The highest tagged major version is
Documentation
¶
Index ¶
- type CryptoKey
- func (*CryptoKey) ElementType() reflect.Type
- func (i *CryptoKey) ToCryptoKeyOutput() CryptoKeyOutput
- func (i *CryptoKey) ToCryptoKeyOutputWithContext(ctx context.Context) CryptoKeyOutput
- func (i *CryptoKey) ToCryptoKeyPtrOutput() CryptoKeyPtrOutput
- func (i *CryptoKey) ToCryptoKeyPtrOutputWithContext(ctx context.Context) CryptoKeyPtrOutput
- type CryptoKeyArgs
- type CryptoKeyArray
- type CryptoKeyArrayInput
- type CryptoKeyArrayOutput
- func (CryptoKeyArrayOutput) ElementType() reflect.Type
- func (o CryptoKeyArrayOutput) Index(i pulumi.IntInput) CryptoKeyOutput
- func (o CryptoKeyArrayOutput) ToCryptoKeyArrayOutput() CryptoKeyArrayOutput
- func (o CryptoKeyArrayOutput) ToCryptoKeyArrayOutputWithContext(ctx context.Context) CryptoKeyArrayOutput
- type CryptoKeyIAMBinding
- func (*CryptoKeyIAMBinding) ElementType() reflect.Type
- func (i *CryptoKeyIAMBinding) ToCryptoKeyIAMBindingOutput() CryptoKeyIAMBindingOutput
- func (i *CryptoKeyIAMBinding) ToCryptoKeyIAMBindingOutputWithContext(ctx context.Context) CryptoKeyIAMBindingOutput
- func (i *CryptoKeyIAMBinding) ToCryptoKeyIAMBindingPtrOutput() CryptoKeyIAMBindingPtrOutput
- func (i *CryptoKeyIAMBinding) ToCryptoKeyIAMBindingPtrOutputWithContext(ctx context.Context) CryptoKeyIAMBindingPtrOutput
- type CryptoKeyIAMBindingArgs
- type CryptoKeyIAMBindingArray
- type CryptoKeyIAMBindingArrayInput
- type CryptoKeyIAMBindingArrayOutput
- func (CryptoKeyIAMBindingArrayOutput) ElementType() reflect.Type
- func (o CryptoKeyIAMBindingArrayOutput) Index(i pulumi.IntInput) CryptoKeyIAMBindingOutput
- func (o CryptoKeyIAMBindingArrayOutput) ToCryptoKeyIAMBindingArrayOutput() CryptoKeyIAMBindingArrayOutput
- func (o CryptoKeyIAMBindingArrayOutput) ToCryptoKeyIAMBindingArrayOutputWithContext(ctx context.Context) CryptoKeyIAMBindingArrayOutput
- type CryptoKeyIAMBindingCondition
- type CryptoKeyIAMBindingConditionArgs
- func (CryptoKeyIAMBindingConditionArgs) ElementType() reflect.Type
- func (i CryptoKeyIAMBindingConditionArgs) ToCryptoKeyIAMBindingConditionOutput() CryptoKeyIAMBindingConditionOutput
- func (i CryptoKeyIAMBindingConditionArgs) ToCryptoKeyIAMBindingConditionOutputWithContext(ctx context.Context) CryptoKeyIAMBindingConditionOutput
- func (i CryptoKeyIAMBindingConditionArgs) ToCryptoKeyIAMBindingConditionPtrOutput() CryptoKeyIAMBindingConditionPtrOutput
- func (i CryptoKeyIAMBindingConditionArgs) ToCryptoKeyIAMBindingConditionPtrOutputWithContext(ctx context.Context) CryptoKeyIAMBindingConditionPtrOutput
- type CryptoKeyIAMBindingConditionInput
- type CryptoKeyIAMBindingConditionOutput
- func (o CryptoKeyIAMBindingConditionOutput) Description() pulumi.StringPtrOutput
- func (CryptoKeyIAMBindingConditionOutput) ElementType() reflect.Type
- func (o CryptoKeyIAMBindingConditionOutput) Expression() pulumi.StringOutput
- func (o CryptoKeyIAMBindingConditionOutput) Title() pulumi.StringOutput
- func (o CryptoKeyIAMBindingConditionOutput) ToCryptoKeyIAMBindingConditionOutput() CryptoKeyIAMBindingConditionOutput
- func (o CryptoKeyIAMBindingConditionOutput) ToCryptoKeyIAMBindingConditionOutputWithContext(ctx context.Context) CryptoKeyIAMBindingConditionOutput
- func (o CryptoKeyIAMBindingConditionOutput) ToCryptoKeyIAMBindingConditionPtrOutput() CryptoKeyIAMBindingConditionPtrOutput
- func (o CryptoKeyIAMBindingConditionOutput) ToCryptoKeyIAMBindingConditionPtrOutputWithContext(ctx context.Context) CryptoKeyIAMBindingConditionPtrOutput
- type CryptoKeyIAMBindingConditionPtrInput
- type CryptoKeyIAMBindingConditionPtrOutput
- func (o CryptoKeyIAMBindingConditionPtrOutput) Description() pulumi.StringPtrOutput
- func (o CryptoKeyIAMBindingConditionPtrOutput) Elem() CryptoKeyIAMBindingConditionOutput
- func (CryptoKeyIAMBindingConditionPtrOutput) ElementType() reflect.Type
- func (o CryptoKeyIAMBindingConditionPtrOutput) Expression() pulumi.StringPtrOutput
- func (o CryptoKeyIAMBindingConditionPtrOutput) Title() pulumi.StringPtrOutput
- func (o CryptoKeyIAMBindingConditionPtrOutput) ToCryptoKeyIAMBindingConditionPtrOutput() CryptoKeyIAMBindingConditionPtrOutput
- func (o CryptoKeyIAMBindingConditionPtrOutput) ToCryptoKeyIAMBindingConditionPtrOutputWithContext(ctx context.Context) CryptoKeyIAMBindingConditionPtrOutput
- type CryptoKeyIAMBindingInput
- type CryptoKeyIAMBindingMap
- type CryptoKeyIAMBindingMapInput
- type CryptoKeyIAMBindingMapOutput
- func (CryptoKeyIAMBindingMapOutput) ElementType() reflect.Type
- func (o CryptoKeyIAMBindingMapOutput) MapIndex(k pulumi.StringInput) CryptoKeyIAMBindingOutput
- func (o CryptoKeyIAMBindingMapOutput) ToCryptoKeyIAMBindingMapOutput() CryptoKeyIAMBindingMapOutput
- func (o CryptoKeyIAMBindingMapOutput) ToCryptoKeyIAMBindingMapOutputWithContext(ctx context.Context) CryptoKeyIAMBindingMapOutput
- type CryptoKeyIAMBindingOutput
- func (CryptoKeyIAMBindingOutput) ElementType() reflect.Type
- func (o CryptoKeyIAMBindingOutput) ToCryptoKeyIAMBindingOutput() CryptoKeyIAMBindingOutput
- func (o CryptoKeyIAMBindingOutput) ToCryptoKeyIAMBindingOutputWithContext(ctx context.Context) CryptoKeyIAMBindingOutput
- func (o CryptoKeyIAMBindingOutput) ToCryptoKeyIAMBindingPtrOutput() CryptoKeyIAMBindingPtrOutput
- func (o CryptoKeyIAMBindingOutput) ToCryptoKeyIAMBindingPtrOutputWithContext(ctx context.Context) CryptoKeyIAMBindingPtrOutput
- type CryptoKeyIAMBindingPtrInput
- type CryptoKeyIAMBindingPtrOutput
- type CryptoKeyIAMBindingState
- type CryptoKeyIAMMember
- func (*CryptoKeyIAMMember) ElementType() reflect.Type
- func (i *CryptoKeyIAMMember) ToCryptoKeyIAMMemberOutput() CryptoKeyIAMMemberOutput
- func (i *CryptoKeyIAMMember) ToCryptoKeyIAMMemberOutputWithContext(ctx context.Context) CryptoKeyIAMMemberOutput
- func (i *CryptoKeyIAMMember) ToCryptoKeyIAMMemberPtrOutput() CryptoKeyIAMMemberPtrOutput
- func (i *CryptoKeyIAMMember) ToCryptoKeyIAMMemberPtrOutputWithContext(ctx context.Context) CryptoKeyIAMMemberPtrOutput
- type CryptoKeyIAMMemberArgs
- type CryptoKeyIAMMemberArray
- type CryptoKeyIAMMemberArrayInput
- type CryptoKeyIAMMemberArrayOutput
- func (CryptoKeyIAMMemberArrayOutput) ElementType() reflect.Type
- func (o CryptoKeyIAMMemberArrayOutput) Index(i pulumi.IntInput) CryptoKeyIAMMemberOutput
- func (o CryptoKeyIAMMemberArrayOutput) ToCryptoKeyIAMMemberArrayOutput() CryptoKeyIAMMemberArrayOutput
- func (o CryptoKeyIAMMemberArrayOutput) ToCryptoKeyIAMMemberArrayOutputWithContext(ctx context.Context) CryptoKeyIAMMemberArrayOutput
- type CryptoKeyIAMMemberCondition
- type CryptoKeyIAMMemberConditionArgs
- func (CryptoKeyIAMMemberConditionArgs) ElementType() reflect.Type
- func (i CryptoKeyIAMMemberConditionArgs) ToCryptoKeyIAMMemberConditionOutput() CryptoKeyIAMMemberConditionOutput
- func (i CryptoKeyIAMMemberConditionArgs) ToCryptoKeyIAMMemberConditionOutputWithContext(ctx context.Context) CryptoKeyIAMMemberConditionOutput
- func (i CryptoKeyIAMMemberConditionArgs) ToCryptoKeyIAMMemberConditionPtrOutput() CryptoKeyIAMMemberConditionPtrOutput
- func (i CryptoKeyIAMMemberConditionArgs) ToCryptoKeyIAMMemberConditionPtrOutputWithContext(ctx context.Context) CryptoKeyIAMMemberConditionPtrOutput
- type CryptoKeyIAMMemberConditionInput
- type CryptoKeyIAMMemberConditionOutput
- func (o CryptoKeyIAMMemberConditionOutput) Description() pulumi.StringPtrOutput
- func (CryptoKeyIAMMemberConditionOutput) ElementType() reflect.Type
- func (o CryptoKeyIAMMemberConditionOutput) Expression() pulumi.StringOutput
- func (o CryptoKeyIAMMemberConditionOutput) Title() pulumi.StringOutput
- func (o CryptoKeyIAMMemberConditionOutput) ToCryptoKeyIAMMemberConditionOutput() CryptoKeyIAMMemberConditionOutput
- func (o CryptoKeyIAMMemberConditionOutput) ToCryptoKeyIAMMemberConditionOutputWithContext(ctx context.Context) CryptoKeyIAMMemberConditionOutput
- func (o CryptoKeyIAMMemberConditionOutput) ToCryptoKeyIAMMemberConditionPtrOutput() CryptoKeyIAMMemberConditionPtrOutput
- func (o CryptoKeyIAMMemberConditionOutput) ToCryptoKeyIAMMemberConditionPtrOutputWithContext(ctx context.Context) CryptoKeyIAMMemberConditionPtrOutput
- type CryptoKeyIAMMemberConditionPtrInput
- type CryptoKeyIAMMemberConditionPtrOutput
- func (o CryptoKeyIAMMemberConditionPtrOutput) Description() pulumi.StringPtrOutput
- func (o CryptoKeyIAMMemberConditionPtrOutput) Elem() CryptoKeyIAMMemberConditionOutput
- func (CryptoKeyIAMMemberConditionPtrOutput) ElementType() reflect.Type
- func (o CryptoKeyIAMMemberConditionPtrOutput) Expression() pulumi.StringPtrOutput
- func (o CryptoKeyIAMMemberConditionPtrOutput) Title() pulumi.StringPtrOutput
- func (o CryptoKeyIAMMemberConditionPtrOutput) ToCryptoKeyIAMMemberConditionPtrOutput() CryptoKeyIAMMemberConditionPtrOutput
- func (o CryptoKeyIAMMemberConditionPtrOutput) ToCryptoKeyIAMMemberConditionPtrOutputWithContext(ctx context.Context) CryptoKeyIAMMemberConditionPtrOutput
- type CryptoKeyIAMMemberInput
- type CryptoKeyIAMMemberMap
- type CryptoKeyIAMMemberMapInput
- type CryptoKeyIAMMemberMapOutput
- func (CryptoKeyIAMMemberMapOutput) ElementType() reflect.Type
- func (o CryptoKeyIAMMemberMapOutput) MapIndex(k pulumi.StringInput) CryptoKeyIAMMemberOutput
- func (o CryptoKeyIAMMemberMapOutput) ToCryptoKeyIAMMemberMapOutput() CryptoKeyIAMMemberMapOutput
- func (o CryptoKeyIAMMemberMapOutput) ToCryptoKeyIAMMemberMapOutputWithContext(ctx context.Context) CryptoKeyIAMMemberMapOutput
- type CryptoKeyIAMMemberOutput
- func (CryptoKeyIAMMemberOutput) ElementType() reflect.Type
- func (o CryptoKeyIAMMemberOutput) ToCryptoKeyIAMMemberOutput() CryptoKeyIAMMemberOutput
- func (o CryptoKeyIAMMemberOutput) ToCryptoKeyIAMMemberOutputWithContext(ctx context.Context) CryptoKeyIAMMemberOutput
- func (o CryptoKeyIAMMemberOutput) ToCryptoKeyIAMMemberPtrOutput() CryptoKeyIAMMemberPtrOutput
- func (o CryptoKeyIAMMemberOutput) ToCryptoKeyIAMMemberPtrOutputWithContext(ctx context.Context) CryptoKeyIAMMemberPtrOutput
- type CryptoKeyIAMMemberPtrInput
- type CryptoKeyIAMMemberPtrOutput
- type CryptoKeyIAMMemberState
- type CryptoKeyIAMPolicy
- func (*CryptoKeyIAMPolicy) ElementType() reflect.Type
- func (i *CryptoKeyIAMPolicy) ToCryptoKeyIAMPolicyOutput() CryptoKeyIAMPolicyOutput
- func (i *CryptoKeyIAMPolicy) ToCryptoKeyIAMPolicyOutputWithContext(ctx context.Context) CryptoKeyIAMPolicyOutput
- func (i *CryptoKeyIAMPolicy) ToCryptoKeyIAMPolicyPtrOutput() CryptoKeyIAMPolicyPtrOutput
- func (i *CryptoKeyIAMPolicy) ToCryptoKeyIAMPolicyPtrOutputWithContext(ctx context.Context) CryptoKeyIAMPolicyPtrOutput
- type CryptoKeyIAMPolicyArgs
- type CryptoKeyIAMPolicyArray
- type CryptoKeyIAMPolicyArrayInput
- type CryptoKeyIAMPolicyArrayOutput
- func (CryptoKeyIAMPolicyArrayOutput) ElementType() reflect.Type
- func (o CryptoKeyIAMPolicyArrayOutput) Index(i pulumi.IntInput) CryptoKeyIAMPolicyOutput
- func (o CryptoKeyIAMPolicyArrayOutput) ToCryptoKeyIAMPolicyArrayOutput() CryptoKeyIAMPolicyArrayOutput
- func (o CryptoKeyIAMPolicyArrayOutput) ToCryptoKeyIAMPolicyArrayOutputWithContext(ctx context.Context) CryptoKeyIAMPolicyArrayOutput
- type CryptoKeyIAMPolicyInput
- type CryptoKeyIAMPolicyMap
- type CryptoKeyIAMPolicyMapInput
- type CryptoKeyIAMPolicyMapOutput
- func (CryptoKeyIAMPolicyMapOutput) ElementType() reflect.Type
- func (o CryptoKeyIAMPolicyMapOutput) MapIndex(k pulumi.StringInput) CryptoKeyIAMPolicyOutput
- func (o CryptoKeyIAMPolicyMapOutput) ToCryptoKeyIAMPolicyMapOutput() CryptoKeyIAMPolicyMapOutput
- func (o CryptoKeyIAMPolicyMapOutput) ToCryptoKeyIAMPolicyMapOutputWithContext(ctx context.Context) CryptoKeyIAMPolicyMapOutput
- type CryptoKeyIAMPolicyOutput
- func (CryptoKeyIAMPolicyOutput) ElementType() reflect.Type
- func (o CryptoKeyIAMPolicyOutput) ToCryptoKeyIAMPolicyOutput() CryptoKeyIAMPolicyOutput
- func (o CryptoKeyIAMPolicyOutput) ToCryptoKeyIAMPolicyOutputWithContext(ctx context.Context) CryptoKeyIAMPolicyOutput
- func (o CryptoKeyIAMPolicyOutput) ToCryptoKeyIAMPolicyPtrOutput() CryptoKeyIAMPolicyPtrOutput
- func (o CryptoKeyIAMPolicyOutput) ToCryptoKeyIAMPolicyPtrOutputWithContext(ctx context.Context) CryptoKeyIAMPolicyPtrOutput
- type CryptoKeyIAMPolicyPtrInput
- type CryptoKeyIAMPolicyPtrOutput
- type CryptoKeyIAMPolicyState
- type CryptoKeyInput
- type CryptoKeyMap
- type CryptoKeyMapInput
- type CryptoKeyMapOutput
- type CryptoKeyOutput
- func (CryptoKeyOutput) ElementType() reflect.Type
- func (o CryptoKeyOutput) ToCryptoKeyOutput() CryptoKeyOutput
- func (o CryptoKeyOutput) ToCryptoKeyOutputWithContext(ctx context.Context) CryptoKeyOutput
- func (o CryptoKeyOutput) ToCryptoKeyPtrOutput() CryptoKeyPtrOutput
- func (o CryptoKeyOutput) ToCryptoKeyPtrOutputWithContext(ctx context.Context) CryptoKeyPtrOutput
- type CryptoKeyPtrInput
- type CryptoKeyPtrOutput
- type CryptoKeyState
- type CryptoKeyVersionTemplate
- type CryptoKeyVersionTemplateArgs
- func (CryptoKeyVersionTemplateArgs) ElementType() reflect.Type
- func (i CryptoKeyVersionTemplateArgs) ToCryptoKeyVersionTemplateOutput() CryptoKeyVersionTemplateOutput
- func (i CryptoKeyVersionTemplateArgs) ToCryptoKeyVersionTemplateOutputWithContext(ctx context.Context) CryptoKeyVersionTemplateOutput
- func (i CryptoKeyVersionTemplateArgs) ToCryptoKeyVersionTemplatePtrOutput() CryptoKeyVersionTemplatePtrOutput
- func (i CryptoKeyVersionTemplateArgs) ToCryptoKeyVersionTemplatePtrOutputWithContext(ctx context.Context) CryptoKeyVersionTemplatePtrOutput
- type CryptoKeyVersionTemplateInput
- type CryptoKeyVersionTemplateOutput
- func (o CryptoKeyVersionTemplateOutput) Algorithm() pulumi.StringOutput
- func (CryptoKeyVersionTemplateOutput) ElementType() reflect.Type
- func (o CryptoKeyVersionTemplateOutput) ProtectionLevel() pulumi.StringPtrOutput
- func (o CryptoKeyVersionTemplateOutput) ToCryptoKeyVersionTemplateOutput() CryptoKeyVersionTemplateOutput
- func (o CryptoKeyVersionTemplateOutput) ToCryptoKeyVersionTemplateOutputWithContext(ctx context.Context) CryptoKeyVersionTemplateOutput
- func (o CryptoKeyVersionTemplateOutput) ToCryptoKeyVersionTemplatePtrOutput() CryptoKeyVersionTemplatePtrOutput
- func (o CryptoKeyVersionTemplateOutput) ToCryptoKeyVersionTemplatePtrOutputWithContext(ctx context.Context) CryptoKeyVersionTemplatePtrOutput
- type CryptoKeyVersionTemplatePtrInput
- type CryptoKeyVersionTemplatePtrOutput
- func (o CryptoKeyVersionTemplatePtrOutput) Algorithm() pulumi.StringPtrOutput
- func (o CryptoKeyVersionTemplatePtrOutput) Elem() CryptoKeyVersionTemplateOutput
- func (CryptoKeyVersionTemplatePtrOutput) ElementType() reflect.Type
- func (o CryptoKeyVersionTemplatePtrOutput) ProtectionLevel() pulumi.StringPtrOutput
- func (o CryptoKeyVersionTemplatePtrOutput) ToCryptoKeyVersionTemplatePtrOutput() CryptoKeyVersionTemplatePtrOutput
- func (o CryptoKeyVersionTemplatePtrOutput) ToCryptoKeyVersionTemplatePtrOutputWithContext(ctx context.Context) CryptoKeyVersionTemplatePtrOutput
- type GetKMSCryptoKeyArgs
- type GetKMSCryptoKeyResult
- type GetKMSCryptoKeyVersionArgs
- type GetKMSCryptoKeyVersionPublicKey
- type GetKMSCryptoKeyVersionPublicKeyArgs
- func (GetKMSCryptoKeyVersionPublicKeyArgs) ElementType() reflect.Type
- func (i GetKMSCryptoKeyVersionPublicKeyArgs) ToGetKMSCryptoKeyVersionPublicKeyOutput() GetKMSCryptoKeyVersionPublicKeyOutput
- func (i GetKMSCryptoKeyVersionPublicKeyArgs) ToGetKMSCryptoKeyVersionPublicKeyOutputWithContext(ctx context.Context) GetKMSCryptoKeyVersionPublicKeyOutput
- type GetKMSCryptoKeyVersionPublicKeyArray
- func (GetKMSCryptoKeyVersionPublicKeyArray) ElementType() reflect.Type
- func (i GetKMSCryptoKeyVersionPublicKeyArray) ToGetKMSCryptoKeyVersionPublicKeyArrayOutput() GetKMSCryptoKeyVersionPublicKeyArrayOutput
- func (i GetKMSCryptoKeyVersionPublicKeyArray) ToGetKMSCryptoKeyVersionPublicKeyArrayOutputWithContext(ctx context.Context) GetKMSCryptoKeyVersionPublicKeyArrayOutput
- type GetKMSCryptoKeyVersionPublicKeyArrayInput
- type GetKMSCryptoKeyVersionPublicKeyArrayOutput
- func (GetKMSCryptoKeyVersionPublicKeyArrayOutput) ElementType() reflect.Type
- func (o GetKMSCryptoKeyVersionPublicKeyArrayOutput) Index(i pulumi.IntInput) GetKMSCryptoKeyVersionPublicKeyOutput
- func (o GetKMSCryptoKeyVersionPublicKeyArrayOutput) ToGetKMSCryptoKeyVersionPublicKeyArrayOutput() GetKMSCryptoKeyVersionPublicKeyArrayOutput
- func (o GetKMSCryptoKeyVersionPublicKeyArrayOutput) ToGetKMSCryptoKeyVersionPublicKeyArrayOutputWithContext(ctx context.Context) GetKMSCryptoKeyVersionPublicKeyArrayOutput
- type GetKMSCryptoKeyVersionPublicKeyInput
- type GetKMSCryptoKeyVersionPublicKeyOutput
- func (o GetKMSCryptoKeyVersionPublicKeyOutput) Algorithm() pulumi.StringOutput
- func (GetKMSCryptoKeyVersionPublicKeyOutput) ElementType() reflect.Type
- func (o GetKMSCryptoKeyVersionPublicKeyOutput) Pem() pulumi.StringOutput
- func (o GetKMSCryptoKeyVersionPublicKeyOutput) ToGetKMSCryptoKeyVersionPublicKeyOutput() GetKMSCryptoKeyVersionPublicKeyOutput
- func (o GetKMSCryptoKeyVersionPublicKeyOutput) ToGetKMSCryptoKeyVersionPublicKeyOutputWithContext(ctx context.Context) GetKMSCryptoKeyVersionPublicKeyOutput
- type GetKMSCryptoKeyVersionResult
- type GetKMSCryptoKeyVersionTemplate
- type GetKMSCryptoKeyVersionTemplateArgs
- func (GetKMSCryptoKeyVersionTemplateArgs) ElementType() reflect.Type
- func (i GetKMSCryptoKeyVersionTemplateArgs) ToGetKMSCryptoKeyVersionTemplateOutput() GetKMSCryptoKeyVersionTemplateOutput
- func (i GetKMSCryptoKeyVersionTemplateArgs) ToGetKMSCryptoKeyVersionTemplateOutputWithContext(ctx context.Context) GetKMSCryptoKeyVersionTemplateOutput
- type GetKMSCryptoKeyVersionTemplateArray
- func (GetKMSCryptoKeyVersionTemplateArray) ElementType() reflect.Type
- func (i GetKMSCryptoKeyVersionTemplateArray) ToGetKMSCryptoKeyVersionTemplateArrayOutput() GetKMSCryptoKeyVersionTemplateArrayOutput
- func (i GetKMSCryptoKeyVersionTemplateArray) ToGetKMSCryptoKeyVersionTemplateArrayOutputWithContext(ctx context.Context) GetKMSCryptoKeyVersionTemplateArrayOutput
- type GetKMSCryptoKeyVersionTemplateArrayInput
- type GetKMSCryptoKeyVersionTemplateArrayOutput
- func (GetKMSCryptoKeyVersionTemplateArrayOutput) ElementType() reflect.Type
- func (o GetKMSCryptoKeyVersionTemplateArrayOutput) Index(i pulumi.IntInput) GetKMSCryptoKeyVersionTemplateOutput
- func (o GetKMSCryptoKeyVersionTemplateArrayOutput) ToGetKMSCryptoKeyVersionTemplateArrayOutput() GetKMSCryptoKeyVersionTemplateArrayOutput
- func (o GetKMSCryptoKeyVersionTemplateArrayOutput) ToGetKMSCryptoKeyVersionTemplateArrayOutputWithContext(ctx context.Context) GetKMSCryptoKeyVersionTemplateArrayOutput
- type GetKMSCryptoKeyVersionTemplateInput
- type GetKMSCryptoKeyVersionTemplateOutput
- func (o GetKMSCryptoKeyVersionTemplateOutput) Algorithm() pulumi.StringOutput
- func (GetKMSCryptoKeyVersionTemplateOutput) ElementType() reflect.Type
- func (o GetKMSCryptoKeyVersionTemplateOutput) ProtectionLevel() pulumi.StringOutput
- func (o GetKMSCryptoKeyVersionTemplateOutput) ToGetKMSCryptoKeyVersionTemplateOutput() GetKMSCryptoKeyVersionTemplateOutput
- func (o GetKMSCryptoKeyVersionTemplateOutput) ToGetKMSCryptoKeyVersionTemplateOutputWithContext(ctx context.Context) GetKMSCryptoKeyVersionTemplateOutput
- type GetKMSKeyRingArgs
- type GetKMSKeyRingResult
- type GetKMSSecretArgs
- type GetKMSSecretAsymmetricArgs
- type GetKMSSecretAsymmetricResult
- type GetKMSSecretCiphertextArgs
- type GetKMSSecretCiphertextResult
- type GetKMSSecretResult
- type KeyRing
- func (*KeyRing) ElementType() reflect.Type
- func (i *KeyRing) ToKeyRingOutput() KeyRingOutput
- func (i *KeyRing) ToKeyRingOutputWithContext(ctx context.Context) KeyRingOutput
- func (i *KeyRing) ToKeyRingPtrOutput() KeyRingPtrOutput
- func (i *KeyRing) ToKeyRingPtrOutputWithContext(ctx context.Context) KeyRingPtrOutput
- type KeyRingArgs
- type KeyRingArray
- type KeyRingArrayInput
- type KeyRingArrayOutput
- type KeyRingIAMBinding
- func (*KeyRingIAMBinding) ElementType() reflect.Type
- func (i *KeyRingIAMBinding) ToKeyRingIAMBindingOutput() KeyRingIAMBindingOutput
- func (i *KeyRingIAMBinding) ToKeyRingIAMBindingOutputWithContext(ctx context.Context) KeyRingIAMBindingOutput
- func (i *KeyRingIAMBinding) ToKeyRingIAMBindingPtrOutput() KeyRingIAMBindingPtrOutput
- func (i *KeyRingIAMBinding) ToKeyRingIAMBindingPtrOutputWithContext(ctx context.Context) KeyRingIAMBindingPtrOutput
- type KeyRingIAMBindingArgs
- type KeyRingIAMBindingArray
- type KeyRingIAMBindingArrayInput
- type KeyRingIAMBindingArrayOutput
- func (KeyRingIAMBindingArrayOutput) ElementType() reflect.Type
- func (o KeyRingIAMBindingArrayOutput) Index(i pulumi.IntInput) KeyRingIAMBindingOutput
- func (o KeyRingIAMBindingArrayOutput) ToKeyRingIAMBindingArrayOutput() KeyRingIAMBindingArrayOutput
- func (o KeyRingIAMBindingArrayOutput) ToKeyRingIAMBindingArrayOutputWithContext(ctx context.Context) KeyRingIAMBindingArrayOutput
- type KeyRingIAMBindingCondition
- type KeyRingIAMBindingConditionArgs
- func (KeyRingIAMBindingConditionArgs) ElementType() reflect.Type
- func (i KeyRingIAMBindingConditionArgs) ToKeyRingIAMBindingConditionOutput() KeyRingIAMBindingConditionOutput
- func (i KeyRingIAMBindingConditionArgs) ToKeyRingIAMBindingConditionOutputWithContext(ctx context.Context) KeyRingIAMBindingConditionOutput
- func (i KeyRingIAMBindingConditionArgs) ToKeyRingIAMBindingConditionPtrOutput() KeyRingIAMBindingConditionPtrOutput
- func (i KeyRingIAMBindingConditionArgs) ToKeyRingIAMBindingConditionPtrOutputWithContext(ctx context.Context) KeyRingIAMBindingConditionPtrOutput
- type KeyRingIAMBindingConditionInput
- type KeyRingIAMBindingConditionOutput
- func (o KeyRingIAMBindingConditionOutput) Description() pulumi.StringPtrOutput
- func (KeyRingIAMBindingConditionOutput) ElementType() reflect.Type
- func (o KeyRingIAMBindingConditionOutput) Expression() pulumi.StringOutput
- func (o KeyRingIAMBindingConditionOutput) Title() pulumi.StringOutput
- func (o KeyRingIAMBindingConditionOutput) ToKeyRingIAMBindingConditionOutput() KeyRingIAMBindingConditionOutput
- func (o KeyRingIAMBindingConditionOutput) ToKeyRingIAMBindingConditionOutputWithContext(ctx context.Context) KeyRingIAMBindingConditionOutput
- func (o KeyRingIAMBindingConditionOutput) ToKeyRingIAMBindingConditionPtrOutput() KeyRingIAMBindingConditionPtrOutput
- func (o KeyRingIAMBindingConditionOutput) ToKeyRingIAMBindingConditionPtrOutputWithContext(ctx context.Context) KeyRingIAMBindingConditionPtrOutput
- type KeyRingIAMBindingConditionPtrInput
- type KeyRingIAMBindingConditionPtrOutput
- func (o KeyRingIAMBindingConditionPtrOutput) Description() pulumi.StringPtrOutput
- func (o KeyRingIAMBindingConditionPtrOutput) Elem() KeyRingIAMBindingConditionOutput
- func (KeyRingIAMBindingConditionPtrOutput) ElementType() reflect.Type
- func (o KeyRingIAMBindingConditionPtrOutput) Expression() pulumi.StringPtrOutput
- func (o KeyRingIAMBindingConditionPtrOutput) Title() pulumi.StringPtrOutput
- func (o KeyRingIAMBindingConditionPtrOutput) ToKeyRingIAMBindingConditionPtrOutput() KeyRingIAMBindingConditionPtrOutput
- func (o KeyRingIAMBindingConditionPtrOutput) ToKeyRingIAMBindingConditionPtrOutputWithContext(ctx context.Context) KeyRingIAMBindingConditionPtrOutput
- type KeyRingIAMBindingInput
- type KeyRingIAMBindingMap
- type KeyRingIAMBindingMapInput
- type KeyRingIAMBindingMapOutput
- func (KeyRingIAMBindingMapOutput) ElementType() reflect.Type
- func (o KeyRingIAMBindingMapOutput) MapIndex(k pulumi.StringInput) KeyRingIAMBindingOutput
- func (o KeyRingIAMBindingMapOutput) ToKeyRingIAMBindingMapOutput() KeyRingIAMBindingMapOutput
- func (o KeyRingIAMBindingMapOutput) ToKeyRingIAMBindingMapOutputWithContext(ctx context.Context) KeyRingIAMBindingMapOutput
- type KeyRingIAMBindingOutput
- func (KeyRingIAMBindingOutput) ElementType() reflect.Type
- func (o KeyRingIAMBindingOutput) ToKeyRingIAMBindingOutput() KeyRingIAMBindingOutput
- func (o KeyRingIAMBindingOutput) ToKeyRingIAMBindingOutputWithContext(ctx context.Context) KeyRingIAMBindingOutput
- func (o KeyRingIAMBindingOutput) ToKeyRingIAMBindingPtrOutput() KeyRingIAMBindingPtrOutput
- func (o KeyRingIAMBindingOutput) ToKeyRingIAMBindingPtrOutputWithContext(ctx context.Context) KeyRingIAMBindingPtrOutput
- type KeyRingIAMBindingPtrInput
- type KeyRingIAMBindingPtrOutput
- type KeyRingIAMBindingState
- type KeyRingIAMMember
- func (*KeyRingIAMMember) ElementType() reflect.Type
- func (i *KeyRingIAMMember) ToKeyRingIAMMemberOutput() KeyRingIAMMemberOutput
- func (i *KeyRingIAMMember) ToKeyRingIAMMemberOutputWithContext(ctx context.Context) KeyRingIAMMemberOutput
- func (i *KeyRingIAMMember) ToKeyRingIAMMemberPtrOutput() KeyRingIAMMemberPtrOutput
- func (i *KeyRingIAMMember) ToKeyRingIAMMemberPtrOutputWithContext(ctx context.Context) KeyRingIAMMemberPtrOutput
- type KeyRingIAMMemberArgs
- type KeyRingIAMMemberArray
- type KeyRingIAMMemberArrayInput
- type KeyRingIAMMemberArrayOutput
- func (KeyRingIAMMemberArrayOutput) ElementType() reflect.Type
- func (o KeyRingIAMMemberArrayOutput) Index(i pulumi.IntInput) KeyRingIAMMemberOutput
- func (o KeyRingIAMMemberArrayOutput) ToKeyRingIAMMemberArrayOutput() KeyRingIAMMemberArrayOutput
- func (o KeyRingIAMMemberArrayOutput) ToKeyRingIAMMemberArrayOutputWithContext(ctx context.Context) KeyRingIAMMemberArrayOutput
- type KeyRingIAMMemberCondition
- type KeyRingIAMMemberConditionArgs
- func (KeyRingIAMMemberConditionArgs) ElementType() reflect.Type
- func (i KeyRingIAMMemberConditionArgs) ToKeyRingIAMMemberConditionOutput() KeyRingIAMMemberConditionOutput
- func (i KeyRingIAMMemberConditionArgs) ToKeyRingIAMMemberConditionOutputWithContext(ctx context.Context) KeyRingIAMMemberConditionOutput
- func (i KeyRingIAMMemberConditionArgs) ToKeyRingIAMMemberConditionPtrOutput() KeyRingIAMMemberConditionPtrOutput
- func (i KeyRingIAMMemberConditionArgs) ToKeyRingIAMMemberConditionPtrOutputWithContext(ctx context.Context) KeyRingIAMMemberConditionPtrOutput
- type KeyRingIAMMemberConditionInput
- type KeyRingIAMMemberConditionOutput
- func (o KeyRingIAMMemberConditionOutput) Description() pulumi.StringPtrOutput
- func (KeyRingIAMMemberConditionOutput) ElementType() reflect.Type
- func (o KeyRingIAMMemberConditionOutput) Expression() pulumi.StringOutput
- func (o KeyRingIAMMemberConditionOutput) Title() pulumi.StringOutput
- func (o KeyRingIAMMemberConditionOutput) ToKeyRingIAMMemberConditionOutput() KeyRingIAMMemberConditionOutput
- func (o KeyRingIAMMemberConditionOutput) ToKeyRingIAMMemberConditionOutputWithContext(ctx context.Context) KeyRingIAMMemberConditionOutput
- func (o KeyRingIAMMemberConditionOutput) ToKeyRingIAMMemberConditionPtrOutput() KeyRingIAMMemberConditionPtrOutput
- func (o KeyRingIAMMemberConditionOutput) ToKeyRingIAMMemberConditionPtrOutputWithContext(ctx context.Context) KeyRingIAMMemberConditionPtrOutput
- type KeyRingIAMMemberConditionPtrInput
- type KeyRingIAMMemberConditionPtrOutput
- func (o KeyRingIAMMemberConditionPtrOutput) Description() pulumi.StringPtrOutput
- func (o KeyRingIAMMemberConditionPtrOutput) Elem() KeyRingIAMMemberConditionOutput
- func (KeyRingIAMMemberConditionPtrOutput) ElementType() reflect.Type
- func (o KeyRingIAMMemberConditionPtrOutput) Expression() pulumi.StringPtrOutput
- func (o KeyRingIAMMemberConditionPtrOutput) Title() pulumi.StringPtrOutput
- func (o KeyRingIAMMemberConditionPtrOutput) ToKeyRingIAMMemberConditionPtrOutput() KeyRingIAMMemberConditionPtrOutput
- func (o KeyRingIAMMemberConditionPtrOutput) ToKeyRingIAMMemberConditionPtrOutputWithContext(ctx context.Context) KeyRingIAMMemberConditionPtrOutput
- type KeyRingIAMMemberInput
- type KeyRingIAMMemberMap
- type KeyRingIAMMemberMapInput
- type KeyRingIAMMemberMapOutput
- func (KeyRingIAMMemberMapOutput) ElementType() reflect.Type
- func (o KeyRingIAMMemberMapOutput) MapIndex(k pulumi.StringInput) KeyRingIAMMemberOutput
- func (o KeyRingIAMMemberMapOutput) ToKeyRingIAMMemberMapOutput() KeyRingIAMMemberMapOutput
- func (o KeyRingIAMMemberMapOutput) ToKeyRingIAMMemberMapOutputWithContext(ctx context.Context) KeyRingIAMMemberMapOutput
- type KeyRingIAMMemberOutput
- func (KeyRingIAMMemberOutput) ElementType() reflect.Type
- func (o KeyRingIAMMemberOutput) ToKeyRingIAMMemberOutput() KeyRingIAMMemberOutput
- func (o KeyRingIAMMemberOutput) ToKeyRingIAMMemberOutputWithContext(ctx context.Context) KeyRingIAMMemberOutput
- func (o KeyRingIAMMemberOutput) ToKeyRingIAMMemberPtrOutput() KeyRingIAMMemberPtrOutput
- func (o KeyRingIAMMemberOutput) ToKeyRingIAMMemberPtrOutputWithContext(ctx context.Context) KeyRingIAMMemberPtrOutput
- type KeyRingIAMMemberPtrInput
- type KeyRingIAMMemberPtrOutput
- type KeyRingIAMMemberState
- type KeyRingIAMPolicy
- func (*KeyRingIAMPolicy) ElementType() reflect.Type
- func (i *KeyRingIAMPolicy) ToKeyRingIAMPolicyOutput() KeyRingIAMPolicyOutput
- func (i *KeyRingIAMPolicy) ToKeyRingIAMPolicyOutputWithContext(ctx context.Context) KeyRingIAMPolicyOutput
- func (i *KeyRingIAMPolicy) ToKeyRingIAMPolicyPtrOutput() KeyRingIAMPolicyPtrOutput
- func (i *KeyRingIAMPolicy) ToKeyRingIAMPolicyPtrOutputWithContext(ctx context.Context) KeyRingIAMPolicyPtrOutput
- type KeyRingIAMPolicyArgs
- type KeyRingIAMPolicyArray
- type KeyRingIAMPolicyArrayInput
- type KeyRingIAMPolicyArrayOutput
- func (KeyRingIAMPolicyArrayOutput) ElementType() reflect.Type
- func (o KeyRingIAMPolicyArrayOutput) Index(i pulumi.IntInput) KeyRingIAMPolicyOutput
- func (o KeyRingIAMPolicyArrayOutput) ToKeyRingIAMPolicyArrayOutput() KeyRingIAMPolicyArrayOutput
- func (o KeyRingIAMPolicyArrayOutput) ToKeyRingIAMPolicyArrayOutputWithContext(ctx context.Context) KeyRingIAMPolicyArrayOutput
- type KeyRingIAMPolicyInput
- type KeyRingIAMPolicyMap
- type KeyRingIAMPolicyMapInput
- type KeyRingIAMPolicyMapOutput
- func (KeyRingIAMPolicyMapOutput) ElementType() reflect.Type
- func (o KeyRingIAMPolicyMapOutput) MapIndex(k pulumi.StringInput) KeyRingIAMPolicyOutput
- func (o KeyRingIAMPolicyMapOutput) ToKeyRingIAMPolicyMapOutput() KeyRingIAMPolicyMapOutput
- func (o KeyRingIAMPolicyMapOutput) ToKeyRingIAMPolicyMapOutputWithContext(ctx context.Context) KeyRingIAMPolicyMapOutput
- type KeyRingIAMPolicyOutput
- func (KeyRingIAMPolicyOutput) ElementType() reflect.Type
- func (o KeyRingIAMPolicyOutput) ToKeyRingIAMPolicyOutput() KeyRingIAMPolicyOutput
- func (o KeyRingIAMPolicyOutput) ToKeyRingIAMPolicyOutputWithContext(ctx context.Context) KeyRingIAMPolicyOutput
- func (o KeyRingIAMPolicyOutput) ToKeyRingIAMPolicyPtrOutput() KeyRingIAMPolicyPtrOutput
- func (o KeyRingIAMPolicyOutput) ToKeyRingIAMPolicyPtrOutputWithContext(ctx context.Context) KeyRingIAMPolicyPtrOutput
- type KeyRingIAMPolicyPtrInput
- type KeyRingIAMPolicyPtrOutput
- type KeyRingIAMPolicyState
- type KeyRingImportJob
- func (*KeyRingImportJob) ElementType() reflect.Type
- func (i *KeyRingImportJob) ToKeyRingImportJobOutput() KeyRingImportJobOutput
- func (i *KeyRingImportJob) ToKeyRingImportJobOutputWithContext(ctx context.Context) KeyRingImportJobOutput
- func (i *KeyRingImportJob) ToKeyRingImportJobPtrOutput() KeyRingImportJobPtrOutput
- func (i *KeyRingImportJob) ToKeyRingImportJobPtrOutputWithContext(ctx context.Context) KeyRingImportJobPtrOutput
- type KeyRingImportJobArgs
- type KeyRingImportJobArray
