipalClientId String

Azure service principal client ID.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

azureServicePrincipalPassword String

Azure service principal password.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z_.]+$/.

azureSubscriptionId String

Subscription ID in Azure.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

azureTenant String

Azure tenant that the Key Vault is associated with,.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

description String

Description of the keystore.

Constraints: The maximum length is 200 characters. The minimum length is 0 characters. The value must match regular expression /(.|\\n)*/.

dryRun Boolean

Do not create a keystore, only verify if keystore created with given parameters can be communciated with successfully.

Constraints: The default value is false.

googleCredentials String

The value of the JSON key represented in the Base64 format.

Constraints: The maximum length is 524288 characters. The minimum length is 1 character. The value must match regular expression /^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/.

googleKeyRing String

A key ring organizes keys in a specific Google Cloud location and allows you to manage access control on groups of keys.

Constraints: The maximum length is 1024 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

googleLocation String

Location represents the geographical region where a Cloud KMS resource is stored and can be accessed. A key's location impacts the performance of applications using the key.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

googlePrivateKeyId String

The private key id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

googleProjectId String

The project id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

groups List<String>

A list of groups that this keystore belongs to.

Constraints: The list items must match regular expression /^[A-Za-z0-9][A-Za-z0-9-_ ]+$/. The maximum length is 128 items. The minimum length is 1 item.

hpcsKeystoreId String

(String) The v4 UUID used to uniquely identify the resource, as specified by RFC 4122.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[-0-9a-z]+$/.

ibmApiEndpoint String

API endpoint of the IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

ibmApiKey String

The IBM Cloud API key to be used for connecting to this IBM Cloud keystore.

Constraints: The maximum length is 64 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_&.]*$/.

ibmIamEndpoint String

Endpoint of the IAM service for this IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

ibmInstanceId String

The instance ID of the IBM Cloud keystore.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

ibmKeyRing String

The key ring of an IBM Cloud KMS Keystore.

Constraints: The default value is Default. The maximum length is 100 characters. The minimum length is 2 characters. The value must match regular expression /^[a-zA-Z0-9-]*$/.

ibmVariant String

Possible IBM Cloud KMS variants.

Constraints: Allowable values are: hpcs, internal, key_protect.

name String

Name of a target keystore.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9 .-_]*$/.

Outputs

All input properties are implicitly available as output properties. Additionally, the HpcsKeystore resource produces the following output properties:

CreatedAt string

(String) Date and time when the target keystore was created.

CreatedBy string

(String) ID of the user that created the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

Etag string

ETag identifier for keystore.

Href string

(String) A URL that uniquely identifies your cloud resource.

Constraints: The maximum length is 200 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/?&=-]+$/.

Id string

The provider-assigned unique ID for this managed resource.

Location string

Geographic location of the keystore, if available.

UpdatedAt string

(String) Date and time when the target keystore was last updated.

UpdatedBy string

(String) ID of the user that last updated the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

CreatedAt string

(String) Date and time when the target keystore was created.

CreatedBy string

(String) ID of the user that created the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

Etag string

ETag identifier for keystore.

Href string

(String) A URL that uniquely identifies your cloud resource.

Constraints: The maximum length is 200 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/?&=-]+$/.

Id string

The provider-assigned unique ID for this managed resource.

Location string

Geographic location of the keystore, if available.

UpdatedAt string

(String) Date and time when the target keystore was last updated.

UpdatedBy string

(String) ID of the user that last updated the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

createdAt String

(String) Date and time when the target keystore was created.

createdBy String

(String) ID of the user that created the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

etag String

ETag identifier for keystore.

href String

(String) A URL that uniquely identifies your cloud resource.

Constraints: The maximum length is 200 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/?&=-]+$/.

id String

The provider-assigned unique ID for this managed resource.

location String

Geographic location of the keystore, if available.

updatedAt String

(String) Date and time when the target keystore was last updated.

updatedBy String

(String) ID of the user that last updated the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

createdAt string

(String) Date and time when the target keystore was created.

createdBy string

(String) ID of the user that created the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

etag string

ETag identifier for keystore.

href string

(String) A URL that uniquely identifies your cloud resource.

Constraints: The maximum length is 200 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/?&=-]+$/.

id string

The provider-assigned unique ID for this managed resource.

location string

Geographic location of the keystore, if available.

updatedAt string

(String) Date and time when the target keystore was last updated.

updatedBy string

(String) ID of the user that last updated the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

created_at str

(String) Date and time when the target keystore was created.

created_by str

(String) ID of the user that created the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

etag str

ETag identifier for keystore.

href str

(String) A URL that uniquely identifies your cloud resource.

Constraints: The maximum length is 200 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/?&=-]+$/.

id str

The provider-assigned unique ID for this managed resource.

location str

Geographic location of the keystore, if available.

updated_at str

(String) Date and time when the target keystore was last updated.

updated_by str

(String) ID of the user that last updated the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

createdAt String

(String) Date and time when the target keystore was created.

createdBy String

(String) ID of the user that created the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

etag String

ETag identifier for keystore.

href String

(String) A URL that uniquely identifies your cloud resource.

