kms

package
v0.0.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 21, 2022 License: Apache-2.0 Imports: 11 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func PkgVersion added in v0.0.5 

func PkgVersion() (semver.Version, error)

PkgVersion uses reflection to determine the version of the current package. If a version cannot be determined, v1 will be assumed. The second return value is always nil.

Types

type ExternalKey 

type ExternalKey struct {
	pulumi.CustomResourceState

	// Name of CMK. The name can only contain English letters, numbers, underscore and hyphen '-'. The first character must be a letter or number.
	Alias pulumi.StringOutput `pulumi:"alias"`
	// Description of CMK. The maximum is 1024 bytes.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// Specify whether to archive key. Default value is `false`. This field is conflict with `isEnabled`, valid when keyState is `Enabled`, `Disabled`, `Archived`.
	IsArchived pulumi.BoolPtrOutput `pulumi:"isArchived"`
	// Specify whether to enable key. Default value is `false`. This field is conflict with `isArchived`, valid when keyState is `Enabled`, `Disabled`, `Archived`.
	IsEnabled pulumi.BoolPtrOutput `pulumi:"isEnabled"`
	// The base64-encoded key material encrypted with the public_key. For regions using the national secret version, the length of the imported key material is required to be 128 bits, and for regions using the FIPS version, the length of the imported key material is required to be 256 bits.
	KeyMaterialBase64 pulumi.StringPtrOutput `pulumi:"keyMaterialBase64"`
	// State of CMK.
	KeyState pulumi.StringOutput `pulumi:"keyState"`
	// Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 7 days.
	PendingDeleteWindowInDays pulumi.IntPtrOutput `pulumi:"pendingDeleteWindowInDays"`
	// Tags of CMK.
	Tags pulumi.MapOutput `pulumi:"tags"`
	// This value means the effective timestamp of the key material, 0 means it does not expire. Need to be greater than the current timestamp, the maximum support is 2147443200.
	ValidTo pulumi.IntPtrOutput `pulumi:"validTo"`
	// The algorithm for encrypting key material. Available values include `RSAES_PKCS1_V1_5`, `RSAES_OAEP_SHA_1` and `RSAES_OAEP_SHA_256`. Default value is `RSAES_PKCS1_V1_5`.
	WrappingAlgorithm pulumi.StringPtrOutput `pulumi:"wrappingAlgorithm"`
}

Provide a resource to create a KMS external key.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/tencentcloudstack/pulumi-tencentcloud/sdk/go/tencentcloud/Kms"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := Kms.NewExternalKey(ctx, "foo", &Kms.ExternalKeyArgs{
			Alias:             pulumi.String("test"),
			Description:       pulumi.String("describe key test message."),
			IsEnabled:         pulumi.Bool(true),
			KeyMaterialBase64: pulumi.String("MTIzMTIzMTIzMTIzMTIzQQ=="),
			ValidTo:           pulumi.Int(2147443200),
			WrappingAlgorithm: pulumi.String("RSAES_PKCS1_V1_5"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

KMS external keys can be imported using the id, e.g.

```sh 

$ pulumi import tencentcloud:Kms/externalKey:ExternalKey foo 287e8f40-7cbb-11eb-9a3a-5254004f7f94

```

func GetExternalKey 

func GetExternalKey(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ExternalKeyState, opts ...pulumi.ResourceOption) (*ExternalKey, error)

GetExternalKey gets an existing ExternalKey resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewExternalKey 

func NewExternalKey(ctx *pulumi.Context,
	name string, args *ExternalKeyArgs, opts ...pulumi.ResourceOption) (*ExternalKey, error)

NewExternalKey registers a new resource with the given unique name, arguments, and options.