- type KeyRingImportJobArrayInput
- type KeyRingImportJobArrayOutput
- func (KeyRingImportJobArrayOutput) ElementType() reflect.Type
- func (o KeyRingImportJobArrayOutput) Index(i pulumi.IntInput) KeyRingImportJobOutput
- func (o KeyRingImportJobArrayOutput) ToKeyRingImportJobArrayOutput() KeyRingImportJobArrayOutput
- func (o KeyRingImportJobArrayOutput) ToKeyRingImportJobArrayOutputWithContext(ctx context.Context) KeyRingImportJobArrayOutput
- type KeyRingImportJobAttestation
- type KeyRingImportJobAttestationArgs
- func (KeyRingImportJobAttestationArgs) ElementType() reflect.Type
- func (i KeyRingImportJobAttestationArgs) ToKeyRingImportJobAttestationOutput() KeyRingImportJobAttestationOutput
- func (i KeyRingImportJobAttestationArgs) ToKeyRingImportJobAttestationOutputWithContext(ctx context.Context) KeyRingImportJobAttestationOutput
- type KeyRingImportJobAttestationArray
- func (KeyRingImportJobAttestationArray) ElementType() reflect.Type
- func (i KeyRingImportJobAttestationArray) ToKeyRingImportJobAttestationArrayOutput() KeyRingImportJobAttestationArrayOutput
- func (i KeyRingImportJobAttestationArray) ToKeyRingImportJobAttestationArrayOutputWithContext(ctx context.Context) KeyRingImportJobAttestationArrayOutput
- type KeyRingImportJobAttestationArrayInput
- type KeyRingImportJobAttestationArrayOutput
- func (KeyRingImportJobAttestationArrayOutput) ElementType() reflect.Type
- func (o KeyRingImportJobAttestationArrayOutput) Index(i pulumi.IntInput) KeyRingImportJobAttestationOutput
- func (o KeyRingImportJobAttestationArrayOutput) ToKeyRingImportJobAttestationArrayOutput() KeyRingImportJobAttestationArrayOutput
- func (o KeyRingImportJobAttestationArrayOutput) ToKeyRingImportJobAttestationArrayOutputWithContext(ctx context.Context) KeyRingImportJobAttestationArrayOutput
- type KeyRingImportJobAttestationInput
- type KeyRingImportJobAttestationOutput
- func (o KeyRingImportJobAttestationOutput) Content() pulumi.StringPtrOutput
- func (KeyRingImportJobAttestationOutput) ElementType() reflect.Type
- func (o KeyRingImportJobAttestationOutput) Format() pulumi.StringPtrOutput
- func (o KeyRingImportJobAttestationOutput) ToKeyRingImportJobAttestationOutput() KeyRingImportJobAttestationOutput
- func (o KeyRingImportJobAttestationOutput) ToKeyRingImportJobAttestationOutputWithContext(ctx context.Context) KeyRingImportJobAttestationOutput
- type KeyRingImportJobInput
- type KeyRingImportJobMap
- type KeyRingImportJobMapInput
- type KeyRingImportJobMapOutput
- func (KeyRingImportJobMapOutput) ElementType() reflect.Type
- func (o KeyRingImportJobMapOutput) MapIndex(k pulumi.StringInput) KeyRingImportJobOutput
- func (o KeyRingImportJobMapOutput) ToKeyRingImportJobMapOutput() KeyRingImportJobMapOutput
- func (o KeyRingImportJobMapOutput) ToKeyRingImportJobMapOutputWithContext(ctx context.Context) KeyRingImportJobMapOutput
- type KeyRingImportJobOutput
- func (KeyRingImportJobOutput) ElementType() reflect.Type
- func (o KeyRingImportJobOutput) ToKeyRingImportJobOutput() KeyRingImportJobOutput
- func (o KeyRingImportJobOutput) ToKeyRingImportJobOutputWithContext(ctx context.Context) KeyRingImportJobOutput
- func (o KeyRingImportJobOutput) ToKeyRingImportJobPtrOutput() KeyRingImportJobPtrOutput
- func (o KeyRingImportJobOutput) ToKeyRingImportJobPtrOutputWithContext(ctx context.Context) KeyRingImportJobPtrOutput
- type KeyRingImportJobPtrInput
- type KeyRingImportJobPtrOutput
- type KeyRingImportJobPublicKey
- type KeyRingImportJobPublicKeyArgs
- func (KeyRingImportJobPublicKeyArgs) ElementType() reflect.Type
- func (i KeyRingImportJobPublicKeyArgs) ToKeyRingImportJobPublicKeyOutput() KeyRingImportJobPublicKeyOutput
- func (i KeyRingImportJobPublicKeyArgs) ToKeyRingImportJobPublicKeyOutputWithContext(ctx context.Context) KeyRingImportJobPublicKeyOutput
- type KeyRingImportJobPublicKeyArray
- func (KeyRingImportJobPublicKeyArray) ElementType() reflect.Type
- func (i KeyRingImportJobPublicKeyArray) ToKeyRingImportJobPublicKeyArrayOutput() KeyRingImportJobPublicKeyArrayOutput
- func (i KeyRingImportJobPublicKeyArray) ToKeyRingImportJobPublicKeyArrayOutputWithContext(ctx context.Context) KeyRingImportJobPublicKeyArrayOutput
- type KeyRingImportJobPublicKeyArrayInput
- type KeyRingImportJobPublicKeyArrayOutput
- func (KeyRingImportJobPublicKeyArrayOutput) ElementType() reflect.Type
- func (o KeyRingImportJobPublicKeyArrayOutput) Index(i pulumi.IntInput) KeyRingImportJobPublicKeyOutput
- func (o KeyRingImportJobPublicKeyArrayOutput) ToKeyRingImportJobPublicKeyArrayOutput() KeyRingImportJobPublicKeyArrayOutput
- func (o KeyRingImportJobPublicKeyArrayOutput) ToKeyRingImportJobPublicKeyArrayOutputWithContext(ctx context.Context) KeyRingImportJobPublicKeyArrayOutput
- type KeyRingImportJobPublicKeyInput
- type KeyRingImportJobPublicKeyOutput
- func (KeyRingImportJobPublicKeyOutput) ElementType() reflect.Type
- func (o KeyRingImportJobPublicKeyOutput) Pem() pulumi.StringPtrOutput
- func (o KeyRingImportJobPublicKeyOutput) ToKeyRingImportJobPublicKeyOutput() KeyRingImportJobPublicKeyOutput
- func (o KeyRingImportJobPublicKeyOutput) ToKeyRingImportJobPublicKeyOutputWithContext(ctx context.Context) KeyRingImportJobPublicKeyOutput
- type KeyRingImportJobState
- type KeyRingInput
- type KeyRingMap
- type KeyRingMapInput
- type KeyRingMapOutput
- type KeyRingOutput
- func (KeyRingOutput) ElementType() reflect.Type
- func (o KeyRingOutput) ToKeyRingOutput() KeyRingOutput
- func (o KeyRingOutput) ToKeyRingOutputWithContext(ctx context.Context) KeyRingOutput
- func (o KeyRingOutput) ToKeyRingPtrOutput() KeyRingPtrOutput
- func (o KeyRingOutput) ToKeyRingPtrOutputWithContext(ctx context.Context) KeyRingPtrOutput
- type KeyRingPtrInput
- type KeyRingPtrOutput
- type KeyRingState
- type Registrydeprecated
- func (*Registry) ElementType() reflect.Type
- func (i *Registry) ToRegistryOutput() RegistryOutput
- func (i *Registry) ToRegistryOutputWithContext(ctx context.Context) RegistryOutput
- func (i *Registry) ToRegistryPtrOutput() RegistryPtrOutput
- func (i *Registry) ToRegistryPtrOutputWithContext(ctx context.Context) RegistryPtrOutput
- type RegistryArgs
- type RegistryArray
- type RegistryArrayInput
- type RegistryArrayOutput
- type RegistryCredential
- type RegistryCredentialArgs
- type RegistryCredentialArray
- type RegistryCredentialArrayInput
- type RegistryCredentialArrayOutput
- func (RegistryCredentialArrayOutput) ElementType() reflect.Type
- func (o RegistryCredentialArrayOutput) Index(i pulumi.IntInput) RegistryCredentialOutput
- func (o RegistryCredentialArrayOutput) ToRegistryCredentialArrayOutput() RegistryCredentialArrayOutput
- func (o RegistryCredentialArrayOutput) ToRegistryCredentialArrayOutputWithContext(ctx context.Context) RegistryCredentialArrayOutput
- type RegistryCredentialInput
- type RegistryCredentialOutput
- func (RegistryCredentialOutput) ElementType() reflect.Type
- func (o RegistryCredentialOutput) PublicKeyCertificate() pulumi.MapOutput
- func (o RegistryCredentialOutput) ToRegistryCredentialOutput() RegistryCredentialOutput
- func (o RegistryCredentialOutput) ToRegistryCredentialOutputWithContext(ctx context.Context) RegistryCredentialOutput
- type RegistryEventNotificationConfigItem
- type RegistryEventNotificationConfigItemArgs
- func (RegistryEventNotificationConfigItemArgs) ElementType() reflect.Type
- func (i RegistryEventNotificationConfigItemArgs) ToRegistryEventNotificationConfigItemOutput() RegistryEventNotificationConfigItemOutput
- func (i RegistryEventNotificationConfigItemArgs) ToRegistryEventNotificationConfigItemOutputWithContext(ctx context.Context) RegistryEventNotificationConfigItemOutput
- type RegistryEventNotificationConfigItemArray
- func (RegistryEventNotificationConfigItemArray) ElementType() reflect.Type
- func (i RegistryEventNotificationConfigItemArray) ToRegistryEventNotificationConfigItemArrayOutput() RegistryEventNotificationConfigItemArrayOutput
- func (i RegistryEventNotificationConfigItemArray) ToRegistryEventNotificationConfigItemArrayOutputWithContext(ctx context.Context) RegistryEventNotificationConfigItemArrayOutput
- type RegistryEventNotificationConfigItemArrayInput
- type RegistryEventNotificationConfigItemArrayOutput
- func (RegistryEventNotificationConfigItemArrayOutput) ElementType() reflect.Type
- func (o RegistryEventNotificationConfigItemArrayOutput) Index(i pulumi.IntInput) RegistryEventNotificationConfigItemOutput
- func (o RegistryEventNotificationConfigItemArrayOutput) ToRegistryEventNotificationConfigItemArrayOutput() RegistryEventNotificationConfigItemArrayOutput
- func (o RegistryEventNotificationConfigItemArrayOutput) ToRegistryEventNotificationConfigItemArrayOutputWithContext(ctx context.Context) RegistryEventNotificationConfigItemArrayOutput
- type RegistryEventNotificationConfigItemInput
- type RegistryEventNotificationConfigItemOutput
- func (RegistryEventNotificationConfigItemOutput) ElementType() reflect.Type
- func (o RegistryEventNotificationConfigItemOutput) PubsubTopicName() pulumi.StringOutput
- func (o RegistryEventNotificationConfigItemOutput) SubfolderMatches() pulumi.StringPtrOutput
- func (o RegistryEventNotificationConfigItemOutput) ToRegistryEventNotificationConfigItemOutput() RegistryEventNotificationConfigItemOutput
- func (o RegistryEventNotificationConfigItemOutput) ToRegistryEventNotificationConfigItemOutputWithContext(ctx context.Context) RegistryEventNotificationConfigItemOutput
- type RegistryInput
- type RegistryMap
- type RegistryMapInput
- type RegistryMapOutput
- type RegistryOutput
- func (RegistryOutput) ElementType() reflect.Type
- func (o RegistryOutput) ToRegistryOutput() RegistryOutput
- func (o RegistryOutput) ToRegistryOutputWithContext(ctx context.Context) RegistryOutput
- func (o RegistryOutput) ToRegistryPtrOutput() RegistryPtrOutput
- func (o RegistryOutput) ToRegistryPtrOutputWithContext(ctx context.Context) RegistryPtrOutput
- type RegistryPtrInput
- type RegistryPtrOutput
- type RegistryState
- type SecretCiphertext
- func (*SecretCiphertext) ElementType() reflect.Type
- func (i *SecretCiphertext) ToSecretCiphertextOutput() SecretCiphertextOutput
- func (i *SecretCiphertext) ToSecretCiphertextOutputWithContext(ctx context.Context) SecretCiphertextOutput
- func (i *SecretCiphertext) ToSecretCiphertextPtrOutput() SecretCiphertextPtrOutput
- func (i *SecretCiphertext) ToSecretCiphertextPtrOutputWithContext(ctx context.Context) SecretCiphertextPtrOutput
- type SecretCiphertextArgs
- type SecretCiphertextArray
- type SecretCiphertextArrayInput
- type SecretCiphertextArrayOutput
- func (SecretCiphertextArrayOutput) ElementType() reflect.Type
- func (o SecretCiphertextArrayOutput) Index(i pulumi.IntInput) SecretCiphertextOutput
- func (o SecretCiphertextArrayOutput) ToSecretCiphertextArrayOutput() SecretCiphertextArrayOutput
- func (o SecretCiphertextArrayOutput) ToSecretCiphertextArrayOutputWithContext(ctx context.Context) SecretCiphertextArrayOutput
- type SecretCiphertextInput
- type SecretCiphertextMap
- type SecretCiphertextMapInput
- type SecretCiphertextMapOutput
- func (SecretCiphertextMapOutput) ElementType() reflect.Type
- func (o SecretCiphertextMapOutput) MapIndex(k pulumi.StringInput) SecretCiphertextOutput
- func (o SecretCiphertextMapOutput) ToSecretCiphertextMapOutput() SecretCiphertextMapOutput
- func (o SecretCiphertextMapOutput) ToSecretCiphertextMapOutputWithContext(ctx context.Context) SecretCiphertextMapOutput
- type SecretCiphertextOutput
- func (SecretCiphertextOutput) ElementType() reflect.Type
- func (o SecretCiphertextOutput) ToSecretCiphertextOutput() SecretCiphertextOutput
- func (o SecretCiphertextOutput) ToSecretCiphertextOutputWithContext(ctx context.Context) SecretCiphertextOutput
- func (o SecretCiphertextOutput) ToSecretCiphertextPtrOutput() SecretCiphertextPtrOutput
- func (o SecretCiphertextOutput) ToSecretCiphertextPtrOutputWithContext(ctx context.Context) SecretCiphertextPtrOutput
- type SecretCiphertextPtrInput
- type SecretCiphertextPtrOutput
- type SecretCiphertextState
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CryptoKey ¶
type CryptoKey struct {
pulumi.CustomResourceState
// The KeyRing that this key belongs to.
// Format: `'projects/{{project}}/locations/{{location}}/keyRings/{{keyRing}}'`.
KeyRing pulumi.StringOutput `pulumi:"keyRing"`
// Labels with user-defined metadata to apply to this resource.
Labels pulumi.StringMapOutput `pulumi:"labels"`
// The resource name for the CryptoKey.
Name pulumi.StringOutput `pulumi:"name"`
// The immutable purpose of this CryptoKey. See the
// [purpose reference](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys#CryptoKeyPurpose)
// for possible inputs.
// Default value is `ENCRYPT_DECRYPT`.
// Possible values are `ENCRYPT_DECRYPT`, `ASYMMETRIC_SIGN`, and `ASYMMETRIC_DECRYPT`.
Purpose pulumi.StringPtrOutput `pulumi:"purpose"`
// Every time this period passes, generate a new CryptoKeyVersion and set it as the primary.
// The first rotation will take place after the specified period. The rotation period has
// the format of a decimal number with up to 9 fractional digits, followed by the
// letter `s` (seconds). It must be greater than a day (ie, 86400).
RotationPeriod pulumi.StringPtrOutput `pulumi:"rotationPeriod"`
// The self link of the created KeyRing in the format projects/{project}/locations/{location}/keyRings/{name}.
//
// Deprecated: Deprecated in favor of id, which contains an identical value. This field will be removed in the next major release of the provider.
SelfLink pulumi.StringOutput `pulumi:"selfLink"`
// If set to true, the request will create a CryptoKey without any CryptoKeyVersions.
// You must use the `kms.KeyRingImportJob` resource to import the CryptoKeyVersion.
SkipInitialVersionCreation pulumi.BoolPtrOutput `pulumi:"skipInitialVersionCreation"`
// A template describing settings for new crypto key versions.
// Structure is documented below.
VersionTemplate CryptoKeyVersionTemplateOutput `pulumi:"versionTemplate"`
}
A `CryptoKey` represents a logical key that can be used for cryptographic operations.
> **Note:** CryptoKeys cannot be deleted from Google Cloud Platform. Destroying a provider-managed CryptoKey will remove it from state and delete all CryptoKeyVersions, rendering the key unusable, but *will not delete the resource from the project.* When the provider destroys these keys, any data previously encrypted with these keys will be irrecoverable. For this reason, it is strongly recommended that you add lifecycle hooks to the resource to prevent accidental destruction.
To get more information about CryptoKey, see:
* [API documentation](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys) * How-to Guides
- [Creating a key](https://cloud.google.com/kms/docs/creating-keys#create_a_key)
## Example Usage ### Kms Crypto Key Basic
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
keyring, err := kms.NewKeyRing(ctx, "keyring", &kms.KeyRingArgs{
Location: pulumi.String("global"),
})
if err != nil {
return err
}
_, err = kms.NewCryptoKey(ctx, "example_key", &kms.CryptoKeyArgs{
KeyRing: keyring.ID(),
RotationPeriod: pulumi.String("100000s"),
})
if err != nil {
return err
}
return nil
})
}
``` ### Kms Crypto Key Asymmetric Sign
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
keyring, err := kms.NewKeyRing(ctx, "keyring", &kms.KeyRingArgs{
Location: pulumi.String("global"),
})
if err != nil {
return err
}
_, err = kms.NewCryptoKey(ctx, "example_asymmetric_sign_key", &kms.CryptoKeyArgs{
KeyRing: keyring.ID(),
Purpose: pulumi.String("ASYMMETRIC_SIGN"),
VersionTemplate: &kms.CryptoKeyVersionTemplateArgs{
Algorithm: pulumi.String("EC_SIGN_P384_SHA384"),
},
})
if err != nil {
return err
}
return nil
})
}
```
## Import
CryptoKey can be imported using any of these accepted formats ¶
```sh
$ pulumi import gcp:kms/cryptoKey:CryptoKey default {{key_ring}}/cryptoKeys/{{name}}
```
```sh
$ pulumi import gcp:kms/cryptoKey:CryptoKey default {{key_ring}}/{{name}}
```
func GetCryptoKey ¶
func GetCryptoKey(ctx *pulumi.Context, name string, id pulumi.IDInput, state *CryptoKeyState, opts ...pulumi.ResourceOption) (*CryptoKey, error)
GetCryptoKey gets an existing CryptoKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewCryptoKey ¶
func NewCryptoKey(ctx *pulumi.Context, name string, args *CryptoKeyArgs, opts ...pulumi.ResourceOption) (*CryptoKey, error)
NewCryptoKey registers a new resource with the given unique name, arguments, and options.
func (*CryptoKey) ElementType ¶ added in v4.4.0
func (*CryptoKey) ToCryptoKeyOutput ¶ added in v4.4.0
func (i *CryptoKey) ToCryptoKeyOutput() CryptoKeyOutput
func (*CryptoKey) ToCryptoKeyOutputWithContext ¶ added in v4.4.0
func (i *CryptoKey) ToCryptoKeyOutputWithContext(ctx context.Context) CryptoKeyOutput
func (*CryptoKey) ToCryptoKeyPtrOutput ¶ added in v4.11.1
func (i *CryptoKey) ToCryptoKeyPtrOutput() CryptoKeyPtrOutput
func (*CryptoKey) ToCryptoKeyPtrOutputWithContext ¶ added in v4.11.1
func (i *CryptoKey) ToCryptoKeyPtrOutputWithContext(ctx context.Context) CryptoKeyPtrOutput
type CryptoKeyArgs ¶
type CryptoKeyArgs struct {
// The KeyRing that this key belongs to.
// Format: `'projects/{{project}}/locations/{{location}}/keyRings/{{keyRing}}'`.
KeyRing pulumi.StringInput
// Labels with user-defined metadata to apply to this resource.
Labels pulumi.StringMapInput
// The resource name for the CryptoKey.
Name pulumi.StringPtrInput
// The immutable purpose of this CryptoKey. See the
// [purpose reference](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys#CryptoKeyPurpose)
// for possible inputs.
// Default value is `ENCRYPT_DECRYPT`.
// Possible values are `ENCRYPT_DECRYPT`, `ASYMMETRIC_SIGN`, and `ASYMMETRIC_DECRYPT`.
Purpose pulumi.StringPtrInput
// Every time this period passes, generate a new CryptoKeyVersion and set it as the primary.
// The first rotation will take place after the specified period. The rotation period has
// the format of a decimal number with up to 9 fractional digits, followed by the
// letter `s` (seconds). It must be greater than a day (ie, 86400).
RotationPeriod pulumi.StringPtrInput
// If set to true, the request will create a CryptoKey without any CryptoKeyVersions.
// You must use the `kms.KeyRingImportJob` resource to import the CryptoKeyVersion.
SkipInitialVersionCreation pulumi.BoolPtrInput
// A template describing settings for new crypto key versions.
// Structure is documented below.
VersionTemplate CryptoKeyVersionTemplatePtrInput
}
The set of arguments for constructing a CryptoKey resource.
func (CryptoKeyArgs) ElementType ¶
func (CryptoKeyArgs) ElementType() reflect.Type
type CryptoKeyArray ¶ added in v4.11.1
type CryptoKeyArray []CryptoKeyInput
func (CryptoKeyArray) ElementType ¶ added in v4.11.1
func (CryptoKeyArray) ElementType() reflect.Type
func (CryptoKeyArray) ToCryptoKeyArrayOutput ¶ added in v4.11.1
func (i CryptoKeyArray) ToCryptoKeyArrayOutput() CryptoKeyArrayOutput
func (CryptoKeyArray) ToCryptoKeyArrayOutputWithContext ¶ added in v4.11.1
func (i CryptoKeyArray) ToCryptoKeyArrayOutputWithContext(ctx context.Context) CryptoKeyArrayOutput
type CryptoKeyArrayInput ¶ added in v4.11.1
type CryptoKeyArrayInput interface {
pulumi.Input
ToCryptoKeyArrayOutput() CryptoKeyArrayOutput
ToCryptoKeyArrayOutputWithContext(context.Context) CryptoKeyArrayOutput
}
CryptoKeyArrayInput is an input type that accepts CryptoKeyArray and CryptoKeyArrayOutput values. You can construct a concrete instance of `CryptoKeyArrayInput` via:
CryptoKeyArray{ CryptoKeyArgs{...} }
type CryptoKeyArrayOutput ¶ added in v4.11.1
type CryptoKeyArrayOutput struct{ *pulumi.OutputState }
func (CryptoKeyArrayOutput) ElementType ¶ added in v4.11.1
func (CryptoKeyArrayOutput) ElementType() reflect.Type
func (CryptoKeyArrayOutput) Index ¶ added in v4.11.1
func (o CryptoKeyArrayOutput) Index(i pulumi.IntInput) CryptoKeyOutput
func (CryptoKeyArrayOutput) ToCryptoKeyArrayOutput ¶ added in v4.11.1
func (o CryptoKeyArrayOutput) ToCryptoKeyArrayOutput() CryptoKeyArrayOutput
func (CryptoKeyArrayOutput) ToCryptoKeyArrayOutputWithContext ¶ added in v4.11.1
func (o CryptoKeyArrayOutput) ToCryptoKeyArrayOutputWithContext(ctx context.Context) CryptoKeyArrayOutput
type CryptoKeyIAMBinding ¶
type CryptoKeyIAMBinding struct {
pulumi.CustomResourceState
// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
// Structure is documented below.
Condition CryptoKeyIAMBindingConditionPtrOutput `pulumi:"condition"`
// The crypto key ID, in the form
// `{project_id}/{location_name}/{key_ring_name}/{crypto_key_name}` or
// `{location_name}/{key_ring_name}/{crypto_key_name}`. In the second form,
// the provider's project setting will be used as a fallback.
CryptoKeyId pulumi.StringOutput `pulumi:"cryptoKeyId"`
// (Computed) The etag of the project's IAM policy.
Etag pulumi.StringOutput `pulumi:"etag"`
Members pulumi.StringArrayOutput `pulumi:"members"`
// The role that should be applied. Note that custom roles must be of the format
// `[projects|organizations]/{parent-name}/roles/{role-name}`.
Role pulumi.StringOutput `pulumi:"role"`
}
Three different resources help you manage your IAM policy for KMS crypto key. Each of these resources serves a different use case:
* `kms.CryptoKeyIAMPolicy`: Authoritative. Sets the IAM policy for the crypto key and replaces any existing policy already attached. * `kms.CryptoKeyIAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the crypto key are preserved. * `kms.CryptoKeyIAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the crypto key are preserved.
> **Note:** `kms.CryptoKeyIAMPolicy` **cannot** be used in conjunction with `kms.CryptoKeyIAMBinding` and `kms.CryptoKeyIAMMember` or they will fight over what your policy should be.
> **Note:** `kms.CryptoKeyIAMBinding` resources **can be** used in conjunction with `kms.CryptoKeyIAMMember` resources **only if** they do not grant privilege to the same role.
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
keyring, err := kms.NewKeyRing(ctx, "keyring", &kms.KeyRingArgs{
Location: pulumi.String("global"),
})
if err != nil {
return err
}
key, err := kms.NewCryptoKey(ctx, "key", &kms.CryptoKeyArgs{
KeyRing: keyring.ID(),
RotationPeriod: pulumi.String("100000s"),
})
if err != nil {
return err
}
admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
Bindings: []organizations.GetIAMPolicyBinding{
organizations.GetIAMPolicyBinding{
Role: "roles/cloudkms.cryptoKeyEncrypter",
Members: []string{
"user:jane@example.com",
},
},
},
}, nil)
if err != nil {
return err
}
_, err = kms.NewCryptoKeyIAMPolicy(ctx, "cryptoKey", &kms.CryptoKeyIAMPolicyArgs{
CryptoKeyId: key.ID(),
PolicyData: pulumi.String(admin.PolicyData),
})
if err != nil {
return err
}
return nil
})
}
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
Bindings: []organizations.GetIAMPolicyBinding{
organizations.GetIAMPolicyBinding{
Condition: organizations.GetIAMPolicyBindingCondition{
Description: "Expiring at midnight of 2019-12-31",
Expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
Title: "expires_after_2019_12_31",
},
Members: []string{
"user:jane@example.com",
},
Role: "roles/cloudkms.cryptoKeyEncrypter",
},
},
}, nil)
if err != nil {
return err
}
return nil
})
}
```
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewCryptoKeyIAMBinding(ctx, "cryptoKey", &kms.CryptoKeyIAMBindingArgs{
CryptoKeyId: pulumi.Any(google_kms_crypto_key.Key.Id),
Role: pulumi.String("roles/cloudkms.cryptoKeyEncrypter"),
Members: pulumi.StringArray{
pulumi.String("user:jane@example.com"),
},
})
if err != nil {
return err
}
return nil
})
}
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewCryptoKeyIAMBinding(ctx, "cryptoKey", &kms.CryptoKeyIAMBindingArgs{
CryptoKeyId: pulumi.Any(google_kms_crypto_key.Key.Id),
Role: pulumi.String("roles/cloudkms.cryptoKeyEncrypter"),
Members: pulumi.StringArray{
pulumi.String("user:jane@example.com"),
},
Condition: &kms.CryptoKeyIAMBindingConditionArgs{
Title: pulumi.String("expires_after_2019_12_31"),
Description: pulumi.String("Expiring at midnight of 2019-12-31"),
Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
},
})
if err != nil {
return err
}
return nil
})
}
```
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewCryptoKeyIAMMember(ctx, "cryptoKey", &kms.CryptoKeyIAMMemberArgs{
CryptoKeyId: pulumi.Any(google_kms_crypto_key.Key.Id),
Role: pulumi.String("roles/cloudkms.cryptoKeyEncrypter"),
Member: pulumi.String("user:jane@example.com"),
})
if err != nil {
return err
}
return nil
})
}
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewCryptoKeyIAMMember(ctx, "cryptoKey", &kms.CryptoKeyIAMMemberArgs{
CryptoKeyId: pulumi.Any(google_kms_crypto_key.Key.Id),
Role: pulumi.String("roles/cloudkms.cryptoKeyEncrypter"),
Member: pulumi.String("user:jane@example.com"),
Condition: &kms.CryptoKeyIAMMemberConditionArgs{
Title: pulumi.String("expires_after_2019_12_31"),
Description: pulumi.String("Expiring at midnight of 2019-12-31"),
Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
},
})
if err != nil {
return err
}
return nil
})
}
```
## Import
IAM member imports use space-delimited identifiers; the resource in question, the role, and the account.
This member resource can be imported using the `crypto_key_id`, role, and member identity e.g.
```sh
$ pulumi import gcp:kms/cryptoKeyIAMBinding:CryptoKeyIAMBinding crypto_key "your-project-id/location-name/key-ring-name/key-name roles/viewer user:foo@example.com"
```
IAM binding imports use space-delimited identifiers; first the resource in question and then the role.
These bindings can be imported using the `crypto_key_id` and role, e.g.
```sh
$ pulumi import gcp:kms/cryptoKeyIAMBinding:CryptoKeyIAMBinding crypto_key "your-project-id/location-name/key-ring-name/key-name roles/editor"
```
IAM policy imports use the identifier of the resource in question.
This policy resource can be imported using the `crypto_key_id`, e.g.
```sh
$ pulumi import gcp:kms/cryptoKeyIAMBinding:CryptoKeyIAMBinding crypto_key your-project-id/location-name/key-ring-name/key-name
```
func GetCryptoKeyIAMBinding ¶
func GetCryptoKeyIAMBinding(ctx *pulumi.Context, name string, id pulumi.IDInput, state *CryptoKeyIAMBindingState, opts ...pulumi.ResourceOption) (*CryptoKeyIAMBinding, error)
GetCryptoKeyIAMBinding gets an existing CryptoKeyIAMBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewCryptoKeyIAMBinding ¶
func NewCryptoKeyIAMBinding(ctx *pulumi.Context, name string, args *CryptoKeyIAMBindingArgs, opts ...pulumi.ResourceOption) (*CryptoKeyIAMBinding, error)
NewCryptoKeyIAMBinding registers a new resource with the given unique name, arguments, and options.
func (*CryptoKeyIAMBinding) ElementType ¶ added in v4.4.0
func (*CryptoKeyIAMBinding) ElementType() reflect.Type
func (*CryptoKeyIAMBinding) ToCryptoKeyIAMBindingOutput ¶ added in v4.4.0
func (i *CryptoKeyIAMBinding) ToCryptoKeyIAMBindingOutput() CryptoKeyIAMBindingOutput
func (*CryptoKeyIAMBinding) ToCryptoKeyIAMBindingOutputWithContext ¶ added in v4.4.0
func (i *CryptoKeyIAMBinding) ToCryptoKeyIAMBindingOutputWithContext(ctx context.Context) CryptoKeyIAMBindingOutput
func (*CryptoKeyIAMBinding) ToCryptoKeyIAMBindingPtrOutput ¶ added in v4.11.1
func (i *CryptoKeyIAMBinding) ToCryptoKeyIAMBindingPtrOutput() CryptoKeyIAMBindingPtrOutput
func (*CryptoKeyIAMBinding) ToCryptoKeyIAMBindingPtrOutputWithContext ¶ added in v4.11.1
func (i *CryptoKeyIAMBinding) ToCryptoKeyIAMBindingPtrOutputWithContext(ctx context.Context) CryptoKeyIAMBindingPtrOutput
type CryptoKeyIAMBindingArgs ¶
type CryptoKeyIAMBindingArgs struct {
// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
// Structure is documented below.
Condition CryptoKeyIAMBindingConditionPtrInput
// The crypto key ID, in the form
// `{project_id}/{location_name}/{key_ring_name}/{crypto_key_name}` or
// `{location_name}/{key_ring_name}/{crypto_key_name}`. In the second form,
// the provider's project setting will be used as a fallback.
CryptoKeyId pulumi.StringInput
Members pulumi.StringArrayInput
// The role that should be applied. Note that custom roles must be of the format
// `[projects|organizations]/{parent-name}/roles/{role-name}`.
Role pulumi.StringInput
}
The set of arguments for constructing a CryptoKeyIAMBinding resource.
func (CryptoKeyIAMBindingArgs) ElementType ¶
func (CryptoKeyIAMBindingArgs) ElementType() reflect.Type
type CryptoKeyIAMBindingArray ¶ added in v4.11.1
type CryptoKeyIAMBindingArray []CryptoKeyIAMBindingInput
func (CryptoKeyIAMBindingArray) ElementType ¶ added in v4.11.1
func (CryptoKeyIAMBindingArray) ElementType() reflect.Type
func (CryptoKeyIAMBindingArray) ToCryptoKeyIAMBindingArrayOutput ¶ added in v4.11.1
func (i CryptoKeyIAMBindingArray) ToCryptoKeyIAMBindingArrayOutput() CryptoKeyIAMBindingArrayOutput
func (CryptoKeyIAMBindingArray) ToCryptoKeyIAMBindingArrayOutputWithContext ¶ added in v4.11.1
func (i CryptoKeyIAMBindingArray) ToCryptoKeyIAMBindingArrayOutputWithContext(ctx context.Context) CryptoKeyIAMBindingArrayOutput
type CryptoKeyIAMBindingArrayInput ¶ added in v4.11.1
type CryptoKeyIAMBindingArrayInput interface {
pulumi.Input
ToCryptoKeyIAMBindingArrayOutput() CryptoKeyIAMBindingArrayOutput
ToCryptoKeyIAMBindingArrayOutputWithContext(context.Context) CryptoKeyIAMBindingArrayOutput
}
CryptoKeyIAMBindingArrayInput is an input type that accepts CryptoKeyIAMBindingArray and CryptoKeyIAMBindingArrayOutput values. You can construct a concrete instance of `CryptoKeyIAMBindingArrayInput` via:
CryptoKeyIAMBindingArray{ CryptoKeyIAMBindingArgs{...} }
type CryptoKeyIAMBindingArrayOutput ¶ added in v4.11.1
type CryptoKeyIAMBindingArrayOutput struct{ *pulumi.OutputState }
func (CryptoKeyIAMBindingArrayOutput) ElementType ¶ added in v4.11.1
func (CryptoKeyIAMBindingArrayOutput) ElementType() reflect.Type
func (CryptoKeyIAMBindingArrayOutput) Index ¶ added in v4.11.1
func (o CryptoKeyIAMBindingArrayOutput) Index(i pulumi.IntInput) CryptoKeyIAMBindingOutput
func (CryptoKeyIAMBindingArrayOutput) ToCryptoKeyIAMBindingArrayOutput ¶ added in v4.11.1
func (o CryptoKeyIAMBindingArrayOutput) ToCryptoKeyIAMBindingArrayOutput() CryptoKeyIAMBindingArrayOutput
func (CryptoKeyIAMBindingArrayOutput) ToCryptoKeyIAMBindingArrayOutputWithContext ¶ added in v4.11.1
func (o CryptoKeyIAMBindingArrayOutput) ToCryptoKeyIAMBindingArrayOutputWithContext(ctx context.Context) CryptoKeyIAMBindingArrayOutput
type CryptoKeyIAMBindingCondition ¶
type CryptoKeyIAMBindingCondition struct {
// An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
Description *string `pulumi:"description"`
// Textual representation of an expression in Common Expression Language syntax.
Expression string `pulumi:"expression"`
// A title for the expression, i.e. a short string describing its purpose.
Title string `pulumi:"title"`
}
type CryptoKeyIAMBindingConditionArgs ¶
type CryptoKeyIAMBindingConditionArgs struct {
// An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
Description pulumi.StringPtrInput `pulumi:"description"`
// Textual representation of an expression in Common Expression Language syntax.
Expression pulumi.StringInput `pulumi:"expression"`
// A title for the expression, i.e. a short string describing its purpose.
