@pulumi/gcp

import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * A `CryptoKeyVersion` represents an individual cryptographic key, and the associated key material. * * Destroying a cryptoKeyVersion will not delete the resource from the project. * * To get more information about CryptoKeyVersion, see: * * * [API documentation](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys.cryptoKeyVersions) * * How-to Guides * * [Creating a key Version](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys.cryptoKeyVersions/create) * * ## Example Usage * * ### Kms Crypto Key Version Basic * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const keyring = new gcp.kms.KeyRing("keyring", { * name: "keyring-example", * location: "global", * }); * const cryptokey = new gcp.kms.CryptoKey("cryptokey", { * name: "crypto-key-example", * keyRing: keyring.id, * rotationPeriod: "7776000s", * }); * const example_key = new gcp.kms.CryptoKeyVersion("example-key", {cryptoKey: cryptokey.id}); * ``` * * ## Import * * CryptoKeyVersion can be imported using any of these accepted formats: * * * `{{name}}` * * When using the `pulumi import` command, CryptoKeyVersion can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:kms/cryptoKeyVersion:CryptoKeyVersion default {{name}} * ``` */ export declare class CryptoKeyVersion extends pulumi.CustomResource { /** * Get an existing CryptoKeyVersion resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: CryptoKeyVersionState, opts?: pulumi.CustomResourceOptions): CryptoKeyVersion; /** * Returns true if the given object is an instance of CryptoKeyVersion. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is CryptoKeyVersion; /** * The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports. */ readonly algorithm: pulumi.Output<string>; /** * Statement that was generated and signed by the HSM at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google. * Only provided for key versions with protectionLevel HSM. * Structure is documented below. */ readonly attestations: pulumi.Output<outputs.kms.CryptoKeyVersionAttestation[]>; /** * The name of the cryptoKey associated with the CryptoKeyVersions. * Format: `'projects/{{project}}/locations/{{location}}/keyRings/{{keyring}}/cryptoKeys/{{cryptoKey}}'` */ readonly cryptoKey: pulumi.Output<string>; /** * ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level and EXTERNAL_VPC protection levels. * Structure is documented below. */ readonly externalProtectionLevelOptions: pulumi.Output<outputs.kms.CryptoKeyVersionExternalProtectionLevelOptions | undefined>; /** * The time this CryptoKeyVersion key material was generated */ readonly generateTime: pulumi.Output<string>; /** * The resource name for this CryptoKeyVersion. */ readonly name: pulumi.Output<string>; /** * The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion. */ readonly protectionLevel: pulumi.Output<string>; /** * The current state of the CryptoKeyVersion. Note: you can only specify this field to manually `ENABLE` or `DISABLE` the CryptoKeyVersion, * otherwise the value of this field is always retrieved automatically. * Possible values are: `PENDING_GENERATION`, `ENABLED`, `DISABLED`, `DESTROYED`, `DESTROY_SCHEDULED`, `PENDING_IMPORT`, `IMPORT_FAILED`. */ readonly state: pulumi.Output<string>; /** * Create a CryptoKeyVersion resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: CryptoKeyVersionArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering CryptoKeyVersion resources. */ export interface CryptoKeyVersionState { /** * The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports. */ algorithm?: pulumi.Input<string>; /** * Statement that was generated and signed by the HSM at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google. * Only provided for key versions with protectionLevel HSM. * Structure is documented below. */ attestations?: pulumi.Input<pulumi.Input<inputs.kms.CryptoKeyVersionAttestation>[]>; /** * The name of the cryptoKey associated with the CryptoKeyVersions. * Format: `'projects/{{project}}/locations/{{location}}/keyRings/{{keyring}}/cryptoKeys/{{cryptoKey}}'` */ cryptoKey?: pulumi.Input<string>; /** * ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level and EXTERNAL_VPC protection levels. * Structure is documented below. */ externalProtectionLevelOptions?: pulumi.Input<inputs.kms.CryptoKeyVersionExternalProtectionLevelOptions>; /** * The time this CryptoKeyVersion key material was generated */ generateTime?: pulumi.Input<string>; /** * The resource name for this CryptoKeyVersion. */ name?: pulumi.Input<string>; /** * The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion. */ protectionLevel?: pulumi.Input<string>; /** * The current state of the CryptoKeyVersion. Note: you can only specify this field to manually `ENABLE` or `DISABLE` the CryptoKeyVersion, * otherwise the value of this field is always retrieved automatically. * Possible values are: `PENDING_GENERATION`, `ENABLED`, `DISABLED`, `DESTROYED`, `DESTROY_SCHEDULED`, `PENDING_IMPORT`, `IMPORT_FAILED`. */ state?: pulumi.Input<string>; } /** * The set of arguments for constructing a CryptoKeyVersion resource. */ export interface CryptoKeyVersionArgs { /** * The name of the cryptoKey associated with the CryptoKeyVersions. * Format: `'projects/{{project}}/locations/{{location}}/keyRings/{{keyring}}/cryptoKeys/{{cryptoKey}}'` */ cryptoKey: pulumi.Input<string>; /** * ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level and EXTERNAL_VPC protection levels. * Structure is documented below. */ externalProtectionLevelOptions?: pulumi.Input<inputs.kms.CryptoKeyVersionExternalProtectionLevelOptions>; /** * The current state of the CryptoKeyVersion. Note: you can only specify this field to manually `ENABLE` or `DISABLE` the CryptoKeyVersion, * otherwise the value of this field is always retrieved automatically. * Possible values are: `PENDING_GENERATION`, `ENABLED`, `DISABLED`, `DESTROYED`, `DESTROY_SCHEDULED`, `PENDING_IMPORT`, `IMPORT_FAILED`. */ state?: pulumi.Input<string>; }