Constraints: The maximum length is 200 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/?&=-]+$/.

id String

The provider-assigned unique ID for this managed resource.

location String

Geographic location of the keystore, if available.

updatedAt String

(String) Date and time when the target keystore was last updated.

updatedBy String

(String) ID of the user that last updated the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

Look up Existing HpcsKeystore Resource

Get an existing HpcsKeystore resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: HpcsKeystoreState, opts?: CustomResourceOptions): HpcsKeystore

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        aws_access_key_id: Optional[str] = None,
        aws_region: Optional[str] = None,
        aws_secret_access_key: Optional[str] = None,
        azure_environment: Optional[str] = None,
        azure_location: Optional[str] = None,
        azure_resource_group: Optional[str] = None,
        azure_service_name: Optional[str] = None,
        azure_service_principal_client_id: Optional[str] = None,
        azure_service_principal_password: Optional[str] = None,
        azure_subscription_id: Optional[str] = None,
        azure_tenant: Optional[str] = None,
        created_at: Optional[str] = None,
        created_by: Optional[str] = None,
        description: Optional[str] = None,
        dry_run: Optional[bool] = None,
        etag: Optional[str] = None,
        google_credentials: Optional[str] = None,
        google_key_ring: Optional[str] = None,
        google_location: Optional[str] = None,
        google_private_key_id: Optional[str] = None,
        google_project_id: Optional[str] = None,
        groups: Optional[Sequence[str]] = None,
        hpcs_keystore_id: Optional[str] = None,
        href: Optional[str] = None,
        ibm_api_endpoint: Optional[str] = None,
        ibm_api_key: Optional[str] = None,
        ibm_iam_endpoint: Optional[str] = None,
        ibm_instance_id: Optional[str] = None,
        ibm_key_ring: Optional[str] = None,
        ibm_variant: Optional[str] = None,
        instance_id: Optional[str] = None,
        location: Optional[str] = None,
        name: Optional[str] = None,
        region: Optional[str] = None,
        type: Optional[str] = None,
        uko_vault: Optional[str] = None,
        updated_at: Optional[str] = None,
        updated_by: Optional[str] = None,
        vaults: Optional[Sequence[HpcsKeystoreVaultArgs]] = None) -> HpcsKeystore

func GetHpcsKeystore(ctx *Context, name string, id IDInput, state *HpcsKeystoreState, opts ...ResourceOption) (*HpcsKeystore, error)

public static HpcsKeystore Get(string name, Input<string> id, HpcsKeystoreState? state, CustomResourceOptions? opts = null)

public static HpcsKeystore get(String name, Output<String> id, HpcsKeystoreState state, CustomResourceOptions options)

resources:  _:    type: ibm:HpcsKeystore    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AwsAccessKeyId string

The access key id used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

AwsRegion string

AWS Region.

Constraints: Allowable values are: af_south_1, ap_east_1, ap_northeast_1, ap_northeast_2, ap_south_1, ap_southeast_1, ap_southeast_2, aws_cn_global, aws_global, aws_iso_global, aws_iso_b_global, aws_us_gov_global, ca_central_1, cn_north_1, cn_northwest_1, eu_central_1, eu_west_1, eu_west_2, eu_west_3, me_south_1, sa_east_1, us_east_1, us_east_2, us_gov_east_1, us_gov_west_1, us_iso_east_1, us_isob_east_1, us_west_1, us_west_2.

AwsSecretAccessKey string

The secret access key used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_\/]*$/.

AzureEnvironment string

Azure environment, usually 'Azure'.

Constraints: Allowable values are: azure, azure_china, azure_germany, azure_us_government.

AzureLocation string

Location of the Azure Key Vault.

Constraints: Allowable values are: asia_east, asia_southeast, australia_central, australia_central_2, australia_east, australia_southeast, brazil_south, canada_central, canada_east, china_east, china_east_2, china_north, china_north_2, europe_north, europe_west, france_central, france_south, germany_central, germany_northeast, india_central, india_south, india_west, japan_east, japan_west, korea_central, korea_south, south_africa_north, south_africa_west, uk_south, uk_west, us_central, us_dod_central, us_dod_east, us_east, us_east_2, us_gov_arizona, us_gov_iowa, us_gov_texas, us_gov_virginia, us_north_central, us_south_central, us_west, us_west_2, us_west_central.

AzureResourceGroup string

Resource group in Azure.

Constraints: The maximum length is 90 characters. The minimum length is 1 character. The value must match regular expression /^[-\\w\\._\$\$]*[^\\.]$/.

AzureServiceName string

Service name of the key vault instance from the Azure portal.

Constraints: The maximum length is 24 characters. The minimum length is 3 characters. The value must match regular expression /^[A-Za-z0-9-]+$/.

AzureServicePrincipalClientId string

Azure service principal client ID.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

AzureServicePrincipalPassword string

Azure service principal password.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z_.]+$/.

AzureSubscriptionId string

Subscription ID in Azure.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

AzureTenant string

Azure tenant that the Key Vault is associated with,.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

CreatedAt string

(String) Date and time when the target keystore was created.

CreatedBy string

(String) ID of the user that created the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

Description string

Description of the keystore.

Constraints: The maximum length is 200 characters. The minimum length is 0 characters. The value must match regular expression /(.|\\n)*/.

DryRun bool

Do not create a keystore, only verify if keystore created with given parameters can be communciated with successfully.

Constraints: The default value is false.

Etag string

ETag identifier for keystore.

GoogleCredentials string

The value of the JSON key represented in the Base64 format.

Constraints: The maximum length is 524288 characters. The minimum length is 1 character. The value must match regular expression /^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/.

GoogleKeyRing string

A key ring organizes keys in a specific Google Cloud location and allows you to manage access control on groups of keys.

Constraints: The maximum length is 1024 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

GoogleLocation string

Location represents the geographical region where a Cloud KMS resource is stored and can be accessed. A key's location impacts the performance of applications using the key.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

GooglePrivateKeyId string

The private key id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

GoogleProjectId string

The project id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

Groups List<string>

A list of groups that this keystore belongs to.