Title pulumi.StringInput `pulumi:"title"`
}
func (CryptoKeyIAMBindingConditionArgs) ElementType ¶
func (CryptoKeyIAMBindingConditionArgs) ElementType() reflect.Type
func (CryptoKeyIAMBindingConditionArgs) ToCryptoKeyIAMBindingConditionOutput ¶
func (i CryptoKeyIAMBindingConditionArgs) ToCryptoKeyIAMBindingConditionOutput() CryptoKeyIAMBindingConditionOutput
func (CryptoKeyIAMBindingConditionArgs) ToCryptoKeyIAMBindingConditionOutputWithContext ¶
func (i CryptoKeyIAMBindingConditionArgs) ToCryptoKeyIAMBindingConditionOutputWithContext(ctx context.Context) CryptoKeyIAMBindingConditionOutput
func (CryptoKeyIAMBindingConditionArgs) ToCryptoKeyIAMBindingConditionPtrOutput ¶
func (i CryptoKeyIAMBindingConditionArgs) ToCryptoKeyIAMBindingConditionPtrOutput() CryptoKeyIAMBindingConditionPtrOutput
func (CryptoKeyIAMBindingConditionArgs) ToCryptoKeyIAMBindingConditionPtrOutputWithContext ¶
func (i CryptoKeyIAMBindingConditionArgs) ToCryptoKeyIAMBindingConditionPtrOutputWithContext(ctx context.Context) CryptoKeyIAMBindingConditionPtrOutput
type CryptoKeyIAMBindingConditionInput ¶
type CryptoKeyIAMBindingConditionInput interface {
pulumi.Input
ToCryptoKeyIAMBindingConditionOutput() CryptoKeyIAMBindingConditionOutput
ToCryptoKeyIAMBindingConditionOutputWithContext(context.Context) CryptoKeyIAMBindingConditionOutput
}
CryptoKeyIAMBindingConditionInput is an input type that accepts CryptoKeyIAMBindingConditionArgs and CryptoKeyIAMBindingConditionOutput values. You can construct a concrete instance of `CryptoKeyIAMBindingConditionInput` via:
CryptoKeyIAMBindingConditionArgs{...}
type CryptoKeyIAMBindingConditionOutput ¶
type CryptoKeyIAMBindingConditionOutput struct{ *pulumi.OutputState }
func (CryptoKeyIAMBindingConditionOutput) Description ¶
func (o CryptoKeyIAMBindingConditionOutput) Description() pulumi.StringPtrOutput
An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
func (CryptoKeyIAMBindingConditionOutput) ElementType ¶
func (CryptoKeyIAMBindingConditionOutput) ElementType() reflect.Type
func (CryptoKeyIAMBindingConditionOutput) Expression ¶
func (o CryptoKeyIAMBindingConditionOutput) Expression() pulumi.StringOutput
Textual representation of an expression in Common Expression Language syntax.
func (CryptoKeyIAMBindingConditionOutput) Title ¶
func (o CryptoKeyIAMBindingConditionOutput) Title() pulumi.StringOutput
A title for the expression, i.e. a short string describing its purpose.
func (CryptoKeyIAMBindingConditionOutput) ToCryptoKeyIAMBindingConditionOutput ¶
func (o CryptoKeyIAMBindingConditionOutput) ToCryptoKeyIAMBindingConditionOutput() CryptoKeyIAMBindingConditionOutput
func (CryptoKeyIAMBindingConditionOutput) ToCryptoKeyIAMBindingConditionOutputWithContext ¶
func (o CryptoKeyIAMBindingConditionOutput) ToCryptoKeyIAMBindingConditionOutputWithContext(ctx context.Context) CryptoKeyIAMBindingConditionOutput
func (CryptoKeyIAMBindingConditionOutput) ToCryptoKeyIAMBindingConditionPtrOutput ¶
func (o CryptoKeyIAMBindingConditionOutput) ToCryptoKeyIAMBindingConditionPtrOutput() CryptoKeyIAMBindingConditionPtrOutput
func (CryptoKeyIAMBindingConditionOutput) ToCryptoKeyIAMBindingConditionPtrOutputWithContext ¶
func (o CryptoKeyIAMBindingConditionOutput) ToCryptoKeyIAMBindingConditionPtrOutputWithContext(ctx context.Context) CryptoKeyIAMBindingConditionPtrOutput
type CryptoKeyIAMBindingConditionPtrInput ¶
type CryptoKeyIAMBindingConditionPtrInput interface {
pulumi.Input
ToCryptoKeyIAMBindingConditionPtrOutput() CryptoKeyIAMBindingConditionPtrOutput
ToCryptoKeyIAMBindingConditionPtrOutputWithContext(context.Context) CryptoKeyIAMBindingConditionPtrOutput
}
CryptoKeyIAMBindingConditionPtrInput is an input type that accepts CryptoKeyIAMBindingConditionArgs, CryptoKeyIAMBindingConditionPtr and CryptoKeyIAMBindingConditionPtrOutput values. You can construct a concrete instance of `CryptoKeyIAMBindingConditionPtrInput` via:
CryptoKeyIAMBindingConditionArgs{...}
or:
nil
func CryptoKeyIAMBindingConditionPtr ¶
func CryptoKeyIAMBindingConditionPtr(v *CryptoKeyIAMBindingConditionArgs) CryptoKeyIAMBindingConditionPtrInput
type CryptoKeyIAMBindingConditionPtrOutput ¶
type CryptoKeyIAMBindingConditionPtrOutput struct{ *pulumi.OutputState }
func (CryptoKeyIAMBindingConditionPtrOutput) Description ¶
func (o CryptoKeyIAMBindingConditionPtrOutput) Description() pulumi.StringPtrOutput
An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
func (CryptoKeyIAMBindingConditionPtrOutput) ElementType ¶
func (CryptoKeyIAMBindingConditionPtrOutput) ElementType() reflect.Type
func (CryptoKeyIAMBindingConditionPtrOutput) Expression ¶
func (o CryptoKeyIAMBindingConditionPtrOutput) Expression() pulumi.StringPtrOutput
Textual representation of an expression in Common Expression Language syntax.
func (CryptoKeyIAMBindingConditionPtrOutput) Title ¶
func (o CryptoKeyIAMBindingConditionPtrOutput) Title() pulumi.StringPtrOutput
A title for the expression, i.e. a short string describing its purpose.
func (CryptoKeyIAMBindingConditionPtrOutput) ToCryptoKeyIAMBindingConditionPtrOutput ¶
func (o CryptoKeyIAMBindingConditionPtrOutput) ToCryptoKeyIAMBindingConditionPtrOutput() CryptoKeyIAMBindingConditionPtrOutput
func (CryptoKeyIAMBindingConditionPtrOutput) ToCryptoKeyIAMBindingConditionPtrOutputWithContext ¶
func (o CryptoKeyIAMBindingConditionPtrOutput) ToCryptoKeyIAMBindingConditionPtrOutputWithContext(ctx context.Context) CryptoKeyIAMBindingConditionPtrOutput
type CryptoKeyIAMBindingInput ¶ added in v4.4.0
type CryptoKeyIAMBindingInput interface {
pulumi.Input
ToCryptoKeyIAMBindingOutput() CryptoKeyIAMBindingOutput
ToCryptoKeyIAMBindingOutputWithContext(ctx context.Context) CryptoKeyIAMBindingOutput
}
type CryptoKeyIAMBindingMap ¶ added in v4.11.1
type CryptoKeyIAMBindingMap map[string]CryptoKeyIAMBindingInput
func (CryptoKeyIAMBindingMap) ElementType ¶ added in v4.11.1
func (CryptoKeyIAMBindingMap) ElementType() reflect.Type
func (CryptoKeyIAMBindingMap) ToCryptoKeyIAMBindingMapOutput ¶ added in v4.11.1
func (i CryptoKeyIAMBindingMap) ToCryptoKeyIAMBindingMapOutput() CryptoKeyIAMBindingMapOutput
func (CryptoKeyIAMBindingMap) ToCryptoKeyIAMBindingMapOutputWithContext ¶ added in v4.11.1
func (i CryptoKeyIAMBindingMap) ToCryptoKeyIAMBindingMapOutputWithContext(ctx context.Context) CryptoKeyIAMBindingMapOutput
type CryptoKeyIAMBindingMapInput ¶ added in v4.11.1
type CryptoKeyIAMBindingMapInput interface {
pulumi.Input
ToCryptoKeyIAMBindingMapOutput() CryptoKeyIAMBindingMapOutput
ToCryptoKeyIAMBindingMapOutputWithContext(context.Context) CryptoKeyIAMBindingMapOutput
}
CryptoKeyIAMBindingMapInput is an input type that accepts CryptoKeyIAMBindingMap and CryptoKeyIAMBindingMapOutput values. You can construct a concrete instance of `CryptoKeyIAMBindingMapInput` via:
CryptoKeyIAMBindingMap{ "key": CryptoKeyIAMBindingArgs{...} }
type CryptoKeyIAMBindingMapOutput ¶ added in v4.11.1
type CryptoKeyIAMBindingMapOutput struct{ *pulumi.OutputState }
func (CryptoKeyIAMBindingMapOutput) ElementType ¶ added in v4.11.1
func (CryptoKeyIAMBindingMapOutput) ElementType() reflect.Type
func (CryptoKeyIAMBindingMapOutput) MapIndex ¶ added in v4.11.1
func (o CryptoKeyIAMBindingMapOutput) MapIndex(k pulumi.StringInput) CryptoKeyIAMBindingOutput
func (CryptoKeyIAMBindingMapOutput) ToCryptoKeyIAMBindingMapOutput ¶ added in v4.11.1
func (o CryptoKeyIAMBindingMapOutput) ToCryptoKeyIAMBindingMapOutput() CryptoKeyIAMBindingMapOutput
func (CryptoKeyIAMBindingMapOutput) ToCryptoKeyIAMBindingMapOutputWithContext ¶ added in v4.11.1
func (o CryptoKeyIAMBindingMapOutput) ToCryptoKeyIAMBindingMapOutputWithContext(ctx context.Context) CryptoKeyIAMBindingMapOutput
type CryptoKeyIAMBindingOutput ¶ added in v4.4.0
type CryptoKeyIAMBindingOutput struct {
*pulumi.OutputState
}
func (CryptoKeyIAMBindingOutput) ElementType ¶ added in v4.4.0
func (CryptoKeyIAMBindingOutput) ElementType() reflect.Type
func (CryptoKeyIAMBindingOutput) ToCryptoKeyIAMBindingOutput ¶ added in v4.4.0
func (o CryptoKeyIAMBindingOutput) ToCryptoKeyIAMBindingOutput() CryptoKeyIAMBindingOutput
func (CryptoKeyIAMBindingOutput) ToCryptoKeyIAMBindingOutputWithContext ¶ added in v4.4.0
func (o CryptoKeyIAMBindingOutput) ToCryptoKeyIAMBindingOutputWithContext(ctx context.Context) CryptoKeyIAMBindingOutput
func (CryptoKeyIAMBindingOutput) ToCryptoKeyIAMBindingPtrOutput ¶ added in v4.11.1
func (o CryptoKeyIAMBindingOutput) ToCryptoKeyIAMBindingPtrOutput() CryptoKeyIAMBindingPtrOutput
func (CryptoKeyIAMBindingOutput) ToCryptoKeyIAMBindingPtrOutputWithContext ¶ added in v4.11.1
func (o CryptoKeyIAMBindingOutput) ToCryptoKeyIAMBindingPtrOutputWithContext(ctx context.Context) CryptoKeyIAMBindingPtrOutput
type CryptoKeyIAMBindingPtrInput ¶ added in v4.11.1
type CryptoKeyIAMBindingPtrInput interface {
pulumi.Input
ToCryptoKeyIAMBindingPtrOutput() CryptoKeyIAMBindingPtrOutput
ToCryptoKeyIAMBindingPtrOutputWithContext(ctx context.Context) CryptoKeyIAMBindingPtrOutput
}
type CryptoKeyIAMBindingPtrOutput ¶ added in v4.11.1
type CryptoKeyIAMBindingPtrOutput struct {
*pulumi.OutputState
}
func (CryptoKeyIAMBindingPtrOutput) ElementType ¶ added in v4.11.1
func (CryptoKeyIAMBindingPtrOutput) ElementType() reflect.Type
func (CryptoKeyIAMBindingPtrOutput) ToCryptoKeyIAMBindingPtrOutput ¶ added in v4.11.1
func (o CryptoKeyIAMBindingPtrOutput) ToCryptoKeyIAMBindingPtrOutput() CryptoKeyIAMBindingPtrOutput
func (CryptoKeyIAMBindingPtrOutput) ToCryptoKeyIAMBindingPtrOutputWithContext ¶ added in v4.11.1
func (o CryptoKeyIAMBindingPtrOutput) ToCryptoKeyIAMBindingPtrOutputWithContext(ctx context.Context) CryptoKeyIAMBindingPtrOutput
type CryptoKeyIAMBindingState ¶
type CryptoKeyIAMBindingState struct {
// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
// Structure is documented below.
Condition CryptoKeyIAMBindingConditionPtrInput
// The crypto key ID, in the form
// `{project_id}/{location_name}/{key_ring_name}/{crypto_key_name}` or
// `{location_name}/{key_ring_name}/{crypto_key_name}`. In the second form,
// the provider's project setting will be used as a fallback.
CryptoKeyId pulumi.StringPtrInput
// (Computed) The etag of the project's IAM policy.
Etag pulumi.StringPtrInput
Members pulumi.StringArrayInput
// The role that should be applied. Note that custom roles must be of the format
// `[projects|organizations]/{parent-name}/roles/{role-name}`.
Role pulumi.StringPtrInput
}
func (CryptoKeyIAMBindingState) ElementType ¶
func (CryptoKeyIAMBindingState) ElementType() reflect.Type
type CryptoKeyIAMMember ¶
type CryptoKeyIAMMember struct {
pulumi.CustomResourceState
// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
// Structure is documented below.
Condition CryptoKeyIAMMemberConditionPtrOutput `pulumi:"condition"`
// The crypto key ID, in the form
// `{project_id}/{location_name}/{key_ring_name}/{crypto_key_name}` or
// `{location_name}/{key_ring_name}/{crypto_key_name}`. In the second form,
// the provider's project setting will be used as a fallback.
CryptoKeyId pulumi.StringOutput `pulumi:"cryptoKeyId"`
// (Computed) The etag of the project's IAM policy.
Etag pulumi.StringOutput `pulumi:"etag"`
Member pulumi.StringOutput `pulumi:"member"`
// The role that should be applied. Note that custom roles must be of the format
// `[projects|organizations]/{parent-name}/roles/{role-name}`.
Role pulumi.StringOutput `pulumi:"role"`
}
Three different resources help you manage your IAM policy for KMS crypto key. Each of these resources serves a different use case:
* `kms.CryptoKeyIAMPolicy`: Authoritative. Sets the IAM policy for the crypto key and replaces any existing policy already attached. * `kms.CryptoKeyIAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the crypto key are preserved. * `kms.CryptoKeyIAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the crypto key are preserved.
> **Note:** `kms.CryptoKeyIAMPolicy` **cannot** be used in conjunction with `kms.CryptoKeyIAMBinding` and `kms.CryptoKeyIAMMember` or they will fight over what your policy should be.
> **Note:** `kms.CryptoKeyIAMBinding` resources **can be** used in conjunction with `kms.CryptoKeyIAMMember` resources **only if** they do not grant privilege to the same role.
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
keyring, err := kms.NewKeyRing(ctx, "keyring", &kms.KeyRingArgs{
Location: pulumi.String("global"),
})
if err != nil {
return err
}
key, err := kms.NewCryptoKey(ctx, "key", &kms.CryptoKeyArgs{
KeyRing: keyring.ID(),
RotationPeriod: pulumi.String("100000s"),
})
if err != nil {
return err
}
admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
Bindings: []organizations.GetIAMPolicyBinding{
organizations.GetIAMPolicyBinding{
Role: "roles/cloudkms.cryptoKeyEncrypter",
Members: []string{
"user:jane@example.com",
},
},
},
}, nil)
if err != nil {
return err
}
_, err = kms.NewCryptoKeyIAMPolicy(ctx, "cryptoKey", &kms.CryptoKeyIAMPolicyArgs{
CryptoKeyId: key.ID(),
PolicyData: pulumi.String(admin.PolicyData),
})
if err != nil {
return err
}
return nil
})
}
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
Bindings: []organizations.GetIAMPolicyBinding{
organizations.GetIAMPolicyBinding{
Condition: organizations.GetIAMPolicyBindingCondition{
Description: "Expiring at midnight of 2019-12-31",
Expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
Title: "expires_after_2019_12_31",
},
Members: []string{
"user:jane@example.com",
},
Role: "roles/cloudkms.cryptoKeyEncrypter",
},
},
}, nil)
if err != nil {
return err
}
return nil
})
}
```
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewCryptoKeyIAMBinding(ctx, "cryptoKey", &kms.CryptoKeyIAMBindingArgs{
CryptoKeyId: pulumi.Any(google_kms_crypto_key.Key.Id),
Role: pulumi.String("roles/cloudkms.cryptoKeyEncrypter"),
Members: pulumi.StringArray{
pulumi.String("user:jane@example.com"),
},
})
if err != nil {
return err
}
return nil
})
}
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewCryptoKeyIAMBinding(ctx, "cryptoKey", &kms.CryptoKeyIAMBindingArgs{
CryptoKeyId: pulumi.Any(google_kms_crypto_key.Key.Id),
Role: pulumi.String("roles/cloudkms.cryptoKeyEncrypter"),
Members: pulumi.StringArray{
pulumi.String("user:jane@example.com"),
},
Condition: &kms.CryptoKeyIAMBindingConditionArgs{
Title: pulumi.String("expires_after_2019_12_31"),
Description: pulumi.String("Expiring at midnight of 2019-12-31"),
Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
},
})
if err != nil {
return err
}
return nil
})
}
```
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewCryptoKeyIAMMember(ctx, "cryptoKey", &kms.CryptoKeyIAMMemberArgs{
CryptoKeyId: pulumi.Any(google_kms_crypto_key.Key.Id),
Role: pulumi.String("roles/cloudkms.cryptoKeyEncrypter"),
Member: pulumi.String("user:jane@example.com"),
})
if err != nil {
return err
}
return nil
})
}
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewCryptoKeyIAMMember(ctx, "cryptoKey", &kms.CryptoKeyIAMMemberArgs{
CryptoKeyId: pulumi.Any(google_kms_crypto_key.Key.Id),
Role: pulumi.String("roles/cloudkms.cryptoKeyEncrypter"),
Member: pulumi.String("user:jane@example.com"),
Condition: &kms.CryptoKeyIAMMemberConditionArgs{
Title: pulumi.String("expires_after_2019_12_31"),
Description: pulumi.String("Expiring at midnight of 2019-12-31"),
Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
},
})
if err != nil {
return err
}
return nil
})
}
```
## Import
IAM member imports use space-delimited identifiers; the resource in question, the role, and the account.
This member resource can be imported using the `crypto_key_id`, role, and member identity e.g.
```sh
$ pulumi import gcp:kms/cryptoKeyIAMMember:CryptoKeyIAMMember crypto_key "your-project-id/location-name/key-ring-name/key-name roles/viewer user:foo@example.com"
```
IAM binding imports use space-delimited identifiers; first the resource in question and then the role.
These bindings can be imported using the `crypto_key_id` and role, e.g.
```sh
$ pulumi import gcp:kms/cryptoKeyIAMMember:CryptoKeyIAMMember crypto_key "your-project-id/location-name/key-ring-name/key-name roles/editor"
```
IAM policy imports use the identifier of the resource in question.
This policy resource can be imported using the `crypto_key_id`, e.g.
```sh
$ pulumi import gcp:kms/cryptoKeyIAMMember:CryptoKeyIAMMember crypto_key your-project-id/location-name/key-ring-name/key-name
```
func GetCryptoKeyIAMMember ¶
func GetCryptoKeyIAMMember(ctx *pulumi.Context, name string, id pulumi.IDInput, state *CryptoKeyIAMMemberState, opts ...pulumi.ResourceOption) (*CryptoKeyIAMMember, error)
GetCryptoKeyIAMMember gets an existing CryptoKeyIAMMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewCryptoKeyIAMMember ¶
func NewCryptoKeyIAMMember(ctx *pulumi.Context, name string, args *CryptoKeyIAMMemberArgs, opts ...pulumi.ResourceOption) (*CryptoKeyIAMMember, error)
NewCryptoKeyIAMMember registers a new resource with the given unique name, arguments, and options.
func (*CryptoKeyIAMMember) ElementType ¶ added in v4.4.0
func (*CryptoKeyIAMMember) ElementType() reflect.Type
func (*CryptoKeyIAMMember) ToCryptoKeyIAMMemberOutput ¶ added in v4.4.0
func (i *CryptoKeyIAMMember) ToCryptoKeyIAMMemberOutput() CryptoKeyIAMMemberOutput
func (*CryptoKeyIAMMember) ToCryptoKeyIAMMemberOutputWithContext ¶ added in v4.4.0
func (i *CryptoKeyIAMMember) ToCryptoKeyIAMMemberOutputWithContext(ctx context.Context) CryptoKeyIAMMemberOutput
func (*CryptoKeyIAMMember) ToCryptoKeyIAMMemberPtrOutput ¶ added in v4.11.1
func (i *CryptoKeyIAMMember) ToCryptoKeyIAMMemberPtrOutput() CryptoKeyIAMMemberPtrOutput
func (*CryptoKeyIAMMember) ToCryptoKeyIAMMemberPtrOutputWithContext ¶ added in v4.11.1
func (i *CryptoKeyIAMMember) ToCryptoKeyIAMMemberPtrOutputWithContext(ctx context.Context) CryptoKeyIAMMemberPtrOutput
type CryptoKeyIAMMemberArgs ¶
type CryptoKeyIAMMemberArgs struct {
// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
// Structure is documented below.
Condition CryptoKeyIAMMemberConditionPtrInput
// The crypto key ID, in the form
// `{project_id}/{location_name}/{key_ring_name}/{crypto_key_name}` or
// `{location_name}/{key_ring_name}/{crypto_key_name}`. In the second form,
// the provider's project setting will be used as a fallback.
CryptoKeyId pulumi.StringInput
Member pulumi.StringInput
// The role that should be applied. Note that custom roles must be of the format
// `[projects|organizations]/{parent-name}/roles/{role-name}`.
Role pulumi.StringInput
}
The set of arguments for constructing a CryptoKeyIAMMember resource.
func (CryptoKeyIAMMemberArgs) ElementType ¶
func (CryptoKeyIAMMemberArgs) ElementType() reflect.Type
type CryptoKeyIAMMemberArray ¶ added in v4.11.1
type CryptoKeyIAMMemberArray []CryptoKeyIAMMemberInput
func (CryptoKeyIAMMemberArray) ElementType ¶ added in v4.11.1
func (CryptoKeyIAMMemberArray) ElementType() reflect.Type
func (CryptoKeyIAMMemberArray) ToCryptoKeyIAMMemberArrayOutput ¶ added in v4.11.1
func (i CryptoKeyIAMMemberArray) ToCryptoKeyIAMMemberArrayOutput() CryptoKeyIAMMemberArrayOutput
func (CryptoKeyIAMMemberArray) ToCryptoKeyIAMMemberArrayOutputWithContext ¶ added in v4.11.1
func (i CryptoKeyIAMMemberArray) ToCryptoKeyIAMMemberArrayOutputWithContext(ctx context.Context) CryptoKeyIAMMemberArrayOutput
type CryptoKeyIAMMemberArrayInput ¶ added in v4.11.1
type CryptoKeyIAMMemberArrayInput interface {
pulumi.Input
ToCryptoKeyIAMMemberArrayOutput() CryptoKeyIAMMemberArrayOutput
ToCryptoKeyIAMMemberArrayOutputWithContext(context.Context) CryptoKeyIAMMemberArrayOutput
}
CryptoKeyIAMMemberArrayInput is an input type that accepts CryptoKeyIAMMemberArray and CryptoKeyIAMMemberArrayOutput values. You can construct a concrete instance of `CryptoKeyIAMMemberArrayInput` via:
CryptoKeyIAMMemberArray{ CryptoKeyIAMMemberArgs{...} }
type CryptoKeyIAMMemberArrayOutput ¶ added in v4.11.1
type CryptoKeyIAMMemberArrayOutput struct{ *pulumi.OutputState }
func (CryptoKeyIAMMemberArrayOutput) ElementType ¶ added in v4.11.1
func (CryptoKeyIAMMemberArrayOutput) ElementType() reflect.Type
func (CryptoKeyIAMMemberArrayOutput) Index ¶ added in v4.11.1
func (o CryptoKeyIAMMemberArrayOutput) Index(i pulumi.IntInput) CryptoKeyIAMMemberOutput
func (CryptoKeyIAMMemberArrayOutput) ToCryptoKeyIAMMemberArrayOutput ¶ added in v4.11.1
func (o CryptoKeyIAMMemberArrayOutput) ToCryptoKeyIAMMemberArrayOutput() CryptoKeyIAMMemberArrayOutput
func (CryptoKeyIAMMemberArrayOutput) ToCryptoKeyIAMMemberArrayOutputWithContext ¶ added in v4.11.1
func (o CryptoKeyIAMMemberArrayOutput) ToCryptoKeyIAMMemberArrayOutputWithContext(ctx context.Context) CryptoKeyIAMMemberArrayOutput
type CryptoKeyIAMMemberCondition ¶
type CryptoKeyIAMMemberCondition struct {
// An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
Description *string `pulumi:"description"`
// Textual representation of an expression in Common Expression Language syntax.
Expression string `pulumi:"expression"`
// A title for the expression, i.e. a short string describing its purpose.
Title string `pulumi:"title"`
}
type CryptoKeyIAMMemberConditionArgs ¶
type CryptoKeyIAMMemberConditionArgs struct {
// An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
Description pulumi.StringPtrInput `pulumi:"description"`
// Textual representation of an expression in Common Expression Language syntax.
Expression pulumi.StringInput `pulumi:"expression"`
// A title for the expression, i.e. a short string describing its purpose.
Title pulumi.StringInput `pulumi:"title"`
}
func (CryptoKeyIAMMemberConditionArgs) ElementType ¶
func (CryptoKeyIAMMemberConditionArgs) ElementType() reflect.Type
func (CryptoKeyIAMMemberConditionArgs) ToCryptoKeyIAMMemberConditionOutput ¶
func (i CryptoKeyIAMMemberConditionArgs) ToCryptoKeyIAMMemberConditionOutput() CryptoKeyIAMMemberConditionOutput
func (CryptoKeyIAMMemberConditionArgs) ToCryptoKeyIAMMemberConditionOutputWithContext ¶
func (i CryptoKeyIAMMemberConditionArgs) ToCryptoKeyIAMMemberConditionOutputWithContext(ctx context.Context) CryptoKeyIAMMemberConditionOutput
func (CryptoKeyIAMMemberConditionArgs) ToCryptoKeyIAMMemberConditionPtrOutput ¶
func (i CryptoKeyIAMMemberConditionArgs) ToCryptoKeyIAMMemberConditionPtrOutput() CryptoKeyIAMMemberConditionPtrOutput
func (CryptoKeyIAMMemberConditionArgs) ToCryptoKeyIAMMemberConditionPtrOutputWithContext ¶
func (i CryptoKeyIAMMemberConditionArgs) ToCryptoKeyIAMMemberConditionPtrOutputWithContext(ctx context.Context) CryptoKeyIAMMemberConditionPtrOutput
type CryptoKeyIAMMemberConditionInput ¶
type CryptoKeyIAMMemberConditionInput interface {
pulumi.Input
ToCryptoKeyIAMMemberConditionOutput() CryptoKeyIAMMemberConditionOutput
ToCryptoKeyIAMMemberConditionOutputWithContext(context.Context) CryptoKeyIAMMemberConditionOutput
}
CryptoKeyIAMMemberConditionInput is an input type that accepts CryptoKeyIAMMemberConditionArgs and CryptoKeyIAMMemberConditionOutput values. You can construct a concrete instance of `CryptoKeyIAMMemberConditionInput` via:
CryptoKeyIAMMemberConditionArgs{...}
type CryptoKeyIAMMemberConditionOutput ¶
type CryptoKeyIAMMemberConditionOutput struct{ *pulumi.OutputState }
func (CryptoKeyIAMMemberConditionOutput) Description ¶
func (o CryptoKeyIAMMemberConditionOutput) Description() pulumi.StringPtrOutput
An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
func (CryptoKeyIAMMemberConditionOutput) ElementType ¶
func (CryptoKeyIAMMemberConditionOutput) ElementType() reflect.Type
func (CryptoKeyIAMMemberConditionOutput) Expression ¶
func (o CryptoKeyIAMMemberConditionOutput) Expression() pulumi.StringOutput
Textual representation of an expression in Common Expression Language syntax.
func (CryptoKeyIAMMemberConditionOutput) Title ¶
func (o CryptoKeyIAMMemberConditionOutput) Title() pulumi.StringOutput
A title for the expression, i.e. a short string describing its purpose.
func (CryptoKeyIAMMemberConditionOutput) ToCryptoKeyIAMMemberConditionOutput ¶
func (o CryptoKeyIAMMemberConditionOutput) ToCryptoKeyIAMMemberConditionOutput() CryptoKeyIAMMemberConditionOutput
func (CryptoKeyIAMMemberConditionOutput) ToCryptoKeyIAMMemberConditionOutputWithContext ¶
func (o CryptoKeyIAMMemberConditionOutput) ToCryptoKeyIAMMemberConditionOutputWithContext(ctx context.Context) CryptoKeyIAMMemberConditionOutput
func (CryptoKeyIAMMemberConditionOutput) ToCryptoKeyIAMMemberConditionPtrOutput ¶
func (o CryptoKeyIAMMemberConditionOutput) ToCryptoKeyIAMMemberConditionPtrOutput() CryptoKeyIAMMemberConditionPtrOutput
func (CryptoKeyIAMMemberConditionOutput) ToCryptoKeyIAMMemberConditionPtrOutputWithContext ¶
func (o CryptoKeyIAMMemberConditionOutput) ToCryptoKeyIAMMemberConditionPtrOutputWithContext(ctx context.Context) CryptoKeyIAMMemberConditionPtrOutput
type CryptoKeyIAMMemberConditionPtrInput ¶
type CryptoKeyIAMMemberConditionPtrInput interface {
pulumi.Input
ToCryptoKeyIAMMemberConditionPtrOutput() CryptoKeyIAMMemberConditionPtrOutput
ToCryptoKeyIAMMemberConditionPtrOutputWithContext(context.Context) CryptoKeyIAMMemberConditionPtrOutput
}
CryptoKeyIAMMemberConditionPtrInput is an input type that accepts CryptoKeyIAMMemberConditionArgs, CryptoKeyIAMMemberConditionPtr and CryptoKeyIAMMemberConditionPtrOutput values. You can construct a concrete instance of `CryptoKeyIAMMemberConditionPtrInput` via:
CryptoKeyIAMMemberConditionArgs{...}
or:
nil
func CryptoKeyIAMMemberConditionPtr ¶
func CryptoKeyIAMMemberConditionPtr(v *CryptoKeyIAMMemberConditionArgs) CryptoKeyIAMMemberConditionPtrInput
type CryptoKeyIAMMemberConditionPtrOutput ¶
type CryptoKeyIAMMemberConditionPtrOutput struct{ *pulumi.OutputState }
func (CryptoKeyIAMMemberConditionPtrOutput) Description ¶
func (o CryptoKeyIAMMemberConditionPtrOutput) Description() pulumi.StringPtrOutput
An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
func (CryptoKeyIAMMemberConditionPtrOutput) ElementType ¶
func (CryptoKeyIAMMemberConditionPtrOutput) ElementType() reflect.Type
func (CryptoKeyIAMMemberConditionPtrOutput) Expression ¶
func (o CryptoKeyIAMMemberConditionPtrOutput) Expression() pulumi.StringPtrOutput
Textual representation of an expression in Common Expression Language syntax.
func (CryptoKeyIAMMemberConditionPtrOutput) Title ¶
func (o CryptoKeyIAMMemberConditionPtrOutput) Title() pulumi.StringPtrOutput
A title for the expression, i.e. a short string describing its purpose.
func (CryptoKeyIAMMemberConditionPtrOutput) ToCryptoKeyIAMMemberConditionPtrOutput ¶
func (o CryptoKeyIAMMemberConditionPtrOutput) ToCryptoKeyIAMMemberConditionPtrOutput() CryptoKeyIAMMemberConditionPtrOutput
func (CryptoKeyIAMMemberConditionPtrOutput) ToCryptoKeyIAMMemberConditionPtrOutputWithContext ¶
func (o CryptoKeyIAMMemberConditionPtrOutput) ToCryptoKeyIAMMemberConditionPtrOutputWithContext(ctx context.Context) CryptoKeyIAMMemberConditionPtrOutput
type CryptoKeyIAMMemberInput ¶ added in v4.4.0
type CryptoKeyIAMMemberInput interface {
pulumi.Input
ToCryptoKeyIAMMemberOutput() CryptoKeyIAMMemberOutput
ToCryptoKeyIAMMemberOutputWithContext(ctx context.Context) CryptoKeyIAMMemberOutput
}
type CryptoKeyIAMMemberMap ¶ added in v4.11.1
type CryptoKeyIAMMemberMap map[string]CryptoKeyIAMMemberInput
func (CryptoKeyIAMMemberMap) ElementType ¶ added in v4.11.1
func (CryptoKeyIAMMemberMap) ElementType() reflect.Type
func (CryptoKeyIAMMemberMap) ToCryptoKeyIAMMemberMapOutput ¶ added in v4.11.1
func (i CryptoKeyIAMMemberMap) ToCryptoKeyIAMMemberMapOutput() CryptoKeyIAMMemberMapOutput
func (CryptoKeyIAMMemberMap) ToCryptoKeyIAMMemberMapOutputWithContext ¶ added in v4.11.1
func (i CryptoKeyIAMMemberMap) ToCryptoKeyIAMMemberMapOutputWithContext(ctx context.Context) CryptoKeyIAMMemberMapOutput
type CryptoKeyIAMMemberMapInput ¶ added in v4.11.1
type CryptoKeyIAMMemberMapInput interface {
pulumi.Input
ToCryptoKeyIAMMemberMapOutput() CryptoKeyIAMMemberMapOutput
ToCryptoKeyIAMMemberMapOutputWithContext(context.Context) CryptoKeyIAMMemberMapOutput
}
CryptoKeyIAMMemberMapInput is an input type that accepts CryptoKeyIAMMemberMap and CryptoKeyIAMMemberMapOutput values. You can construct a concrete instance of `CryptoKeyIAMMemberMapInput` via:
CryptoKeyIAMMemberMap{ "key": CryptoKeyIAMMemberArgs{...} }
type CryptoKeyIAMMemberMapOutput ¶ added in v4.11.1
type CryptoKeyIAMMemberMapOutput struct{ *pulumi.OutputState }
func (CryptoKeyIAMMemberMapOutput) ElementType ¶ added in v4.11.1
func (CryptoKeyIAMMemberMapOutput) ElementType() reflect.Type
func (CryptoKeyIAMMemberMapOutput) MapIndex ¶ added in v4.11.1
func (o CryptoKeyIAMMemberMapOutput) MapIndex(k pulumi.StringInput) CryptoKeyIAMMemberOutput
func (CryptoKeyIAMMemberMapOutput) ToCryptoKeyIAMMemberMapOutput ¶ added in v4.11.1
func (o CryptoKeyIAMMemberMapOutput) ToCryptoKeyIAMMemberMapOutput() CryptoKeyIAMMemberMapOutput
func (CryptoKeyIAMMemberMapOutput) ToCryptoKeyIAMMemberMapOutputWithContext ¶ added in v4.11.1
func (o CryptoKeyIAMMemberMapOutput) ToCryptoKeyIAMMemberMapOutputWithContext(ctx context.Context) CryptoKeyIAMMemberMapOutput
type CryptoKeyIAMMemberOutput ¶ added in v4.4.0
type CryptoKeyIAMMemberOutput struct {
*pulumi.OutputState
}
func (CryptoKeyIAMMemberOutput) ElementType ¶ added in v4.4.0
func (CryptoKeyIAMMemberOutput) ElementType() reflect.Type
func (CryptoKeyIAMMemberOutput) ToCryptoKeyIAMMemberOutput ¶ added in v4.4.0
func (o CryptoKeyIAMMemberOutput) ToCryptoKeyIAMMemberOutput() CryptoKeyIAMMemberOutput
func (CryptoKeyIAMMemberOutput) ToCryptoKeyIAMMemberOutputWithContext ¶ added in v4.4.0
func (o CryptoKeyIAMMemberOutput) ToCryptoKeyIAMMemberOutputWithContext(ctx context.Context) CryptoKeyIAMMemberOutput
func (CryptoKeyIAMMemberOutput) ToCryptoKeyIAMMemberPtrOutput ¶ added in v4.11.1
func (o CryptoKeyIAMMemberOutput) ToCryptoKeyIAMMemberPtrOutput() CryptoKeyIAMMemberPtrOutput
func (CryptoKeyIAMMemberOutput) ToCryptoKeyIAMMemberPtrOutputWithContext ¶ added in v4.11.1
func (o CryptoKeyIAMMemberOutput) ToCryptoKeyIAMMemberPtrOutputWithContext(ctx context.Context) CryptoKeyIAMMemberPtrOutput
type CryptoKeyIAMMemberPtrInput ¶ added in v4.11.1
type CryptoKeyIAMMemberPtrInput interface {
pulumi.Input
ToCryptoKeyIAMMemberPtrOutput() CryptoKeyIAMMemberPtrOutput
ToCryptoKeyIAMMemberPtrOutputWithContext(ctx context.Context) CryptoKeyIAMMemberPtrOutput
}
type CryptoKeyIAMMemberPtrOutput ¶ added in v4.11.1
type CryptoKeyIAMMemberPtrOutput struct {
*pulumi.OutputState
}
func (CryptoKeyIAMMemberPtrOutput) ElementType ¶ added in v4.11.1
func (CryptoKeyIAMMemberPtrOutput) ElementType() reflect.Type
func (CryptoKeyIAMMemberPtrOutput) ToCryptoKeyIAMMemberPtrOutput ¶ added in v4.11.1
func (o CryptoKeyIAMMemberPtrOutput) ToCryptoKeyIAMMemberPtrOutput() CryptoKeyIAMMemberPtrOutput
func (CryptoKeyIAMMemberPtrOutput) ToCryptoKeyIAMMemberPtrOutputWithContext ¶ added in v4.11.1
func (o CryptoKeyIAMMemberPtrOutput) ToCryptoKeyIAMMemberPtrOutputWithContext(ctx context.Context) CryptoKeyIAMMemberPtrOutput
type CryptoKeyIAMMemberState ¶
type CryptoKeyIAMMemberState struct {
// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
// Structure is documented below.
Condition CryptoKeyIAMMemberConditionPtrInput
// The crypto key ID, in the form
// `{project_id}/{location_name}/{key_ring_name}/{crypto_key_name}` or
// `{location_name}/{key_ring_name}/{crypto_key_name}`. In the second form,
// the provider's project setting will be used as a fallback.
CryptoKeyId pulumi.StringPtrInput
// (Computed) The etag of the project's IAM policy.
Etag pulumi.StringPtrInput
Member pulumi.StringPtrInput
// The role that should be applied. Note that custom roles must be of the format
// `[projects|organizations]/{parent-name}/roles/{role-name}`.
Role pulumi.StringPtrInput
}
func (CryptoKeyIAMMemberState) ElementType ¶
func (CryptoKeyIAMMemberState) ElementType() reflect.Type
type CryptoKeyIAMPolicy ¶
type CryptoKeyIAMPolicy struct {
pulumi.CustomResourceState
// The crypto key ID, in the form
// `{project_id}/{location_name}/{key_ring_name}/{crypto_key_name}` or
// `{location_name}/{key_ring_name}/{crypto_key_name}`. In the second form,
// the provider's project setting will be used as a fallback.
CryptoKeyId pulumi.StringOutput `pulumi:"cryptoKeyId"`
// (Computed) The etag of the project's IAM policy.
Etag pulumi.StringOutput `pulumi:"etag"`
// The policy data generated by
// a `organizations.getIAMPolicy` data source.
PolicyData pulumi.StringOutput `pulumi:"policyData"`
}
Three different resources help you manage your IAM policy for KMS crypto key. Each of these resources serves a different use case:
* `kms.CryptoKeyIAMPolicy`: Authoritative. Sets the IAM policy for the crypto key and replaces any existing policy already attached. * `kms.CryptoKeyIAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the crypto key are preserved. * `kms.CryptoKeyIAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the crypto key are preserved.
> **Note:** `kms.CryptoKeyIAMPolicy` **cannot** be used in conjunction with `kms.CryptoKeyIAMBinding` and `kms.CryptoKeyIAMMember` or they will fight over what your policy should be.
> **Note:** `kms.CryptoKeyIAMBinding` resources **can be** used in conjunction with `kms.CryptoKeyIAMMember` resources **only if** they do not grant privilege to the same role.