func (*ExternalKey) ElementType 

func (*ExternalKey) ElementType() reflect.Type

func (*ExternalKey) ToExternalKeyOutput 

func (i *ExternalKey) ToExternalKeyOutput() ExternalKeyOutput

func (*ExternalKey) ToExternalKeyOutputWithContext 

func (i *ExternalKey) ToExternalKeyOutputWithContext(ctx context.Context) ExternalKeyOutput

type ExternalKeyArgs 

type ExternalKeyArgs struct {
	// Name of CMK. The name can only contain English letters, numbers, underscore and hyphen '-'. The first character must be a letter or number.
	Alias pulumi.StringInput
	// Description of CMK. The maximum is 1024 bytes.
	Description pulumi.StringPtrInput
	// Specify whether to archive key. Default value is `false`. This field is conflict with `isEnabled`, valid when keyState is `Enabled`, `Disabled`, `Archived`.
	IsArchived pulumi.BoolPtrInput
	// Specify whether to enable key. Default value is `false`. This field is conflict with `isArchived`, valid when keyState is `Enabled`, `Disabled`, `Archived`.
	IsEnabled pulumi.BoolPtrInput
	// The base64-encoded key material encrypted with the public_key. For regions using the national secret version, the length of the imported key material is required to be 128 bits, and for regions using the FIPS version, the length of the imported key material is required to be 256 bits.
	KeyMaterialBase64 pulumi.StringPtrInput
	// Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 7 days.
	PendingDeleteWindowInDays pulumi.IntPtrInput
	// Tags of CMK.
	Tags pulumi.MapInput
	// This value means the effective timestamp of the key material, 0 means it does not expire. Need to be greater than the current timestamp, the maximum support is 2147443200.
	ValidTo pulumi.IntPtrInput
	// The algorithm for encrypting key material. Available values include `RSAES_PKCS1_V1_5`, `RSAES_OAEP_SHA_1` and `RSAES_OAEP_SHA_256`. Default value is `RSAES_PKCS1_V1_5`.
	WrappingAlgorithm pulumi.StringPtrInput
}

The set of arguments for constructing a ExternalKey resource.

func (ExternalKeyArgs) ElementType 

func (ExternalKeyArgs) ElementType() reflect.Type

type ExternalKeyArray 

type ExternalKeyArray []ExternalKeyInput

func (ExternalKeyArray) ElementType 

func (ExternalKeyArray) ElementType() reflect.Type

func (ExternalKeyArray) ToExternalKeyArrayOutput 

func (i ExternalKeyArray) ToExternalKeyArrayOutput() ExternalKeyArrayOutput

func (ExternalKeyArray) ToExternalKeyArrayOutputWithContext 

func (i ExternalKeyArray) ToExternalKeyArrayOutputWithContext(ctx context.Context) ExternalKeyArrayOutput

type ExternalKeyArrayInput 

type ExternalKeyArrayInput interface {
	pulumi.Input

	ToExternalKeyArrayOutput() ExternalKeyArrayOutput
	ToExternalKeyArrayOutputWithContext(context.Context) ExternalKeyArrayOutput
}

ExternalKeyArrayInput is an input type that accepts ExternalKeyArray and ExternalKeyArrayOutput values. You can construct a concrete instance of `ExternalKeyArrayInput` via: 

ExternalKeyArray{ ExternalKeyArgs{...} }

type ExternalKeyArrayOutput 

type ExternalKeyArrayOutput struct{ *pulumi.OutputState }

func (ExternalKeyArrayOutput) ElementType 

func (ExternalKeyArrayOutput) ElementType() reflect.Type

func (ExternalKeyArrayOutput) Index 

func (o ExternalKeyArrayOutput) Index(i pulumi.IntInput) ExternalKeyOutput

func (ExternalKeyArrayOutput) ToExternalKeyArrayOutput 

func (o ExternalKeyArrayOutput) ToExternalKeyArrayOutput() ExternalKeyArrayOutput

func (ExternalKeyArrayOutput) ToExternalKeyArrayOutputWithContext 

func (o ExternalKeyArrayOutput) ToExternalKeyArrayOutputWithContext(ctx context.Context) ExternalKeyArrayOutput

type ExternalKeyInput 

type ExternalKeyInput interface {
	pulumi.Input

	ToExternalKeyOutput() ExternalKeyOutput
	ToExternalKeyOutputWithContext(ctx context.Context) ExternalKeyOutput
}

type ExternalKeyMap 

type ExternalKeyMap map[string]ExternalKeyInput

func (ExternalKeyMap) ElementType 

func (ExternalKeyMap) ElementType() reflect.Type

func (ExternalKeyMap) ToExternalKeyMapOutput 

func (i ExternalKeyMap) ToExternalKeyMapOutput() ExternalKeyMapOutput

func (ExternalKeyMap) ToExternalKeyMapOutputWithContext 

func (i ExternalKeyMap) ToExternalKeyMapOutputWithContext(ctx context.Context) ExternalKeyMapOutput

type ExternalKeyMapInput 

type ExternalKeyMapInput interface {
	pulumi.Input

	ToExternalKeyMapOutput() ExternalKeyMapOutput
	ToExternalKeyMapOutputWithContext(context.Context) ExternalKeyMapOutput
}