Constraints: The list items must match regular expression /^[A-Za-z0-9][A-Za-z0-9-_ ]+$/. The maximum length is 128 items. The minimum length is 1 item.

HpcsKeystoreId string

(String) The v4 UUID used to uniquely identify the resource, as specified by RFC 4122.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[-0-9a-z]+$/.

Href string

(String) A URL that uniquely identifies your cloud resource.

Constraints: The maximum length is 200 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/?&=-]+$/.

IbmApiEndpoint string

API endpoint of the IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

IbmApiKey string

The IBM Cloud API key to be used for connecting to this IBM Cloud keystore.

Constraints: The maximum length is 64 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_&.]*$/.

IbmIamEndpoint string

Endpoint of the IAM service for this IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

IbmInstanceId string

The instance ID of the IBM Cloud keystore.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

IbmKeyRing string

The key ring of an IBM Cloud KMS Keystore.

Constraints: The default value is Default. The maximum length is 100 characters. The minimum length is 2 characters. The value must match regular expression /^[a-zA-Z0-9-]*$/.

IbmVariant string

Possible IBM Cloud KMS variants.

Constraints: Allowable values are: hpcs, internal, key_protect.

InstanceId string

ID of UKO Instance

Constraints: Must match the ID of the UKO instance you are trying to work with.

Location string

Geographic location of the keystore, if available.

Name string

Name of a target keystore.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9 .-_]*$/.

Region string

Region of the UKO Instance

Constraints: Must match the region of the UKO instance you are trying to work with. Allowable values are: au-syd, in-che, jp-osa, jp-tok, kr-seo, eu-de, eu-gb, ca-tor, us-south, us-south-test, us-east, br-sao.

Type string

Type of keystore.

Constraints: Allowable values are: aws_kms, azure_key_vault, ibm_cloud_kms, google_kms.

UkoVault string

The UUID of the Vault in which the update is to take place.

UpdatedAt string

(String) Date and time when the target keystore was last updated.

UpdatedBy string

(String) ID of the user that last updated the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

Vaults List<HpcsKeystoreVault>

ID of the Vault where the entity is to be created in. Nested scheme for vault:

AwsAccessKeyId string

The access key id used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

AwsRegion string

AWS Region.

Constraints: Allowable values are: af_south_1, ap_east_1, ap_northeast_1, ap_northeast_2, ap_south_1, ap_southeast_1, ap_southeast_2, aws_cn_global, aws_global, aws_iso_global, aws_iso_b_global, aws_us_gov_global, ca_central_1, cn_north_1, cn_northwest_1, eu_central_1, eu_west_1, eu_west_2, eu_west_3, me_south_1, sa_east_1, us_east_1, us_east_2, us_gov_east_1, us_gov_west_1, us_iso_east_1, us_isob_east_1, us_west_1, us_west_2.

AwsSecretAccessKey string

The secret access key used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_\/]*$/.

AzureEnvironment string

Azure environment, usually 'Azure'.

Constraints: Allowable values are: azure, azure_china, azure_germany, azure_us_government.

AzureLocation string

Location of the Azure Key Vault.

Constraints: Allowable values are: asia_east, asia_southeast, australia_central, australia_central_2, australia_east, australia_southeast, brazil_south, canada_central, canada_east, china_east, china_east_2, china_north, china_north_2, europe_north, europe_west, france_central, france_south, germany_central, germany_northeast, india_central, india_south, india_west, japan_east, japan_west, korea_central, korea_south, south_africa_north, south_africa_west, uk_south, uk_west, us_central, us_dod_central, us_dod_east, us_east, us_east_2, us_gov_arizona, us_gov_iowa, us_gov_texas, us_gov_virginia, us_north_central, us_south_central, us_west, us_west_2, us_west_central.

AzureResourceGroup string

Resource group in Azure.

Constraints: The maximum length is 90 characters. The minimum length is 1 character. The value must match regular expression /^[-\\w\\._\$\$]*[^\\.]$/.

AzureServiceName string

Service name of the key vault instance from the Azure portal.

Constraints: The maximum length is 24 characters. The minimum length is 3 characters. The value must match regular expression /^[A-Za-z0-9-]+$/.

AzureServicePrincipalClientId string

Azure service principal client ID.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

AzureServicePrincipalPassword string

Azure service principal password.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z_.]+$/.

AzureSubscriptionId string

Subscription ID in Azure.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

AzureTenant string

Azure tenant that the Key Vault is associated with,.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

CreatedAt string

(String) Date and time when the target keystore was created.

CreatedBy string

(String) ID of the user that created the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

Description string

Description of the keystore.

Constraints: The maximum length is 200 characters. The minimum length is 0 characters. The value must match regular expression /(.|\\n)*/.

DryRun bool

Do not create a keystore, only verify if keystore created with given parameters can be communciated with successfully.

Constraints: The default value is false.

Etag string

ETag identifier for keystore.

GoogleCredentials string

The value of the JSON key represented in the Base64 format.

Constraints: The maximum length is 524288 characters. The minimum length is 1 character. The value must match regular expression /^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/.

GoogleKeyRing string

A key ring organizes keys in a specific Google Cloud location and allows you to manage access control on groups of keys.

Constraints: The maximum length is 1024 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

GoogleLocation string

Location represents the geographical region where a Cloud KMS resource is stored and can be accessed. A key's location impacts the performance of applications using the key.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

GooglePrivateKeyId string

The private key id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

GoogleProjectId string

The project id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

Groups []string

A list of groups that this keystore belongs to.