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
keyring, err := kms.NewKeyRing(ctx, "keyring", &kms.KeyRingArgs{
Location: pulumi.String("global"),
})
if err != nil {
return err
}
key, err := kms.NewCryptoKey(ctx, "key", &kms.CryptoKeyArgs{
KeyRing: keyring.ID(),
RotationPeriod: pulumi.String("100000s"),
})
if err != nil {
return err
}
admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
Bindings: []organizations.GetIAMPolicyBinding{
organizations.GetIAMPolicyBinding{
Role: "roles/cloudkms.cryptoKeyEncrypter",
Members: []string{
"user:jane@example.com",
},
},
},
}, nil)
if err != nil {
return err
}
_, err = kms.NewCryptoKeyIAMPolicy(ctx, "cryptoKey", &kms.CryptoKeyIAMPolicyArgs{
CryptoKeyId: key.ID(),
PolicyData: pulumi.String(admin.PolicyData),
})
if err != nil {
return err
}
return nil
})
}
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
Bindings: []organizations.GetIAMPolicyBinding{
organizations.GetIAMPolicyBinding{
Condition: organizations.GetIAMPolicyBindingCondition{
Description: "Expiring at midnight of 2019-12-31",
Expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
Title: "expires_after_2019_12_31",
},
Members: []string{
"user:jane@example.com",
},
Role: "roles/cloudkms.cryptoKeyEncrypter",
},
},
}, nil)
if err != nil {
return err
}
return nil
})
}
```
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewCryptoKeyIAMBinding(ctx, "cryptoKey", &kms.CryptoKeyIAMBindingArgs{
CryptoKeyId: pulumi.Any(google_kms_crypto_key.Key.Id),
Role: pulumi.String("roles/cloudkms.cryptoKeyEncrypter"),
Members: pulumi.StringArray{
pulumi.String("user:jane@example.com"),
},
})
if err != nil {
return err
}
return nil
})
}
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewCryptoKeyIAMBinding(ctx, "cryptoKey", &kms.CryptoKeyIAMBindingArgs{
CryptoKeyId: pulumi.Any(google_kms_crypto_key.Key.Id),
Role: pulumi.String("roles/cloudkms.cryptoKeyEncrypter"),
Members: pulumi.StringArray{
pulumi.String("user:jane@example.com"),
},
Condition: &kms.CryptoKeyIAMBindingConditionArgs{
Title: pulumi.String("expires_after_2019_12_31"),
Description: pulumi.String("Expiring at midnight of 2019-12-31"),
Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
},
})
if err != nil {
return err
}
return nil
})
}
```
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewCryptoKeyIAMMember(ctx, "cryptoKey", &kms.CryptoKeyIAMMemberArgs{
CryptoKeyId: pulumi.Any(google_kms_crypto_key.Key.Id),
Role: pulumi.String("roles/cloudkms.cryptoKeyEncrypter"),
Member: pulumi.String("user:jane@example.com"),
})
if err != nil {
return err
}
return nil
})
}
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewCryptoKeyIAMMember(ctx, "cryptoKey", &kms.CryptoKeyIAMMemberArgs{
CryptoKeyId: pulumi.Any(google_kms_crypto_key.Key.Id),
Role: pulumi.String("roles/cloudkms.cryptoKeyEncrypter"),
Member: pulumi.String("user:jane@example.com"),
Condition: &kms.CryptoKeyIAMMemberConditionArgs{
Title: pulumi.String("expires_after_2019_12_31"),
Description: pulumi.String("Expiring at midnight of 2019-12-31"),
Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
},
})
if err != nil {
return err
}
return nil
})
}
```
## Import
IAM member imports use space-delimited identifiers; the resource in question, the role, and the account.
This member resource can be imported using the `crypto_key_id`, role, and member identity e.g.
```sh
$ pulumi import gcp:kms/cryptoKeyIAMPolicy:CryptoKeyIAMPolicy crypto_key "your-project-id/location-name/key-ring-name/key-name roles/viewer user:foo@example.com"
```
IAM binding imports use space-delimited identifiers; first the resource in question and then the role.
These bindings can be imported using the `crypto_key_id` and role, e.g.
```sh
$ pulumi import gcp:kms/cryptoKeyIAMPolicy:CryptoKeyIAMPolicy crypto_key "your-project-id/location-name/key-ring-name/key-name roles/editor"
```
IAM policy imports use the identifier of the resource in question.
This policy resource can be imported using the `crypto_key_id`, e.g.
```sh
$ pulumi import gcp:kms/cryptoKeyIAMPolicy:CryptoKeyIAMPolicy crypto_key your-project-id/location-name/key-ring-name/key-name
```
func GetCryptoKeyIAMPolicy ¶
func GetCryptoKeyIAMPolicy(ctx *pulumi.Context, name string, id pulumi.IDInput, state *CryptoKeyIAMPolicyState, opts ...pulumi.ResourceOption) (*CryptoKeyIAMPolicy, error)
GetCryptoKeyIAMPolicy gets an existing CryptoKeyIAMPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewCryptoKeyIAMPolicy ¶
func NewCryptoKeyIAMPolicy(ctx *pulumi.Context, name string, args *CryptoKeyIAMPolicyArgs, opts ...pulumi.ResourceOption) (*CryptoKeyIAMPolicy, error)
NewCryptoKeyIAMPolicy registers a new resource with the given unique name, arguments, and options.
func (*CryptoKeyIAMPolicy) ElementType ¶ added in v4.4.0
func (*CryptoKeyIAMPolicy) ElementType() reflect.Type
func (*CryptoKeyIAMPolicy) ToCryptoKeyIAMPolicyOutput ¶ added in v4.4.0
func (i *CryptoKeyIAMPolicy) ToCryptoKeyIAMPolicyOutput() CryptoKeyIAMPolicyOutput
func (*CryptoKeyIAMPolicy) ToCryptoKeyIAMPolicyOutputWithContext ¶ added in v4.4.0
func (i *CryptoKeyIAMPolicy) ToCryptoKeyIAMPolicyOutputWithContext(ctx context.Context) CryptoKeyIAMPolicyOutput
func (*CryptoKeyIAMPolicy) ToCryptoKeyIAMPolicyPtrOutput ¶ added in v4.11.1
func (i *CryptoKeyIAMPolicy) ToCryptoKeyIAMPolicyPtrOutput() CryptoKeyIAMPolicyPtrOutput
func (*CryptoKeyIAMPolicy) ToCryptoKeyIAMPolicyPtrOutputWithContext ¶ added in v4.11.1
func (i *CryptoKeyIAMPolicy) ToCryptoKeyIAMPolicyPtrOutputWithContext(ctx context.Context) CryptoKeyIAMPolicyPtrOutput
type CryptoKeyIAMPolicyArgs ¶
type CryptoKeyIAMPolicyArgs struct {
// The crypto key ID, in the form
// `{project_id}/{location_name}/{key_ring_name}/{crypto_key_name}` or
// `{location_name}/{key_ring_name}/{crypto_key_name}`. In the second form,
// the provider's project setting will be used as a fallback.
CryptoKeyId pulumi.StringInput
// The policy data generated by
// a `organizations.getIAMPolicy` data source.
PolicyData pulumi.StringInput
}
The set of arguments for constructing a CryptoKeyIAMPolicy resource.
func (CryptoKeyIAMPolicyArgs) ElementType ¶
func (CryptoKeyIAMPolicyArgs) ElementType() reflect.Type
type CryptoKeyIAMPolicyArray ¶ added in v4.11.1
type CryptoKeyIAMPolicyArray []CryptoKeyIAMPolicyInput
func (CryptoKeyIAMPolicyArray) ElementType ¶ added in v4.11.1
func (CryptoKeyIAMPolicyArray) ElementType() reflect.Type
func (CryptoKeyIAMPolicyArray) ToCryptoKeyIAMPolicyArrayOutput ¶ added in v4.11.1
func (i CryptoKeyIAMPolicyArray) ToCryptoKeyIAMPolicyArrayOutput() CryptoKeyIAMPolicyArrayOutput
func (CryptoKeyIAMPolicyArray) ToCryptoKeyIAMPolicyArrayOutputWithContext ¶ added in v4.11.1
func (i CryptoKeyIAMPolicyArray) ToCryptoKeyIAMPolicyArrayOutputWithContext(ctx context.Context) CryptoKeyIAMPolicyArrayOutput
type CryptoKeyIAMPolicyArrayInput ¶ added in v4.11.1
type CryptoKeyIAMPolicyArrayInput interface {
pulumi.Input
ToCryptoKeyIAMPolicyArrayOutput() CryptoKeyIAMPolicyArrayOutput
ToCryptoKeyIAMPolicyArrayOutputWithContext(context.Context) CryptoKeyIAMPolicyArrayOutput
}
CryptoKeyIAMPolicyArrayInput is an input type that accepts CryptoKeyIAMPolicyArray and CryptoKeyIAMPolicyArrayOutput values. You can construct a concrete instance of `CryptoKeyIAMPolicyArrayInput` via:
CryptoKeyIAMPolicyArray{ CryptoKeyIAMPolicyArgs{...} }
type CryptoKeyIAMPolicyArrayOutput ¶ added in v4.11.1
type CryptoKeyIAMPolicyArrayOutput struct{ *pulumi.OutputState }
func (CryptoKeyIAMPolicyArrayOutput) ElementType ¶ added in v4.11.1
func (CryptoKeyIAMPolicyArrayOutput) ElementType() reflect.Type
func (CryptoKeyIAMPolicyArrayOutput) Index ¶ added in v4.11.1
func (o CryptoKeyIAMPolicyArrayOutput) Index(i pulumi.IntInput) CryptoKeyIAMPolicyOutput
func (CryptoKeyIAMPolicyArrayOutput) ToCryptoKeyIAMPolicyArrayOutput ¶ added in v4.11.1
func (o CryptoKeyIAMPolicyArrayOutput) ToCryptoKeyIAMPolicyArrayOutput() CryptoKeyIAMPolicyArrayOutput
func (CryptoKeyIAMPolicyArrayOutput) ToCryptoKeyIAMPolicyArrayOutputWithContext ¶ added in v4.11.1
func (o CryptoKeyIAMPolicyArrayOutput) ToCryptoKeyIAMPolicyArrayOutputWithContext(ctx context.Context) CryptoKeyIAMPolicyArrayOutput
type CryptoKeyIAMPolicyInput ¶ added in v4.4.0
type CryptoKeyIAMPolicyInput interface {
pulumi.Input
ToCryptoKeyIAMPolicyOutput() CryptoKeyIAMPolicyOutput
ToCryptoKeyIAMPolicyOutputWithContext(ctx context.Context) CryptoKeyIAMPolicyOutput
}
type CryptoKeyIAMPolicyMap ¶ added in v4.11.1
type CryptoKeyIAMPolicyMap map[string]CryptoKeyIAMPolicyInput
func (CryptoKeyIAMPolicyMap) ElementType ¶ added in v4.11.1
func (CryptoKeyIAMPolicyMap) ElementType() reflect.Type
func (CryptoKeyIAMPolicyMap) ToCryptoKeyIAMPolicyMapOutput ¶ added in v4.11.1
func (i CryptoKeyIAMPolicyMap) ToCryptoKeyIAMPolicyMapOutput() CryptoKeyIAMPolicyMapOutput
func (CryptoKeyIAMPolicyMap) ToCryptoKeyIAMPolicyMapOutputWithContext ¶ added in v4.11.1
func (i CryptoKeyIAMPolicyMap) ToCryptoKeyIAMPolicyMapOutputWithContext(ctx context.Context) CryptoKeyIAMPolicyMapOutput
type CryptoKeyIAMPolicyMapInput ¶ added in v4.11.1
type CryptoKeyIAMPolicyMapInput interface {
pulumi.Input
ToCryptoKeyIAMPolicyMapOutput() CryptoKeyIAMPolicyMapOutput
ToCryptoKeyIAMPolicyMapOutputWithContext(context.Context) CryptoKeyIAMPolicyMapOutput
}
CryptoKeyIAMPolicyMapInput is an input type that accepts CryptoKeyIAMPolicyMap and CryptoKeyIAMPolicyMapOutput values. You can construct a concrete instance of `CryptoKeyIAMPolicyMapInput` via:
CryptoKeyIAMPolicyMap{ "key": CryptoKeyIAMPolicyArgs{...} }
type CryptoKeyIAMPolicyMapOutput ¶ added in v4.11.1
type CryptoKeyIAMPolicyMapOutput struct{ *pulumi.OutputState }
func (CryptoKeyIAMPolicyMapOutput) ElementType ¶ added in v4.11.1
func (CryptoKeyIAMPolicyMapOutput) ElementType() reflect.Type
func (CryptoKeyIAMPolicyMapOutput) MapIndex ¶ added in v4.11.1
func (o CryptoKeyIAMPolicyMapOutput) MapIndex(k pulumi.StringInput) CryptoKeyIAMPolicyOutput
func (CryptoKeyIAMPolicyMapOutput) ToCryptoKeyIAMPolicyMapOutput ¶ added in v4.11.1
func (o CryptoKeyIAMPolicyMapOutput) ToCryptoKeyIAMPolicyMapOutput() CryptoKeyIAMPolicyMapOutput
func (CryptoKeyIAMPolicyMapOutput) ToCryptoKeyIAMPolicyMapOutputWithContext ¶ added in v4.11.1
func (o CryptoKeyIAMPolicyMapOutput) ToCryptoKeyIAMPolicyMapOutputWithContext(ctx context.Context) CryptoKeyIAMPolicyMapOutput
type CryptoKeyIAMPolicyOutput ¶ added in v4.4.0
type CryptoKeyIAMPolicyOutput struct {
*pulumi.OutputState
}
func (CryptoKeyIAMPolicyOutput) ElementType ¶ added in v4.4.0
func (CryptoKeyIAMPolicyOutput) ElementType() reflect.Type
func (CryptoKeyIAMPolicyOutput) ToCryptoKeyIAMPolicyOutput ¶ added in v4.4.0
func (o CryptoKeyIAMPolicyOutput) ToCryptoKeyIAMPolicyOutput() CryptoKeyIAMPolicyOutput
func (CryptoKeyIAMPolicyOutput) ToCryptoKeyIAMPolicyOutputWithContext ¶ added in v4.4.0
func (o CryptoKeyIAMPolicyOutput) ToCryptoKeyIAMPolicyOutputWithContext(ctx context.Context) CryptoKeyIAMPolicyOutput
func (CryptoKeyIAMPolicyOutput) ToCryptoKeyIAMPolicyPtrOutput ¶ added in v4.11.1
func (o CryptoKeyIAMPolicyOutput) ToCryptoKeyIAMPolicyPtrOutput() CryptoKeyIAMPolicyPtrOutput
func (CryptoKeyIAMPolicyOutput) ToCryptoKeyIAMPolicyPtrOutputWithContext ¶ added in v4.11.1
func (o CryptoKeyIAMPolicyOutput) ToCryptoKeyIAMPolicyPtrOutputWithContext(ctx context.Context) CryptoKeyIAMPolicyPtrOutput
type CryptoKeyIAMPolicyPtrInput ¶ added in v4.11.1
type CryptoKeyIAMPolicyPtrInput interface {
pulumi.Input
ToCryptoKeyIAMPolicyPtrOutput() CryptoKeyIAMPolicyPtrOutput
ToCryptoKeyIAMPolicyPtrOutputWithContext(ctx context.Context) CryptoKeyIAMPolicyPtrOutput
}
type CryptoKeyIAMPolicyPtrOutput ¶ added in v4.11.1
type CryptoKeyIAMPolicyPtrOutput struct {
*pulumi.OutputState
}
func (CryptoKeyIAMPolicyPtrOutput) ElementType ¶ added in v4.11.1
func (CryptoKeyIAMPolicyPtrOutput) ElementType() reflect.Type
func (CryptoKeyIAMPolicyPtrOutput) ToCryptoKeyIAMPolicyPtrOutput ¶ added in v4.11.1
func (o CryptoKeyIAMPolicyPtrOutput) ToCryptoKeyIAMPolicyPtrOutput() CryptoKeyIAMPolicyPtrOutput
func (CryptoKeyIAMPolicyPtrOutput) ToCryptoKeyIAMPolicyPtrOutputWithContext ¶ added in v4.11.1
func (o CryptoKeyIAMPolicyPtrOutput) ToCryptoKeyIAMPolicyPtrOutputWithContext(ctx context.Context) CryptoKeyIAMPolicyPtrOutput
type CryptoKeyIAMPolicyState ¶
type CryptoKeyIAMPolicyState struct {
// The crypto key ID, in the form
// `{project_id}/{location_name}/{key_ring_name}/{crypto_key_name}` or
// `{location_name}/{key_ring_name}/{crypto_key_name}`. In the second form,
// the provider's project setting will be used as a fallback.
CryptoKeyId pulumi.StringPtrInput
// (Computed) The etag of the project's IAM policy.
Etag pulumi.StringPtrInput
// The policy data generated by
// a `organizations.getIAMPolicy` data source.
PolicyData pulumi.StringPtrInput
}
func (CryptoKeyIAMPolicyState) ElementType ¶
func (CryptoKeyIAMPolicyState) ElementType() reflect.Type
type CryptoKeyInput ¶ added in v4.4.0
type CryptoKeyInput interface {
pulumi.Input
ToCryptoKeyOutput() CryptoKeyOutput
ToCryptoKeyOutputWithContext(ctx context.Context) CryptoKeyOutput
}
type CryptoKeyMap ¶ added in v4.11.1
type CryptoKeyMap map[string]CryptoKeyInput
func (CryptoKeyMap) ElementType ¶ added in v4.11.1
func (CryptoKeyMap) ElementType() reflect.Type
func (CryptoKeyMap) ToCryptoKeyMapOutput ¶ added in v4.11.1
func (i CryptoKeyMap) ToCryptoKeyMapOutput() CryptoKeyMapOutput
func (CryptoKeyMap) ToCryptoKeyMapOutputWithContext ¶ added in v4.11.1
func (i CryptoKeyMap) ToCryptoKeyMapOutputWithContext(ctx context.Context) CryptoKeyMapOutput
type CryptoKeyMapInput ¶ added in v4.11.1
type CryptoKeyMapInput interface {
pulumi.Input
ToCryptoKeyMapOutput() CryptoKeyMapOutput
ToCryptoKeyMapOutputWithContext(context.Context) CryptoKeyMapOutput
}
CryptoKeyMapInput is an input type that accepts CryptoKeyMap and CryptoKeyMapOutput values. You can construct a concrete instance of `CryptoKeyMapInput` via:
CryptoKeyMap{ "key": CryptoKeyArgs{...} }
type CryptoKeyMapOutput ¶ added in v4.11.1
type CryptoKeyMapOutput struct{ *pulumi.OutputState }
func (CryptoKeyMapOutput) ElementType ¶ added in v4.11.1
func (CryptoKeyMapOutput) ElementType() reflect.Type
func (CryptoKeyMapOutput) MapIndex ¶ added in v4.11.1
func (o CryptoKeyMapOutput) MapIndex(k pulumi.StringInput) CryptoKeyOutput
func (CryptoKeyMapOutput) ToCryptoKeyMapOutput ¶ added in v4.11.1
func (o CryptoKeyMapOutput) ToCryptoKeyMapOutput() CryptoKeyMapOutput
func (CryptoKeyMapOutput) ToCryptoKeyMapOutputWithContext ¶ added in v4.11.1
func (o CryptoKeyMapOutput) ToCryptoKeyMapOutputWithContext(ctx context.Context) CryptoKeyMapOutput
type CryptoKeyOutput ¶ added in v4.4.0
type CryptoKeyOutput struct {
*pulumi.OutputState
}
func (CryptoKeyOutput) ElementType ¶ added in v4.4.0
func (CryptoKeyOutput) ElementType() reflect.Type
func (CryptoKeyOutput) ToCryptoKeyOutput ¶ added in v4.4.0
func (o CryptoKeyOutput) ToCryptoKeyOutput() CryptoKeyOutput
func (CryptoKeyOutput) ToCryptoKeyOutputWithContext ¶ added in v4.4.0
func (o CryptoKeyOutput) ToCryptoKeyOutputWithContext(ctx context.Context) CryptoKeyOutput
func (CryptoKeyOutput) ToCryptoKeyPtrOutput ¶ added in v4.11.1
func (o CryptoKeyOutput) ToCryptoKeyPtrOutput() CryptoKeyPtrOutput
func (CryptoKeyOutput) ToCryptoKeyPtrOutputWithContext ¶ added in v4.11.1
func (o CryptoKeyOutput) ToCryptoKeyPtrOutputWithContext(ctx context.Context) CryptoKeyPtrOutput
type CryptoKeyPtrInput ¶ added in v4.11.1
type CryptoKeyPtrInput interface {
pulumi.Input
ToCryptoKeyPtrOutput() CryptoKeyPtrOutput
ToCryptoKeyPtrOutputWithContext(ctx context.Context) CryptoKeyPtrOutput
}
type CryptoKeyPtrOutput ¶ added in v4.11.1
type CryptoKeyPtrOutput struct {
*pulumi.OutputState
}
func (CryptoKeyPtrOutput) ElementType ¶ added in v4.11.1
func (CryptoKeyPtrOutput) ElementType() reflect.Type
func (CryptoKeyPtrOutput) ToCryptoKeyPtrOutput ¶ added in v4.11.1
func (o CryptoKeyPtrOutput) ToCryptoKeyPtrOutput() CryptoKeyPtrOutput
func (CryptoKeyPtrOutput) ToCryptoKeyPtrOutputWithContext ¶ added in v4.11.1
func (o CryptoKeyPtrOutput) ToCryptoKeyPtrOutputWithContext(ctx context.Context) CryptoKeyPtrOutput
type CryptoKeyState ¶
type CryptoKeyState struct {
// The KeyRing that this key belongs to.
// Format: `'projects/{{project}}/locations/{{location}}/keyRings/{{keyRing}}'`.
KeyRing pulumi.StringPtrInput
// Labels with user-defined metadata to apply to this resource.
Labels pulumi.StringMapInput
// The resource name for the CryptoKey.
Name pulumi.StringPtrInput
// The immutable purpose of this CryptoKey. See the
// [purpose reference](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys#CryptoKeyPurpose)
// for possible inputs.
// Default value is `ENCRYPT_DECRYPT`.
// Possible values are `ENCRYPT_DECRYPT`, `ASYMMETRIC_SIGN`, and `ASYMMETRIC_DECRYPT`.
Purpose pulumi.StringPtrInput
// Every time this period passes, generate a new CryptoKeyVersion and set it as the primary.
// The first rotation will take place after the specified period. The rotation period has
// the format of a decimal number with up to 9 fractional digits, followed by the
// letter `s` (seconds). It must be greater than a day (ie, 86400).
RotationPeriod pulumi.StringPtrInput
// The self link of the created KeyRing in the format projects/{project}/locations/{location}/keyRings/{name}.
//
// Deprecated: Deprecated in favor of id, which contains an identical value. This field will be removed in the next major release of the provider.
SelfLink pulumi.StringPtrInput
// If set to true, the request will create a CryptoKey without any CryptoKeyVersions.
// You must use the `kms.KeyRingImportJob` resource to import the CryptoKeyVersion.
SkipInitialVersionCreation pulumi.BoolPtrInput
// A template describing settings for new crypto key versions.
// Structure is documented below.
VersionTemplate CryptoKeyVersionTemplatePtrInput
}
func (CryptoKeyState) ElementType ¶
func (CryptoKeyState) ElementType() reflect.Type
type CryptoKeyVersionTemplate ¶
type CryptoKeyVersionTemplate struct {
// The algorithm to use when creating a version based on this template.
// See the [algorithm reference](https://cloud.google.com/kms/docs/reference/rest/v1/CryptoKeyVersionAlgorithm) for possible inputs.
Algorithm string `pulumi:"algorithm"`
// The protection level to use when creating a version based on this template.
// Default value is `SOFTWARE`.
// Possible values are `SOFTWARE` and `HSM`.
ProtectionLevel *string `pulumi:"protectionLevel"`
}
type CryptoKeyVersionTemplateArgs ¶
type CryptoKeyVersionTemplateArgs struct {
// The algorithm to use when creating a version based on this template.
// See the [algorithm reference](https://cloud.google.com/kms/docs/reference/rest/v1/CryptoKeyVersionAlgorithm) for possible inputs.
Algorithm pulumi.StringInput `pulumi:"algorithm"`
// The protection level to use when creating a version based on this template.
// Default value is `SOFTWARE`.
// Possible values are `SOFTWARE` and `HSM`.
ProtectionLevel pulumi.StringPtrInput `pulumi:"protectionLevel"`
}
func (CryptoKeyVersionTemplateArgs) ElementType ¶
func (CryptoKeyVersionTemplateArgs) ElementType() reflect.Type
func (CryptoKeyVersionTemplateArgs) ToCryptoKeyVersionTemplateOutput ¶
func (i CryptoKeyVersionTemplateArgs) ToCryptoKeyVersionTemplateOutput() CryptoKeyVersionTemplateOutput
func (CryptoKeyVersionTemplateArgs) ToCryptoKeyVersionTemplateOutputWithContext ¶
func (i CryptoKeyVersionTemplateArgs) ToCryptoKeyVersionTemplateOutputWithContext(ctx context.Context) CryptoKeyVersionTemplateOutput
func (CryptoKeyVersionTemplateArgs) ToCryptoKeyVersionTemplatePtrOutput ¶
func (i CryptoKeyVersionTemplateArgs) ToCryptoKeyVersionTemplatePtrOutput() CryptoKeyVersionTemplatePtrOutput
func (CryptoKeyVersionTemplateArgs) ToCryptoKeyVersionTemplatePtrOutputWithContext ¶
func (i CryptoKeyVersionTemplateArgs) ToCryptoKeyVersionTemplatePtrOutputWithContext(ctx context.Context) CryptoKeyVersionTemplatePtrOutput
type CryptoKeyVersionTemplateInput ¶
type CryptoKeyVersionTemplateInput interface {
pulumi.Input
ToCryptoKeyVersionTemplateOutput() CryptoKeyVersionTemplateOutput
ToCryptoKeyVersionTemplateOutputWithContext(context.Context) CryptoKeyVersionTemplateOutput
}
CryptoKeyVersionTemplateInput is an input type that accepts CryptoKeyVersionTemplateArgs and CryptoKeyVersionTemplateOutput values. You can construct a concrete instance of `CryptoKeyVersionTemplateInput` via:
CryptoKeyVersionTemplateArgs{...}
type CryptoKeyVersionTemplateOutput ¶
type CryptoKeyVersionTemplateOutput struct{ *pulumi.OutputState }
func (CryptoKeyVersionTemplateOutput) Algorithm ¶
func (o CryptoKeyVersionTemplateOutput) Algorithm() pulumi.StringOutput
The algorithm to use when creating a version based on this template. See the [algorithm reference](https://cloud.google.com/kms/docs/reference/rest/v1/CryptoKeyVersionAlgorithm) for possible inputs.
func (CryptoKeyVersionTemplateOutput) ElementType ¶
func (CryptoKeyVersionTemplateOutput) ElementType() reflect.Type
func (CryptoKeyVersionTemplateOutput) ProtectionLevel ¶
func (o CryptoKeyVersionTemplateOutput) ProtectionLevel() pulumi.StringPtrOutput
The protection level to use when creating a version based on this template. Default value is `SOFTWARE`. Possible values are `SOFTWARE` and `HSM`.
func (CryptoKeyVersionTemplateOutput) ToCryptoKeyVersionTemplateOutput ¶
func (o CryptoKeyVersionTemplateOutput) ToCryptoKeyVersionTemplateOutput() CryptoKeyVersionTemplateOutput
func (CryptoKeyVersionTemplateOutput) ToCryptoKeyVersionTemplateOutputWithContext ¶
func (o CryptoKeyVersionTemplateOutput) ToCryptoKeyVersionTemplateOutputWithContext(ctx context.Context) CryptoKeyVersionTemplateOutput
func (CryptoKeyVersionTemplateOutput) ToCryptoKeyVersionTemplatePtrOutput ¶
func (o CryptoKeyVersionTemplateOutput) ToCryptoKeyVersionTemplatePtrOutput() CryptoKeyVersionTemplatePtrOutput
func (CryptoKeyVersionTemplateOutput) ToCryptoKeyVersionTemplatePtrOutputWithContext ¶
func (o CryptoKeyVersionTemplateOutput) ToCryptoKeyVersionTemplatePtrOutputWithContext(ctx context.Context) CryptoKeyVersionTemplatePtrOutput
type CryptoKeyVersionTemplatePtrInput ¶
type CryptoKeyVersionTemplatePtrInput interface {
pulumi.Input
ToCryptoKeyVersionTemplatePtrOutput() CryptoKeyVersionTemplatePtrOutput
ToCryptoKeyVersionTemplatePtrOutputWithContext(context.Context) CryptoKeyVersionTemplatePtrOutput
}
CryptoKeyVersionTemplatePtrInput is an input type that accepts CryptoKeyVersionTemplateArgs, CryptoKeyVersionTemplatePtr and CryptoKeyVersionTemplatePtrOutput values. You can construct a concrete instance of `CryptoKeyVersionTemplatePtrInput` via:
CryptoKeyVersionTemplateArgs{...}
or:
nil
func CryptoKeyVersionTemplatePtr ¶
func CryptoKeyVersionTemplatePtr(v *CryptoKeyVersionTemplateArgs) CryptoKeyVersionTemplatePtrInput
type CryptoKeyVersionTemplatePtrOutput ¶
type CryptoKeyVersionTemplatePtrOutput struct{ *pulumi.OutputState }
func (CryptoKeyVersionTemplatePtrOutput) Algorithm ¶
func (o CryptoKeyVersionTemplatePtrOutput) Algorithm() pulumi.StringPtrOutput
The algorithm to use when creating a version based on this template. See the [algorithm reference](https://cloud.google.com/kms/docs/reference/rest/v1/CryptoKeyVersionAlgorithm) for possible inputs.
func (CryptoKeyVersionTemplatePtrOutput) Elem ¶
func (o CryptoKeyVersionTemplatePtrOutput) Elem() CryptoKeyVersionTemplateOutput
func (CryptoKeyVersionTemplatePtrOutput) ElementType ¶
func (CryptoKeyVersionTemplatePtrOutput) ElementType() reflect.Type
func (CryptoKeyVersionTemplatePtrOutput) ProtectionLevel ¶
func (o CryptoKeyVersionTemplatePtrOutput) ProtectionLevel() pulumi.StringPtrOutput
The protection level to use when creating a version based on this template. Default value is `SOFTWARE`. Possible values are `SOFTWARE` and `HSM`.
func (CryptoKeyVersionTemplatePtrOutput) ToCryptoKeyVersionTemplatePtrOutput ¶
func (o CryptoKeyVersionTemplatePtrOutput) ToCryptoKeyVersionTemplatePtrOutput() CryptoKeyVersionTemplatePtrOutput
func (CryptoKeyVersionTemplatePtrOutput) ToCryptoKeyVersionTemplatePtrOutputWithContext ¶
func (o CryptoKeyVersionTemplatePtrOutput) ToCryptoKeyVersionTemplatePtrOutputWithContext(ctx context.Context) CryptoKeyVersionTemplatePtrOutput
type GetKMSCryptoKeyArgs ¶
type GetKMSCryptoKeyArgs struct {
// The `selfLink` of the Google Cloud Platform KeyRing to which the key belongs.
KeyRing string `pulumi:"keyRing"`
// The CryptoKey's name.
// A CryptoKey’s name belonging to the specified Google Cloud Platform KeyRing and match the regular expression `[a-zA-Z0-9_-]{1,63}`
Name string `pulumi:"name"`
}
A collection of arguments for invoking getKMSCryptoKey.
type GetKMSCryptoKeyResult ¶
type GetKMSCryptoKeyResult struct {
// The provider-assigned unique ID for this managed resource.
Id string `pulumi:"id"`
KeyRing string `pulumi:"keyRing"`
Labels map[string]string `pulumi:"labels"`
Name string `pulumi:"name"`
// Defines the cryptographic capabilities of the key.
Purpose string `pulumi:"purpose"`
// Every time this period passes, generate a new CryptoKeyVersion and set it as
// the primary. The first rotation will take place after the specified period. The rotation period has the format
// of a decimal number with up to 9 fractional digits, followed by the letter s (seconds).
RotationPeriod string `pulumi:"rotationPeriod"`
// The self link of the created CryptoKey. Its format is `projects/{projectId}/locations/{location}/keyRings/{keyRingName}/cryptoKeys/{cryptoKeyName}`.
SelfLink string `pulumi:"selfLink"`
SkipInitialVersionCreation bool `pulumi:"skipInitialVersionCreation"`
VersionTemplates []GetKMSCryptoKeyVersionTemplate `pulumi:"versionTemplates"`
}
A collection of values returned by getKMSCryptoKey.
func GetKMSCryptoKey ¶
func GetKMSCryptoKey(ctx *pulumi.Context, args *GetKMSCryptoKeyArgs, opts ...pulumi.InvokeOption) (*GetKMSCryptoKeyResult, error)
Provides access to a Google Cloud Platform KMS CryptoKey. For more information see [the official documentation](https://cloud.google.com/kms/docs/object-hierarchy#key) and [API](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys).
A CryptoKey is an interface to key material which can be used to encrypt and decrypt data. A CryptoKey belongs to a Google Cloud KMS KeyRing.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
myKeyRing, err := kms.GetKMSKeyRing(ctx, &kms.GetKMSKeyRingArgs{
Name: "my-key-ring",
Location: "us-central1",
}, nil)
if err != nil {
return err
}
_, err = kms.GetKMSCryptoKey(ctx, &kms.GetKMSCryptoKeyArgs{
Name: "my-crypto-key",
KeyRing: myKeyRing.SelfLink,
}, nil)
if err != nil {
return err
}
return nil
})
}
```
type GetKMSCryptoKeyVersionArgs ¶
type GetKMSCryptoKeyVersionArgs struct {
// The `selfLink` of the Google Cloud Platform CryptoKey to which the key version belongs.
CryptoKey string `pulumi:"cryptoKey"`
// The version number for this CryptoKeyVersion. Defaults to `1`.
Version *int `pulumi:"version"`
}
A collection of arguments for invoking getKMSCryptoKeyVersion.
type GetKMSCryptoKeyVersionPublicKey ¶
type GetKMSCryptoKeyVersionPublicKey struct {
// The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.
Algorithm string `pulumi:"algorithm"`
// The public key, encoded in PEM format. For more information, see the RFC 7468 sections for General Considerations and Textual Encoding of Subject Public Key Info.
Pem string `pulumi:"pem"`
}
type GetKMSCryptoKeyVersionPublicKeyArgs ¶
type GetKMSCryptoKeyVersionPublicKeyArgs struct {
// The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.
Algorithm pulumi.StringInput `pulumi:"algorithm"`
// The public key, encoded in PEM format. For more information, see the RFC 7468 sections for General Considerations and Textual Encoding of Subject Public Key Info.
Pem pulumi.StringInput `pulumi:"pem"`
}
func (GetKMSCryptoKeyVersionPublicKeyArgs) ElementType ¶
func (GetKMSCryptoKeyVersionPublicKeyArgs) ElementType() reflect.Type
func (GetKMSCryptoKeyVersionPublicKeyArgs) ToGetKMSCryptoKeyVersionPublicKeyOutput ¶
func (i GetKMSCryptoKeyVersionPublicKeyArgs) ToGetKMSCryptoKeyVersionPublicKeyOutput() GetKMSCryptoKeyVersionPublicKeyOutput
func (GetKMSCryptoKeyVersionPublicKeyArgs) ToGetKMSCryptoKeyVersionPublicKeyOutputWithContext ¶
func (i GetKMSCryptoKeyVersionPublicKeyArgs) ToGetKMSCryptoKeyVersionPublicKeyOutputWithContext(ctx context.Context) GetKMSCryptoKeyVersionPublicKeyOutput
type GetKMSCryptoKeyVersionPublicKeyArray ¶
type GetKMSCryptoKeyVersionPublicKeyArray []GetKMSCryptoKeyVersionPublicKeyInput
func (GetKMSCryptoKeyVersionPublicKeyArray) ElementType ¶
func (GetKMSCryptoKeyVersionPublicKeyArray) ElementType() reflect.Type
func (GetKMSCryptoKeyVersionPublicKeyArray) ToGetKMSCryptoKeyVersionPublicKeyArrayOutput ¶
func (i GetKMSCryptoKeyVersionPublicKeyArray) ToGetKMSCryptoKeyVersionPublicKeyArrayOutput() GetKMSCryptoKeyVersionPublicKeyArrayOutput
func (GetKMSCryptoKeyVersionPublicKeyArray) ToGetKMSCryptoKeyVersionPublicKeyArrayOutputWithContext ¶
func (i GetKMSCryptoKeyVersionPublicKeyArray) ToGetKMSCryptoKeyVersionPublicKeyArrayOutputWithContext(ctx context.Context) GetKMSCryptoKeyVersionPublicKeyArrayOutput
type GetKMSCryptoKeyVersionPublicKeyArrayInput ¶
type GetKMSCryptoKeyVersionPublicKeyArrayInput interface {
pulumi.Input
ToGetKMSCryptoKeyVersionPublicKeyArrayOutput() GetKMSCryptoKeyVersionPublicKeyArrayOutput
ToGetKMSCryptoKeyVersionPublicKeyArrayOutputWithContext(context.Context) GetKMSCryptoKeyVersionPublicKeyArrayOutput
}
GetKMSCryptoKeyVersionPublicKeyArrayInput is an input type that accepts GetKMSCryptoKeyVersionPublicKeyArray and GetKMSCryptoKeyVersionPublicKeyArrayOutput values. You can construct a concrete instance of `GetKMSCryptoKeyVersionPublicKeyArrayInput` via:
GetKMSCryptoKeyVersionPublicKeyArray{ GetKMSCryptoKeyVersionPublicKeyArgs{...} }
type GetKMSCryptoKeyVersionPublicKeyArrayOutput ¶
type GetKMSCryptoKeyVersionPublicKeyArrayOutput struct{ *pulumi.OutputState }
func (GetKMSCryptoKeyVersionPublicKeyArrayOutput) ElementType ¶
func (GetKMSCryptoKeyVersionPublicKeyArrayOutput) ElementType() reflect.Type
func (GetKMSCryptoKeyVersionPublicKeyArrayOutput) ToGetKMSCryptoKeyVersionPublicKeyArrayOutput ¶
func (o GetKMSCryptoKeyVersionPublicKeyArrayOutput) ToGetKMSCryptoKeyVersionPublicKeyArrayOutput() GetKMSCryptoKeyVersionPublicKeyArrayOutput
func (GetKMSCryptoKeyVersionPublicKeyArrayOutput) ToGetKMSCryptoKeyVersionPublicKeyArrayOutputWithContext ¶
func (o GetKMSCryptoKeyVersionPublicKeyArrayOutput) ToGetKMSCryptoKeyVersionPublicKeyArrayOutputWithContext(ctx context.Context) GetKMSCryptoKeyVersionPublicKeyArrayOutput
type GetKMSCryptoKeyVersionPublicKeyInput ¶
type GetKMSCryptoKeyVersionPublicKeyInput interface {
pulumi.Input
ToGetKMSCryptoKeyVersionPublicKeyOutput() GetKMSCryptoKeyVersionPublicKeyOutput
ToGetKMSCryptoKeyVersionPublicKeyOutputWithContext(context.Context) GetKMSCryptoKeyVersionPublicKeyOutput
}
GetKMSCryptoKeyVersionPublicKeyInput is an input type that accepts GetKMSCryptoKeyVersionPublicKeyArgs and GetKMSCryptoKeyVersionPublicKeyOutput values. You can construct a concrete instance of `GetKMSCryptoKeyVersionPublicKeyInput` via:
GetKMSCryptoKeyVersionPublicKeyArgs{...}
type GetKMSCryptoKeyVersionPublicKeyOutput ¶
type GetKMSCryptoKeyVersionPublicKeyOutput struct{ *pulumi.OutputState }
func (GetKMSCryptoKeyVersionPublicKeyOutput) Algorithm ¶
func (o GetKMSCryptoKeyVersionPublicKeyOutput) Algorithm() pulumi.StringOutput
The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.
func (GetKMSCryptoKeyVersionPublicKeyOutput) ElementType ¶
func (GetKMSCryptoKeyVersionPublicKeyOutput) ElementType() reflect.Type
func (GetKMSCryptoKeyVersionPublicKeyOutput) Pem ¶
func (o GetKMSCryptoKeyVersionPublicKeyOutput) Pem() pulumi.StringOutput
The public key, encoded in PEM format. For more information, see the RFC 7468 sections for General Considerations and Textual Encoding of Subject Public Key Info.
func (GetKMSCryptoKeyVersionPublicKeyOutput) ToGetKMSCryptoKeyVersionPublicKeyOutput ¶
func (o GetKMSCryptoKeyVersionPublicKeyOutput) ToGetKMSCryptoKeyVersionPublicKeyOutput() GetKMSCryptoKeyVersionPublicKeyOutput
func (GetKMSCryptoKeyVersionPublicKeyOutput) ToGetKMSCryptoKeyVersionPublicKeyOutputWithContext ¶
func (o GetKMSCryptoKeyVersionPublicKeyOutput) ToGetKMSCryptoKeyVersionPublicKeyOutputWithContext(ctx context.Context) GetKMSCryptoKeyVersionPublicKeyOutput
type GetKMSCryptoKeyVersionResult ¶
type GetKMSCryptoKeyVersionResult struct {
// The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.