ExternalKeyMapInput is an input type that accepts ExternalKeyMap and ExternalKeyMapOutput values. You can construct a concrete instance of `ExternalKeyMapInput` via: 

ExternalKeyMap{ "key": ExternalKeyArgs{...} }

type ExternalKeyMapOutput 

type ExternalKeyMapOutput struct{ *pulumi.OutputState }

func (ExternalKeyMapOutput) ElementType 

func (ExternalKeyMapOutput) ElementType() reflect.Type

func (ExternalKeyMapOutput) MapIndex 

func (o ExternalKeyMapOutput) MapIndex(k pulumi.StringInput) ExternalKeyOutput

func (ExternalKeyMapOutput) ToExternalKeyMapOutput 

func (o ExternalKeyMapOutput) ToExternalKeyMapOutput() ExternalKeyMapOutput

func (ExternalKeyMapOutput) ToExternalKeyMapOutputWithContext 

func (o ExternalKeyMapOutput) ToExternalKeyMapOutputWithContext(ctx context.Context) ExternalKeyMapOutput

type ExternalKeyOutput 

type ExternalKeyOutput struct{ *pulumi.OutputState }

func (ExternalKeyOutput) Alias 

func (o ExternalKeyOutput) Alias() pulumi.StringOutput

Name of CMK. The name can only contain English letters, numbers, underscore and hyphen '-'. The first character must be a letter or number.

func (ExternalKeyOutput) Description 

func (o ExternalKeyOutput) Description() pulumi.StringPtrOutput

Description of CMK. The maximum is 1024 bytes.

func (ExternalKeyOutput) ElementType 

func (ExternalKeyOutput) ElementType() reflect.Type

func (ExternalKeyOutput) IsArchived 

func (o ExternalKeyOutput) IsArchived() pulumi.BoolPtrOutput

Specify whether to archive key. Default value is `false`. This field is conflict with `isEnabled`, valid when keyState is `Enabled`, `Disabled`, `Archived`.

func (ExternalKeyOutput) IsEnabled 

func (o ExternalKeyOutput) IsEnabled() pulumi.BoolPtrOutput

Specify whether to enable key. Default value is `false`. This field is conflict with `isArchived`, valid when keyState is `Enabled`, `Disabled`, `Archived`.

func (ExternalKeyOutput) KeyMaterialBase64 

func (o ExternalKeyOutput) KeyMaterialBase64() pulumi.StringPtrOutput

The base64-encoded key material encrypted with the public_key. For regions using the national secret version, the length of the imported key material is required to be 128 bits, and for regions using the FIPS version, the length of the imported key material is required to be 256 bits.

func (ExternalKeyOutput) KeyState 

func (o ExternalKeyOutput) KeyState() pulumi.StringOutput

State of CMK.

func (ExternalKeyOutput) PendingDeleteWindowInDays 

func (o ExternalKeyOutput) PendingDeleteWindowInDays() pulumi.IntPtrOutput

Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 7 days.

func (ExternalKeyOutput) Tags 

func (o ExternalKeyOutput) Tags() pulumi.MapOutput

Tags of CMK.

func (ExternalKeyOutput) ToExternalKeyOutput 

func (o ExternalKeyOutput) ToExternalKeyOutput() ExternalKeyOutput

func (ExternalKeyOutput) ToExternalKeyOutputWithContext 

func (o ExternalKeyOutput) ToExternalKeyOutputWithContext(ctx context.Context) ExternalKeyOutput

func (ExternalKeyOutput) ValidTo 

func (o ExternalKeyOutput) ValidTo() pulumi.IntPtrOutput

This value means the effective timestamp of the key material, 0 means it does not expire. Need to be greater than the current timestamp, the maximum support is 2147443200.