Constraints: The list items must match regular expression /^[A-Za-z0-9][A-Za-z0-9-_ ]+$/. The maximum length is 128 items. The minimum length is 1 item.

HpcsKeystoreId string

(String) The v4 UUID used to uniquely identify the resource, as specified by RFC 4122.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[-0-9a-z]+$/.

Href string

(String) A URL that uniquely identifies your cloud resource.

Constraints: The maximum length is 200 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/?&=-]+$/.

IbmApiEndpoint string

API endpoint of the IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

IbmApiKey string

The IBM Cloud API key to be used for connecting to this IBM Cloud keystore.

Constraints: The maximum length is 64 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_&.]*$/.

IbmIamEndpoint string

Endpoint of the IAM service for this IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

IbmInstanceId string

The instance ID of the IBM Cloud keystore.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

IbmKeyRing string

The key ring of an IBM Cloud KMS Keystore.

Constraints: The default value is Default. The maximum length is 100 characters. The minimum length is 2 characters. The value must match regular expression /^[a-zA-Z0-9-]*$/.

IbmVariant string

Possible IBM Cloud KMS variants.

Constraints: Allowable values are: hpcs, internal, key_protect.

InstanceId string

ID of UKO Instance

Constraints: Must match the ID of the UKO instance you are trying to work with.

Location string

Geographic location of the keystore, if available.

Name string

Name of a target keystore.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9 .-_]*$/.

Region string

Region of the UKO Instance

Constraints: Must match the region of the UKO instance you are trying to work with. Allowable values are: au-syd, in-che, jp-osa, jp-tok, kr-seo, eu-de, eu-gb, ca-tor, us-south, us-south-test, us-east, br-sao.

Type string

Type of keystore.

Constraints: Allowable values are: aws_kms, azure_key_vault, ibm_cloud_kms, google_kms.

UkoVault string

The UUID of the Vault in which the update is to take place.

UpdatedAt string

(String) Date and time when the target keystore was last updated.

UpdatedBy string

(String) ID of the user that last updated the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

Vaults []HpcsKeystoreVaultArgs

ID of the Vault where the entity is to be created in. Nested scheme for vault:

awsAccessKeyId String

The access key id used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

awsRegion String

AWS Region.

Constraints: Allowable values are: af_south_1, ap_east_1, ap_northeast_1, ap_northeast_2, ap_south_1, ap_southeast_1, ap_southeast_2, aws_cn_global, aws_global, aws_iso_global, aws_iso_b_global, aws_us_gov_global, ca_central_1, cn_north_1, cn_northwest_1, eu_central_1, eu_west_1, eu_west_2, eu_west_3, me_south_1, sa_east_1, us_east_1, us_east_2, us_gov_east_1, us_gov_west_1, us_iso_east_1, us_isob_east_1, us_west_1, us_west_2.

awsSecretAccessKey String

The secret access key used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_\/]*$/.

azureEnvironment String

Azure environment, usually 'Azure'.

Constraints: Allowable values are: azure, azure_china, azure_germany, azure_us_government.

azureLocation String

Location of the Azure Key Vault.

Constraints: Allowable values are: asia_east, asia_southeast, australia_central, australia_central_2, australia_east, australia_southeast, brazil_south, canada_central, canada_east, china_east, china_east_2, china_north, china_north_2, europe_north, europe_west, france_central, france_south, germany_central, germany_northeast, india_central, india_south, india_west, japan_east, japan_west, korea_central, korea_south, south_africa_north, south_africa_west, uk_south, uk_west, us_central, us_dod_central, us_dod_east, us_east, us_east_2, us_gov_arizona, us_gov_iowa, us_gov_texas, us_gov_virginia, us_north_central, us_south_central, us_west, us_west_2, us_west_central.

azureResourceGroup String

Resource group in Azure.

Constraints: The maximum length is 90 characters. The minimum length is 1 character. The value must match regular expression /^[-\\w\\._\$\$]*[^\\.]$/.

azureServiceName String

Service name of the key vault instance from the Azure portal.

Constraints: The maximum length is 24 characters. The minimum length is 3 characters. The value must match regular expression /^[A-Za-z0-9-]+$/.

azureServicePrincipalClientId String

Azure service principal client ID.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

azureServicePrincipalPassword String

Azure service principal password.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z_.]+$/.

azureSubscriptionId String

Subscription ID in Azure.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

azureTenant String

Azure tenant that the Key Vault is associated with,.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

createdAt String

(String) Date and time when the target keystore was created.

createdBy String

(String) ID of the user that created the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

description String

Description of the keystore.

Constraints: The maximum length is 200 characters. The minimum length is 0 characters. The value must match regular expression /(.|\\n)*/.

dryRun Boolean

Do not create a keystore, only verify if keystore created with given parameters can be communciated with successfully.

Constraints: The default value is false.

etag String

ETag identifier for keystore.

googleCredentials String

The value of the JSON key represented in the Base64 format.

Constraints: The maximum length is 524288 characters. The minimum length is 1 character. The value must match regular expression /^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/.

googleKeyRing String

A key ring organizes keys in a specific Google Cloud location and allows you to manage access control on groups of keys.

Constraints: The maximum length is 1024 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

googleLocation String

Location represents the geographical region where a Cloud KMS resource is stored and can be accessed. A key's location impacts the performance of applications using the key.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

googlePrivateKeyId String

The private key id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

googleProjectId String

The project id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

groups List<String>

A list of groups that this keystore belongs to.