Algorithm string `pulumi:"algorithm"`
CryptoKey string `pulumi:"cryptoKey"`
// The provider-assigned unique ID for this managed resource.
Id string `pulumi:"id"`
// The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion. See the [protectionLevel reference](https://cloud.google.com/kms/docs/reference/rest/v1/ProtectionLevel) for possible outputs.
ProtectionLevel string `pulumi:"protectionLevel"`
// If the enclosing CryptoKey has purpose `ASYMMETRIC_SIGN` or `ASYMMETRIC_DECRYPT`, this block contains details about the public key associated to this CryptoKeyVersion. Structure is documented below.
PublicKeys []GetKMSCryptoKeyVersionPublicKey `pulumi:"publicKeys"`
// The current state of the CryptoKeyVersion. See the [state reference](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys.cryptoKeyVersions#CryptoKeyVersion.CryptoKeyVersionState) for possible outputs.
State string `pulumi:"state"`
Version *int `pulumi:"version"`
}
A collection of values returned by getKMSCryptoKeyVersion.
func GetKMSCryptoKeyVersion ¶
func GetKMSCryptoKeyVersion(ctx *pulumi.Context, args *GetKMSCryptoKeyVersionArgs, opts ...pulumi.InvokeOption) (*GetKMSCryptoKeyVersionResult, error)
Provides access to a Google Cloud Platform KMS CryptoKeyVersion. For more information see [the official documentation](https://cloud.google.com/kms/docs/object-hierarchy#key_version) and [API](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys.cryptoKeyVersions).
A CryptoKeyVersion represents an individual cryptographic key, and the associated key material.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
myKeyRing, err := kms.GetKMSKeyRing(ctx, &kms.GetKMSKeyRingArgs{
Name: "my-key-ring",
Location: "us-central1",
}, nil)
if err != nil {
return err
}
_, err = kms.GetKMSCryptoKey(ctx, &kms.GetKMSCryptoKeyArgs{
Name: "my-crypto-key",
KeyRing: myKeyRing.SelfLink,
}, nil)
if err != nil {
return err
}
_, err = kms.GetKMSCryptoKeyVersion(ctx, &kms.GetKMSCryptoKeyVersionArgs{
CryptoKey: data.Google_kms_key.My_key.Self_link,
}, nil)
if err != nil {
return err
}
return nil
})
}
```
type GetKMSCryptoKeyVersionTemplateArgs ¶
type GetKMSCryptoKeyVersionTemplateArgs struct {
Algorithm pulumi.StringInput `pulumi:"algorithm"`
ProtectionLevel pulumi.StringInput `pulumi:"protectionLevel"`
}
func (GetKMSCryptoKeyVersionTemplateArgs) ElementType ¶
func (GetKMSCryptoKeyVersionTemplateArgs) ElementType() reflect.Type
func (GetKMSCryptoKeyVersionTemplateArgs) ToGetKMSCryptoKeyVersionTemplateOutput ¶
func (i GetKMSCryptoKeyVersionTemplateArgs) ToGetKMSCryptoKeyVersionTemplateOutput() GetKMSCryptoKeyVersionTemplateOutput
func (GetKMSCryptoKeyVersionTemplateArgs) ToGetKMSCryptoKeyVersionTemplateOutputWithContext ¶
func (i GetKMSCryptoKeyVersionTemplateArgs) ToGetKMSCryptoKeyVersionTemplateOutputWithContext(ctx context.Context) GetKMSCryptoKeyVersionTemplateOutput
type GetKMSCryptoKeyVersionTemplateArray ¶
type GetKMSCryptoKeyVersionTemplateArray []GetKMSCryptoKeyVersionTemplateInput
func (GetKMSCryptoKeyVersionTemplateArray) ElementType ¶
func (GetKMSCryptoKeyVersionTemplateArray) ElementType() reflect.Type
func (GetKMSCryptoKeyVersionTemplateArray) ToGetKMSCryptoKeyVersionTemplateArrayOutput ¶
func (i GetKMSCryptoKeyVersionTemplateArray) ToGetKMSCryptoKeyVersionTemplateArrayOutput() GetKMSCryptoKeyVersionTemplateArrayOutput
func (GetKMSCryptoKeyVersionTemplateArray) ToGetKMSCryptoKeyVersionTemplateArrayOutputWithContext ¶
func (i GetKMSCryptoKeyVersionTemplateArray) ToGetKMSCryptoKeyVersionTemplateArrayOutputWithContext(ctx context.Context) GetKMSCryptoKeyVersionTemplateArrayOutput
type GetKMSCryptoKeyVersionTemplateArrayInput ¶
type GetKMSCryptoKeyVersionTemplateArrayInput interface {
pulumi.Input
ToGetKMSCryptoKeyVersionTemplateArrayOutput() GetKMSCryptoKeyVersionTemplateArrayOutput
ToGetKMSCryptoKeyVersionTemplateArrayOutputWithContext(context.Context) GetKMSCryptoKeyVersionTemplateArrayOutput
}
GetKMSCryptoKeyVersionTemplateArrayInput is an input type that accepts GetKMSCryptoKeyVersionTemplateArray and GetKMSCryptoKeyVersionTemplateArrayOutput values. You can construct a concrete instance of `GetKMSCryptoKeyVersionTemplateArrayInput` via:
GetKMSCryptoKeyVersionTemplateArray{ GetKMSCryptoKeyVersionTemplateArgs{...} }
type GetKMSCryptoKeyVersionTemplateArrayOutput ¶
type GetKMSCryptoKeyVersionTemplateArrayOutput struct{ *pulumi.OutputState }
func (GetKMSCryptoKeyVersionTemplateArrayOutput) ElementType ¶
func (GetKMSCryptoKeyVersionTemplateArrayOutput) ElementType() reflect.Type
func (GetKMSCryptoKeyVersionTemplateArrayOutput) ToGetKMSCryptoKeyVersionTemplateArrayOutput ¶
func (o GetKMSCryptoKeyVersionTemplateArrayOutput) ToGetKMSCryptoKeyVersionTemplateArrayOutput() GetKMSCryptoKeyVersionTemplateArrayOutput
func (GetKMSCryptoKeyVersionTemplateArrayOutput) ToGetKMSCryptoKeyVersionTemplateArrayOutputWithContext ¶
func (o GetKMSCryptoKeyVersionTemplateArrayOutput) ToGetKMSCryptoKeyVersionTemplateArrayOutputWithContext(ctx context.Context) GetKMSCryptoKeyVersionTemplateArrayOutput
type GetKMSCryptoKeyVersionTemplateInput ¶
type GetKMSCryptoKeyVersionTemplateInput interface {
pulumi.Input
ToGetKMSCryptoKeyVersionTemplateOutput() GetKMSCryptoKeyVersionTemplateOutput
ToGetKMSCryptoKeyVersionTemplateOutputWithContext(context.Context) GetKMSCryptoKeyVersionTemplateOutput
}
GetKMSCryptoKeyVersionTemplateInput is an input type that accepts GetKMSCryptoKeyVersionTemplateArgs and GetKMSCryptoKeyVersionTemplateOutput values. You can construct a concrete instance of `GetKMSCryptoKeyVersionTemplateInput` via:
GetKMSCryptoKeyVersionTemplateArgs{...}
type GetKMSCryptoKeyVersionTemplateOutput ¶
type GetKMSCryptoKeyVersionTemplateOutput struct{ *pulumi.OutputState }
func (GetKMSCryptoKeyVersionTemplateOutput) Algorithm ¶
func (o GetKMSCryptoKeyVersionTemplateOutput) Algorithm() pulumi.StringOutput
func (GetKMSCryptoKeyVersionTemplateOutput) ElementType ¶
func (GetKMSCryptoKeyVersionTemplateOutput) ElementType() reflect.Type
func (GetKMSCryptoKeyVersionTemplateOutput) ProtectionLevel ¶
func (o GetKMSCryptoKeyVersionTemplateOutput) ProtectionLevel() pulumi.StringOutput
func (GetKMSCryptoKeyVersionTemplateOutput) ToGetKMSCryptoKeyVersionTemplateOutput ¶
func (o GetKMSCryptoKeyVersionTemplateOutput) ToGetKMSCryptoKeyVersionTemplateOutput() GetKMSCryptoKeyVersionTemplateOutput
func (GetKMSCryptoKeyVersionTemplateOutput) ToGetKMSCryptoKeyVersionTemplateOutputWithContext ¶
func (o GetKMSCryptoKeyVersionTemplateOutput) ToGetKMSCryptoKeyVersionTemplateOutputWithContext(ctx context.Context) GetKMSCryptoKeyVersionTemplateOutput
type GetKMSKeyRingArgs ¶
type GetKMSKeyRingArgs struct {
// The Google Cloud Platform location for the KeyRing.
// A full list of valid locations can be found by running `gcloud kms locations list`.
Location string `pulumi:"location"`
// The KeyRing's name.
// A KeyRing name must exist within the provided location and match the regular expression `[a-zA-Z0-9_-]{1,63}`
Name string `pulumi:"name"`
// The project in which the resource belongs. If it
// is not provided, the provider project is used.
Project *string `pulumi:"project"`
}
A collection of arguments for invoking getKMSKeyRing.
type GetKMSKeyRingResult ¶
type GetKMSKeyRingResult struct {
// The provider-assigned unique ID for this managed resource.
Id string `pulumi:"id"`
Location string `pulumi:"location"`
Name string `pulumi:"name"`
Project *string `pulumi:"project"`
// The self link of the created KeyRing. Its format is `projects/{projectId}/locations/{location}/keyRings/{keyRingName}`.
SelfLink string `pulumi:"selfLink"`
}
A collection of values returned by getKMSKeyRing.
func GetKMSKeyRing ¶
func GetKMSKeyRing(ctx *pulumi.Context, args *GetKMSKeyRingArgs, opts ...pulumi.InvokeOption) (*GetKMSKeyRingResult, error)
Provides access to Google Cloud Platform KMS KeyRing. For more information see [the official documentation](https://cloud.google.com/kms/docs/object-hierarchy#key_ring) and [API](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings).
A KeyRing is a grouping of CryptoKeys for organizational purposes. A KeyRing belongs to a Google Cloud Platform Project and resides in a specific location.
## Example Usage
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.GetKMSKeyRing(ctx, &kms.GetKMSKeyRingArgs{
Location: "us-central1",
Name: "my-key-ring",
}, nil)
if err != nil {
return err
}
return nil
})
}
```
type GetKMSSecretArgs ¶
type GetKMSSecretArgs struct {
// The [additional authenticated data](https://cloud.google.com/kms/docs/additional-authenticated-data) used for integrity checks during encryption and decryption.
AdditionalAuthenticatedData *string `pulumi:"additionalAuthenticatedData"`
// The ciphertext to be decrypted, encoded in base64
Ciphertext string `pulumi:"ciphertext"`
// The id of the CryptoKey that will be used to
// decrypt the provided ciphertext. This is represented by the format
// `{projectId}/{location}/{keyRingName}/{cryptoKeyName}`.
CryptoKey string `pulumi:"cryptoKey"`
}
A collection of arguments for invoking getKMSSecret.
type GetKMSSecretAsymmetricArgs ¶ added in v4.18.0
type GetKMSSecretAsymmetricArgs struct {
// The ciphertext to be decrypted, encoded in base64
Ciphertext string `pulumi:"ciphertext"`
// The crc32 checksum of the `ciphertext` in hexadecimal notation.
Crc32 *string `pulumi:"crc32"`
// The id of the CryptoKey version that will be used to
// decrypt the provided ciphertext. This is represented by the format
// `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}/cryptoKeyVersions/{version}`.
CryptoKeyVersion string `pulumi:"cryptoKeyVersion"`
}
A collection of arguments for invoking getKMSSecretAsymmetric.
type GetKMSSecretAsymmetricResult ¶ added in v4.18.0
type GetKMSSecretAsymmetricResult struct {
Ciphertext string `pulumi:"ciphertext"`
// Contains the crc32 checksum of the provided ciphertext.
Crc32 *string `pulumi:"crc32"`
CryptoKeyVersion string `pulumi:"cryptoKeyVersion"`
// The provider-assigned unique ID for this managed resource.
Id string `pulumi:"id"`
// Contains the result of decrypting the provided ciphertext.
Plaintext string `pulumi:"plaintext"`
}
A collection of values returned by getKMSSecretAsymmetric.
func GetKMSSecretAsymmetric ¶ added in v4.18.0
func GetKMSSecretAsymmetric(ctx *pulumi.Context, args *GetKMSSecretAsymmetricArgs, opts ...pulumi.InvokeOption) (*GetKMSSecretAsymmetricResult, error)
This data source allows you to use data encrypted with a Google Cloud KMS asymmetric key within your resource definitions.
For more information see [the official documentation](https://cloud.google.com/kms/docs/encrypt-decrypt-rsa).
> **NOTE:** Using this data provider will allow you to conceal secret data within your resource definitions, but it does not take care of protecting that data in the logging output, plan output, or state output. Please take care to secure your secret data outside of resource definitions.
## get the public key to encrypt the secret with
$ gcloud kms keys versions get-public-key\ --project my-project\ --location us-central1\ --keyring my-key-ring\ --key my-crypto-key\ --output-file public-key.pem
## encrypt secret with the public key
$ echo -n my-secret-password |\
openssl pkeyutl -in -\
-encrypt\
-pubin\
-inkey public-key.pem\
-pkeyopt rsa_padding_mode:oaep\
-pkeyopt rsa_oaep_md:sha256\
-pkeyopt rsa_mgf1_md:sha256 >\
my-secret-password.enc
## base64 encode the ciphertext
$ openssl base64 -in my-secret-password.enc M7nUoba9EGVTu2LjNjBKGdGVBYjyS/i/AY+4yQMQF0Qf/RfUfX31Jw6+VO9OuThq ylu/7ihX9XD4bM7yYdXnMv9p1OHQUlorSBSbb/J6n1W9UJhcp6um8Tw8/Isx4f75 4PskYS6f8Y2ItliGt1/A9iR5BTgGtJBwOxMlgoX2Ggq+Nh4E5SbdoaE5o6CO1nBx eIPsPEebQ6qC4JehQM3IGuV/lrm58+hZhaXAqNzX1cEYyAt5GYqJIVCiI585SUYs wRToGyTgaN+zthF0HP9IWlR4Am4LmJ/1OcePTnYw11CkU8wNRbDzVAzogwNH+rXr LTmf7hxVjBm6bBSVSNFcBKAXFlllubSfIeZ5hgzGqn54OmSf6odO12L5JxllddHc yAd54vWKs2kJtnsKV2V4ZdkI0w6y1TeI67baFZDNGo6qsCpFMPnvv7d46Pg2VOp1 J6Ivner0NnNHE4MzNmpZRk8WXMwqq4P/gTiT7F/aCX6oFCUQ4AWPQhJYh2dkcOmL IP+47Veb10aFn61F1CJwpmOOiGNXKdDT1vK8CMnnwhm825K0q/q9Zqpzc1+1ae1z mSqol1zCoa88CuSN6nTLQlVnN/dzfrGbc0boJPaM0iGhHtSzHk4SWg84LhiJB1q9 A9XFJmOVdkvRY9nnz/iVLAdd0Q3vFtLqCdUYsNN2yh4=
type GetKMSSecretCiphertextArgs ¶
type GetKMSSecretCiphertextArgs struct {
// The id of the CryptoKey that will be used to
// encrypt the provided plaintext. This is represented by the format
// `{projectId}/{location}/{keyRingName}/{cryptoKeyName}`.
CryptoKey string `pulumi:"cryptoKey"`
// The plaintext to be encrypted
Plaintext string `pulumi:"plaintext"`
}
A collection of arguments for invoking getKMSSecretCiphertext.
type GetKMSSecretCiphertextResult ¶
type GetKMSSecretCiphertextResult struct {
// Contains the result of encrypting the provided plaintext, encoded in base64.
Ciphertext string `pulumi:"ciphertext"`
CryptoKey string `pulumi:"cryptoKey"`
// The provider-assigned unique ID for this managed resource.
Id string `pulumi:"id"`
Plaintext string `pulumi:"plaintext"`
}
A collection of values returned by getKMSSecretCiphertext.
func GetKMSSecretCiphertext ¶
func GetKMSSecretCiphertext(ctx *pulumi.Context, args *GetKMSSecretCiphertextArgs, opts ...pulumi.InvokeOption) (*GetKMSSecretCiphertextResult, error)
!> **Warning:** This data source is deprecated. Use the `kms.SecretCiphertext` **resource** instead.
This data source allows you to encrypt data with Google Cloud KMS and use the ciphertext within your resource definitions.
For more information see [the official documentation](https://cloud.google.com/kms/docs/encrypt-decrypt).
> **NOTE:** Using this data source will allow you to conceal secret data within your resource definitions, but it does not take care of protecting that data in the logging output, plan output, or state output. Please take care to secure your secret data outside of resource definitions.
type GetKMSSecretResult ¶
type GetKMSSecretResult struct {
AdditionalAuthenticatedData *string `pulumi:"additionalAuthenticatedData"`
Ciphertext string `pulumi:"ciphertext"`
CryptoKey string `pulumi:"cryptoKey"`
// The provider-assigned unique ID for this managed resource.
Id string `pulumi:"id"`
// Contains the result of decrypting the provided ciphertext.
Plaintext string `pulumi:"plaintext"`
}
A collection of values returned by getKMSSecret.
func GetKMSSecret ¶
func GetKMSSecret(ctx *pulumi.Context, args *GetKMSSecretArgs, opts ...pulumi.InvokeOption) (*GetKMSSecretResult, error)
This data source allows you to use data encrypted with Google Cloud KMS within your resource definitions.
For more information see [the official documentation](https://cloud.google.com/kms/docs/encrypt-decrypt).
> **NOTE:** Using this data provider will allow you to conceal secret data within your resource definitions, but it does not take care of protecting that data in the logging output, plan output, or state output. Please take care to secure your secret data outside of resource definitions.
type KeyRing ¶
type KeyRing struct {
pulumi.CustomResourceState
// The location for the KeyRing.
// A full list of valid locations can be found by running `gcloud kms locations list`.
Location pulumi.StringOutput `pulumi:"location"`
// The resource name for the KeyRing.
Name pulumi.StringOutput `pulumi:"name"`
// The ID of the project in which the resource belongs.
// If it is not provided, the provider project is used.
Project pulumi.StringOutput `pulumi:"project"`
// The self link of the created KeyRing in the format projects/{project}/locations/{location}/keyRings/{name}.
//
// Deprecated: Deprecated in favor of id, which contains an identical value. This field will be removed in the next major release of the provider.
SelfLink pulumi.StringOutput `pulumi:"selfLink"`
}
A `KeyRing` is a toplevel logical grouping of `CryptoKeys`.
> **Note:** KeyRings cannot be deleted from Google Cloud Platform. Destroying a provider-managed KeyRing will remove it from state but *will not delete the resource from the project.*
To get more information about KeyRing, see:
* [API documentation](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings) * How-to Guides
- [Creating a key ring](https://cloud.google.com/kms/docs/creating-keys#create_a_key_ring)
## Example Usage ### Kms Key Ring Basic
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewKeyRing(ctx, "example_keyring", &kms.KeyRingArgs{
Location: pulumi.String("global"),
})
if err != nil {
return err
}
return nil
})
}
```
## Import
KeyRing can be imported using any of these accepted formats ¶
```sh
$ pulumi import gcp:kms/keyRing:KeyRing default projects/{{project}}/locations/{{location}}/keyRings/{{name}}
```
```sh
$ pulumi import gcp:kms/keyRing:KeyRing default {{project}}/{{location}}/{{name}}
```
```sh
$ pulumi import gcp:kms/keyRing:KeyRing default {{location}}/{{name}}
```
func GetKeyRing ¶
func GetKeyRing(ctx *pulumi.Context, name string, id pulumi.IDInput, state *KeyRingState, opts ...pulumi.ResourceOption) (*KeyRing, error)
GetKeyRing gets an existing KeyRing resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewKeyRing ¶
func NewKeyRing(ctx *pulumi.Context, name string, args *KeyRingArgs, opts ...pulumi.ResourceOption) (*KeyRing, error)
NewKeyRing registers a new resource with the given unique name, arguments, and options.
func (*KeyRing) ElementType ¶ added in v4.4.0
func (*KeyRing) ToKeyRingOutput ¶ added in v4.4.0
func (i *KeyRing) ToKeyRingOutput() KeyRingOutput
func (*KeyRing) ToKeyRingOutputWithContext ¶ added in v4.4.0
func (i *KeyRing) ToKeyRingOutputWithContext(ctx context.Context) KeyRingOutput
func (*KeyRing) ToKeyRingPtrOutput ¶ added in v4.11.1
func (i *KeyRing) ToKeyRingPtrOutput() KeyRingPtrOutput
func (*KeyRing) ToKeyRingPtrOutputWithContext ¶ added in v4.11.1
func (i *KeyRing) ToKeyRingPtrOutputWithContext(ctx context.Context) KeyRingPtrOutput
type KeyRingArgs ¶
type KeyRingArgs struct {
// The location for the KeyRing.
// A full list of valid locations can be found by running `gcloud kms locations list`.
Location pulumi.StringInput
// The resource name for the KeyRing.
Name pulumi.StringPtrInput
// The ID of the project in which the resource belongs.
// If it is not provided, the provider project is used.
Project pulumi.StringPtrInput
}
The set of arguments for constructing a KeyRing resource.
func (KeyRingArgs) ElementType ¶
func (KeyRingArgs) ElementType() reflect.Type
type KeyRingArray ¶ added in v4.11.1
type KeyRingArray []KeyRingInput
func (KeyRingArray) ElementType ¶ added in v4.11.1
func (KeyRingArray) ElementType() reflect.Type
func (KeyRingArray) ToKeyRingArrayOutput ¶ added in v4.11.1
func (i KeyRingArray) ToKeyRingArrayOutput() KeyRingArrayOutput
func (KeyRingArray) ToKeyRingArrayOutputWithContext ¶ added in v4.11.1
func (i KeyRingArray) ToKeyRingArrayOutputWithContext(ctx context.Context) KeyRingArrayOutput
type KeyRingArrayInput ¶ added in v4.11.1
type KeyRingArrayInput interface {
pulumi.Input
ToKeyRingArrayOutput() KeyRingArrayOutput
ToKeyRingArrayOutputWithContext(context.Context) KeyRingArrayOutput
}
KeyRingArrayInput is an input type that accepts KeyRingArray and KeyRingArrayOutput values. You can construct a concrete instance of `KeyRingArrayInput` via:
KeyRingArray{ KeyRingArgs{...} }
type KeyRingArrayOutput ¶ added in v4.11.1
type KeyRingArrayOutput struct{ *pulumi.OutputState }
func (KeyRingArrayOutput) ElementType ¶ added in v4.11.1
func (KeyRingArrayOutput) ElementType() reflect.Type
func (KeyRingArrayOutput) Index ¶ added in v4.11.1
func (o KeyRingArrayOutput) Index(i pulumi.IntInput) KeyRingOutput
func (KeyRingArrayOutput) ToKeyRingArrayOutput ¶ added in v4.11.1
func (o KeyRingArrayOutput) ToKeyRingArrayOutput() KeyRingArrayOutput
func (KeyRingArrayOutput) ToKeyRingArrayOutputWithContext ¶ added in v4.11.1
func (o KeyRingArrayOutput) ToKeyRingArrayOutputWithContext(ctx context.Context) KeyRingArrayOutput
type KeyRingIAMBinding ¶
type KeyRingIAMBinding struct {
pulumi.CustomResourceState
// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
// Structure is documented below.
Condition KeyRingIAMBindingConditionPtrOutput `pulumi:"condition"`
// (Computed) The etag of the key ring's IAM policy.
Etag pulumi.StringOutput `pulumi:"etag"`
// The key ring ID, in the form
// `{project_id}/{location_name}/{key_ring_name}` or
// `{location_name}/{key_ring_name}`. In the second form, the provider's
// project setting will be used as a fallback.
KeyRingId pulumi.StringOutput `pulumi:"keyRingId"`
Members pulumi.StringArrayOutput `pulumi:"members"`
// The role that should be applied. Only one
// `kms.KeyRingIAMBinding` can be used per role. Note that custom roles must be of the format
// `[projects|organizations]/{parent-name}/roles/{role-name}`.
Role pulumi.StringOutput `pulumi:"role"`
}
Three different resources help you manage your IAM policy for KMS key ring. Each of these resources serves a different use case:
* `kms.KeyRingIAMPolicy`: Authoritative. Sets the IAM policy for the key ring and replaces any existing policy already attached. * `kms.KeyRingIAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the key ring are preserved. * `kms.KeyRingIAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the key ring are preserved.
> **Note:** `kms.KeyRingIAMPolicy` **cannot** be used in conjunction with `kms.KeyRingIAMBinding` and `kms.KeyRingIAMMember` or they will fight over what your policy should be.
> **Note:** `kms.KeyRingIAMBinding` resources **can be** used in conjunction with `kms.KeyRingIAMMember` resources **only if** they do not grant privilege to the same role.
## google\_kms\_key\_ring\_iam\_policy
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
keyring, err := kms.NewKeyRing(ctx, "keyring", &kms.KeyRingArgs{
Location: pulumi.String("global"),
})
if err != nil {
return err
}
admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
Bindings: []organizations.GetIAMPolicyBinding{
organizations.GetIAMPolicyBinding{
Role: "roles/editor",
Members: []string{
"user:jane@example.com",
},
},
},
}, nil)
if err != nil {
return err
}
_, err = kms.NewKeyRingIAMPolicy(ctx, "keyRing", &kms.KeyRingIAMPolicyArgs{
KeyRingId: keyring.ID(),
PolicyData: pulumi.String(admin.PolicyData),
})
if err != nil {
return err
}
return nil
})
}
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
keyring, err := kms.NewKeyRing(ctx, "keyring", &kms.KeyRingArgs{
Location: pulumi.String("global"),
})
if err != nil {
return err
}
admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
Bindings: []organizations.GetIAMPolicyBinding{
organizations.GetIAMPolicyBinding{
Role: "roles/editor",
Members: []string{
"user:jane@example.com",
},
Condition: organizations.GetIAMPolicyBindingCondition{
Title: "expires_after_2019_12_31",
Description: "Expiring at midnight of 2019-12-31",
Expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
},
},
},
}, nil)
if err != nil {
return err
}
_, err = kms.NewKeyRingIAMPolicy(ctx, "keyRing", &kms.KeyRingIAMPolicyArgs{
KeyRingId: keyring.ID(),
PolicyData: pulumi.String(admin.PolicyData),
})
if err != nil {
return err
}
return nil
})
}
```
## google\_kms\_key\_ring\_iam\_binding
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewKeyRingIAMBinding(ctx, "keyRing", &kms.KeyRingIAMBindingArgs{
KeyRingId: pulumi.String("your-key-ring-id"),
Members: pulumi.StringArray{
pulumi.String("user:jane@example.com"),
},
Role: pulumi.String("roles/editor"),
})
if err != nil {
return err
}
return nil
})
}
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewKeyRingIAMBinding(ctx, "keyRing", &kms.KeyRingIAMBindingArgs{
Condition: &kms.KeyRingIAMBindingConditionArgs{
Description: pulumi.String("Expiring at midnight of 2019-12-31"),
Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
Title: pulumi.String("expires_after_2019_12_31"),
},
KeyRingId: pulumi.String("your-key-ring-id"),
Members: pulumi.StringArray{
pulumi.String("user:jane@example.com"),
},
Role: pulumi.String("roles/editor"),
})
if err != nil {
return err
}
return nil
})
}
```
## google\_kms\_key\_ring\_iam\_member
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewKeyRingIAMMember(ctx, "keyRing", &kms.KeyRingIAMMemberArgs{
KeyRingId: pulumi.String("your-key-ring-id"),
Member: pulumi.String("user:jane@example.com"),
Role: pulumi.String("roles/editor"),
})
if err != nil {
return err
}
return nil
})
}
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewKeyRingIAMMember(ctx, "keyRing", &kms.KeyRingIAMMemberArgs{
Condition: &kms.KeyRingIAMMemberConditionArgs{
Description: pulumi.String("Expiring at midnight of 2019-12-31"),
Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
Title: pulumi.String("expires_after_2019_12_31"),
},
KeyRingId: pulumi.String("your-key-ring-id"),
Member: pulumi.String("user:jane@example.com"),
Role: pulumi.String("roles/editor"),
})
if err != nil {
return err
}
return nil
})
}
```
## Import
IAM member imports use space-delimited identifiers; the resource in question, the role, and the account.
This member resource can be imported using the `key_ring_id`, role, and account e.g.
```sh
$ pulumi import gcp:kms/keyRingIAMBinding:KeyRingIAMBinding key_ring_iam "your-project-id/location-name/key-ring-name roles/viewer user:foo@example.com"
```
IAM binding imports use space-delimited identifiers; the resource in question and the role.
This binding resource can be imported using the `key_ring_id` and role, e.g.
```sh
$ pulumi import gcp:kms/keyRingIAMBinding:KeyRingIAMBinding key_ring_iam "your-project-id/location-name/key-ring-name roles/viewer"
```
IAM policy imports use the identifier of the resource in question.
This policy resource can be imported using the `key_ring_id`, e.g.
```sh
$ pulumi import gcp:kms/keyRingIAMBinding:KeyRingIAMBinding key_ring_iam your-project-id/location-name/key-ring-name
```
func GetKeyRingIAMBinding ¶
func GetKeyRingIAMBinding(ctx *pulumi.Context, name string, id pulumi.IDInput, state *KeyRingIAMBindingState, opts ...pulumi.ResourceOption) (*KeyRingIAMBinding, error)
GetKeyRingIAMBinding gets an existing KeyRingIAMBinding resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewKeyRingIAMBinding ¶
func NewKeyRingIAMBinding(ctx *pulumi.Context, name string, args *KeyRingIAMBindingArgs, opts ...pulumi.ResourceOption) (*KeyRingIAMBinding, error)
NewKeyRingIAMBinding registers a new resource with the given unique name, arguments, and options.
func (*KeyRingIAMBinding) ElementType ¶ added in v4.4.0
func (*KeyRingIAMBinding) ElementType() reflect.Type
func (*KeyRingIAMBinding) ToKeyRingIAMBindingOutput ¶ added in v4.4.0
func (i *KeyRingIAMBinding) ToKeyRingIAMBindingOutput() KeyRingIAMBindingOutput
func (*KeyRingIAMBinding) ToKeyRingIAMBindingOutputWithContext ¶ added in v4.4.0
func (i *KeyRingIAMBinding) ToKeyRingIAMBindingOutputWithContext(ctx context.Context) KeyRingIAMBindingOutput
func (*KeyRingIAMBinding) ToKeyRingIAMBindingPtrOutput ¶ added in v4.11.1
func (i *KeyRingIAMBinding) ToKeyRingIAMBindingPtrOutput() KeyRingIAMBindingPtrOutput
func (*KeyRingIAMBinding) ToKeyRingIAMBindingPtrOutputWithContext ¶ added in v4.11.1
func (i *KeyRingIAMBinding) ToKeyRingIAMBindingPtrOutputWithContext(ctx context.Context) KeyRingIAMBindingPtrOutput
type KeyRingIAMBindingArgs ¶
type KeyRingIAMBindingArgs struct {
// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
// Structure is documented below.
Condition KeyRingIAMBindingConditionPtrInput
// The key ring ID, in the form
// `{project_id}/{location_name}/{key_ring_name}` or
// `{location_name}/{key_ring_name}`. In the second form, the provider's
// project setting will be used as a fallback.
KeyRingId pulumi.StringInput
Members pulumi.StringArrayInput
// The role that should be applied. Only one
// `kms.KeyRingIAMBinding` can be used per role. Note that custom roles must be of the format
// `[projects|organizations]/{parent-name}/roles/{role-name}`.
Role pulumi.StringInput
}
The set of arguments for constructing a KeyRingIAMBinding resource.
func (KeyRingIAMBindingArgs) ElementType ¶
func (KeyRingIAMBindingArgs) ElementType() reflect.Type
type KeyRingIAMBindingArray ¶ added in v4.11.1
type KeyRingIAMBindingArray []KeyRingIAMBindingInput
func (KeyRingIAMBindingArray) ElementType ¶ added in v4.11.1
func (KeyRingIAMBindingArray) ElementType() reflect.Type
func (KeyRingIAMBindingArray) ToKeyRingIAMBindingArrayOutput ¶ added in v4.11.1
func (i KeyRingIAMBindingArray) ToKeyRingIAMBindingArrayOutput() KeyRingIAMBindingArrayOutput
func (KeyRingIAMBindingArray) ToKeyRingIAMBindingArrayOutputWithContext ¶ added in v4.11.1
func (i KeyRingIAMBindingArray) ToKeyRingIAMBindingArrayOutputWithContext(ctx context.Context) KeyRingIAMBindingArrayOutput
type KeyRingIAMBindingArrayInput ¶ added in v4.11.1
type KeyRingIAMBindingArrayInput interface {
pulumi.Input
ToKeyRingIAMBindingArrayOutput() KeyRingIAMBindingArrayOutput
ToKeyRingIAMBindingArrayOutputWithContext(context.Context) KeyRingIAMBindingArrayOutput
}
KeyRingIAMBindingArrayInput is an input type that accepts KeyRingIAMBindingArray and KeyRingIAMBindingArrayOutput values. You can construct a concrete instance of `KeyRingIAMBindingArrayInput` via:
KeyRingIAMBindingArray{ KeyRingIAMBindingArgs{...} }
type KeyRingIAMBindingArrayOutput ¶ added in v4.11.1
type KeyRingIAMBindingArrayOutput struct{ *pulumi.OutputState }
func (KeyRingIAMBindingArrayOutput) ElementType ¶ added in v4.11.1
func (KeyRingIAMBindingArrayOutput) ElementType() reflect.Type
func (KeyRingIAMBindingArrayOutput) Index ¶ added in v4.11.1
func (o KeyRingIAMBindingArrayOutput) Index(i pulumi.IntInput) KeyRingIAMBindingOutput
func (KeyRingIAMBindingArrayOutput) ToKeyRingIAMBindingArrayOutput ¶ added in v4.11.1
func (o KeyRingIAMBindingArrayOutput) ToKeyRingIAMBindingArrayOutput() KeyRingIAMBindingArrayOutput
func (KeyRingIAMBindingArrayOutput) ToKeyRingIAMBindingArrayOutputWithContext ¶ added in v4.11.1
func (o KeyRingIAMBindingArrayOutput) ToKeyRingIAMBindingArrayOutputWithContext(ctx context.Context) KeyRingIAMBindingArrayOutput
type KeyRingIAMBindingCondition ¶
type KeyRingIAMBindingCondition struct {
// An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
Description *string `pulumi:"description"`
// Textual representation of an expression in Common Expression Language syntax.
Expression string `pulumi:"expression"`
// A title for the expression, i.e. a short string describing its purpose.
Title string `pulumi:"title"`
}
type KeyRingIAMBindingConditionArgs ¶
type KeyRingIAMBindingConditionArgs struct {
// An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
Description pulumi.StringPtrInput `pulumi:"description"`
// Textual representation of an expression in Common Expression Language syntax.
Expression pulumi.StringInput `pulumi:"expression"`
// A title for the expression, i.e. a short string describing its purpose.