func (ExternalKeyOutput) WrappingAlgorithm 

func (o ExternalKeyOutput) WrappingAlgorithm() pulumi.StringPtrOutput

The algorithm for encrypting key material. Available values include `RSAES_PKCS1_V1_5`, `RSAES_OAEP_SHA_1` and `RSAES_OAEP_SHA_256`. Default value is `RSAES_PKCS1_V1_5`.

type ExternalKeyState 

type ExternalKeyState struct {
	// Name of CMK. The name can only contain English letters, numbers, underscore and hyphen '-'. The first character must be a letter or number.
	Alias pulumi.StringPtrInput
	// Description of CMK. The maximum is 1024 bytes.
	Description pulumi.StringPtrInput
	// Specify whether to archive key. Default value is `false`. This field is conflict with `isEnabled`, valid when keyState is `Enabled`, `Disabled`, `Archived`.
	IsArchived pulumi.BoolPtrInput
	// Specify whether to enable key. Default value is `false`. This field is conflict with `isArchived`, valid when keyState is `Enabled`, `Disabled`, `Archived`.
	IsEnabled pulumi.BoolPtrInput
	// The base64-encoded key material encrypted with the public_key. For regions using the national secret version, the length of the imported key material is required to be 128 bits, and for regions using the FIPS version, the length of the imported key material is required to be 256 bits.
	KeyMaterialBase64 pulumi.StringPtrInput
	// State of CMK.
	KeyState pulumi.StringPtrInput
	// Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 7 days.
	PendingDeleteWindowInDays pulumi.IntPtrInput
	// Tags of CMK.
	Tags pulumi.MapInput
	// This value means the effective timestamp of the key material, 0 means it does not expire. Need to be greater than the current timestamp, the maximum support is 2147443200.
	ValidTo pulumi.IntPtrInput
	// The algorithm for encrypting key material. Available values include `RSAES_PKCS1_V1_5`, `RSAES_OAEP_SHA_1` and `RSAES_OAEP_SHA_256`. Default value is `RSAES_PKCS1_V1_5`.
	WrappingAlgorithm pulumi.StringPtrInput
}

func (ExternalKeyState) ElementType 

func (ExternalKeyState) ElementType() reflect.Type

type GetKeysArgs 

type GetKeysArgs struct {
	// Filter by state of CMK. `0` - all CMKs are queried, `1` - only Enabled CMKs are queried, `2` - only Disabled CMKs are queried, `3` - only PendingDelete CMKs are queried, `4` - only PendingImport CMKs are queried, `5` - only Archived CMKs are queried.
	KeyState *int `pulumi:"keyState"`
	// Filter by usage of CMK. Available values include `ALL`, `ENCRYPT_DECRYPT`, `ASYMMETRIC_DECRYPT_RSA_2048`, `ASYMMETRIC_DECRYPT_SM2`, `ASYMMETRIC_SIGN_VERIFY_SM2`, `ASYMMETRIC_SIGN_VERIFY_RSA_2048`, `ASYMMETRIC_SIGN_VERIFY_ECC`. Default value is `ENCRYPT_DECRYPT`.
	KeyUsage *string `pulumi:"keyUsage"`
	// Order to sort the CMK create time. `0` - desc, `1` - asc. Default value is `0`.
	OrderType *int `pulumi:"orderType"`
	// Filter by origin of CMK. `TENCENT_KMS` - CMK created by KMS, `EXTERNAL` - CMK imported by user, `ALL` - all CMKs. Default value is `ALL`.
	Origin *string `pulumi:"origin"`
	// Used to save results.
	ResultOutputFile *string `pulumi:"resultOutputFile"`
	// Filter by role of the CMK creator. `0` - created by user, `1` - created by cloud product. Default value is `0`.
	Role *int `pulumi:"role"`
	// Words used to match the results, and the words can be: keyId and alias.
	SearchKeyAlias *string `pulumi:"searchKeyAlias"`
	// Tags to filter CMK.
	Tags map[string]interface{} `pulumi:"tags"`
}

A collection of arguments for invoking getKeys.