Constraints: The list items must match regular expression /^[A-Za-z0-9][A-Za-z0-9-_ ]+$/. The maximum length is 128 items. The minimum length is 1 item.

hpcsKeystoreId String

(String) The v4 UUID used to uniquely identify the resource, as specified by RFC 4122.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[-0-9a-z]+$/.

href String

(String) A URL that uniquely identifies your cloud resource.

Constraints: The maximum length is 200 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/?&=-]+$/.

ibmApiEndpoint String

API endpoint of the IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

ibmApiKey String

The IBM Cloud API key to be used for connecting to this IBM Cloud keystore.

Constraints: The maximum length is 64 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_&.]*$/.

ibmIamEndpoint String

Endpoint of the IAM service for this IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

ibmInstanceId String

The instance ID of the IBM Cloud keystore.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

ibmKeyRing String

The key ring of an IBM Cloud KMS Keystore.

Constraints: The default value is Default. The maximum length is 100 characters. The minimum length is 2 characters. The value must match regular expression /^[a-zA-Z0-9-]*$/.

ibmVariant String

Possible IBM Cloud KMS variants.

Constraints: Allowable values are: hpcs, internal, key_protect.

instanceId String

ID of UKO Instance

Constraints: Must match the ID of the UKO instance you are trying to work with.

location String

Geographic location of the keystore, if available.

name String

Name of a target keystore.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9 .-_]*$/.

region String

Region of the UKO Instance

Constraints: Must match the region of the UKO instance you are trying to work with. Allowable values are: au-syd, in-che, jp-osa, jp-tok, kr-seo, eu-de, eu-gb, ca-tor, us-south, us-south-test, us-east, br-sao.

type String

Type of keystore.

Constraints: Allowable values are: aws_kms, azure_key_vault, ibm_cloud_kms, google_kms.

ukoVault String

The UUID of the Vault in which the update is to take place.

updatedAt String

(String) Date and time when the target keystore was last updated.

updatedBy String

(String) ID of the user that last updated the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

vaults List<HpcsKeystoreVault>

ID of the Vault where the entity is to be created in. Nested scheme for vault:

awsAccessKeyId string

The access key id used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

awsRegion string

AWS Region.

Constraints: Allowable values are: af_south_1, ap_east_1, ap_northeast_1, ap_northeast_2, ap_south_1, ap_southeast_1, ap_southeast_2, aws_cn_global, aws_global, aws_iso_global, aws_iso_b_global, aws_us_gov_global, ca_central_1, cn_north_1, cn_northwest_1, eu_central_1, eu_west_1, eu_west_2, eu_west_3, me_south_1, sa_east_1, us_east_1, us_east_2, us_gov_east_1, us_gov_west_1, us_iso_east_1, us_isob_east_1, us_west_1, us_west_2.

awsSecretAccessKey string

The secret access key used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_\/]*$/.

azureEnvironment string

Azure environment, usually 'Azure'.

Constraints: Allowable values are: azure, azure_china, azure_germany, azure_us_government.

azureLocation string

Location of the Azure Key Vault.

Constraints: Allowable values are: asia_east, asia_southeast, australia_central, australia_central_2, australia_east, australia_southeast, brazil_south, canada_central, canada_east, china_east, china_east_2, china_north, china_north_2, europe_north, europe_west, france_central, france_south, germany_central, germany_northeast, india_central, india_south, india_west, japan_east, japan_west, korea_central, korea_south, south_africa_north, south_africa_west, uk_south, uk_west, us_central, us_dod_central, us_dod_east, us_east, us_east_2, us_gov_arizona, us_gov_iowa, us_gov_texas, us_gov_virginia, us_north_central, us_south_central, us_west, us_west_2, us_west_central.

azureResourceGroup string

Resource group in Azure.

Constraints: The maximum length is 90 characters. The minimum length is 1 character. The value must match regular expression /^[-\\w\\._\$\$]*[^\\.]$/.

azureServiceName string

Service name of the key vault instance from the Azure portal.

Constraints: The maximum length is 24 characters. The minimum length is 3 characters. The value must match regular expression /^[A-Za-z0-9-]+$/.

azureServicePrincipalClientId string

Azure service principal client ID.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

azureServicePrincipalPassword string

Azure service principal password.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z_.]+$/.

azureSubscriptionId string

Subscription ID in Azure.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

azureTenant string

Azure tenant that the Key Vault is associated with,.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

createdAt string

(String) Date and time when the target keystore was created.

createdBy string

(String) ID of the user that created the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

description string

Description of the keystore.

Constraints: The maximum length is 200 characters. The minimum length is 0 characters. The value must match regular expression /(.|\\n)*/.

dryRun boolean

Do not create a keystore, only verify if keystore created with given parameters can be communciated with successfully.

Constraints: The default value is false.

etag string

ETag identifier for keystore.

googleCredentials string

The value of the JSON key represented in the Base64 format.

Constraints: The maximum length is 524288 characters. The minimum length is 1 character. The value must match regular expression /^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/.

googleKeyRing string

A key ring organizes keys in a specific Google Cloud location and allows you to manage access control on groups of keys.

Constraints: The maximum length is 1024 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

googleLocation string

Location represents the geographical region where a Cloud KMS resource is stored and can be accessed. A key's location impacts the performance of applications using the key.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

googlePrivateKeyId string

The private key id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

googleProjectId string

The project id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

groups string[]

A list of groups that this keystore belongs to.

