pulumi-gcp-kotlin/com.pulumi.gcp.kms.kotlin.outputs/GetCryptoKeysKey

GetCryptoKeysKey

data class GetCryptoKeysKey(val cryptoKeyBackend: String, val destroyScheduledDuration: String, val effectiveLabels: Map<String, String>, val id: String, val importOnly: Boolean, val keyAccessJustificationsPolicies: List<GetCryptoKeysKeyKeyAccessJustificationsPolicy>, val keyRing: String? = null, val labels: Map<String, String>, val name: String? = null, val primaries: List<GetCryptoKeysKeyPrimary>, val pulumiLabels: Map<String, String>, val purpose: String, val rotationPeriod: String, val skipInitialVersionCreation: Boolean, val versionTemplates: List<GetCryptoKeysKeyVersionTemplate>)

Constructors

Link copied to clipboard
constructor(cryptoKeyBackend: String, destroyScheduledDuration: String, effectiveLabels: Map<String, String>, id: String, importOnly: Boolean, keyAccessJustificationsPolicies: List<GetCryptoKeysKeyKeyAccessJustificationsPolicy>, keyRing: String? = null, labels: Map<String, String>, name: String? = null, primaries: List<GetCryptoKeysKeyPrimary>, pulumiLabels: Map<String, String>, purpose: String, rotationPeriod: String, skipInitialVersionCreation: Boolean, versionTemplates: List<GetCryptoKeysKeyVersionTemplate>)

Types

Link copied to clipboard
object Companion

Properties

Link copied to clipboard
val cryptoKeyBackend: String

The resource name of the backend environment associated with all CryptoKeyVersions within this CryptoKey. The resource name is in the format "projects//locations//ekmConnections/*" and only applies to "EXTERNAL_VPC" keys.

Link copied to clipboard
val destroyScheduledDuration: String

The period of time that versions of this key spend in the DESTROY_SCHEDULED state before transitioning to DESTROYED. If not specified at creation time, the default duration is 30 days.

Link copied to clipboard
Link copied to clipboard
val id: String
Link copied to clipboard
val importOnly: Boolean

Whether this key may contain imported versions only.

Link copied to clipboard
val keyAccessJustificationsPolicies: List<GetCryptoKeysKeyKeyAccessJustificationsPolicy>

The policy used for Key Access Justifications Policy Enforcement. If this field is present and this key is enrolled in Key Access Justifications Policy Enforcement, the policy will be evaluated in encrypt, decrypt, and sign operations, and the operation will fail if rejected by the policy. The policy is defined by specifying zero or more allowed justification codes. https://cloud.google.com/assured-workloads/key-access-justifications/docs/justification-codes By default, this field is absent, and all justification codes are allowed. This field is currently in beta and is subject to change.

Link copied to clipboard
val keyRing: String? = null

The key ring that the keys belongs to. Format: 'projects/{{project}}/locations/{{location}}/keyRings/{{keyRing}}'.,

Link copied to clipboard
val labels: Map<String, String>

Labels with user-defined metadata to apply to this resource. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.

Link copied to clipboard
val name: String? = null

The resource name for the CryptoKey.

Link copied to clipboard
val primaries: List<GetCryptoKeysKeyPrimary>

A copy of the primary CryptoKeyVersion that will be used by cryptoKeys.encrypt when this CryptoKey is given in EncryptRequest.name. Keys with purpose ENCRYPT_DECRYPT may have a primary. For other keys, this field will be unset.

Link copied to clipboard
val pulumiLabels: Map<String, String>

The combination of labels configured directly on the resource and default labels configured on the provider.

Link copied to clipboard
val purpose: String

The immutable purpose of this CryptoKey. See the purpose reference for possible inputs. Default value is "ENCRYPT_DECRYPT".

Link copied to clipboard
val rotationPeriod: String

Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. The first rotation will take place after the specified period. The rotation period has the format of a decimal number with up to 9 fractional digits, followed by the letter 's' (seconds). It must be greater than a day (ie, 86400).

Link copied to clipboard
val skipInitialVersionCreation: Boolean

If set to true, the request will create a CryptoKey without any CryptoKeyVersions. You must use the 'google_kms_crypto_key_version' resource to create a new CryptoKeyVersion or 'google_kms_key_ring_import_job' resource to import the CryptoKeyVersion.

Link copied to clipboard
val versionTemplates: List<GetCryptoKeysKeyVersionTemplate>

A template describing settings for new crypto key versions. //*/