type GetKeysKeyList 

type GetKeysKeyList struct {
	// Name of CMK.
	Alias string `pulumi:"alias"`
	// Create time of CMK.
	CreateTime int `pulumi:"createTime"`
	// Uin of CMK Creator.
	CreatorUin int `pulumi:"creatorUin"`
	// Delete time of CMK.
	DeletionDate int `pulumi:"deletionDate"`
	// Description of CMK.
	Description string `pulumi:"description"`
	// ID of CMK.
	KeyId string `pulumi:"keyId"`
	// Specify whether to enable key rotation.
	KeyRotationEnabled bool `pulumi:"keyRotationEnabled"`
	// Filter by state of CMK. `0` - all CMKs are queried, `1` - only Enabled CMKs are queried, `2` - only Disabled CMKs are queried, `3` - only PendingDelete CMKs are queried, `4` - only PendingImport CMKs are queried, `5` - only Archived CMKs are queried.
	KeyState string `pulumi:"keyState"`
	// Filter by usage of CMK. Available values include `ALL`, `ENCRYPT_DECRYPT`, `ASYMMETRIC_DECRYPT_RSA_2048`, `ASYMMETRIC_DECRYPT_SM2`, `ASYMMETRIC_SIGN_VERIFY_SM2`, `ASYMMETRIC_SIGN_VERIFY_RSA_2048`, `ASYMMETRIC_SIGN_VERIFY_ECC`. Default value is `ENCRYPT_DECRYPT`.
	KeyUsage string `pulumi:"keyUsage"`
	// Next rotate time of CMK when keyRotationEnabled is true.
	NextRotateTime int `pulumi:"nextRotateTime"`
	// Filter by origin of CMK. `TENCENT_KMS` - CMK created by KMS, `EXTERNAL` - CMK imported by user, `ALL` - all CMKs. Default value is `ALL`.
	Origin string `pulumi:"origin"`
	// Creator of CMK.
	Owner string `pulumi:"owner"`
	// Valid when origin is `EXTERNAL`, it means the effective date of the key material.
	ValidTo int `pulumi:"validTo"`
}

type GetKeysKeyListArgs 

type GetKeysKeyListArgs struct {
	// Name of CMK.
	Alias pulumi.StringInput `pulumi:"alias"`
	// Create time of CMK.
	CreateTime pulumi.IntInput `pulumi:"createTime"`
	// Uin of CMK Creator.
	CreatorUin pulumi.IntInput `pulumi:"creatorUin"`
	// Delete time of CMK.
	DeletionDate pulumi.IntInput `pulumi:"deletionDate"`
	// Description of CMK.
	Description pulumi.StringInput `pulumi:"description"`
	// ID of CMK.
	KeyId pulumi.StringInput `pulumi:"keyId"`
	// Specify whether to enable key rotation.
	KeyRotationEnabled pulumi.BoolInput `pulumi:"keyRotationEnabled"`
	// Filter by state of CMK. `0` - all CMKs are queried, `1` - only Enabled CMKs are queried, `2` - only Disabled CMKs are queried, `3` - only PendingDelete CMKs are queried, `4` - only PendingImport CMKs are queried, `5` - only Archived CMKs are queried.
	KeyState pulumi.StringInput `pulumi:"keyState"`
	// Filter by usage of CMK. Available values include `ALL`, `ENCRYPT_DECRYPT`, `ASYMMETRIC_DECRYPT_RSA_2048`, `ASYMMETRIC_DECRYPT_SM2`, `ASYMMETRIC_SIGN_VERIFY_SM2`, `ASYMMETRIC_SIGN_VERIFY_RSA_2048`, `ASYMMETRIC_SIGN_VERIFY_ECC`. Default value is `ENCRYPT_DECRYPT`.
	KeyUsage pulumi.StringInput `pulumi:"keyUsage"`
	// Next rotate time of CMK when keyRotationEnabled is true.
	NextRotateTime pulumi.IntInput `pulumi:"nextRotateTime"`
	// Filter by origin of CMK. `TENCENT_KMS` - CMK created by KMS, `EXTERNAL` - CMK imported by user, `ALL` - all CMKs. Default value is `ALL`.
	Origin pulumi.StringInput `pulumi:"origin"`
	// Creator of CMK.
	Owner pulumi.StringInput `pulumi:"owner"`
	// Valid when origin is `EXTERNAL`, it means the effective date of the key material.
	ValidTo pulumi.IntInput `pulumi:"validTo"`
}