Constraints: The list items must match regular expression /^[A-Za-z0-9][A-Za-z0-9-_ ]+$/. The maximum length is 128 items. The minimum length is 1 item.

hpcsKeystoreId string

(String) The v4 UUID used to uniquely identify the resource, as specified by RFC 4122.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[-0-9a-z]+$/.

href string

(String) A URL that uniquely identifies your cloud resource.

Constraints: The maximum length is 200 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/?&=-]+$/.

ibmApiEndpoint string

API endpoint of the IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

ibmApiKey string

The IBM Cloud API key to be used for connecting to this IBM Cloud keystore.

Constraints: The maximum length is 64 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_&.]*$/.

ibmIamEndpoint string

Endpoint of the IAM service for this IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

ibmInstanceId string

The instance ID of the IBM Cloud keystore.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

ibmKeyRing string

The key ring of an IBM Cloud KMS Keystore.

Constraints: The default value is Default. The maximum length is 100 characters. The minimum length is 2 characters. The value must match regular expression /^[a-zA-Z0-9-]*$/.

ibmVariant string

Possible IBM Cloud KMS variants.

Constraints: Allowable values are: hpcs, internal, key_protect.

instanceId string

ID of UKO Instance

Constraints: Must match the ID of the UKO instance you are trying to work with.

location string

Geographic location of the keystore, if available.

name string

Name of a target keystore.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9 .-_]*$/.

region string

Region of the UKO Instance

Constraints: Must match the region of the UKO instance you are trying to work with. Allowable values are: au-syd, in-che, jp-osa, jp-tok, kr-seo, eu-de, eu-gb, ca-tor, us-south, us-south-test, us-east, br-sao.

type string

Type of keystore.

Constraints: Allowable values are: aws_kms, azure_key_vault, ibm_cloud_kms, google_kms.

ukoVault string

The UUID of the Vault in which the update is to take place.

updatedAt string

(String) Date and time when the target keystore was last updated.

updatedBy string

(String) ID of the user that last updated the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

vaults HpcsKeystoreVault[]

ID of the Vault where the entity is to be created in. Nested scheme for vault:

aws_access_key_id str

The access key id used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

aws_region str

AWS Region.

Constraints: Allowable values are: af_south_1, ap_east_1, ap_northeast_1, ap_northeast_2, ap_south_1, ap_southeast_1, ap_southeast_2, aws_cn_global, aws_global, aws_iso_global, aws_iso_b_global, aws_us_gov_global, ca_central_1, cn_north_1, cn_northwest_1, eu_central_1, eu_west_1, eu_west_2, eu_west_3, me_south_1, sa_east_1, us_east_1, us_east_2, us_gov_east_1, us_gov_west_1, us_iso_east_1, us_isob_east_1, us_west_1, us_west_2.

aws_secret_access_key str

The secret access key used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_\/]*$/.

azure_environment str

Azure environment, usually 'Azure'.

Constraints: Allowable values are: azure, azure_china, azure_germany, azure_us_government.

azure_location str

Location of the Azure Key Vault.

Constraints: Allowable values are: asia_east, asia_southeast, australia_central, australia_central_2, australia_east, australia_southeast, brazil_south, canada_central, canada_east, china_east, china_east_2, china_north, china_north_2, europe_north, europe_west, france_central, france_south, germany_central, germany_northeast, india_central, india_south, india_west, japan_east, japan_west, korea_central, korea_south, south_africa_north, south_africa_west, uk_south, uk_west, us_central, us_dod_central, us_dod_east, us_east, us_east_2, us_gov_arizona, us_gov_iowa, us_gov_texas, us_gov_virginia, us_north_central, us_south_central, us_west, us_west_2, us_west_central.

azure_resource_group str

Resource group in Azure.

Constraints: The maximum length is 90 characters. The minimum length is 1 character. The value must match regular expression /^[-\\w\\._\$\$]*[^\\.]$/.

azure_service_name str

Service name of the key vault instance from the Azure portal.

Constraints: The maximum length is 24 characters. The minimum length is 3 characters. The value must match regular expression /^[A-Za-z0-9-]+$/.

azure_service_principal_client_id str

Azure service principal client ID.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

azure_service_principal_password str

Azure service principal password.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z_.]+$/.

azure_subscription_id str

Subscription ID in Azure.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

azure_tenant str

Azure tenant that the Key Vault is associated with,.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

created_at str

(String) Date and time when the target keystore was created.

created_by str

(String) ID of the user that created the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

description str

Description of the keystore.

Constraints: The maximum length is 200 characters. The minimum length is 0 characters. The value must match regular expression /(.|\\n)*/.

dry_run bool

Do not create a keystore, only verify if keystore created with given parameters can be communciated with successfully.

Constraints: The default value is false.

etag str

ETag identifier for keystore.

google_credentials str

The value of the JSON key represented in the Base64 format.

Constraints: The maximum length is 524288 characters. The minimum length is 1 character. The value must match regular expression /^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/.

google_key_ring str

A key ring organizes keys in a specific Google Cloud location and allows you to manage access control on groups of keys.

Constraints: The maximum length is 1024 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

google_location str

Location represents the geographical region where a Cloud KMS resource is stored and can be accessed. A key's location impacts the performance of applications using the key.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

google_private_key_id str

The private key id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

google_project_id str

The project id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

groups Sequence[str]

A list of groups that this keystore belongs to.

Constraints: The list items must match regular expression /^[A-Za-z0-9][A-Za-z0-9-_ ]+$/. The maximum length is 128 items. The minimum length is 1 item.

hpcs_keystore_id str

(String) The v4 UUID used to uniquely identify the resource, as specified by RFC 4122.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[-0-9a-z]+$/.

href str

(String) A URL that uniquely identifies your cloud resource.