Title pulumi.StringInput `pulumi:"title"`
}
func (KeyRingIAMBindingConditionArgs) ElementType ¶
func (KeyRingIAMBindingConditionArgs) ElementType() reflect.Type
func (KeyRingIAMBindingConditionArgs) ToKeyRingIAMBindingConditionOutput ¶
func (i KeyRingIAMBindingConditionArgs) ToKeyRingIAMBindingConditionOutput() KeyRingIAMBindingConditionOutput
func (KeyRingIAMBindingConditionArgs) ToKeyRingIAMBindingConditionOutputWithContext ¶
func (i KeyRingIAMBindingConditionArgs) ToKeyRingIAMBindingConditionOutputWithContext(ctx context.Context) KeyRingIAMBindingConditionOutput
func (KeyRingIAMBindingConditionArgs) ToKeyRingIAMBindingConditionPtrOutput ¶
func (i KeyRingIAMBindingConditionArgs) ToKeyRingIAMBindingConditionPtrOutput() KeyRingIAMBindingConditionPtrOutput
func (KeyRingIAMBindingConditionArgs) ToKeyRingIAMBindingConditionPtrOutputWithContext ¶
func (i KeyRingIAMBindingConditionArgs) ToKeyRingIAMBindingConditionPtrOutputWithContext(ctx context.Context) KeyRingIAMBindingConditionPtrOutput
type KeyRingIAMBindingConditionInput ¶
type KeyRingIAMBindingConditionInput interface {
pulumi.Input
ToKeyRingIAMBindingConditionOutput() KeyRingIAMBindingConditionOutput
ToKeyRingIAMBindingConditionOutputWithContext(context.Context) KeyRingIAMBindingConditionOutput
}
KeyRingIAMBindingConditionInput is an input type that accepts KeyRingIAMBindingConditionArgs and KeyRingIAMBindingConditionOutput values. You can construct a concrete instance of `KeyRingIAMBindingConditionInput` via:
KeyRingIAMBindingConditionArgs{...}
type KeyRingIAMBindingConditionOutput ¶
type KeyRingIAMBindingConditionOutput struct{ *pulumi.OutputState }
func (KeyRingIAMBindingConditionOutput) Description ¶
func (o KeyRingIAMBindingConditionOutput) Description() pulumi.StringPtrOutput
An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
func (KeyRingIAMBindingConditionOutput) ElementType ¶
func (KeyRingIAMBindingConditionOutput) ElementType() reflect.Type
func (KeyRingIAMBindingConditionOutput) Expression ¶
func (o KeyRingIAMBindingConditionOutput) Expression() pulumi.StringOutput
Textual representation of an expression in Common Expression Language syntax.
func (KeyRingIAMBindingConditionOutput) Title ¶
func (o KeyRingIAMBindingConditionOutput) Title() pulumi.StringOutput
A title for the expression, i.e. a short string describing its purpose.
func (KeyRingIAMBindingConditionOutput) ToKeyRingIAMBindingConditionOutput ¶
func (o KeyRingIAMBindingConditionOutput) ToKeyRingIAMBindingConditionOutput() KeyRingIAMBindingConditionOutput
func (KeyRingIAMBindingConditionOutput) ToKeyRingIAMBindingConditionOutputWithContext ¶
func (o KeyRingIAMBindingConditionOutput) ToKeyRingIAMBindingConditionOutputWithContext(ctx context.Context) KeyRingIAMBindingConditionOutput
func (KeyRingIAMBindingConditionOutput) ToKeyRingIAMBindingConditionPtrOutput ¶
func (o KeyRingIAMBindingConditionOutput) ToKeyRingIAMBindingConditionPtrOutput() KeyRingIAMBindingConditionPtrOutput
func (KeyRingIAMBindingConditionOutput) ToKeyRingIAMBindingConditionPtrOutputWithContext ¶
func (o KeyRingIAMBindingConditionOutput) ToKeyRingIAMBindingConditionPtrOutputWithContext(ctx context.Context) KeyRingIAMBindingConditionPtrOutput
type KeyRingIAMBindingConditionPtrInput ¶
type KeyRingIAMBindingConditionPtrInput interface {
pulumi.Input
ToKeyRingIAMBindingConditionPtrOutput() KeyRingIAMBindingConditionPtrOutput
ToKeyRingIAMBindingConditionPtrOutputWithContext(context.Context) KeyRingIAMBindingConditionPtrOutput
}
KeyRingIAMBindingConditionPtrInput is an input type that accepts KeyRingIAMBindingConditionArgs, KeyRingIAMBindingConditionPtr and KeyRingIAMBindingConditionPtrOutput values. You can construct a concrete instance of `KeyRingIAMBindingConditionPtrInput` via:
KeyRingIAMBindingConditionArgs{...}
or:
nil
func KeyRingIAMBindingConditionPtr ¶
func KeyRingIAMBindingConditionPtr(v *KeyRingIAMBindingConditionArgs) KeyRingIAMBindingConditionPtrInput
type KeyRingIAMBindingConditionPtrOutput ¶
type KeyRingIAMBindingConditionPtrOutput struct{ *pulumi.OutputState }
func (KeyRingIAMBindingConditionPtrOutput) Description ¶
func (o KeyRingIAMBindingConditionPtrOutput) Description() pulumi.StringPtrOutput
An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
func (KeyRingIAMBindingConditionPtrOutput) Elem ¶
func (o KeyRingIAMBindingConditionPtrOutput) Elem() KeyRingIAMBindingConditionOutput
func (KeyRingIAMBindingConditionPtrOutput) ElementType ¶
func (KeyRingIAMBindingConditionPtrOutput) ElementType() reflect.Type
func (KeyRingIAMBindingConditionPtrOutput) Expression ¶
func (o KeyRingIAMBindingConditionPtrOutput) Expression() pulumi.StringPtrOutput
Textual representation of an expression in Common Expression Language syntax.
func (KeyRingIAMBindingConditionPtrOutput) Title ¶
func (o KeyRingIAMBindingConditionPtrOutput) Title() pulumi.StringPtrOutput
A title for the expression, i.e. a short string describing its purpose.
func (KeyRingIAMBindingConditionPtrOutput) ToKeyRingIAMBindingConditionPtrOutput ¶
func (o KeyRingIAMBindingConditionPtrOutput) ToKeyRingIAMBindingConditionPtrOutput() KeyRingIAMBindingConditionPtrOutput
func (KeyRingIAMBindingConditionPtrOutput) ToKeyRingIAMBindingConditionPtrOutputWithContext ¶
func (o KeyRingIAMBindingConditionPtrOutput) ToKeyRingIAMBindingConditionPtrOutputWithContext(ctx context.Context) KeyRingIAMBindingConditionPtrOutput
type KeyRingIAMBindingInput ¶ added in v4.4.0
type KeyRingIAMBindingInput interface {
pulumi.Input
ToKeyRingIAMBindingOutput() KeyRingIAMBindingOutput
ToKeyRingIAMBindingOutputWithContext(ctx context.Context) KeyRingIAMBindingOutput
}
type KeyRingIAMBindingMap ¶ added in v4.11.1
type KeyRingIAMBindingMap map[string]KeyRingIAMBindingInput
func (KeyRingIAMBindingMap) ElementType ¶ added in v4.11.1
func (KeyRingIAMBindingMap) ElementType() reflect.Type
func (KeyRingIAMBindingMap) ToKeyRingIAMBindingMapOutput ¶ added in v4.11.1
func (i KeyRingIAMBindingMap) ToKeyRingIAMBindingMapOutput() KeyRingIAMBindingMapOutput
func (KeyRingIAMBindingMap) ToKeyRingIAMBindingMapOutputWithContext ¶ added in v4.11.1
func (i KeyRingIAMBindingMap) ToKeyRingIAMBindingMapOutputWithContext(ctx context.Context) KeyRingIAMBindingMapOutput
type KeyRingIAMBindingMapInput ¶ added in v4.11.1
type KeyRingIAMBindingMapInput interface {
pulumi.Input
ToKeyRingIAMBindingMapOutput() KeyRingIAMBindingMapOutput
ToKeyRingIAMBindingMapOutputWithContext(context.Context) KeyRingIAMBindingMapOutput
}
KeyRingIAMBindingMapInput is an input type that accepts KeyRingIAMBindingMap and KeyRingIAMBindingMapOutput values. You can construct a concrete instance of `KeyRingIAMBindingMapInput` via:
KeyRingIAMBindingMap{ "key": KeyRingIAMBindingArgs{...} }
type KeyRingIAMBindingMapOutput ¶ added in v4.11.1
type KeyRingIAMBindingMapOutput struct{ *pulumi.OutputState }
func (KeyRingIAMBindingMapOutput) ElementType ¶ added in v4.11.1
func (KeyRingIAMBindingMapOutput) ElementType() reflect.Type
func (KeyRingIAMBindingMapOutput) MapIndex ¶ added in v4.11.1
func (o KeyRingIAMBindingMapOutput) MapIndex(k pulumi.StringInput) KeyRingIAMBindingOutput
func (KeyRingIAMBindingMapOutput) ToKeyRingIAMBindingMapOutput ¶ added in v4.11.1
func (o KeyRingIAMBindingMapOutput) ToKeyRingIAMBindingMapOutput() KeyRingIAMBindingMapOutput
func (KeyRingIAMBindingMapOutput) ToKeyRingIAMBindingMapOutputWithContext ¶ added in v4.11.1
func (o KeyRingIAMBindingMapOutput) ToKeyRingIAMBindingMapOutputWithContext(ctx context.Context) KeyRingIAMBindingMapOutput
type KeyRingIAMBindingOutput ¶ added in v4.4.0
type KeyRingIAMBindingOutput struct {
*pulumi.OutputState
}
func (KeyRingIAMBindingOutput) ElementType ¶ added in v4.4.0
func (KeyRingIAMBindingOutput) ElementType() reflect.Type
func (KeyRingIAMBindingOutput) ToKeyRingIAMBindingOutput ¶ added in v4.4.0
func (o KeyRingIAMBindingOutput) ToKeyRingIAMBindingOutput() KeyRingIAMBindingOutput
func (KeyRingIAMBindingOutput) ToKeyRingIAMBindingOutputWithContext ¶ added in v4.4.0
func (o KeyRingIAMBindingOutput) ToKeyRingIAMBindingOutputWithContext(ctx context.Context) KeyRingIAMBindingOutput
func (KeyRingIAMBindingOutput) ToKeyRingIAMBindingPtrOutput ¶ added in v4.11.1
func (o KeyRingIAMBindingOutput) ToKeyRingIAMBindingPtrOutput() KeyRingIAMBindingPtrOutput
func (KeyRingIAMBindingOutput) ToKeyRingIAMBindingPtrOutputWithContext ¶ added in v4.11.1
func (o KeyRingIAMBindingOutput) ToKeyRingIAMBindingPtrOutputWithContext(ctx context.Context) KeyRingIAMBindingPtrOutput
type KeyRingIAMBindingPtrInput ¶ added in v4.11.1
type KeyRingIAMBindingPtrInput interface {
pulumi.Input
ToKeyRingIAMBindingPtrOutput() KeyRingIAMBindingPtrOutput
ToKeyRingIAMBindingPtrOutputWithContext(ctx context.Context) KeyRingIAMBindingPtrOutput
}
type KeyRingIAMBindingPtrOutput ¶ added in v4.11.1
type KeyRingIAMBindingPtrOutput struct {
*pulumi.OutputState
}
func (KeyRingIAMBindingPtrOutput) ElementType ¶ added in v4.11.1
func (KeyRingIAMBindingPtrOutput) ElementType() reflect.Type
func (KeyRingIAMBindingPtrOutput) ToKeyRingIAMBindingPtrOutput ¶ added in v4.11.1
func (o KeyRingIAMBindingPtrOutput) ToKeyRingIAMBindingPtrOutput() KeyRingIAMBindingPtrOutput
func (KeyRingIAMBindingPtrOutput) ToKeyRingIAMBindingPtrOutputWithContext ¶ added in v4.11.1
func (o KeyRingIAMBindingPtrOutput) ToKeyRingIAMBindingPtrOutputWithContext(ctx context.Context) KeyRingIAMBindingPtrOutput
type KeyRingIAMBindingState ¶
type KeyRingIAMBindingState struct {
// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
// Structure is documented below.
Condition KeyRingIAMBindingConditionPtrInput
// (Computed) The etag of the key ring's IAM policy.
Etag pulumi.StringPtrInput
// The key ring ID, in the form
// `{project_id}/{location_name}/{key_ring_name}` or
// `{location_name}/{key_ring_name}`. In the second form, the provider's
// project setting will be used as a fallback.
KeyRingId pulumi.StringPtrInput
Members pulumi.StringArrayInput
// The role that should be applied. Only one
// `kms.KeyRingIAMBinding` can be used per role. Note that custom roles must be of the format
// `[projects|organizations]/{parent-name}/roles/{role-name}`.
Role pulumi.StringPtrInput
}
func (KeyRingIAMBindingState) ElementType ¶
func (KeyRingIAMBindingState) ElementType() reflect.Type
type KeyRingIAMMember ¶
type KeyRingIAMMember struct {
pulumi.CustomResourceState
// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
// Structure is documented below.
Condition KeyRingIAMMemberConditionPtrOutput `pulumi:"condition"`
// (Computed) The etag of the key ring's IAM policy.
Etag pulumi.StringOutput `pulumi:"etag"`
// The key ring ID, in the form
// `{project_id}/{location_name}/{key_ring_name}` or
// `{location_name}/{key_ring_name}`. In the second form, the provider's
// project setting will be used as a fallback.
KeyRingId pulumi.StringOutput `pulumi:"keyRingId"`
Member pulumi.StringOutput `pulumi:"member"`
// The role that should be applied. Only one
// `kms.KeyRingIAMBinding` can be used per role. Note that custom roles must be of the format
// `[projects|organizations]/{parent-name}/roles/{role-name}`.
Role pulumi.StringOutput `pulumi:"role"`
}
Three different resources help you manage your IAM policy for KMS key ring. Each of these resources serves a different use case:
* `kms.KeyRingIAMPolicy`: Authoritative. Sets the IAM policy for the key ring and replaces any existing policy already attached. * `kms.KeyRingIAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the key ring are preserved. * `kms.KeyRingIAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the key ring are preserved.
> **Note:** `kms.KeyRingIAMPolicy` **cannot** be used in conjunction with `kms.KeyRingIAMBinding` and `kms.KeyRingIAMMember` or they will fight over what your policy should be.
> **Note:** `kms.KeyRingIAMBinding` resources **can be** used in conjunction with `kms.KeyRingIAMMember` resources **only if** they do not grant privilege to the same role.
## google\_kms\_key\_ring\_iam\_policy
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
keyring, err := kms.NewKeyRing(ctx, "keyring", &kms.KeyRingArgs{
Location: pulumi.String("global"),
})
if err != nil {
return err
}
admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
Bindings: []organizations.GetIAMPolicyBinding{
organizations.GetIAMPolicyBinding{
Role: "roles/editor",
Members: []string{
"user:jane@example.com",
},
},
},
}, nil)
if err != nil {
return err
}
_, err = kms.NewKeyRingIAMPolicy(ctx, "keyRing", &kms.KeyRingIAMPolicyArgs{
KeyRingId: keyring.ID(),
PolicyData: pulumi.String(admin.PolicyData),
})
if err != nil {
return err
}
return nil
})
}
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
keyring, err := kms.NewKeyRing(ctx, "keyring", &kms.KeyRingArgs{
Location: pulumi.String("global"),
})
if err != nil {
return err
}
admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
Bindings: []organizations.GetIAMPolicyBinding{
organizations.GetIAMPolicyBinding{
Role: "roles/editor",
Members: []string{
"user:jane@example.com",
},
Condition: organizations.GetIAMPolicyBindingCondition{
Title: "expires_after_2019_12_31",
Description: "Expiring at midnight of 2019-12-31",
Expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
},
},
},
}, nil)
if err != nil {
return err
}
_, err = kms.NewKeyRingIAMPolicy(ctx, "keyRing", &kms.KeyRingIAMPolicyArgs{
KeyRingId: keyring.ID(),
PolicyData: pulumi.String(admin.PolicyData),
})
if err != nil {
return err
}
return nil
})
}
```
## google\_kms\_key\_ring\_iam\_binding
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewKeyRingIAMBinding(ctx, "keyRing", &kms.KeyRingIAMBindingArgs{
KeyRingId: pulumi.String("your-key-ring-id"),
Members: pulumi.StringArray{
pulumi.String("user:jane@example.com"),
},
Role: pulumi.String("roles/editor"),
})
if err != nil {
return err
}
return nil
})
}
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewKeyRingIAMBinding(ctx, "keyRing", &kms.KeyRingIAMBindingArgs{
Condition: &kms.KeyRingIAMBindingConditionArgs{
Description: pulumi.String("Expiring at midnight of 2019-12-31"),
Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
Title: pulumi.String("expires_after_2019_12_31"),
},
KeyRingId: pulumi.String("your-key-ring-id"),
Members: pulumi.StringArray{
pulumi.String("user:jane@example.com"),
},
Role: pulumi.String("roles/editor"),
})
if err != nil {
return err
}
return nil
})
}
```
## google\_kms\_key\_ring\_iam\_member
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewKeyRingIAMMember(ctx, "keyRing", &kms.KeyRingIAMMemberArgs{
KeyRingId: pulumi.String("your-key-ring-id"),
Member: pulumi.String("user:jane@example.com"),
Role: pulumi.String("roles/editor"),
})
if err != nil {
return err
}
return nil
})
}
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewKeyRingIAMMember(ctx, "keyRing", &kms.KeyRingIAMMemberArgs{
Condition: &kms.KeyRingIAMMemberConditionArgs{
Description: pulumi.String("Expiring at midnight of 2019-12-31"),
Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
Title: pulumi.String("expires_after_2019_12_31"),
},
KeyRingId: pulumi.String("your-key-ring-id"),
Member: pulumi.String("user:jane@example.com"),
Role: pulumi.String("roles/editor"),
})
if err != nil {
return err
}
return nil
})
}
```
## Import
IAM member imports use space-delimited identifiers; the resource in question, the role, and the account.
This member resource can be imported using the `key_ring_id`, role, and account e.g.
```sh
$ pulumi import gcp:kms/keyRingIAMMember:KeyRingIAMMember key_ring_iam "your-project-id/location-name/key-ring-name roles/viewer user:foo@example.com"
```
IAM binding imports use space-delimited identifiers; the resource in question and the role.
This binding resource can be imported using the `key_ring_id` and role, e.g.
```sh
$ pulumi import gcp:kms/keyRingIAMMember:KeyRingIAMMember key_ring_iam "your-project-id/location-name/key-ring-name roles/viewer"
```
IAM policy imports use the identifier of the resource in question.
This policy resource can be imported using the `key_ring_id`, e.g.
```sh
$ pulumi import gcp:kms/keyRingIAMMember:KeyRingIAMMember key_ring_iam your-project-id/location-name/key-ring-name
```
func GetKeyRingIAMMember ¶
func GetKeyRingIAMMember(ctx *pulumi.Context, name string, id pulumi.IDInput, state *KeyRingIAMMemberState, opts ...pulumi.ResourceOption) (*KeyRingIAMMember, error)
GetKeyRingIAMMember gets an existing KeyRingIAMMember resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewKeyRingIAMMember ¶
func NewKeyRingIAMMember(ctx *pulumi.Context, name string, args *KeyRingIAMMemberArgs, opts ...pulumi.ResourceOption) (*KeyRingIAMMember, error)
NewKeyRingIAMMember registers a new resource with the given unique name, arguments, and options.
func (*KeyRingIAMMember) ElementType ¶ added in v4.4.0
func (*KeyRingIAMMember) ElementType() reflect.Type
func (*KeyRingIAMMember) ToKeyRingIAMMemberOutput ¶ added in v4.4.0
func (i *KeyRingIAMMember) ToKeyRingIAMMemberOutput() KeyRingIAMMemberOutput
func (*KeyRingIAMMember) ToKeyRingIAMMemberOutputWithContext ¶ added in v4.4.0
func (i *KeyRingIAMMember) ToKeyRingIAMMemberOutputWithContext(ctx context.Context) KeyRingIAMMemberOutput
func (*KeyRingIAMMember) ToKeyRingIAMMemberPtrOutput ¶ added in v4.11.1
func (i *KeyRingIAMMember) ToKeyRingIAMMemberPtrOutput() KeyRingIAMMemberPtrOutput
func (*KeyRingIAMMember) ToKeyRingIAMMemberPtrOutputWithContext ¶ added in v4.11.1
func (i *KeyRingIAMMember) ToKeyRingIAMMemberPtrOutputWithContext(ctx context.Context) KeyRingIAMMemberPtrOutput
type KeyRingIAMMemberArgs ¶
type KeyRingIAMMemberArgs struct {
// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
// Structure is documented below.
Condition KeyRingIAMMemberConditionPtrInput
// The key ring ID, in the form
// `{project_id}/{location_name}/{key_ring_name}` or
// `{location_name}/{key_ring_name}`. In the second form, the provider's
// project setting will be used as a fallback.
KeyRingId pulumi.StringInput
Member pulumi.StringInput
// The role that should be applied. Only one
// `kms.KeyRingIAMBinding` can be used per role. Note that custom roles must be of the format
// `[projects|organizations]/{parent-name}/roles/{role-name}`.
Role pulumi.StringInput
}
The set of arguments for constructing a KeyRingIAMMember resource.
func (KeyRingIAMMemberArgs) ElementType ¶
func (KeyRingIAMMemberArgs) ElementType() reflect.Type
type KeyRingIAMMemberArray ¶ added in v4.11.1
type KeyRingIAMMemberArray []KeyRingIAMMemberInput
func (KeyRingIAMMemberArray) ElementType ¶ added in v4.11.1
func (KeyRingIAMMemberArray) ElementType() reflect.Type
func (KeyRingIAMMemberArray) ToKeyRingIAMMemberArrayOutput ¶ added in v4.11.1
func (i KeyRingIAMMemberArray) ToKeyRingIAMMemberArrayOutput() KeyRingIAMMemberArrayOutput
func (KeyRingIAMMemberArray) ToKeyRingIAMMemberArrayOutputWithContext ¶ added in v4.11.1
func (i KeyRingIAMMemberArray) ToKeyRingIAMMemberArrayOutputWithContext(ctx context.Context) KeyRingIAMMemberArrayOutput
type KeyRingIAMMemberArrayInput ¶ added in v4.11.1
type KeyRingIAMMemberArrayInput interface {
pulumi.Input
ToKeyRingIAMMemberArrayOutput() KeyRingIAMMemberArrayOutput
ToKeyRingIAMMemberArrayOutputWithContext(context.Context) KeyRingIAMMemberArrayOutput
}
KeyRingIAMMemberArrayInput is an input type that accepts KeyRingIAMMemberArray and KeyRingIAMMemberArrayOutput values. You can construct a concrete instance of `KeyRingIAMMemberArrayInput` via:
KeyRingIAMMemberArray{ KeyRingIAMMemberArgs{...} }
type KeyRingIAMMemberArrayOutput ¶ added in v4.11.1
type KeyRingIAMMemberArrayOutput struct{ *pulumi.OutputState }
func (KeyRingIAMMemberArrayOutput) ElementType ¶ added in v4.11.1
func (KeyRingIAMMemberArrayOutput) ElementType() reflect.Type
func (KeyRingIAMMemberArrayOutput) Index ¶ added in v4.11.1
func (o KeyRingIAMMemberArrayOutput) Index(i pulumi.IntInput) KeyRingIAMMemberOutput
func (KeyRingIAMMemberArrayOutput) ToKeyRingIAMMemberArrayOutput ¶ added in v4.11.1
func (o KeyRingIAMMemberArrayOutput) ToKeyRingIAMMemberArrayOutput() KeyRingIAMMemberArrayOutput
func (KeyRingIAMMemberArrayOutput) ToKeyRingIAMMemberArrayOutputWithContext ¶ added in v4.11.1
func (o KeyRingIAMMemberArrayOutput) ToKeyRingIAMMemberArrayOutputWithContext(ctx context.Context) KeyRingIAMMemberArrayOutput
type KeyRingIAMMemberCondition ¶
type KeyRingIAMMemberCondition struct {
// An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
Description *string `pulumi:"description"`
// Textual representation of an expression in Common Expression Language syntax.
Expression string `pulumi:"expression"`
// A title for the expression, i.e. a short string describing its purpose.
Title string `pulumi:"title"`
}
type KeyRingIAMMemberConditionArgs ¶
type KeyRingIAMMemberConditionArgs struct {
// An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
Description pulumi.StringPtrInput `pulumi:"description"`
// Textual representation of an expression in Common Expression Language syntax.
Expression pulumi.StringInput `pulumi:"expression"`
// A title for the expression, i.e. a short string describing its purpose.
Title pulumi.StringInput `pulumi:"title"`
}
func (KeyRingIAMMemberConditionArgs) ElementType ¶
func (KeyRingIAMMemberConditionArgs) ElementType() reflect.Type
func (KeyRingIAMMemberConditionArgs) ToKeyRingIAMMemberConditionOutput ¶
func (i KeyRingIAMMemberConditionArgs) ToKeyRingIAMMemberConditionOutput() KeyRingIAMMemberConditionOutput
func (KeyRingIAMMemberConditionArgs) ToKeyRingIAMMemberConditionOutputWithContext ¶
func (i KeyRingIAMMemberConditionArgs) ToKeyRingIAMMemberConditionOutputWithContext(ctx context.Context) KeyRingIAMMemberConditionOutput
func (KeyRingIAMMemberConditionArgs) ToKeyRingIAMMemberConditionPtrOutput ¶
func (i KeyRingIAMMemberConditionArgs) ToKeyRingIAMMemberConditionPtrOutput() KeyRingIAMMemberConditionPtrOutput
func (KeyRingIAMMemberConditionArgs) ToKeyRingIAMMemberConditionPtrOutputWithContext ¶
func (i KeyRingIAMMemberConditionArgs) ToKeyRingIAMMemberConditionPtrOutputWithContext(ctx context.Context) KeyRingIAMMemberConditionPtrOutput
type KeyRingIAMMemberConditionInput ¶
type KeyRingIAMMemberConditionInput interface {
pulumi.Input
ToKeyRingIAMMemberConditionOutput() KeyRingIAMMemberConditionOutput
ToKeyRingIAMMemberConditionOutputWithContext(context.Context) KeyRingIAMMemberConditionOutput
}
KeyRingIAMMemberConditionInput is an input type that accepts KeyRingIAMMemberConditionArgs and KeyRingIAMMemberConditionOutput values. You can construct a concrete instance of `KeyRingIAMMemberConditionInput` via:
KeyRingIAMMemberConditionArgs{...}
type KeyRingIAMMemberConditionOutput ¶
type KeyRingIAMMemberConditionOutput struct{ *pulumi.OutputState }
func (KeyRingIAMMemberConditionOutput) Description ¶
func (o KeyRingIAMMemberConditionOutput) Description() pulumi.StringPtrOutput
An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
func (KeyRingIAMMemberConditionOutput) ElementType ¶
func (KeyRingIAMMemberConditionOutput) ElementType() reflect.Type
func (KeyRingIAMMemberConditionOutput) Expression ¶
func (o KeyRingIAMMemberConditionOutput) Expression() pulumi.StringOutput
Textual representation of an expression in Common Expression Language syntax.
func (KeyRingIAMMemberConditionOutput) Title ¶
func (o KeyRingIAMMemberConditionOutput) Title() pulumi.StringOutput
A title for the expression, i.e. a short string describing its purpose.
func (KeyRingIAMMemberConditionOutput) ToKeyRingIAMMemberConditionOutput ¶
func (o KeyRingIAMMemberConditionOutput) ToKeyRingIAMMemberConditionOutput() KeyRingIAMMemberConditionOutput
func (KeyRingIAMMemberConditionOutput) ToKeyRingIAMMemberConditionOutputWithContext ¶
func (o KeyRingIAMMemberConditionOutput) ToKeyRingIAMMemberConditionOutputWithContext(ctx context.Context) KeyRingIAMMemberConditionOutput
func (KeyRingIAMMemberConditionOutput) ToKeyRingIAMMemberConditionPtrOutput ¶
func (o KeyRingIAMMemberConditionOutput) ToKeyRingIAMMemberConditionPtrOutput() KeyRingIAMMemberConditionPtrOutput
func (KeyRingIAMMemberConditionOutput) ToKeyRingIAMMemberConditionPtrOutputWithContext ¶
func (o KeyRingIAMMemberConditionOutput) ToKeyRingIAMMemberConditionPtrOutputWithContext(ctx context.Context) KeyRingIAMMemberConditionPtrOutput
type KeyRingIAMMemberConditionPtrInput ¶
type KeyRingIAMMemberConditionPtrInput interface {
pulumi.Input
ToKeyRingIAMMemberConditionPtrOutput() KeyRingIAMMemberConditionPtrOutput
ToKeyRingIAMMemberConditionPtrOutputWithContext(context.Context) KeyRingIAMMemberConditionPtrOutput
}
KeyRingIAMMemberConditionPtrInput is an input type that accepts KeyRingIAMMemberConditionArgs, KeyRingIAMMemberConditionPtr and KeyRingIAMMemberConditionPtrOutput values. You can construct a concrete instance of `KeyRingIAMMemberConditionPtrInput` via:
KeyRingIAMMemberConditionArgs{...}
or:
nil
func KeyRingIAMMemberConditionPtr ¶
func KeyRingIAMMemberConditionPtr(v *KeyRingIAMMemberConditionArgs) KeyRingIAMMemberConditionPtrInput
type KeyRingIAMMemberConditionPtrOutput ¶
type KeyRingIAMMemberConditionPtrOutput struct{ *pulumi.OutputState }
func (KeyRingIAMMemberConditionPtrOutput) Description ¶
func (o KeyRingIAMMemberConditionPtrOutput) Description() pulumi.StringPtrOutput
An optional description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
func (KeyRingIAMMemberConditionPtrOutput) Elem ¶
func (o KeyRingIAMMemberConditionPtrOutput) Elem() KeyRingIAMMemberConditionOutput
func (KeyRingIAMMemberConditionPtrOutput) ElementType ¶
func (KeyRingIAMMemberConditionPtrOutput) ElementType() reflect.Type
func (KeyRingIAMMemberConditionPtrOutput) Expression ¶
func (o KeyRingIAMMemberConditionPtrOutput) Expression() pulumi.StringPtrOutput
Textual representation of an expression in Common Expression Language syntax.
func (KeyRingIAMMemberConditionPtrOutput) Title ¶
func (o KeyRingIAMMemberConditionPtrOutput) Title() pulumi.StringPtrOutput
A title for the expression, i.e. a short string describing its purpose.
func (KeyRingIAMMemberConditionPtrOutput) ToKeyRingIAMMemberConditionPtrOutput ¶
func (o KeyRingIAMMemberConditionPtrOutput) ToKeyRingIAMMemberConditionPtrOutput() KeyRingIAMMemberConditionPtrOutput
func (KeyRingIAMMemberConditionPtrOutput) ToKeyRingIAMMemberConditionPtrOutputWithContext ¶
func (o KeyRingIAMMemberConditionPtrOutput) ToKeyRingIAMMemberConditionPtrOutputWithContext(ctx context.Context) KeyRingIAMMemberConditionPtrOutput
type KeyRingIAMMemberInput ¶ added in v4.4.0
type KeyRingIAMMemberInput interface {
pulumi.Input
ToKeyRingIAMMemberOutput() KeyRingIAMMemberOutput
ToKeyRingIAMMemberOutputWithContext(ctx context.Context) KeyRingIAMMemberOutput
}
type KeyRingIAMMemberMap ¶ added in v4.11.1
type KeyRingIAMMemberMap map[string]KeyRingIAMMemberInput
func (KeyRingIAMMemberMap) ElementType ¶ added in v4.11.1
func (KeyRingIAMMemberMap) ElementType() reflect.Type
func (KeyRingIAMMemberMap) ToKeyRingIAMMemberMapOutput ¶ added in v4.11.1
func (i KeyRingIAMMemberMap) ToKeyRingIAMMemberMapOutput() KeyRingIAMMemberMapOutput
func (KeyRingIAMMemberMap) ToKeyRingIAMMemberMapOutputWithContext ¶ added in v4.11.1
func (i KeyRingIAMMemberMap) ToKeyRingIAMMemberMapOutputWithContext(ctx context.Context) KeyRingIAMMemberMapOutput
type KeyRingIAMMemberMapInput ¶ added in v4.11.1
type KeyRingIAMMemberMapInput interface {
pulumi.Input
ToKeyRingIAMMemberMapOutput() KeyRingIAMMemberMapOutput
ToKeyRingIAMMemberMapOutputWithContext(context.Context) KeyRingIAMMemberMapOutput
}
KeyRingIAMMemberMapInput is an input type that accepts KeyRingIAMMemberMap and KeyRingIAMMemberMapOutput values. You can construct a concrete instance of `KeyRingIAMMemberMapInput` via:
KeyRingIAMMemberMap{ "key": KeyRingIAMMemberArgs{...} }
type KeyRingIAMMemberMapOutput ¶ added in v4.11.1
type KeyRingIAMMemberMapOutput struct{ *pulumi.OutputState }
func (KeyRingIAMMemberMapOutput) ElementType ¶ added in v4.11.1
func (KeyRingIAMMemberMapOutput) ElementType() reflect.Type
func (KeyRingIAMMemberMapOutput) MapIndex ¶ added in v4.11.1
func (o KeyRingIAMMemberMapOutput) MapIndex(k pulumi.StringInput) KeyRingIAMMemberOutput
func (KeyRingIAMMemberMapOutput) ToKeyRingIAMMemberMapOutput ¶ added in v4.11.1
func (o KeyRingIAMMemberMapOutput) ToKeyRingIAMMemberMapOutput() KeyRingIAMMemberMapOutput
func (KeyRingIAMMemberMapOutput) ToKeyRingIAMMemberMapOutputWithContext ¶ added in v4.11.1
func (o KeyRingIAMMemberMapOutput) ToKeyRingIAMMemberMapOutputWithContext(ctx context.Context) KeyRingIAMMemberMapOutput
type KeyRingIAMMemberOutput ¶ added in v4.4.0
type KeyRingIAMMemberOutput struct {
*pulumi.OutputState
}
func (KeyRingIAMMemberOutput) ElementType ¶ added in v4.4.0
func (KeyRingIAMMemberOutput) ElementType() reflect.Type
func (KeyRingIAMMemberOutput) ToKeyRingIAMMemberOutput ¶ added in v4.4.0
func (o KeyRingIAMMemberOutput) ToKeyRingIAMMemberOutput() KeyRingIAMMemberOutput
func (KeyRingIAMMemberOutput) ToKeyRingIAMMemberOutputWithContext ¶ added in v4.4.0
func (o KeyRingIAMMemberOutput) ToKeyRingIAMMemberOutputWithContext(ctx context.Context) KeyRingIAMMemberOutput
func (KeyRingIAMMemberOutput) ToKeyRingIAMMemberPtrOutput ¶ added in v4.11.1
func (o KeyRingIAMMemberOutput) ToKeyRingIAMMemberPtrOutput() KeyRingIAMMemberPtrOutput
func (KeyRingIAMMemberOutput) ToKeyRingIAMMemberPtrOutputWithContext ¶ added in v4.11.1
func (o KeyRingIAMMemberOutput) ToKeyRingIAMMemberPtrOutputWithContext(ctx context.Context) KeyRingIAMMemberPtrOutput
type KeyRingIAMMemberPtrInput ¶ added in v4.11.1
type KeyRingIAMMemberPtrInput interface {
pulumi.Input
ToKeyRingIAMMemberPtrOutput() KeyRingIAMMemberPtrOutput
ToKeyRingIAMMemberPtrOutputWithContext(ctx context.Context) KeyRingIAMMemberPtrOutput
}
type KeyRingIAMMemberPtrOutput ¶ added in v4.11.1
type KeyRingIAMMemberPtrOutput struct {
*pulumi.OutputState
}
func (KeyRingIAMMemberPtrOutput) ElementType ¶ added in v4.11.1
func (KeyRingIAMMemberPtrOutput) ElementType() reflect.Type
func (KeyRingIAMMemberPtrOutput) ToKeyRingIAMMemberPtrOutput ¶ added in v4.11.1
func (o KeyRingIAMMemberPtrOutput) ToKeyRingIAMMemberPtrOutput() KeyRingIAMMemberPtrOutput
func (KeyRingIAMMemberPtrOutput) ToKeyRingIAMMemberPtrOutputWithContext ¶ added in v4.11.1
func (o KeyRingIAMMemberPtrOutput) ToKeyRingIAMMemberPtrOutputWithContext(ctx context.Context) KeyRingIAMMemberPtrOutput
type KeyRingIAMMemberState ¶
type KeyRingIAMMemberState struct {
// An [IAM Condition](https://cloud.google.com/iam/docs/conditions-overview) for a given binding.
// Structure is documented below.
Condition KeyRingIAMMemberConditionPtrInput
// (Computed) The etag of the key ring's IAM policy.
Etag pulumi.StringPtrInput
// The key ring ID, in the form
// `{project_id}/{location_name}/{key_ring_name}` or
// `{location_name}/{key_ring_name}`. In the second form, the provider's
// project setting will be used as a fallback.
KeyRingId pulumi.StringPtrInput
Member pulumi.StringPtrInput
// The role that should be applied. Only one
// `kms.KeyRingIAMBinding` can be used per role. Note that custom roles must be of the format
// `[projects|organizations]/{parent-name}/roles/{role-name}`.
Role pulumi.StringPtrInput
}
func (KeyRingIAMMemberState) ElementType ¶
func (KeyRingIAMMemberState) ElementType() reflect.Type
type KeyRingIAMPolicy ¶
type KeyRingIAMPolicy struct {
pulumi.CustomResourceState
// (Computed) The etag of the key ring's IAM policy.
Etag pulumi.StringOutput `pulumi:"etag"`
// The key ring ID, in the form
// `{project_id}/{location_name}/{key_ring_name}` or
// `{location_name}/{key_ring_name}`. In the second form, the provider's
// project setting will be used as a fallback.
KeyRingId pulumi.StringOutput `pulumi:"keyRingId"`
// The policy data generated by
// a `organizations.getIAMPolicy` data source.
PolicyData pulumi.StringOutput `pulumi:"policyData"`
}
Three different resources help you manage your IAM policy for KMS key ring. Each of these resources serves a different use case:
* `kms.KeyRingIAMPolicy`: Authoritative. Sets the IAM policy for the key ring and replaces any existing policy already attached. * `kms.KeyRingIAMBinding`: Authoritative for a given role. Updates the IAM policy to grant a role to a list of members. Other roles within the IAM policy for the key ring are preserved. * `kms.KeyRingIAMMember`: Non-authoritative. Updates the IAM policy to grant a role to a new member. Other members for the role for the key ring are preserved.
> **Note:** `kms.KeyRingIAMPolicy` **cannot** be used in conjunction with `kms.KeyRingIAMBinding` and `kms.KeyRingIAMMember` or they will fight over what your policy should be.
> **Note:** `kms.KeyRingIAMBinding` resources **can be** used in conjunction with `kms.KeyRingIAMMember` resources **only if** they do not grant privilege to the same role.
## google\_kms\_key\_ring\_iam\_policy
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
keyring, err := kms.NewKeyRing(ctx, "keyring", &kms.KeyRingArgs{
Location: pulumi.String("global"),
})
if err != nil {
return err
}
admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
Bindings: []organizations.GetIAMPolicyBinding{
organizations.GetIAMPolicyBinding{
Role: "roles/editor",
Members: []string{
"user:jane@example.com",
},
},
},
}, nil)
if err != nil {
return err
}
_, err = kms.NewKeyRingIAMPolicy(ctx, "keyRing", &kms.KeyRingIAMPolicyArgs{
KeyRingId: keyring.ID(),
PolicyData: pulumi.String(admin.PolicyData),
})
if err != nil {
return err
}
return nil
})
}
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/organizations" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
keyring, err := kms.NewKeyRing(ctx, "keyring", &kms.KeyRingArgs{
Location: pulumi.String("global"),
})
if err != nil {
return err
}
admin, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
Bindings: []organizations.GetIAMPolicyBinding{
organizations.GetIAMPolicyBinding{
Role: "roles/editor",
Members: []string{
"user:jane@example.com",
},
Condition: organizations.GetIAMPolicyBindingCondition{
Title: "expires_after_2019_12_31",
Description: "Expiring at midnight of 2019-12-31",
Expression: "request.time < timestamp(\"2020-01-01T00:00:00Z\")",
},
},
},
}, nil)
if err != nil {
return err
}
_, err = kms.NewKeyRingIAMPolicy(ctx, "keyRing", &kms.KeyRingIAMPolicyArgs{
KeyRingId: keyring.ID(),
PolicyData: pulumi.String(admin.PolicyData),
})
if err != nil {
return err
}
return nil
})
}
```
## google\_kms\_key\_ring\_iam\_binding
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewKeyRingIAMBinding(ctx, "keyRing", &kms.KeyRingIAMBindingArgs{
KeyRingId: pulumi.String("your-key-ring-id"),
Members: pulumi.StringArray{
pulumi.String("user:jane@example.com"),
},
Role: pulumi.String("roles/editor"),
})
if err != nil {
return err
}
return nil
})
}
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewKeyRingIAMBinding(ctx, "keyRing", &kms.KeyRingIAMBindingArgs{
Condition: &kms.KeyRingIAMBindingConditionArgs{
Description: pulumi.String("Expiring at midnight of 2019-12-31"),
Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
Title: pulumi.String("expires_after_2019_12_31"),
},
KeyRingId: pulumi.String("your-key-ring-id"),
Members: pulumi.StringArray{
pulumi.String("user:jane@example.com"),
},
Role: pulumi.String("roles/editor"),
})
if err != nil {
return err
}
return nil
})
}
```
## google\_kms\_key\_ring\_iam\_member
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewKeyRingIAMMember(ctx, "keyRing", &kms.KeyRingIAMMemberArgs{
KeyRingId: pulumi.String("your-key-ring-id"),
Member: pulumi.String("user:jane@example.com"),
Role: pulumi.String("roles/editor"),
})
if err != nil {
return err
}
return nil
})
}
```
With IAM Conditions:
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := kms.NewKeyRingIAMMember(ctx, "keyRing", &kms.KeyRingIAMMemberArgs{
Condition: &kms.KeyRingIAMMemberConditionArgs{
Description: pulumi.String("Expiring at midnight of 2019-12-31"),
Expression: pulumi.String("request.time < timestamp(\"2020-01-01T00:00:00Z\")"),
Title: pulumi.String("expires_after_2019_12_31"),
},
KeyRingId: pulumi.String("your-key-ring-id"),
Member: pulumi.String("user:jane@example.com"),
Role: pulumi.String("roles/editor"),
})
if err != nil {
return err
}
return nil
})
}
```
## Import
IAM member imports use space-delimited identifiers; the resource in question, the role, and the account.
This member resource can be imported using the `key_ring_id`, role, and account e.g.