func (GetKeysKeyListArgs) ElementType 

func (GetKeysKeyListArgs) ElementType() reflect.Type

func (GetKeysKeyListArgs) ToGetKeysKeyListOutput 

func (i GetKeysKeyListArgs) ToGetKeysKeyListOutput() GetKeysKeyListOutput

func (GetKeysKeyListArgs) ToGetKeysKeyListOutputWithContext 

func (i GetKeysKeyListArgs) ToGetKeysKeyListOutputWithContext(ctx context.Context) GetKeysKeyListOutput

type GetKeysKeyListArray 

type GetKeysKeyListArray []GetKeysKeyListInput

func (GetKeysKeyListArray) ElementType 

func (GetKeysKeyListArray) ElementType() reflect.Type

func (GetKeysKeyListArray) ToGetKeysKeyListArrayOutput 

func (i GetKeysKeyListArray) ToGetKeysKeyListArrayOutput() GetKeysKeyListArrayOutput

func (GetKeysKeyListArray) ToGetKeysKeyListArrayOutputWithContext 

func (i GetKeysKeyListArray) ToGetKeysKeyListArrayOutputWithContext(ctx context.Context) GetKeysKeyListArrayOutput

type GetKeysKeyListArrayInput 

type GetKeysKeyListArrayInput interface {
	pulumi.Input

	ToGetKeysKeyListArrayOutput() GetKeysKeyListArrayOutput
	ToGetKeysKeyListArrayOutputWithContext(context.Context) GetKeysKeyListArrayOutput
}

GetKeysKeyListArrayInput is an input type that accepts GetKeysKeyListArray and GetKeysKeyListArrayOutput values. You can construct a concrete instance of `GetKeysKeyListArrayInput` via: 

GetKeysKeyListArray{ GetKeysKeyListArgs{...} }

type GetKeysKeyListArrayOutput 

type GetKeysKeyListArrayOutput struct{ *pulumi.OutputState }

func (GetKeysKeyListArrayOutput) ElementType 

func (GetKeysKeyListArrayOutput) ElementType() reflect.Type

func (GetKeysKeyListArrayOutput) Index 

func (o GetKeysKeyListArrayOutput) Index(i pulumi.IntInput) GetKeysKeyListOutput

func (GetKeysKeyListArrayOutput) ToGetKeysKeyListArrayOutput 

func (o GetKeysKeyListArrayOutput) ToGetKeysKeyListArrayOutput() GetKeysKeyListArrayOutput

func (GetKeysKeyListArrayOutput) ToGetKeysKeyListArrayOutputWithContext 

func (o GetKeysKeyListArrayOutput) ToGetKeysKeyListArrayOutputWithContext(ctx context.Context) GetKeysKeyListArrayOutput

type GetKeysKeyListInput 

type GetKeysKeyListInput interface {
	pulumi.Input

	ToGetKeysKeyListOutput() GetKeysKeyListOutput
	ToGetKeysKeyListOutputWithContext(context.Context) GetKeysKeyListOutput
}

GetKeysKeyListInput is an input type that accepts GetKeysKeyListArgs and GetKeysKeyListOutput values. You can construct a concrete instance of `GetKeysKeyListInput` via: 

GetKeysKeyListArgs{...}

type GetKeysKeyListOutput 

type GetKeysKeyListOutput struct{ *pulumi.OutputState }

func (GetKeysKeyListOutput) Alias 

func (o GetKeysKeyListOutput) Alias() pulumi.StringOutput

Name of CMK.

func (GetKeysKeyListOutput) CreateTime 

func (o GetKeysKeyListOutput) CreateTime() pulumi.IntOutput

Create time of CMK.

func (GetKeysKeyListOutput) CreatorUin 

func (o GetKeysKeyListOutput) CreatorUin() pulumi.IntOutput

Uin of CMK Creator.

func (GetKeysKeyListOutput) DeletionDate 

func (o GetKeysKeyListOutput) DeletionDate() pulumi.IntOutput

Delete time of CMK.