Constraints: The maximum length is 200 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/?&=-]+$/.

ibm_api_endpoint str

API endpoint of the IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

ibm_api_key str

The IBM Cloud API key to be used for connecting to this IBM Cloud keystore.

Constraints: The maximum length is 64 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_&.]*$/.

ibm_iam_endpoint str

Endpoint of the IAM service for this IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

ibm_instance_id str

The instance ID of the IBM Cloud keystore.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

ibm_key_ring str

The key ring of an IBM Cloud KMS Keystore.

Constraints: The default value is Default. The maximum length is 100 characters. The minimum length is 2 characters. The value must match regular expression /^[a-zA-Z0-9-]*$/.

ibm_variant str

Possible IBM Cloud KMS variants.

Constraints: Allowable values are: hpcs, internal, key_protect.

instance_id str

ID of UKO Instance

Constraints: Must match the ID of the UKO instance you are trying to work with.

location str

Geographic location of the keystore, if available.

name str

Name of a target keystore.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9 .-_]*$/.

region str

Region of the UKO Instance

Constraints: Must match the region of the UKO instance you are trying to work with. Allowable values are: au-syd, in-che, jp-osa, jp-tok, kr-seo, eu-de, eu-gb, ca-tor, us-south, us-south-test, us-east, br-sao.

type str

Type of keystore.

Constraints: Allowable values are: aws_kms, azure_key_vault, ibm_cloud_kms, google_kms.

uko_vault str

The UUID of the Vault in which the update is to take place.

updated_at str

(String) Date and time when the target keystore was last updated.

updated_by str

(String) ID of the user that last updated the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

vaults Sequence[HpcsKeystoreVaultArgs]

ID of the Vault where the entity is to be created in. Nested scheme for vault:

awsAccessKeyId String

The access key id used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

awsRegion String

AWS Region.

Constraints: Allowable values are: af_south_1, ap_east_1, ap_northeast_1, ap_northeast_2, ap_south_1, ap_southeast_1, ap_southeast_2, aws_cn_global, aws_global, aws_iso_global, aws_iso_b_global, aws_us_gov_global, ca_central_1, cn_north_1, cn_northwest_1, eu_central_1, eu_west_1, eu_west_2, eu_west_3, me_south_1, sa_east_1, us_east_1, us_east_2, us_gov_east_1, us_gov_west_1, us_iso_east_1, us_isob_east_1, us_west_1, us_west_2.

awsSecretAccessKey String

The secret access key used for connecting to this instance of AWS KMS.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_\/]*$/.

azureEnvironment String

Azure environment, usually 'Azure'.

Constraints: Allowable values are: azure, azure_china, azure_germany, azure_us_government.

azureLocation String

Location of the Azure Key Vault.

Constraints: Allowable values are: asia_east, asia_southeast, australia_central, australia_central_2, australia_east, australia_southeast, brazil_south, canada_central, canada_east, china_east, china_east_2, china_north, china_north_2, europe_north, europe_west, france_central, france_south, germany_central, germany_northeast, india_central, india_south, india_west, japan_east, japan_west, korea_central, korea_south, south_africa_north, south_africa_west, uk_south, uk_west, us_central, us_dod_central, us_dod_east, us_east, us_east_2, us_gov_arizona, us_gov_iowa, us_gov_texas, us_gov_virginia, us_north_central, us_south_central, us_west, us_west_2, us_west_central.

azureResourceGroup String

Resource group in Azure.

Constraints: The maximum length is 90 characters. The minimum length is 1 character. The value must match regular expression /^[-\\w\\._\$\$]*[^\\.]$/.

azureServiceName String

Service name of the key vault instance from the Azure portal.

Constraints: The maximum length is 24 characters. The minimum length is 3 characters. The value must match regular expression /^[A-Za-z0-9-]+$/.

azureServicePrincipalClientId String

Azure service principal client ID.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

azureServicePrincipalPassword String

Azure service principal password.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z_.]+$/.

azureSubscriptionId String

Subscription ID in Azure.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

azureTenant String

Azure tenant that the Key Vault is associated with,.

Constraints: The maximum length is 36 characters. The minimum length is 1 character. The value must match regular expression /^[-0-9a-zA-Z]+$/.

createdAt String

(String) Date and time when the target keystore was created.

createdBy String

(String) ID of the user that created the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

description String

Description of the keystore.

Constraints: The maximum length is 200 characters. The minimum length is 0 characters. The value must match regular expression /(.|\\n)*/.

dryRun Boolean

Do not create a keystore, only verify if keystore created with given parameters can be communciated with successfully.

Constraints: The default value is false.

etag String

ETag identifier for keystore.

googleCredentials String

The value of the JSON key represented in the Base64 format.

Constraints: The maximum length is 524288 characters. The minimum length is 1 character. The value must match regular expression /^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/.

googleKeyRing String

A key ring organizes keys in a specific Google Cloud location and allows you to manage access control on groups of keys.

Constraints: The maximum length is 1024 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

googleLocation String

Location represents the geographical region where a Cloud KMS resource is stored and can be accessed. A key's location impacts the performance of applications using the key.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

googlePrivateKeyId String

The private key id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

googleProjectId String

The project id associated with this keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_]*$/.

groups List<String>

A list of groups that this keystore belongs to.