```sh
$ pulumi import gcp:kms/keyRingIAMPolicy:KeyRingIAMPolicy key_ring_iam "your-project-id/location-name/key-ring-name roles/viewer user:foo@example.com"
```
IAM binding imports use space-delimited identifiers; the resource in question and the role.
This binding resource can be imported using the `key_ring_id` and role, e.g.
```sh
$ pulumi import gcp:kms/keyRingIAMPolicy:KeyRingIAMPolicy key_ring_iam "your-project-id/location-name/key-ring-name roles/viewer"
```
IAM policy imports use the identifier of the resource in question.
This policy resource can be imported using the `key_ring_id`, e.g.
```sh
$ pulumi import gcp:kms/keyRingIAMPolicy:KeyRingIAMPolicy key_ring_iam your-project-id/location-name/key-ring-name
```
func GetKeyRingIAMPolicy ¶
func GetKeyRingIAMPolicy(ctx *pulumi.Context, name string, id pulumi.IDInput, state *KeyRingIAMPolicyState, opts ...pulumi.ResourceOption) (*KeyRingIAMPolicy, error)
GetKeyRingIAMPolicy gets an existing KeyRingIAMPolicy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewKeyRingIAMPolicy ¶
func NewKeyRingIAMPolicy(ctx *pulumi.Context, name string, args *KeyRingIAMPolicyArgs, opts ...pulumi.ResourceOption) (*KeyRingIAMPolicy, error)
NewKeyRingIAMPolicy registers a new resource with the given unique name, arguments, and options.
func (*KeyRingIAMPolicy) ElementType ¶ added in v4.4.0
func (*KeyRingIAMPolicy) ElementType() reflect.Type
func (*KeyRingIAMPolicy) ToKeyRingIAMPolicyOutput ¶ added in v4.4.0
func (i *KeyRingIAMPolicy) ToKeyRingIAMPolicyOutput() KeyRingIAMPolicyOutput
func (*KeyRingIAMPolicy) ToKeyRingIAMPolicyOutputWithContext ¶ added in v4.4.0
func (i *KeyRingIAMPolicy) ToKeyRingIAMPolicyOutputWithContext(ctx context.Context) KeyRingIAMPolicyOutput
func (*KeyRingIAMPolicy) ToKeyRingIAMPolicyPtrOutput ¶ added in v4.11.1
func (i *KeyRingIAMPolicy) ToKeyRingIAMPolicyPtrOutput() KeyRingIAMPolicyPtrOutput
func (*KeyRingIAMPolicy) ToKeyRingIAMPolicyPtrOutputWithContext ¶ added in v4.11.1
func (i *KeyRingIAMPolicy) ToKeyRingIAMPolicyPtrOutputWithContext(ctx context.Context) KeyRingIAMPolicyPtrOutput
type KeyRingIAMPolicyArgs ¶
type KeyRingIAMPolicyArgs struct {
// The key ring ID, in the form
// `{project_id}/{location_name}/{key_ring_name}` or
// `{location_name}/{key_ring_name}`. In the second form, the provider's
// project setting will be used as a fallback.
KeyRingId pulumi.StringInput
// The policy data generated by
// a `organizations.getIAMPolicy` data source.
PolicyData pulumi.StringInput
}
The set of arguments for constructing a KeyRingIAMPolicy resource.
func (KeyRingIAMPolicyArgs) ElementType ¶
func (KeyRingIAMPolicyArgs) ElementType() reflect.Type
type KeyRingIAMPolicyArray ¶ added in v4.11.1
type KeyRingIAMPolicyArray []KeyRingIAMPolicyInput
func (KeyRingIAMPolicyArray) ElementType ¶ added in v4.11.1
func (KeyRingIAMPolicyArray) ElementType() reflect.Type
func (KeyRingIAMPolicyArray) ToKeyRingIAMPolicyArrayOutput ¶ added in v4.11.1
func (i KeyRingIAMPolicyArray) ToKeyRingIAMPolicyArrayOutput() KeyRingIAMPolicyArrayOutput
func (KeyRingIAMPolicyArray) ToKeyRingIAMPolicyArrayOutputWithContext ¶ added in v4.11.1
func (i KeyRingIAMPolicyArray) ToKeyRingIAMPolicyArrayOutputWithContext(ctx context.Context) KeyRingIAMPolicyArrayOutput
type KeyRingIAMPolicyArrayInput ¶ added in v4.11.1
type KeyRingIAMPolicyArrayInput interface {
pulumi.Input
ToKeyRingIAMPolicyArrayOutput() KeyRingIAMPolicyArrayOutput
ToKeyRingIAMPolicyArrayOutputWithContext(context.Context) KeyRingIAMPolicyArrayOutput
}
KeyRingIAMPolicyArrayInput is an input type that accepts KeyRingIAMPolicyArray and KeyRingIAMPolicyArrayOutput values. You can construct a concrete instance of `KeyRingIAMPolicyArrayInput` via:
KeyRingIAMPolicyArray{ KeyRingIAMPolicyArgs{...} }
type KeyRingIAMPolicyArrayOutput ¶ added in v4.11.1
type KeyRingIAMPolicyArrayOutput struct{ *pulumi.OutputState }
func (KeyRingIAMPolicyArrayOutput) ElementType ¶ added in v4.11.1
func (KeyRingIAMPolicyArrayOutput) ElementType() reflect.Type
func (KeyRingIAMPolicyArrayOutput) Index ¶ added in v4.11.1
func (o KeyRingIAMPolicyArrayOutput) Index(i pulumi.IntInput) KeyRingIAMPolicyOutput
func (KeyRingIAMPolicyArrayOutput) ToKeyRingIAMPolicyArrayOutput ¶ added in v4.11.1
func (o KeyRingIAMPolicyArrayOutput) ToKeyRingIAMPolicyArrayOutput() KeyRingIAMPolicyArrayOutput
func (KeyRingIAMPolicyArrayOutput) ToKeyRingIAMPolicyArrayOutputWithContext ¶ added in v4.11.1
func (o KeyRingIAMPolicyArrayOutput) ToKeyRingIAMPolicyArrayOutputWithContext(ctx context.Context) KeyRingIAMPolicyArrayOutput
type KeyRingIAMPolicyInput ¶ added in v4.4.0
type KeyRingIAMPolicyInput interface {
pulumi.Input
ToKeyRingIAMPolicyOutput() KeyRingIAMPolicyOutput
ToKeyRingIAMPolicyOutputWithContext(ctx context.Context) KeyRingIAMPolicyOutput
}
type KeyRingIAMPolicyMap ¶ added in v4.11.1
type KeyRingIAMPolicyMap map[string]KeyRingIAMPolicyInput
func (KeyRingIAMPolicyMap) ElementType ¶ added in v4.11.1
func (KeyRingIAMPolicyMap) ElementType() reflect.Type
func (KeyRingIAMPolicyMap) ToKeyRingIAMPolicyMapOutput ¶ added in v4.11.1
func (i KeyRingIAMPolicyMap) ToKeyRingIAMPolicyMapOutput() KeyRingIAMPolicyMapOutput
func (KeyRingIAMPolicyMap) ToKeyRingIAMPolicyMapOutputWithContext ¶ added in v4.11.1
func (i KeyRingIAMPolicyMap) ToKeyRingIAMPolicyMapOutputWithContext(ctx context.Context) KeyRingIAMPolicyMapOutput
type KeyRingIAMPolicyMapInput ¶ added in v4.11.1
type KeyRingIAMPolicyMapInput interface {
pulumi.Input
ToKeyRingIAMPolicyMapOutput() KeyRingIAMPolicyMapOutput
ToKeyRingIAMPolicyMapOutputWithContext(context.Context) KeyRingIAMPolicyMapOutput
}
KeyRingIAMPolicyMapInput is an input type that accepts KeyRingIAMPolicyMap and KeyRingIAMPolicyMapOutput values. You can construct a concrete instance of `KeyRingIAMPolicyMapInput` via:
KeyRingIAMPolicyMap{ "key": KeyRingIAMPolicyArgs{...} }
type KeyRingIAMPolicyMapOutput ¶ added in v4.11.1
type KeyRingIAMPolicyMapOutput struct{ *pulumi.OutputState }
func (KeyRingIAMPolicyMapOutput) ElementType ¶ added in v4.11.1
func (KeyRingIAMPolicyMapOutput) ElementType() reflect.Type
func (KeyRingIAMPolicyMapOutput) MapIndex ¶ added in v4.11.1
func (o KeyRingIAMPolicyMapOutput) MapIndex(k pulumi.StringInput) KeyRingIAMPolicyOutput
func (KeyRingIAMPolicyMapOutput) ToKeyRingIAMPolicyMapOutput ¶ added in v4.11.1
func (o KeyRingIAMPolicyMapOutput) ToKeyRingIAMPolicyMapOutput() KeyRingIAMPolicyMapOutput
func (KeyRingIAMPolicyMapOutput) ToKeyRingIAMPolicyMapOutputWithContext ¶ added in v4.11.1
func (o KeyRingIAMPolicyMapOutput) ToKeyRingIAMPolicyMapOutputWithContext(ctx context.Context) KeyRingIAMPolicyMapOutput
type KeyRingIAMPolicyOutput ¶ added in v4.4.0
type KeyRingIAMPolicyOutput struct {
*pulumi.OutputState
}
func (KeyRingIAMPolicyOutput) ElementType ¶ added in v4.4.0
func (KeyRingIAMPolicyOutput) ElementType() reflect.Type
func (KeyRingIAMPolicyOutput) ToKeyRingIAMPolicyOutput ¶ added in v4.4.0
func (o KeyRingIAMPolicyOutput) ToKeyRingIAMPolicyOutput() KeyRingIAMPolicyOutput
func (KeyRingIAMPolicyOutput) ToKeyRingIAMPolicyOutputWithContext ¶ added in v4.4.0
func (o KeyRingIAMPolicyOutput) ToKeyRingIAMPolicyOutputWithContext(ctx context.Context) KeyRingIAMPolicyOutput
func (KeyRingIAMPolicyOutput) ToKeyRingIAMPolicyPtrOutput ¶ added in v4.11.1
func (o KeyRingIAMPolicyOutput) ToKeyRingIAMPolicyPtrOutput() KeyRingIAMPolicyPtrOutput
func (KeyRingIAMPolicyOutput) ToKeyRingIAMPolicyPtrOutputWithContext ¶ added in v4.11.1
func (o KeyRingIAMPolicyOutput) ToKeyRingIAMPolicyPtrOutputWithContext(ctx context.Context) KeyRingIAMPolicyPtrOutput
type KeyRingIAMPolicyPtrInput ¶ added in v4.11.1
type KeyRingIAMPolicyPtrInput interface {
pulumi.Input
ToKeyRingIAMPolicyPtrOutput() KeyRingIAMPolicyPtrOutput
ToKeyRingIAMPolicyPtrOutputWithContext(ctx context.Context) KeyRingIAMPolicyPtrOutput
}
type KeyRingIAMPolicyPtrOutput ¶ added in v4.11.1
type KeyRingIAMPolicyPtrOutput struct {
*pulumi.OutputState
}
func (KeyRingIAMPolicyPtrOutput) ElementType ¶ added in v4.11.1
func (KeyRingIAMPolicyPtrOutput) ElementType() reflect.Type
func (KeyRingIAMPolicyPtrOutput) ToKeyRingIAMPolicyPtrOutput ¶ added in v4.11.1
func (o KeyRingIAMPolicyPtrOutput) ToKeyRingIAMPolicyPtrOutput() KeyRingIAMPolicyPtrOutput
func (KeyRingIAMPolicyPtrOutput) ToKeyRingIAMPolicyPtrOutputWithContext ¶ added in v4.11.1
func (o KeyRingIAMPolicyPtrOutput) ToKeyRingIAMPolicyPtrOutputWithContext(ctx context.Context) KeyRingIAMPolicyPtrOutput
type KeyRingIAMPolicyState ¶
type KeyRingIAMPolicyState struct {
// (Computed) The etag of the key ring's IAM policy.
Etag pulumi.StringPtrInput
// The key ring ID, in the form
// `{project_id}/{location_name}/{key_ring_name}` or
// `{location_name}/{key_ring_name}`. In the second form, the provider's
// project setting will be used as a fallback.
KeyRingId pulumi.StringPtrInput
// The policy data generated by
// a `organizations.getIAMPolicy` data source.
PolicyData pulumi.StringPtrInput
}
func (KeyRingIAMPolicyState) ElementType ¶
func (KeyRingIAMPolicyState) ElementType() reflect.Type
type KeyRingImportJob ¶
type KeyRingImportJob struct {
pulumi.CustomResourceState
// Statement that was generated and signed by the key creator (for example, an HSM) at key creation time. Use this
// statement to verify attributes of the key as stored on the HSM, independently of Google. Only present if the chosen
// ImportMethod is one with a protection level of HSM.
Attestations KeyRingImportJobAttestationArrayOutput `pulumi:"attestations"`
// The time at which this resource is scheduled for expiration and can no longer be used. This is in RFC3339 text format.
ExpireTime pulumi.StringOutput `pulumi:"expireTime"`
// It must be unique within a KeyRing and match the regular expression [a-zA-Z0-9_-]{1,63}
ImportJobId pulumi.StringOutput `pulumi:"importJobId"`
// The wrapping method to be used for incoming key material.
// Possible values are `RSA_OAEP_3072_SHA1_AES_256` and `RSA_OAEP_4096_SHA1_AES_256`.
ImportMethod pulumi.StringOutput `pulumi:"importMethod"`
// The KeyRing that this import job belongs to.
// Format: `'projects/{{project}}/locations/{{location}}/keyRings/{{keyRing}}'`.
KeyRing pulumi.StringOutput `pulumi:"keyRing"`
// The resource name for this ImportJob in the format projects/*/locations/*/keyRings/*/importJobs/*.
Name pulumi.StringOutput `pulumi:"name"`
// The protection level of the ImportJob. This must match the protectionLevel of the
// versionTemplate on the CryptoKey you attempt to import into.
// Possible values are `SOFTWARE`, `HSM`, and `EXTERNAL`.
ProtectionLevel pulumi.StringOutput `pulumi:"protectionLevel"`
// The public key with which to wrap key material prior to import. Only returned if state is 'ACTIVE'.
PublicKeys KeyRingImportJobPublicKeyArrayOutput `pulumi:"publicKeys"`
// The current state of the ImportJob, indicating if it can be used.
State pulumi.StringOutput `pulumi:"state"`
}
A `KeyRingImportJob` can be used to create `CryptoKeys` and `CryptoKeyVersions` using pre-existing key material, generated outside of Cloud KMS. A `KeyRingImportJob` expires 3 days after it is created. Once expired, Cloud KMS will no longer be able to import or unwrap any key material that was wrapped with the `KeyRingImportJob`'s public key.
> **Note:** KeyRingImportJobs cannot be deleted from Google Cloud Platform. Destroying a provider-managed KeyRingImportJob will remove it from state but *will not delete the resource from the project.*
To get more information about KeyRingImportJob, see:
* [API documentation](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.importJobs) * How-to Guides
- [Importing a key](https://cloud.google.com/kms/docs/importing-a-key)
## Example Usage
## Import
KeyRingImportJob can be imported using any of these accepted formats ¶
```sh
$ pulumi import gcp:kms/keyRingImportJob:KeyRingImportJob default {{name}}
```
func GetKeyRingImportJob ¶
func GetKeyRingImportJob(ctx *pulumi.Context, name string, id pulumi.IDInput, state *KeyRingImportJobState, opts ...pulumi.ResourceOption) (*KeyRingImportJob, error)
GetKeyRingImportJob gets an existing KeyRingImportJob resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewKeyRingImportJob ¶
func NewKeyRingImportJob(ctx *pulumi.Context, name string, args *KeyRingImportJobArgs, opts ...pulumi.ResourceOption) (*KeyRingImportJob, error)
NewKeyRingImportJob registers a new resource with the given unique name, arguments, and options.
func (*KeyRingImportJob) ElementType ¶ added in v4.4.0
func (*KeyRingImportJob) ElementType() reflect.Type
func (*KeyRingImportJob) ToKeyRingImportJobOutput ¶ added in v4.4.0
func (i *KeyRingImportJob) ToKeyRingImportJobOutput() KeyRingImportJobOutput
func (*KeyRingImportJob) ToKeyRingImportJobOutputWithContext ¶ added in v4.4.0
func (i *KeyRingImportJob) ToKeyRingImportJobOutputWithContext(ctx context.Context) KeyRingImportJobOutput
func (*KeyRingImportJob) ToKeyRingImportJobPtrOutput ¶ added in v4.11.1
func (i *KeyRingImportJob) ToKeyRingImportJobPtrOutput() KeyRingImportJobPtrOutput
func (*KeyRingImportJob) ToKeyRingImportJobPtrOutputWithContext ¶ added in v4.11.1
func (i *KeyRingImportJob) ToKeyRingImportJobPtrOutputWithContext(ctx context.Context) KeyRingImportJobPtrOutput
type KeyRingImportJobArgs ¶
type KeyRingImportJobArgs struct {
// It must be unique within a KeyRing and match the regular expression [a-zA-Z0-9_-]{1,63}
ImportJobId pulumi.StringInput
// The wrapping method to be used for incoming key material.
// Possible values are `RSA_OAEP_3072_SHA1_AES_256` and `RSA_OAEP_4096_SHA1_AES_256`.
ImportMethod pulumi.StringInput
// The KeyRing that this import job belongs to.
// Format: `'projects/{{project}}/locations/{{location}}/keyRings/{{keyRing}}'`.
KeyRing pulumi.StringInput
// The protection level of the ImportJob. This must match the protectionLevel of the
// versionTemplate on the CryptoKey you attempt to import into.
// Possible values are `SOFTWARE`, `HSM`, and `EXTERNAL`.
ProtectionLevel pulumi.StringInput
}
The set of arguments for constructing a KeyRingImportJob resource.
func (KeyRingImportJobArgs) ElementType ¶
func (KeyRingImportJobArgs) ElementType() reflect.Type
type KeyRingImportJobArray ¶ added in v4.11.1
type KeyRingImportJobArray []KeyRingImportJobInput
func (KeyRingImportJobArray) ElementType ¶ added in v4.11.1
func (KeyRingImportJobArray) ElementType() reflect.Type
func (KeyRingImportJobArray) ToKeyRingImportJobArrayOutput ¶ added in v4.11.1
func (i KeyRingImportJobArray) ToKeyRingImportJobArrayOutput() KeyRingImportJobArrayOutput
func (KeyRingImportJobArray) ToKeyRingImportJobArrayOutputWithContext ¶ added in v4.11.1
func (i KeyRingImportJobArray) ToKeyRingImportJobArrayOutputWithContext(ctx context.Context) KeyRingImportJobArrayOutput
type KeyRingImportJobArrayInput ¶ added in v4.11.1
type KeyRingImportJobArrayInput interface {
pulumi.Input
ToKeyRingImportJobArrayOutput() KeyRingImportJobArrayOutput
ToKeyRingImportJobArrayOutputWithContext(context.Context) KeyRingImportJobArrayOutput
}
KeyRingImportJobArrayInput is an input type that accepts KeyRingImportJobArray and KeyRingImportJobArrayOutput values. You can construct a concrete instance of `KeyRingImportJobArrayInput` via:
KeyRingImportJobArray{ KeyRingImportJobArgs{...} }
type KeyRingImportJobArrayOutput ¶ added in v4.11.1
type KeyRingImportJobArrayOutput struct{ *pulumi.OutputState }
func (KeyRingImportJobArrayOutput) ElementType ¶ added in v4.11.1
func (KeyRingImportJobArrayOutput) ElementType() reflect.Type
func (KeyRingImportJobArrayOutput) Index ¶ added in v4.11.1
func (o KeyRingImportJobArrayOutput) Index(i pulumi.IntInput) KeyRingImportJobOutput
func (KeyRingImportJobArrayOutput) ToKeyRingImportJobArrayOutput ¶ added in v4.11.1
func (o KeyRingImportJobArrayOutput) ToKeyRingImportJobArrayOutput() KeyRingImportJobArrayOutput
func (KeyRingImportJobArrayOutput) ToKeyRingImportJobArrayOutputWithContext ¶ added in v4.11.1
func (o KeyRingImportJobArrayOutput) ToKeyRingImportJobArrayOutputWithContext(ctx context.Context) KeyRingImportJobArrayOutput
type KeyRingImportJobAttestationArgs ¶
type KeyRingImportJobAttestationArgs struct {
Content pulumi.StringPtrInput `pulumi:"content"`
Format pulumi.StringPtrInput `pulumi:"format"`
}
func (KeyRingImportJobAttestationArgs) ElementType ¶
func (KeyRingImportJobAttestationArgs) ElementType() reflect.Type
func (KeyRingImportJobAttestationArgs) ToKeyRingImportJobAttestationOutput ¶
func (i KeyRingImportJobAttestationArgs) ToKeyRingImportJobAttestationOutput() KeyRingImportJobAttestationOutput
func (KeyRingImportJobAttestationArgs) ToKeyRingImportJobAttestationOutputWithContext ¶
func (i KeyRingImportJobAttestationArgs) ToKeyRingImportJobAttestationOutputWithContext(ctx context.Context) KeyRingImportJobAttestationOutput
type KeyRingImportJobAttestationArray ¶
type KeyRingImportJobAttestationArray []KeyRingImportJobAttestationInput
func (KeyRingImportJobAttestationArray) ElementType ¶
func (KeyRingImportJobAttestationArray) ElementType() reflect.Type
func (KeyRingImportJobAttestationArray) ToKeyRingImportJobAttestationArrayOutput ¶
func (i KeyRingImportJobAttestationArray) ToKeyRingImportJobAttestationArrayOutput() KeyRingImportJobAttestationArrayOutput
func (KeyRingImportJobAttestationArray) ToKeyRingImportJobAttestationArrayOutputWithContext ¶
func (i KeyRingImportJobAttestationArray) ToKeyRingImportJobAttestationArrayOutputWithContext(ctx context.Context) KeyRingImportJobAttestationArrayOutput
type KeyRingImportJobAttestationArrayInput ¶
type KeyRingImportJobAttestationArrayInput interface {
pulumi.Input
ToKeyRingImportJobAttestationArrayOutput() KeyRingImportJobAttestationArrayOutput
ToKeyRingImportJobAttestationArrayOutputWithContext(context.Context) KeyRingImportJobAttestationArrayOutput
}
KeyRingImportJobAttestationArrayInput is an input type that accepts KeyRingImportJobAttestationArray and KeyRingImportJobAttestationArrayOutput values. You can construct a concrete instance of `KeyRingImportJobAttestationArrayInput` via:
KeyRingImportJobAttestationArray{ KeyRingImportJobAttestationArgs{...} }
type KeyRingImportJobAttestationArrayOutput ¶
type KeyRingImportJobAttestationArrayOutput struct{ *pulumi.OutputState }
func (KeyRingImportJobAttestationArrayOutput) ElementType ¶
func (KeyRingImportJobAttestationArrayOutput) ElementType() reflect.Type
func (KeyRingImportJobAttestationArrayOutput) ToKeyRingImportJobAttestationArrayOutput ¶
func (o KeyRingImportJobAttestationArrayOutput) ToKeyRingImportJobAttestationArrayOutput() KeyRingImportJobAttestationArrayOutput
func (KeyRingImportJobAttestationArrayOutput) ToKeyRingImportJobAttestationArrayOutputWithContext ¶
func (o KeyRingImportJobAttestationArrayOutput) ToKeyRingImportJobAttestationArrayOutputWithContext(ctx context.Context) KeyRingImportJobAttestationArrayOutput
type KeyRingImportJobAttestationInput ¶
type KeyRingImportJobAttestationInput interface {
pulumi.Input
ToKeyRingImportJobAttestationOutput() KeyRingImportJobAttestationOutput
ToKeyRingImportJobAttestationOutputWithContext(context.Context) KeyRingImportJobAttestationOutput
}
KeyRingImportJobAttestationInput is an input type that accepts KeyRingImportJobAttestationArgs and KeyRingImportJobAttestationOutput values. You can construct a concrete instance of `KeyRingImportJobAttestationInput` via:
KeyRingImportJobAttestationArgs{...}
type KeyRingImportJobAttestationOutput ¶
type KeyRingImportJobAttestationOutput struct{ *pulumi.OutputState }
func (KeyRingImportJobAttestationOutput) Content ¶
func (o KeyRingImportJobAttestationOutput) Content() pulumi.StringPtrOutput
func (KeyRingImportJobAttestationOutput) ElementType ¶
func (KeyRingImportJobAttestationOutput) ElementType() reflect.Type
func (KeyRingImportJobAttestationOutput) Format ¶
func (o KeyRingImportJobAttestationOutput) Format() pulumi.StringPtrOutput
func (KeyRingImportJobAttestationOutput) ToKeyRingImportJobAttestationOutput ¶
func (o KeyRingImportJobAttestationOutput) ToKeyRingImportJobAttestationOutput() KeyRingImportJobAttestationOutput
func (KeyRingImportJobAttestationOutput) ToKeyRingImportJobAttestationOutputWithContext ¶
func (o KeyRingImportJobAttestationOutput) ToKeyRingImportJobAttestationOutputWithContext(ctx context.Context) KeyRingImportJobAttestationOutput
type KeyRingImportJobInput ¶ added in v4.4.0
type KeyRingImportJobInput interface {
pulumi.Input
ToKeyRingImportJobOutput() KeyRingImportJobOutput
ToKeyRingImportJobOutputWithContext(ctx context.Context) KeyRingImportJobOutput
}
type KeyRingImportJobMap ¶ added in v4.11.1
type KeyRingImportJobMap map[string]KeyRingImportJobInput
func (KeyRingImportJobMap) ElementType ¶ added in v4.11.1
func (KeyRingImportJobMap) ElementType() reflect.Type
func (KeyRingImportJobMap) ToKeyRingImportJobMapOutput ¶ added in v4.11.1
func (i KeyRingImportJobMap) ToKeyRingImportJobMapOutput() KeyRingImportJobMapOutput
func (KeyRingImportJobMap) ToKeyRingImportJobMapOutputWithContext ¶ added in v4.11.1
func (i KeyRingImportJobMap) ToKeyRingImportJobMapOutputWithContext(ctx context.Context) KeyRingImportJobMapOutput
type KeyRingImportJobMapInput ¶ added in v4.11.1
type KeyRingImportJobMapInput interface {
pulumi.Input
ToKeyRingImportJobMapOutput() KeyRingImportJobMapOutput
ToKeyRingImportJobMapOutputWithContext(context.Context) KeyRingImportJobMapOutput
}
KeyRingImportJobMapInput is an input type that accepts KeyRingImportJobMap and KeyRingImportJobMapOutput values. You can construct a concrete instance of `KeyRingImportJobMapInput` via:
KeyRingImportJobMap{ "key": KeyRingImportJobArgs{...} }
type KeyRingImportJobMapOutput ¶ added in v4.11.1
type KeyRingImportJobMapOutput struct{ *pulumi.OutputState }
func (KeyRingImportJobMapOutput) ElementType ¶ added in v4.11.1
func (KeyRingImportJobMapOutput) ElementType() reflect.Type
func (KeyRingImportJobMapOutput) MapIndex ¶ added in v4.11.1
func (o KeyRingImportJobMapOutput) MapIndex(k pulumi.StringInput) KeyRingImportJobOutput
func (KeyRingImportJobMapOutput) ToKeyRingImportJobMapOutput ¶ added in v4.11.1
func (o KeyRingImportJobMapOutput) ToKeyRingImportJobMapOutput() KeyRingImportJobMapOutput
func (KeyRingImportJobMapOutput) ToKeyRingImportJobMapOutputWithContext ¶ added in v4.11.1
func (o KeyRingImportJobMapOutput) ToKeyRingImportJobMapOutputWithContext(ctx context.Context) KeyRingImportJobMapOutput
type KeyRingImportJobOutput ¶ added in v4.4.0
type KeyRingImportJobOutput struct {
*pulumi.OutputState
}
func (KeyRingImportJobOutput) ElementType ¶ added in v4.4.0
func (KeyRingImportJobOutput) ElementType() reflect.Type
func (KeyRingImportJobOutput) ToKeyRingImportJobOutput ¶ added in v4.4.0
func (o KeyRingImportJobOutput) ToKeyRingImportJobOutput() KeyRingImportJobOutput
func (KeyRingImportJobOutput) ToKeyRingImportJobOutputWithContext ¶ added in v4.4.0
func (o KeyRingImportJobOutput) ToKeyRingImportJobOutputWithContext(ctx context.Context) KeyRingImportJobOutput
func (KeyRingImportJobOutput) ToKeyRingImportJobPtrOutput ¶ added in v4.11.1
func (o KeyRingImportJobOutput) ToKeyRingImportJobPtrOutput() KeyRingImportJobPtrOutput
func (KeyRingImportJobOutput) ToKeyRingImportJobPtrOutputWithContext ¶ added in v4.11.1
func (o KeyRingImportJobOutput) ToKeyRingImportJobPtrOutputWithContext(ctx context.Context) KeyRingImportJobPtrOutput
type KeyRingImportJobPtrInput ¶ added in v4.11.1
type KeyRingImportJobPtrInput interface {
pulumi.Input
ToKeyRingImportJobPtrOutput() KeyRingImportJobPtrOutput
ToKeyRingImportJobPtrOutputWithContext(ctx context.Context) KeyRingImportJobPtrOutput
}
type KeyRingImportJobPtrOutput ¶ added in v4.11.1
type KeyRingImportJobPtrOutput struct {
*pulumi.OutputState
}
func (KeyRingImportJobPtrOutput) ElementType ¶ added in v4.11.1
func (KeyRingImportJobPtrOutput) ElementType() reflect.Type
func (KeyRingImportJobPtrOutput) ToKeyRingImportJobPtrOutput ¶ added in v4.11.1
func (o KeyRingImportJobPtrOutput) ToKeyRingImportJobPtrOutput() KeyRingImportJobPtrOutput
func (KeyRingImportJobPtrOutput) ToKeyRingImportJobPtrOutputWithContext ¶ added in v4.11.1
func (o KeyRingImportJobPtrOutput) ToKeyRingImportJobPtrOutputWithContext(ctx context.Context) KeyRingImportJobPtrOutput
type KeyRingImportJobPublicKey ¶
type KeyRingImportJobPublicKey struct {
Pem *string `pulumi:"pem"`
}
type KeyRingImportJobPublicKeyArgs ¶
type KeyRingImportJobPublicKeyArgs struct {
Pem pulumi.StringPtrInput `pulumi:"pem"`
}
func (KeyRingImportJobPublicKeyArgs) ElementType ¶
func (KeyRingImportJobPublicKeyArgs) ElementType() reflect.Type
func (KeyRingImportJobPublicKeyArgs) ToKeyRingImportJobPublicKeyOutput ¶
func (i KeyRingImportJobPublicKeyArgs) ToKeyRingImportJobPublicKeyOutput() KeyRingImportJobPublicKeyOutput
func (KeyRingImportJobPublicKeyArgs) ToKeyRingImportJobPublicKeyOutputWithContext ¶
func (i KeyRingImportJobPublicKeyArgs) ToKeyRingImportJobPublicKeyOutputWithContext(ctx context.Context) KeyRingImportJobPublicKeyOutput
type KeyRingImportJobPublicKeyArray ¶
type KeyRingImportJobPublicKeyArray []KeyRingImportJobPublicKeyInput
func (KeyRingImportJobPublicKeyArray) ElementType ¶
func (KeyRingImportJobPublicKeyArray) ElementType() reflect.Type
func (KeyRingImportJobPublicKeyArray) ToKeyRingImportJobPublicKeyArrayOutput ¶
func (i KeyRingImportJobPublicKeyArray) ToKeyRingImportJobPublicKeyArrayOutput() KeyRingImportJobPublicKeyArrayOutput
func (KeyRingImportJobPublicKeyArray) ToKeyRingImportJobPublicKeyArrayOutputWithContext ¶
func (i KeyRingImportJobPublicKeyArray) ToKeyRingImportJobPublicKeyArrayOutputWithContext(ctx context.Context) KeyRingImportJobPublicKeyArrayOutput
type KeyRingImportJobPublicKeyArrayInput ¶
type KeyRingImportJobPublicKeyArrayInput interface {
pulumi.Input
ToKeyRingImportJobPublicKeyArrayOutput() KeyRingImportJobPublicKeyArrayOutput
ToKeyRingImportJobPublicKeyArrayOutputWithContext(context.Context) KeyRingImportJobPublicKeyArrayOutput
}
KeyRingImportJobPublicKeyArrayInput is an input type that accepts KeyRingImportJobPublicKeyArray and KeyRingImportJobPublicKeyArrayOutput values. You can construct a concrete instance of `KeyRingImportJobPublicKeyArrayInput` via:
KeyRingImportJobPublicKeyArray{ KeyRingImportJobPublicKeyArgs{...} }
type KeyRingImportJobPublicKeyArrayOutput ¶
type KeyRingImportJobPublicKeyArrayOutput struct{ *pulumi.OutputState }
func (KeyRingImportJobPublicKeyArrayOutput) ElementType ¶
func (KeyRingImportJobPublicKeyArrayOutput) ElementType() reflect.Type
func (KeyRingImportJobPublicKeyArrayOutput) Index ¶
func (o KeyRingImportJobPublicKeyArrayOutput) Index(i pulumi.IntInput) KeyRingImportJobPublicKeyOutput
func (KeyRingImportJobPublicKeyArrayOutput) ToKeyRingImportJobPublicKeyArrayOutput ¶
func (o KeyRingImportJobPublicKeyArrayOutput) ToKeyRingImportJobPublicKeyArrayOutput() KeyRingImportJobPublicKeyArrayOutput
func (KeyRingImportJobPublicKeyArrayOutput) ToKeyRingImportJobPublicKeyArrayOutputWithContext ¶
func (o KeyRingImportJobPublicKeyArrayOutput) ToKeyRingImportJobPublicKeyArrayOutputWithContext(ctx context.Context) KeyRingImportJobPublicKeyArrayOutput
type KeyRingImportJobPublicKeyInput ¶
type KeyRingImportJobPublicKeyInput interface {
pulumi.Input
ToKeyRingImportJobPublicKeyOutput() KeyRingImportJobPublicKeyOutput
ToKeyRingImportJobPublicKeyOutputWithContext(context.Context) KeyRingImportJobPublicKeyOutput
}
KeyRingImportJobPublicKeyInput is an input type that accepts KeyRingImportJobPublicKeyArgs and KeyRingImportJobPublicKeyOutput values. You can construct a concrete instance of `KeyRingImportJobPublicKeyInput` via:
KeyRingImportJobPublicKeyArgs{...}
type KeyRingImportJobPublicKeyOutput ¶
type KeyRingImportJobPublicKeyOutput struct{ *pulumi.OutputState }
func (KeyRingImportJobPublicKeyOutput) ElementType ¶
func (KeyRingImportJobPublicKeyOutput) ElementType() reflect.Type
func (KeyRingImportJobPublicKeyOutput) Pem ¶
func (o KeyRingImportJobPublicKeyOutput) Pem() pulumi.StringPtrOutput
func (KeyRingImportJobPublicKeyOutput) ToKeyRingImportJobPublicKeyOutput ¶
func (o KeyRingImportJobPublicKeyOutput) ToKeyRingImportJobPublicKeyOutput() KeyRingImportJobPublicKeyOutput
func (KeyRingImportJobPublicKeyOutput) ToKeyRingImportJobPublicKeyOutputWithContext ¶
func (o KeyRingImportJobPublicKeyOutput) ToKeyRingImportJobPublicKeyOutputWithContext(ctx context.Context) KeyRingImportJobPublicKeyOutput
type KeyRingImportJobState ¶
type KeyRingImportJobState struct {
// Statement that was generated and signed by the key creator (for example, an HSM) at key creation time. Use this
// statement to verify attributes of the key as stored on the HSM, independently of Google. Only present if the chosen
// ImportMethod is one with a protection level of HSM.
Attestations KeyRingImportJobAttestationArrayInput
// The time at which this resource is scheduled for expiration and can no longer be used. This is in RFC3339 text format.
ExpireTime pulumi.StringPtrInput
// It must be unique within a KeyRing and match the regular expression [a-zA-Z0-9_-]{1,63}
ImportJobId pulumi.StringPtrInput
// The wrapping method to be used for incoming key material.
// Possible values are `RSA_OAEP_3072_SHA1_AES_256` and `RSA_OAEP_4096_SHA1_AES_256`.
ImportMethod pulumi.StringPtrInput
// The KeyRing that this import job belongs to.
// Format: `'projects/{{project}}/locations/{{location}}/keyRings/{{keyRing}}'`.
KeyRing pulumi.StringPtrInput
// The resource name for this ImportJob in the format projects/*/locations/*/keyRings/*/importJobs/*.
Name pulumi.StringPtrInput
// The protection level of the ImportJob. This must match the protectionLevel of the
// versionTemplate on the CryptoKey you attempt to import into.
// Possible values are `SOFTWARE`, `HSM`, and `EXTERNAL`.
ProtectionLevel pulumi.StringPtrInput
// The public key with which to wrap key material prior to import. Only returned if state is 'ACTIVE'.
PublicKeys KeyRingImportJobPublicKeyArrayInput
// The current state of the ImportJob, indicating if it can be used.
State pulumi.StringPtrInput
}
func (KeyRingImportJobState) ElementType ¶
func (KeyRingImportJobState) ElementType() reflect.Type
type KeyRingInput ¶ added in v4.4.0
type KeyRingInput interface {
pulumi.Input
ToKeyRingOutput() KeyRingOutput
ToKeyRingOutputWithContext(ctx context.Context) KeyRingOutput
}
type KeyRingMap ¶ added in v4.11.1
type KeyRingMap map[string]KeyRingInput
func (KeyRingMap) ElementType ¶ added in v4.11.1
func (KeyRingMap) ElementType() reflect.Type
func (KeyRingMap) ToKeyRingMapOutput ¶ added in v4.11.1
func (i KeyRingMap) ToKeyRingMapOutput() KeyRingMapOutput
func (KeyRingMap) ToKeyRingMapOutputWithContext ¶ added in v4.11.1
func (i KeyRingMap) ToKeyRingMapOutputWithContext(ctx context.Context) KeyRingMapOutput
type KeyRingMapInput ¶ added in v4.11.1
type KeyRingMapInput interface {
pulumi.Input
ToKeyRingMapOutput() KeyRingMapOutput
ToKeyRingMapOutputWithContext(context.Context) KeyRingMapOutput
}
KeyRingMapInput is an input type that accepts KeyRingMap and KeyRingMapOutput values. You can construct a concrete instance of `KeyRingMapInput` via:
KeyRingMap{ "key": KeyRingArgs{...} }
type KeyRingMapOutput ¶ added in v4.11.1
type KeyRingMapOutput struct{ *pulumi.OutputState }
func (KeyRingMapOutput) ElementType ¶ added in v4.11.1
func (KeyRingMapOutput) ElementType() reflect.Type
func (KeyRingMapOutput) MapIndex ¶ added in v4.11.1
func (o KeyRingMapOutput) MapIndex(k pulumi.StringInput) KeyRingOutput
func (KeyRingMapOutput) ToKeyRingMapOutput ¶ added in v4.11.1
func (o KeyRingMapOutput) ToKeyRingMapOutput() KeyRingMapOutput
func (KeyRingMapOutput) ToKeyRingMapOutputWithContext ¶ added in v4.11.1
func (o KeyRingMapOutput) ToKeyRingMapOutputWithContext(ctx context.Context) KeyRingMapOutput
type KeyRingOutput ¶ added in v4.4.0
type KeyRingOutput struct {
*pulumi.OutputState
}
func (KeyRingOutput) ElementType ¶ added in v4.4.0
func (KeyRingOutput) ElementType() reflect.Type
func (KeyRingOutput) ToKeyRingOutput ¶ added in v4.4.0
func (o KeyRingOutput) ToKeyRingOutput() KeyRingOutput
func (KeyRingOutput) ToKeyRingOutputWithContext ¶ added in v4.4.0
func (o KeyRingOutput) ToKeyRingOutputWithContext(ctx context.Context) KeyRingOutput
func (KeyRingOutput) ToKeyRingPtrOutput ¶ added in v4.11.1
func (o KeyRingOutput) ToKeyRingPtrOutput() KeyRingPtrOutput
func (KeyRingOutput) ToKeyRingPtrOutputWithContext ¶ added in v4.11.1
func (o KeyRingOutput) ToKeyRingPtrOutputWithContext(ctx context.Context) KeyRingPtrOutput
type KeyRingPtrInput ¶ added in v4.11.1
type KeyRingPtrInput interface {
pulumi.Input
ToKeyRingPtrOutput() KeyRingPtrOutput
ToKeyRingPtrOutputWithContext(ctx context.Context) KeyRingPtrOutput
}
type KeyRingPtrOutput ¶ added in v4.11.1
type KeyRingPtrOutput struct {
*pulumi.OutputState
}
func (KeyRingPtrOutput) ElementType ¶ added in v4.11.1
func (KeyRingPtrOutput) ElementType() reflect.Type
func (KeyRingPtrOutput) ToKeyRingPtrOutput ¶ added in v4.11.1
func (o KeyRingPtrOutput) ToKeyRingPtrOutput() KeyRingPtrOutput
func (KeyRingPtrOutput) ToKeyRingPtrOutputWithContext ¶ added in v4.11.1
func (o KeyRingPtrOutput) ToKeyRingPtrOutputWithContext(ctx context.Context) KeyRingPtrOutput
type KeyRingState ¶
type KeyRingState struct {
// The location for the KeyRing.
