Key
A KeyRingImportJob can be used to create CryptoKeys and CryptoKeyVersions using pre-existing key material, generated outside of Cloud KMS. A KeyRingImportJob expires 3 days after it is created. Once expired, Cloud KMS will no longer be able to import or unwrap any key material that was wrapped with the KeyRingImportJob's public key.
Note: KeyRingImportJobs cannot be deleted from Google Cloud Platform. Destroying a provider-managed KeyRingImportJob will remove it from state but will not delete the resource from the project. To get more information about KeyRingImportJob, see:
How-to Guides
Importing a key {{% examples %}}
Example Usage
{{% /examples %}}
Import
KeyRingImportJob can be imported using any of these accepted formats:
$ pulumi import gcp:kms/keyRingImportJob:KeyRingImportJob default {{name}}Properties
It must be unique within a KeyRing and match the regular expression a-zA-Z0-9_-{1,63}
The wrapping method to be used for incoming key material. Possible values are: RSA_OAEP_3072_SHA1_AES_256, RSA_OAEP_4096_SHA1_AES_256.
The protection level of the ImportJob. This must match the protectionLevel of the versionTemplate on the CryptoKey you attempt to import into. Possible values are: SOFTWARE, HSM, EXTERNAL.