pulumi-google-native-kotlin/com.pulumi.googlenative.cloudkms.v1.kotlin/CryptoKeyArgs

CryptoKeyArgs

data class CryptoKeyArgs(val cryptoKeyBackend: Output<String>? = null, val cryptoKeyId: Output<String>? = null, val destroyScheduledDuration: Output<String>? = null, val importOnly: Output<Boolean>? = null, val keyRingId: Output<String>? = null, val labels: Output<Map<String, String>>? = null, val location: Output<String>? = null, val nextRotationTime: Output<String>? = null, val project: Output<String>? = null, val purpose: Output<CryptoKeyPurpose>? = null, val rotationPeriod: Output<String>? = null, val skipInitialVersionCreation: Output<Boolean>? = null, val versionTemplate: Output<CryptoKeyVersionTemplateArgs>? = null) : ConvertibleToJava<CryptoKeyArgs>

Create a new CryptoKey within a KeyRing. CryptoKey.purpose and CryptoKey.version_template.algorithm are required. Note - this resource's API doesn't support deletion. When deleted, the resource will persist on Google Cloud even though it will be deleted from Pulumi state.

Constructors

Link copied to clipboard
fun CryptoKeyArgs(cryptoKeyBackend: Output<String>? = null, cryptoKeyId: Output<String>? = null, destroyScheduledDuration: Output<String>? = null, importOnly: Output<Boolean>? = null, keyRingId: Output<String>? = null, labels: Output<Map<String, String>>? = null, location: Output<String>? = null, nextRotationTime: Output<String>? = null, project: Output<String>? = null, purpose: Output<CryptoKeyPurpose>? = null, rotationPeriod: Output<String>? = null, skipInitialVersionCreation: Output<Boolean>? = null, versionTemplate: Output<CryptoKeyVersionTemplateArgs>? = null)

Functions

Link copied to clipboard
open override fun toJava(): CryptoKeyArgs

Properties

Link copied to clipboard
val cryptoKeyBackend: Output<String>? = null

Immutable. The resource name of the backend environment where the key material for all CryptoKeyVersions associated with this CryptoKey reside and where all related cryptographic operations are performed. Only applicable if CryptoKeyVersions have a ProtectionLevel of EXTERNAL_VPC, with the resource name in the format projects/*/locations/*/ekmConnections/*. Note, this list is non-exhaustive and may apply to additional ProtectionLevels in the future.

Link copied to clipboard
val cryptoKeyId: Output<String>? = null

Required. It must be unique within a KeyRing and match the regular expression [a-zA-Z0-9_-]{1,63}

Link copied to clipboard
val destroyScheduledDuration: Output<String>? = null

Immutable. The period of time that versions of this key spend in the DESTROY_SCHEDULED state before transitioning to DESTROYED. If not specified at creation time, the default duration is 24 hours.

Link copied to clipboard
val importOnly: Output<Boolean>? = null

Immutable. Whether this key may contain imported versions only.

Link copied to clipboard
val keyRingId: Output<String>? = null
Link copied to clipboard
val labels: Output<Map<String, String>>? = null

Labels with user-defined metadata. For more information, see Labeling Keys.

Link copied to clipboard
val location: Output<String>? = null
Link copied to clipboard
val nextRotationTime: Output<String>? = null

At next_rotation_time, the Key Management Service will automatically: 1. Create a new version of this CryptoKey. 2. Mark the new version as primary. Key rotations performed manually via CreateCryptoKeyVersion and UpdateCryptoKeyPrimaryVersion do not affect next_rotation_time. Keys with purpose ENCRYPT_DECRYPT support automatic rotation. For other keys, this field must be omitted.

Link copied to clipboard
val project: Output<String>? = null
Link copied to clipboard
val purpose: Output<CryptoKeyPurpose>? = null

Immutable. The immutable purpose of this CryptoKey.

Link copied to clipboard
val rotationPeriod: Output<String>? = null

next_rotation_time will be advanced by this period when the service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours. If rotation_period is set, next_rotation_time must also be set. Keys with purpose ENCRYPT_DECRYPT support automatic rotation. For other keys, this field must be omitted.

Link copied to clipboard
val skipInitialVersionCreation: Output<Boolean>? = null

If set to true, the request will create a CryptoKey without any CryptoKeyVersions. You must manually call CreateCryptoKeyVersion or ImportCryptoKeyVersion before you can use this CryptoKey.

Link copied to clipboard
val versionTemplate: Output<CryptoKeyVersionTemplateArgs>? = null

A template describing settings for new CryptoKeyVersion instances. The properties of new CryptoKeyVersion instances created by either CreateCryptoKeyVersion or auto-rotation are controlled by this template. //*/