// A full list of valid locations can be found by running `gcloud kms locations list`.
Location pulumi.StringPtrInput
// The resource name for the KeyRing.
Name pulumi.StringPtrInput
// The ID of the project in which the resource belongs.
// If it is not provided, the provider project is used.
Project pulumi.StringPtrInput
// The self link of the created KeyRing in the format projects/{project}/locations/{location}/keyRings/{name}.
//
// Deprecated: Deprecated in favor of id, which contains an identical value. This field will be removed in the next major release of the provider.
SelfLink pulumi.StringPtrInput
}
func (KeyRingState) ElementType ¶
func (KeyRingState) ElementType() reflect.Type
type Registry
deprecated
type Registry struct {
pulumi.CustomResourceState
// List of public key certificates to authenticate devices.
// The structure is documented below.
Credentials RegistryCredentialArrayOutput `pulumi:"credentials"`
// List of configurations for event notifications, such as PubSub topics
// to publish device events to.
// Structure is documented below.
EventNotificationConfigs RegistryEventNotificationConfigItemArrayOutput `pulumi:"eventNotificationConfigs"`
// Activate or deactivate HTTP.
// The structure is documented below.
HttpConfig pulumi.MapOutput `pulumi:"httpConfig"`
// The default logging verbosity for activity from devices in this
// registry. Specifies which events should be written to logs. For
// example, if the LogLevel is ERROR, only events that terminate in
// errors will be logged. LogLevel is inclusive; enabling INFO logging
// will also enable ERROR logging.
// Default value is `NONE`.
// Possible values are `NONE`, `ERROR`, `INFO`, and `DEBUG`.
LogLevel pulumi.StringPtrOutput `pulumi:"logLevel"`
// Activate or deactivate MQTT.
// The structure is documented below.
MqttConfig pulumi.MapOutput `pulumi:"mqttConfig"`
// A unique name for the resource, required by device registry.
Name pulumi.StringOutput `pulumi:"name"`
// The ID of the project in which the resource belongs.
// If it is not provided, the provider project is used.
Project pulumi.StringOutput `pulumi:"project"`
// The region in which the created registry should reside.
// If it is not provided, the provider region is used.
Region pulumi.StringOutput `pulumi:"region"`
// A PubSub topic to publish device state updates.
// The structure is documented below.
StateNotificationConfig pulumi.MapOutput `pulumi:"stateNotificationConfig"`
}
A Google Cloud IoT Core device registry.
To get more information about DeviceRegistry, see:
* [API documentation](https://cloud.google.com/iot/docs/reference/cloudiot/rest/) * How-to Guides
- [Official Documentation](https://cloud.google.com/iot/docs/)
## Example Usage ### Cloudiot Device Registry Basic
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/iot" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := iot.NewRegistry(ctx, "test_registry", nil)
if err != nil {
return err
}
return nil
})
}
``` ### Cloudiot Device Registry Single Event Notification Configs
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/iot" "github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/pubsub" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := pubsub.NewTopic(ctx, "default_telemetry", nil)
if err != nil {
return err
}
_, err = iot.NewRegistry(ctx, "test_registry", &iot.RegistryArgs{
EventNotificationConfigs: iot.RegistryEventNotificationConfigItemArray{
&iot.RegistryEventNotificationConfigItemArgs{
PubsubTopicName: default_telemetry.ID(),
SubfolderMatches: pulumi.String(""),
},
},
})
if err != nil {
return err
}
return nil
})
}
```
## Import
DeviceRegistry can be imported using any of these accepted formats ¶
```sh
$ pulumi import gcp:kms/registry:Registry default {{project}}/locations/{{region}}/registries/{{name}}
```
```sh
$ pulumi import gcp:kms/registry:Registry default {{project}}/{{region}}/{{name}}
```
```sh
$ pulumi import gcp:kms/registry:Registry default {{region}}/{{name}}
```
```sh
$ pulumi import gcp:kms/registry:Registry default {{name}}
```
Deprecated: gcp.kms.Registry has been deprecated in favor of gcp.iot.Registry
func GetRegistry ¶
func GetRegistry(ctx *pulumi.Context, name string, id pulumi.IDInput, state *RegistryState, opts ...pulumi.ResourceOption) (*Registry, error)
GetRegistry gets an existing Registry resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewRegistry ¶
func NewRegistry(ctx *pulumi.Context, name string, args *RegistryArgs, opts ...pulumi.ResourceOption) (*Registry, error)
NewRegistry registers a new resource with the given unique name, arguments, and options.
func (*Registry) ElementType ¶ added in v4.4.0
func (*Registry) ToRegistryOutput ¶ added in v4.4.0
func (i *Registry) ToRegistryOutput() RegistryOutput
func (*Registry) ToRegistryOutputWithContext ¶ added in v4.4.0
func (i *Registry) ToRegistryOutputWithContext(ctx context.Context) RegistryOutput
func (*Registry) ToRegistryPtrOutput ¶ added in v4.11.1
func (i *Registry) ToRegistryPtrOutput() RegistryPtrOutput
func (*Registry) ToRegistryPtrOutputWithContext ¶ added in v4.11.1
func (i *Registry) ToRegistryPtrOutputWithContext(ctx context.Context) RegistryPtrOutput
type RegistryArgs ¶
type RegistryArgs struct {
// List of public key certificates to authenticate devices.
// The structure is documented below.
Credentials RegistryCredentialArrayInput
// List of configurations for event notifications, such as PubSub topics
// to publish device events to.
// Structure is documented below.
EventNotificationConfigs RegistryEventNotificationConfigItemArrayInput
// Activate or deactivate HTTP.
// The structure is documented below.
HttpConfig pulumi.MapInput
// The default logging verbosity for activity from devices in this
// registry. Specifies which events should be written to logs. For
// example, if the LogLevel is ERROR, only events that terminate in
// errors will be logged. LogLevel is inclusive; enabling INFO logging
// will also enable ERROR logging.
// Default value is `NONE`.
// Possible values are `NONE`, `ERROR`, `INFO`, and `DEBUG`.
LogLevel pulumi.StringPtrInput
// Activate or deactivate MQTT.
// The structure is documented below.
MqttConfig pulumi.MapInput
// A unique name for the resource, required by device registry.
Name pulumi.StringPtrInput
// The ID of the project in which the resource belongs.
// If it is not provided, the provider project is used.
Project pulumi.StringPtrInput
// The region in which the created registry should reside.
// If it is not provided, the provider region is used.
Region pulumi.StringPtrInput
// A PubSub topic to publish device state updates.
// The structure is documented below.
StateNotificationConfig pulumi.MapInput
}
The set of arguments for constructing a Registry resource.
func (RegistryArgs) ElementType ¶
func (RegistryArgs) ElementType() reflect.Type
type RegistryArray ¶ added in v4.11.1
type RegistryArray []RegistryInput
func (RegistryArray) ElementType ¶ added in v4.11.1
func (RegistryArray) ElementType() reflect.Type
func (RegistryArray) ToRegistryArrayOutput ¶ added in v4.11.1
func (i RegistryArray) ToRegistryArrayOutput() RegistryArrayOutput
func (RegistryArray) ToRegistryArrayOutputWithContext ¶ added in v4.11.1
func (i RegistryArray) ToRegistryArrayOutputWithContext(ctx context.Context) RegistryArrayOutput
type RegistryArrayInput ¶ added in v4.11.1
type RegistryArrayInput interface {
pulumi.Input
ToRegistryArrayOutput() RegistryArrayOutput
ToRegistryArrayOutputWithContext(context.Context) RegistryArrayOutput
}
RegistryArrayInput is an input type that accepts RegistryArray and RegistryArrayOutput values. You can construct a concrete instance of `RegistryArrayInput` via:
RegistryArray{ RegistryArgs{...} }
type RegistryArrayOutput ¶ added in v4.11.1
type RegistryArrayOutput struct{ *pulumi.OutputState }
func (RegistryArrayOutput) ElementType ¶ added in v4.11.1
func (RegistryArrayOutput) ElementType() reflect.Type
func (RegistryArrayOutput) Index ¶ added in v4.11.1
func (o RegistryArrayOutput) Index(i pulumi.IntInput) RegistryOutput
func (RegistryArrayOutput) ToRegistryArrayOutput ¶ added in v4.11.1
func (o RegistryArrayOutput) ToRegistryArrayOutput() RegistryArrayOutput
func (RegistryArrayOutput) ToRegistryArrayOutputWithContext ¶ added in v4.11.1
func (o RegistryArrayOutput) ToRegistryArrayOutputWithContext(ctx context.Context) RegistryArrayOutput
type RegistryCredential ¶
type RegistryCredential struct {
// A public key certificate format and data.
PublicKeyCertificate map[string]interface{} `pulumi:"publicKeyCertificate"`
}
type RegistryCredentialArgs ¶
type RegistryCredentialArgs struct {
// A public key certificate format and data.
PublicKeyCertificate pulumi.MapInput `pulumi:"publicKeyCertificate"`
}
func (RegistryCredentialArgs) ElementType ¶
func (RegistryCredentialArgs) ElementType() reflect.Type
func (RegistryCredentialArgs) ToRegistryCredentialOutput ¶
func (i RegistryCredentialArgs) ToRegistryCredentialOutput() RegistryCredentialOutput
func (RegistryCredentialArgs) ToRegistryCredentialOutputWithContext ¶
func (i RegistryCredentialArgs) ToRegistryCredentialOutputWithContext(ctx context.Context) RegistryCredentialOutput
type RegistryCredentialArray ¶
type RegistryCredentialArray []RegistryCredentialInput
func (RegistryCredentialArray) ElementType ¶
func (RegistryCredentialArray) ElementType() reflect.Type
func (RegistryCredentialArray) ToRegistryCredentialArrayOutput ¶
func (i RegistryCredentialArray) ToRegistryCredentialArrayOutput() RegistryCredentialArrayOutput
func (RegistryCredentialArray) ToRegistryCredentialArrayOutputWithContext ¶
func (i RegistryCredentialArray) ToRegistryCredentialArrayOutputWithContext(ctx context.Context) RegistryCredentialArrayOutput
type RegistryCredentialArrayInput ¶
type RegistryCredentialArrayInput interface {
pulumi.Input
ToRegistryCredentialArrayOutput() RegistryCredentialArrayOutput
ToRegistryCredentialArrayOutputWithContext(context.Context) RegistryCredentialArrayOutput
}
RegistryCredentialArrayInput is an input type that accepts RegistryCredentialArray and RegistryCredentialArrayOutput values. You can construct a concrete instance of `RegistryCredentialArrayInput` via:
RegistryCredentialArray{ RegistryCredentialArgs{...} }
type RegistryCredentialArrayOutput ¶
type RegistryCredentialArrayOutput struct{ *pulumi.OutputState }
func (RegistryCredentialArrayOutput) ElementType ¶
func (RegistryCredentialArrayOutput) ElementType() reflect.Type
func (RegistryCredentialArrayOutput) Index ¶
func (o RegistryCredentialArrayOutput) Index(i pulumi.IntInput) RegistryCredentialOutput
func (RegistryCredentialArrayOutput) ToRegistryCredentialArrayOutput ¶
func (o RegistryCredentialArrayOutput) ToRegistryCredentialArrayOutput() RegistryCredentialArrayOutput
func (RegistryCredentialArrayOutput) ToRegistryCredentialArrayOutputWithContext ¶
func (o RegistryCredentialArrayOutput) ToRegistryCredentialArrayOutputWithContext(ctx context.Context) RegistryCredentialArrayOutput
type RegistryCredentialInput ¶
type RegistryCredentialInput interface {
pulumi.Input
ToRegistryCredentialOutput() RegistryCredentialOutput
ToRegistryCredentialOutputWithContext(context.Context) RegistryCredentialOutput
}
RegistryCredentialInput is an input type that accepts RegistryCredentialArgs and RegistryCredentialOutput values. You can construct a concrete instance of `RegistryCredentialInput` via:
RegistryCredentialArgs{...}
type RegistryCredentialOutput ¶
type RegistryCredentialOutput struct{ *pulumi.OutputState }
func (RegistryCredentialOutput) ElementType ¶
func (RegistryCredentialOutput) ElementType() reflect.Type
func (RegistryCredentialOutput) PublicKeyCertificate ¶
func (o RegistryCredentialOutput) PublicKeyCertificate() pulumi.MapOutput
A public key certificate format and data.
func (RegistryCredentialOutput) ToRegistryCredentialOutput ¶
func (o RegistryCredentialOutput) ToRegistryCredentialOutput() RegistryCredentialOutput
func (RegistryCredentialOutput) ToRegistryCredentialOutputWithContext ¶
func (o RegistryCredentialOutput) ToRegistryCredentialOutputWithContext(ctx context.Context) RegistryCredentialOutput
type RegistryEventNotificationConfigItem ¶
type RegistryEventNotificationConfigItem struct {
// PubSub topic name to publish device events.
PubsubTopicName string `pulumi:"pubsubTopicName"`
// If the subfolder name matches this string exactly, this
// configuration will be used. The string must not include the
// leading '/' character. If empty, all strings are matched. Empty
// value can only be used for the last `eventNotificationConfigs`
// item.
SubfolderMatches *string `pulumi:"subfolderMatches"`
}
type RegistryEventNotificationConfigItemArgs ¶
type RegistryEventNotificationConfigItemArgs struct {
// PubSub topic name to publish device events.
PubsubTopicName pulumi.StringInput `pulumi:"pubsubTopicName"`
// If the subfolder name matches this string exactly, this
// configuration will be used. The string must not include the
// leading '/' character. If empty, all strings are matched. Empty
// value can only be used for the last `eventNotificationConfigs`
// item.
SubfolderMatches pulumi.StringPtrInput `pulumi:"subfolderMatches"`
}
func (RegistryEventNotificationConfigItemArgs) ElementType ¶
func (RegistryEventNotificationConfigItemArgs) ElementType() reflect.Type
func (RegistryEventNotificationConfigItemArgs) ToRegistryEventNotificationConfigItemOutput ¶
func (i RegistryEventNotificationConfigItemArgs) ToRegistryEventNotificationConfigItemOutput() RegistryEventNotificationConfigItemOutput
func (RegistryEventNotificationConfigItemArgs) ToRegistryEventNotificationConfigItemOutputWithContext ¶
func (i RegistryEventNotificationConfigItemArgs) ToRegistryEventNotificationConfigItemOutputWithContext(ctx context.Context) RegistryEventNotificationConfigItemOutput
type RegistryEventNotificationConfigItemArray ¶
type RegistryEventNotificationConfigItemArray []RegistryEventNotificationConfigItemInput
func (RegistryEventNotificationConfigItemArray) ElementType ¶
func (RegistryEventNotificationConfigItemArray) ElementType() reflect.Type
func (RegistryEventNotificationConfigItemArray) ToRegistryEventNotificationConfigItemArrayOutput ¶
func (i RegistryEventNotificationConfigItemArray) ToRegistryEventNotificationConfigItemArrayOutput() RegistryEventNotificationConfigItemArrayOutput
func (RegistryEventNotificationConfigItemArray) ToRegistryEventNotificationConfigItemArrayOutputWithContext ¶
func (i RegistryEventNotificationConfigItemArray) ToRegistryEventNotificationConfigItemArrayOutputWithContext(ctx context.Context) RegistryEventNotificationConfigItemArrayOutput
type RegistryEventNotificationConfigItemArrayInput ¶
type RegistryEventNotificationConfigItemArrayInput interface {
pulumi.Input
ToRegistryEventNotificationConfigItemArrayOutput() RegistryEventNotificationConfigItemArrayOutput
ToRegistryEventNotificationConfigItemArrayOutputWithContext(context.Context) RegistryEventNotificationConfigItemArrayOutput
}
RegistryEventNotificationConfigItemArrayInput is an input type that accepts RegistryEventNotificationConfigItemArray and RegistryEventNotificationConfigItemArrayOutput values. You can construct a concrete instance of `RegistryEventNotificationConfigItemArrayInput` via:
RegistryEventNotificationConfigItemArray{ RegistryEventNotificationConfigItemArgs{...} }
type RegistryEventNotificationConfigItemArrayOutput ¶
type RegistryEventNotificationConfigItemArrayOutput struct{ *pulumi.OutputState }
func (RegistryEventNotificationConfigItemArrayOutput) ElementType ¶
func (RegistryEventNotificationConfigItemArrayOutput) ElementType() reflect.Type
func (RegistryEventNotificationConfigItemArrayOutput) ToRegistryEventNotificationConfigItemArrayOutput ¶
func (o RegistryEventNotificationConfigItemArrayOutput) ToRegistryEventNotificationConfigItemArrayOutput() RegistryEventNotificationConfigItemArrayOutput
func (RegistryEventNotificationConfigItemArrayOutput) ToRegistryEventNotificationConfigItemArrayOutputWithContext ¶
func (o RegistryEventNotificationConfigItemArrayOutput) ToRegistryEventNotificationConfigItemArrayOutputWithContext(ctx context.Context) RegistryEventNotificationConfigItemArrayOutput
type RegistryEventNotificationConfigItemInput ¶
type RegistryEventNotificationConfigItemInput interface {
pulumi.Input
ToRegistryEventNotificationConfigItemOutput() RegistryEventNotificationConfigItemOutput
ToRegistryEventNotificationConfigItemOutputWithContext(context.Context) RegistryEventNotificationConfigItemOutput
}
RegistryEventNotificationConfigItemInput is an input type that accepts RegistryEventNotificationConfigItemArgs and RegistryEventNotificationConfigItemOutput values. You can construct a concrete instance of `RegistryEventNotificationConfigItemInput` via:
RegistryEventNotificationConfigItemArgs{...}
type RegistryEventNotificationConfigItemOutput ¶
type RegistryEventNotificationConfigItemOutput struct{ *pulumi.OutputState }
func (RegistryEventNotificationConfigItemOutput) ElementType ¶
func (RegistryEventNotificationConfigItemOutput) ElementType() reflect.Type
func (RegistryEventNotificationConfigItemOutput) PubsubTopicName ¶
func (o RegistryEventNotificationConfigItemOutput) PubsubTopicName() pulumi.StringOutput
PubSub topic name to publish device events.
func (RegistryEventNotificationConfigItemOutput) SubfolderMatches ¶
func (o RegistryEventNotificationConfigItemOutput) SubfolderMatches() pulumi.StringPtrOutput
If the subfolder name matches this string exactly, this configuration will be used. The string must not include the leading '/' character. If empty, all strings are matched. Empty value can only be used for the last `eventNotificationConfigs` item.
func (RegistryEventNotificationConfigItemOutput) ToRegistryEventNotificationConfigItemOutput ¶
func (o RegistryEventNotificationConfigItemOutput) ToRegistryEventNotificationConfigItemOutput() RegistryEventNotificationConfigItemOutput
func (RegistryEventNotificationConfigItemOutput) ToRegistryEventNotificationConfigItemOutputWithContext ¶
func (o RegistryEventNotificationConfigItemOutput) ToRegistryEventNotificationConfigItemOutputWithContext(ctx context.Context) RegistryEventNotificationConfigItemOutput
type RegistryInput ¶ added in v4.4.0
type RegistryInput interface {
pulumi.Input
ToRegistryOutput() RegistryOutput
ToRegistryOutputWithContext(ctx context.Context) RegistryOutput
}
type RegistryMap ¶ added in v4.11.1
type RegistryMap map[string]RegistryInput
func (RegistryMap) ElementType ¶ added in v4.11.1
func (RegistryMap) ElementType() reflect.Type
func (RegistryMap) ToRegistryMapOutput ¶ added in v4.11.1
func (i RegistryMap) ToRegistryMapOutput() RegistryMapOutput
func (RegistryMap) ToRegistryMapOutputWithContext ¶ added in v4.11.1
func (i RegistryMap) ToRegistryMapOutputWithContext(ctx context.Context) RegistryMapOutput
type RegistryMapInput ¶ added in v4.11.1
type RegistryMapInput interface {
pulumi.Input
ToRegistryMapOutput() RegistryMapOutput
ToRegistryMapOutputWithContext(context.Context) RegistryMapOutput
}
RegistryMapInput is an input type that accepts RegistryMap and RegistryMapOutput values. You can construct a concrete instance of `RegistryMapInput` via:
RegistryMap{ "key": RegistryArgs{...} }
type RegistryMapOutput ¶ added in v4.11.1
type RegistryMapOutput struct{ *pulumi.OutputState }
func (RegistryMapOutput) ElementType ¶ added in v4.11.1
func (RegistryMapOutput) ElementType() reflect.Type
func (RegistryMapOutput) MapIndex ¶ added in v4.11.1
func (o RegistryMapOutput) MapIndex(k pulumi.StringInput) RegistryOutput
func (RegistryMapOutput) ToRegistryMapOutput ¶ added in v4.11.1
func (o RegistryMapOutput) ToRegistryMapOutput() RegistryMapOutput
func (RegistryMapOutput) ToRegistryMapOutputWithContext ¶ added in v4.11.1
func (o RegistryMapOutput) ToRegistryMapOutputWithContext(ctx context.Context) RegistryMapOutput
type RegistryOutput ¶ added in v4.4.0
type RegistryOutput struct {
*pulumi.OutputState
}
func (RegistryOutput) ElementType ¶ added in v4.4.0
func (RegistryOutput) ElementType() reflect.Type
func (RegistryOutput) ToRegistryOutput ¶ added in v4.4.0
func (o RegistryOutput) ToRegistryOutput() RegistryOutput
func (RegistryOutput) ToRegistryOutputWithContext ¶ added in v4.4.0
func (o RegistryOutput) ToRegistryOutputWithContext(ctx context.Context) RegistryOutput
func (RegistryOutput) ToRegistryPtrOutput ¶ added in v4.11.1
func (o RegistryOutput) ToRegistryPtrOutput() RegistryPtrOutput
func (RegistryOutput) ToRegistryPtrOutputWithContext ¶ added in v4.11.1
func (o RegistryOutput) ToRegistryPtrOutputWithContext(ctx context.Context) RegistryPtrOutput
type RegistryPtrInput ¶ added in v4.11.1
type RegistryPtrInput interface {
pulumi.Input
ToRegistryPtrOutput() RegistryPtrOutput
ToRegistryPtrOutputWithContext(ctx context.Context) RegistryPtrOutput
}
type RegistryPtrOutput ¶ added in v4.11.1
type RegistryPtrOutput struct {
*pulumi.OutputState
}
func (RegistryPtrOutput) ElementType ¶ added in v4.11.1
func (RegistryPtrOutput) ElementType() reflect.Type
func (RegistryPtrOutput) ToRegistryPtrOutput ¶ added in v4.11.1
func (o RegistryPtrOutput) ToRegistryPtrOutput() RegistryPtrOutput
func (RegistryPtrOutput) ToRegistryPtrOutputWithContext ¶ added in v4.11.1
func (o RegistryPtrOutput) ToRegistryPtrOutputWithContext(ctx context.Context) RegistryPtrOutput
type RegistryState ¶
type RegistryState struct {
// List of public key certificates to authenticate devices.
// The structure is documented below.
Credentials RegistryCredentialArrayInput
// List of configurations for event notifications, such as PubSub topics
// to publish device events to.
// Structure is documented below.
EventNotificationConfigs RegistryEventNotificationConfigItemArrayInput
// Activate or deactivate HTTP.
// The structure is documented below.
HttpConfig pulumi.MapInput
// The default logging verbosity for activity from devices in this
// registry. Specifies which events should be written to logs. For
// example, if the LogLevel is ERROR, only events that terminate in
// errors will be logged. LogLevel is inclusive; enabling INFO logging
// will also enable ERROR logging.
// Default value is `NONE`.
// Possible values are `NONE`, `ERROR`, `INFO`, and `DEBUG`.
LogLevel pulumi.StringPtrInput
// Activate or deactivate MQTT.
// The structure is documented below.
MqttConfig pulumi.MapInput
// A unique name for the resource, required by device registry.
Name pulumi.StringPtrInput
// The ID of the project in which the resource belongs.
// If it is not provided, the provider project is used.
Project pulumi.StringPtrInput
// The region in which the created registry should reside.
// If it is not provided, the provider region is used.
Region pulumi.StringPtrInput
// A PubSub topic to publish device state updates.
// The structure is documented below.
StateNotificationConfig pulumi.MapInput
}
func (RegistryState) ElementType ¶
func (RegistryState) ElementType() reflect.Type
type SecretCiphertext ¶
type SecretCiphertext struct {
pulumi.CustomResourceState
// The additional authenticated data used for integrity checks during encryption and decryption.
// **Note**: This property is sensitive and will not be displayed in the plan.
AdditionalAuthenticatedData pulumi.StringPtrOutput `pulumi:"additionalAuthenticatedData"`
// Contains the result of encrypting the provided plaintext, encoded in base64.
Ciphertext pulumi.StringOutput `pulumi:"ciphertext"`
// The full name of the CryptoKey that will be used to encrypt the provided plaintext.
// Format: `'projects/{{project}}/locations/{{location}}/keyRings/{{keyRing}}/cryptoKeys/{{cryptoKey}}'`
CryptoKey pulumi.StringOutput `pulumi:"cryptoKey"`
// The plaintext to be encrypted.
// **Note**: This property is sensitive and will not be displayed in the plan.
Plaintext pulumi.StringOutput `pulumi:"plaintext"`
}
Encrypts secret data with Google Cloud KMS and provides access to the ciphertext.
> **NOTE:** Using this resource will allow you to conceal secret data within your resource definitions, but it does not take care of protecting that data in the logging output, plan output, or state output. Please take care to secure your secret data outside of resource definitions.
To get more information about SecretCiphertext, see:
* [API documentation](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys/encrypt) * How-to Guides
- [Encrypting and decrypting data with a symmetric key](https://cloud.google.com/kms/docs/encrypt-decrypt)
> **Warning:** All arguments including `plaintext` and `additionalAuthenticatedData` will be stored in the raw state as plain-text. [Read more about secrets in state](https://www.pulumi.com/docs/intro/concepts/programming-model/#secrets).
## Example Usage ### Kms Secret Ciphertext Basic
```go package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/compute" "github.com/pulumi/pulumi-gcp/sdk/v4/go/gcp/kms" "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
keyring, err := kms.NewKeyRing(ctx, "keyring", &kms.KeyRingArgs{
Location: pulumi.String("global"),
})
if err != nil {
return err
}
cryptokey, err := kms.NewCryptoKey(ctx, "cryptokey", &kms.CryptoKeyArgs{
KeyRing: keyring.ID(),
RotationPeriod: pulumi.String("100000s"),
})
if err != nil {
return err
}
myPassword, err := kms.NewSecretCiphertext(ctx, "myPassword", &kms.SecretCiphertextArgs{
CryptoKey: cryptokey.ID(),
Plaintext: pulumi.String("my-secret-password"),
})
if err != nil {
return err
}
_, err = compute.NewInstance(ctx, "instance", &compute.InstanceArgs{
MachineType: pulumi.String("e2-medium"),
Zone: pulumi.String("us-central1-a"),
BootDisk: &compute.InstanceBootDiskArgs{
InitializeParams: &compute.InstanceBootDiskInitializeParamsArgs{
Image: pulumi.String("debian-cloud/debian-9"),
},
},
NetworkInterfaces: compute.InstanceNetworkInterfaceArray{
&compute.InstanceNetworkInterfaceArgs{
Network: pulumi.String("default"),
AccessConfigs: compute.InstanceNetworkInterfaceAccessConfigArray{
nil,
},
},
},
Metadata: pulumi.StringMap{
"password": myPassword.Ciphertext,
},
})
if err != nil {
return err
}
return nil
})
}
```
## Import
This resource does not support import.
func GetSecretCiphertext ¶
func GetSecretCiphertext(ctx *pulumi.Context, name string, id pulumi.IDInput, state *SecretCiphertextState, opts ...pulumi.ResourceOption) (*SecretCiphertext, error)
GetSecretCiphertext gets an existing SecretCiphertext resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).
func NewSecretCiphertext ¶
func NewSecretCiphertext(ctx *pulumi.Context, name string, args *SecretCiphertextArgs, opts ...pulumi.ResourceOption) (*SecretCiphertext, error)
NewSecretCiphertext registers a new resource with the given unique name, arguments, and options.
func (*SecretCiphertext) ElementType ¶ added in v4.4.0
func (*SecretCiphertext) ElementType() reflect.Type
func (*SecretCiphertext) ToSecretCiphertextOutput ¶ added in v4.4.0
func (i *SecretCiphertext) ToSecretCiphertextOutput() SecretCiphertextOutput
func (*SecretCiphertext) ToSecretCiphertextOutputWithContext ¶ added in v4.4.0
func (i *SecretCiphertext) ToSecretCiphertextOutputWithContext(ctx context.Context) SecretCiphertextOutput
func (*SecretCiphertext) ToSecretCiphertextPtrOutput ¶ added in v4.11.1
func (i *SecretCiphertext) ToSecretCiphertextPtrOutput() SecretCiphertextPtrOutput
func (*SecretCiphertext) ToSecretCiphertextPtrOutputWithContext ¶ added in v4.11.1
func (i *SecretCiphertext) ToSecretCiphertextPtrOutputWithContext(ctx context.Context) SecretCiphertextPtrOutput
type SecretCiphertextArgs ¶
type SecretCiphertextArgs struct {
// The additional authenticated data used for integrity checks during encryption and decryption.
// **Note**: This property is sensitive and will not be displayed in the plan.
AdditionalAuthenticatedData pulumi.StringPtrInput
// The full name of the CryptoKey that will be used to encrypt the provided plaintext.
// Format: `'projects/{{project}}/locations/{{location}}/keyRings/{{keyRing}}/cryptoKeys/{{cryptoKey}}'`
CryptoKey pulumi.StringInput
// The plaintext to be encrypted.
// **Note**: This property is sensitive and will not be displayed in the plan.
Plaintext pulumi.StringInput
}
The set of arguments for constructing a SecretCiphertext resource.
func (SecretCiphertextArgs) ElementType ¶
func (SecretCiphertextArgs) ElementType() reflect.Type
type SecretCiphertextArray ¶ added in v4.11.1
type SecretCiphertextArray []SecretCiphertextInput
func (SecretCiphertextArray) ElementType ¶ added in v4.11.1
func (SecretCiphertextArray) ElementType() reflect.Type
func (SecretCiphertextArray) ToSecretCiphertextArrayOutput ¶ added in v4.11.1
func (i SecretCiphertextArray) ToSecretCiphertextArrayOutput() SecretCiphertextArrayOutput
func (SecretCiphertextArray) ToSecretCiphertextArrayOutputWithContext ¶ added in v4.11.1
func (i SecretCiphertextArray) ToSecretCiphertextArrayOutputWithContext(ctx context.Context) SecretCiphertextArrayOutput
type SecretCiphertextArrayInput ¶ added in v4.11.1
type SecretCiphertextArrayInput interface {
pulumi.Input
ToSecretCiphertextArrayOutput() SecretCiphertextArrayOutput
ToSecretCiphertextArrayOutputWithContext(context.Context) SecretCiphertextArrayOutput
}
SecretCiphertextArrayInput is an input type that accepts SecretCiphertextArray and SecretCiphertextArrayOutput values. You can construct a concrete instance of `SecretCiphertextArrayInput` via:
SecretCiphertextArray{ SecretCiphertextArgs{...} }
type SecretCiphertextArrayOutput ¶ added in v4.11.1
type SecretCiphertextArrayOutput struct{ *pulumi.OutputState }
func (SecretCiphertextArrayOutput) ElementType ¶ added in v4.11.1
func (SecretCiphertextArrayOutput) ElementType() reflect.Type
func (SecretCiphertextArrayOutput) Index ¶ added in v4.11.1
func (o SecretCiphertextArrayOutput) Index(i pulumi.IntInput) SecretCiphertextOutput
func (SecretCiphertextArrayOutput) ToSecretCiphertextArrayOutput ¶ added in v4.11.1
func (o SecretCiphertextArrayOutput) ToSecretCiphertextArrayOutput() SecretCiphertextArrayOutput
func (SecretCiphertextArrayOutput) ToSecretCiphertextArrayOutputWithContext ¶ added in v4.11.1
func (o SecretCiphertextArrayOutput) ToSecretCiphertextArrayOutputWithContext(ctx context.Context) SecretCiphertextArrayOutput
type SecretCiphertextInput ¶ added in v4.4.0
type SecretCiphertextInput interface {
pulumi.Input
ToSecretCiphertextOutput() SecretCiphertextOutput
ToSecretCiphertextOutputWithContext(ctx context.Context) SecretCiphertextOutput
}
type SecretCiphertextMap ¶ added in v4.11.1
type SecretCiphertextMap map[string]SecretCiphertextInput
func (SecretCiphertextMap) ElementType ¶ added in v4.11.1
func (SecretCiphertextMap) ElementType() reflect.Type
func (SecretCiphertextMap) ToSecretCiphertextMapOutput ¶ added in v4.11.1
func (i SecretCiphertextMap) ToSecretCiphertextMapOutput() SecretCiphertextMapOutput
func (SecretCiphertextMap) ToSecretCiphertextMapOutputWithContext ¶ added in v4.11.1
func (i SecretCiphertextMap) ToSecretCiphertextMapOutputWithContext(ctx context.Context) SecretCiphertextMapOutput
type SecretCiphertextMapInput ¶ added in v4.11.1
type SecretCiphertextMapInput interface {
pulumi.Input
ToSecretCiphertextMapOutput() SecretCiphertextMapOutput
ToSecretCiphertextMapOutputWithContext(context.Context) SecretCiphertextMapOutput
}
SecretCiphertextMapInput is an input type that accepts SecretCiphertextMap and SecretCiphertextMapOutput values. You can construct a concrete instance of `SecretCiphertextMapInput` via:
SecretCiphertextMap{ "key": SecretCiphertextArgs{...} }
type SecretCiphertextMapOutput ¶ added in v4.11.1
type SecretCiphertextMapOutput struct{ *pulumi.OutputState }
func (SecretCiphertextMapOutput) ElementType ¶ added in v4.11.1
func (SecretCiphertextMapOutput) ElementType() reflect.Type
func (SecretCiphertextMapOutput) MapIndex ¶ added in v4.11.1
func (o SecretCiphertextMapOutput) MapIndex(k pulumi.StringInput) SecretCiphertextOutput
func (SecretCiphertextMapOutput) ToSecretCiphertextMapOutput ¶ added in v4.11.1
func (o SecretCiphertextMapOutput) ToSecretCiphertextMapOutput() SecretCiphertextMapOutput
func (SecretCiphertextMapOutput) ToSecretCiphertextMapOutputWithContext ¶ added in v4.11.1
func (o SecretCiphertextMapOutput) ToSecretCiphertextMapOutputWithContext(ctx context.Context) SecretCiphertextMapOutput
type SecretCiphertextOutput ¶ added in v4.4.0
type SecretCiphertextOutput struct {
*pulumi.OutputState
}
func (SecretCiphertextOutput) ElementType ¶ added in v4.4.0
func (SecretCiphertextOutput) ElementType() reflect.Type
func (SecretCiphertextOutput) ToSecretCiphertextOutput ¶ added in v4.4.0
func (o SecretCiphertextOutput) ToSecretCiphertextOutput() SecretCiphertextOutput
func (SecretCiphertextOutput) ToSecretCiphertextOutputWithContext ¶ added in v4.4.0
func (o SecretCiphertextOutput) ToSecretCiphertextOutputWithContext(ctx context.Context) SecretCiphertextOutput
func (SecretCiphertextOutput) ToSecretCiphertextPtrOutput ¶ added in v4.11.1
func (o SecretCiphertextOutput) ToSecretCiphertextPtrOutput() SecretCiphertextPtrOutput
func (SecretCiphertextOutput) ToSecretCiphertextPtrOutputWithContext ¶ added in v4.11.1
func (o SecretCiphertextOutput) ToSecretCiphertextPtrOutputWithContext(ctx context.Context) SecretCiphertextPtrOutput
type SecretCiphertextPtrInput ¶ added in v4.11.1
type SecretCiphertextPtrInput interface {
pulumi.Input
ToSecretCiphertextPtrOutput() SecretCiphertextPtrOutput
ToSecretCiphertextPtrOutputWithContext(ctx context.Context) SecretCiphertextPtrOutput
}
type SecretCiphertextPtrOutput ¶ added in v4.11.1
type SecretCiphertextPtrOutput struct {
*pulumi.OutputState
}
func (SecretCiphertextPtrOutput) ElementType ¶ added in v4.11.1
func (SecretCiphertextPtrOutput) ElementType() reflect.Type
func (SecretCiphertextPtrOutput) ToSecretCiphertextPtrOutput ¶ added in v4.11.1
func (o SecretCiphertextPtrOutput) ToSecretCiphertextPtrOutput() SecretCiphertextPtrOutput
func (SecretCiphertextPtrOutput) ToSecretCiphertextPtrOutputWithContext ¶ added in v4.11.1
func (o SecretCiphertextPtrOutput) ToSecretCiphertextPtrOutputWithContext(ctx context.Context) SecretCiphertextPtrOutput
type SecretCiphertextState ¶
type SecretCiphertextState struct {
// The additional authenticated data used for integrity checks during encryption and decryption.
// **Note**: This property is sensitive and will not be displayed in the plan.
AdditionalAuthenticatedData pulumi.StringPtrInput
// Contains the result of encrypting the provided plaintext, encoded in base64.
Ciphertext pulumi.StringPtrInput
// The full name of the CryptoKey that will be used to encrypt the provided plaintext.
// Format: `'projects/{{project}}/locations/{{location}}/keyRings/{{keyRing}}/cryptoKeys/{{cryptoKey}}'`
CryptoKey pulumi.StringPtrInput
// The plaintext to be encrypted.
// **Note**: This property is sensitive and will not be displayed in the plan.
Plaintext pulumi.StringPtrInput
}
func (SecretCiphertextState) ElementType ¶
func (SecretCiphertextState) ElementType() reflect.Type
Source Files
¶
- cryptoKey.go
- cryptoKeyIAMBinding.go
- cryptoKeyIAMMember.go
- cryptoKeyIAMPolicy.go
- getKMSCryptoKey.go
- getKMSCryptoKeyVersion.go
- getKMSKeyRing.go
- getKMSSecret.go
- getKMSSecretAsymmetric.go
- getKMSSecretCiphertext.go
- init.go
- keyRing.go
- keyRingIAMBinding.go
- keyRingIAMMember.go
- keyRingIAMPolicy.go
- keyRingImportJob.go
- pulumiTypes.go
- registry.go
- secretCiphertext.go
Click to show internal directories.
Click to hide internal directories.