Constraints: The list items must match regular expression /^[A-Za-z0-9][A-Za-z0-9-_ ]+$/. The maximum length is 128 items. The minimum length is 1 item.

hpcsKeystoreId String

(String) The v4 UUID used to uniquely identify the resource, as specified by RFC 4122.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[-0-9a-z]+$/.

href String

(String) A URL that uniquely identifies your cloud resource.

Constraints: The maximum length is 200 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/?&=-]+$/.

ibmApiEndpoint String

API endpoint of the IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

ibmApiKey String

The IBM Cloud API key to be used for connecting to this IBM Cloud keystore.

Constraints: The maximum length is 64 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-_&.]*$/.

ibmIamEndpoint String

Endpoint of the IAM service for this IBM Cloud keystore.

Constraints: The maximum length is 512 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/-]+$/.

ibmInstanceId String

The instance ID of the IBM Cloud keystore.

Constraints: The maximum length is 256 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]*$/.

ibmKeyRing String

The key ring of an IBM Cloud KMS Keystore.

Constraints: The default value is Default. The maximum length is 100 characters. The minimum length is 2 characters. The value must match regular expression /^[a-zA-Z0-9-]*$/.

ibmVariant String

Possible IBM Cloud KMS variants.

Constraints: Allowable values are: hpcs, internal, key_protect.

instanceId String

ID of UKO Instance

Constraints: Must match the ID of the UKO instance you are trying to work with.

location String

Geographic location of the keystore, if available.

name String

Name of a target keystore.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9 .-_]*$/.

region String

Region of the UKO Instance

Constraints: Must match the region of the UKO instance you are trying to work with. Allowable values are: au-syd, in-che, jp-osa, jp-tok, kr-seo, eu-de, eu-gb, ca-tor, us-south, us-south-test, us-east, br-sao.

type String

Type of keystore.

Constraints: Allowable values are: aws_kms, azure_key_vault, ibm_cloud_kms, google_kms.

ukoVault String

The UUID of the Vault in which the update is to take place.

updatedAt String

(String) Date and time when the target keystore was last updated.

updatedBy String

(String) ID of the user that last updated the key.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9-]+$/.

vaults List<Property Map>

ID of the Vault where the entity is to be created in. Nested scheme for vault:

Supporting Types

HpcsKeystoreVault, HpcsKeystoreVaultArgs

Id string

The v4 UUID used to uniquely identify the resource, as specified by RFC 4122.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[-0-9a-z]+$/.

Href string

(String) A URL that uniquely identifies your cloud resource.

Constraints: The maximum length is 200 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/?&=-]+$/.

Name string

Name of a target keystore.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9 .-_]*$/.

Id string

The v4 UUID used to uniquely identify the resource, as specified by RFC 4122.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[-0-9a-z]+$/.

Href string

(String) A URL that uniquely identifies your cloud resource.

Constraints: The maximum length is 200 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/?&=-]+$/.

Name string

Name of a target keystore.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9 .-_]*$/.

id String

The v4 UUID used to uniquely identify the resource, as specified by RFC 4122.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[-0-9a-z]+$/.

href String

(String) A URL that uniquely identifies your cloud resource.

Constraints: The maximum length is 200 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/?&=-]+$/.

name String

Name of a target keystore.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9 .-_]*$/.

id string

The v4 UUID used to uniquely identify the resource, as specified by RFC 4122.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[-0-9a-z]+$/.

href string

(String) A URL that uniquely identifies your cloud resource.

Constraints: The maximum length is 200 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/?&=-]+$/.

name string

Name of a target keystore.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9 .-_]*$/.

id str

The v4 UUID used to uniquely identify the resource, as specified by RFC 4122.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[-0-9a-z]+$/.

href str

(String) A URL that uniquely identifies your cloud resource.

Constraints: The maximum length is 200 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/?&=-]+$/.

name str

Name of a target keystore.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9 .-_]*$/.

id String

The v4 UUID used to uniquely identify the resource, as specified by RFC 4122.

Constraints: The maximum length is 36 characters. The minimum length is 36 characters. The value must match regular expression /^[-0-9a-z]+$/.

href String

(String) A URL that uniquely identifies your cloud resource.

Constraints: The maximum length is 200 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9._~:\/?&=-]+$/.

name String

Name of a target keystore.

Constraints: The maximum length is 100 characters. The minimum length is 1 character. The value must match regular expression /^[A-Za-z0-9][A-Za-z0-9 .-_]*$/.

Import

You can import the ibm_hpcs_keystore resource by using region, instance_id, vault_id, and keystore_id.

Syntax

bash

$ pulumi import ibm:index/hpcsKeystore:HpcsKeystore keystore <region>/<instance_id>/<vault_id>/<keystore_id>

Example

$ pulumi import ibm:index/hpcsKeystore:HpcsKeystore keystore us-east/76195d24-8a31-4c6d-9050-c35f09375cfb/5295ad47-2ce9-43c3-b9e7-e5a9482c362b/d8cc1ef7-d13b-4731-95be-1f7c98c9f524

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: ibm ibm-cloud/terraform-provider-ibm
License
Notes: This Pulumi package is based on the ibm Terraform Provider.

ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud

ibm-cloud/terraform-provider-ibm

ibm.HpcsKeystore

On this page

On this page

Example Usage

Create HpcsKeystore Resource

Constructor syntax

Parameters

Constructor example

HpcsKeystore Resource Properties

Inputs

Outputs

Look up Existing HpcsKeystore Resource

Supporting Types

HpcsKeystoreVault, HpcsKeystoreVaultArgs

Import

Package Details

On this page

On this page