func (GetKeysKeyListOutput) Description 

func (o GetKeysKeyListOutput) Description() pulumi.StringOutput

Description of CMK.

func (GetKeysKeyListOutput) ElementType 

func (GetKeysKeyListOutput) ElementType() reflect.Type

func (GetKeysKeyListOutput) KeyId 

func (o GetKeysKeyListOutput) KeyId() pulumi.StringOutput

ID of CMK.

func (GetKeysKeyListOutput) KeyRotationEnabled 

func (o GetKeysKeyListOutput) KeyRotationEnabled() pulumi.BoolOutput

Specify whether to enable key rotation.

func (GetKeysKeyListOutput) KeyState 

func (o GetKeysKeyListOutput) KeyState() pulumi.StringOutput

Filter by state of CMK. `0` - all CMKs are queried, `1` - only Enabled CMKs are queried, `2` - only Disabled CMKs are queried, `3` - only PendingDelete CMKs are queried, `4` - only PendingImport CMKs are queried, `5` - only Archived CMKs are queried.

func (GetKeysKeyListOutput) KeyUsage 

func (o GetKeysKeyListOutput) KeyUsage() pulumi.StringOutput

Filter by usage of CMK. Available values include `ALL`, `ENCRYPT_DECRYPT`, `ASYMMETRIC_DECRYPT_RSA_2048`, `ASYMMETRIC_DECRYPT_SM2`, `ASYMMETRIC_SIGN_VERIFY_SM2`, `ASYMMETRIC_SIGN_VERIFY_RSA_2048`, `ASYMMETRIC_SIGN_VERIFY_ECC`. Default value is `ENCRYPT_DECRYPT`.

func (GetKeysKeyListOutput) NextRotateTime 

func (o GetKeysKeyListOutput) NextRotateTime() pulumi.IntOutput

Next rotate time of CMK when keyRotationEnabled is true.

func (GetKeysKeyListOutput) Origin 

func (o GetKeysKeyListOutput) Origin() pulumi.StringOutput

Filter by origin of CMK. `TENCENT_KMS` - CMK created by KMS, `EXTERNAL` - CMK imported by user, `ALL` - all CMKs. Default value is `ALL`.

func (GetKeysKeyListOutput) Owner 

func (o GetKeysKeyListOutput) Owner() pulumi.StringOutput

Creator of CMK.

func (GetKeysKeyListOutput) ToGetKeysKeyListOutput 

func (o GetKeysKeyListOutput) ToGetKeysKeyListOutput() GetKeysKeyListOutput

func (GetKeysKeyListOutput) ToGetKeysKeyListOutputWithContext 

func (o GetKeysKeyListOutput) ToGetKeysKeyListOutputWithContext(ctx context.Context) GetKeysKeyListOutput

func (GetKeysKeyListOutput) ValidTo 

func (o GetKeysKeyListOutput) ValidTo() pulumi.IntOutput

Valid when origin is `EXTERNAL`, it means the effective date of the key material.

type GetKeysOutputArgs 

type GetKeysOutputArgs struct {
	// Filter by state of CMK. `0` - all CMKs are queried, `1` - only Enabled CMKs are queried, `2` - only Disabled CMKs are queried, `3` - only PendingDelete CMKs are queried, `4` - only PendingImport CMKs are queried, `5` - only Archived CMKs are queried.
	KeyState pulumi.IntPtrInput `pulumi:"keyState"`
	// Filter by usage of CMK. Available values include `ALL`, `ENCRYPT_DECRYPT`, `ASYMMETRIC_DECRYPT_RSA_2048`, `ASYMMETRIC_DECRYPT_SM2`, `ASYMMETRIC_SIGN_VERIFY_SM2`, `ASYMMETRIC_SIGN_VERIFY_RSA_2048`, `ASYMMETRIC_SIGN_VERIFY_ECC`. Default value is `ENCRYPT_DECRYPT`.
	KeyUsage pulumi.StringPtrInput `pulumi:"keyUsage"`
	// Order to sort the CMK create time. `0` - desc, `1` - asc. Default value is `0`.
	OrderType pulumi.IntPtrInput `pulumi:"orderType"`
	// Filter by origin of CMK. `TENCENT_KMS` - CMK created by KMS, `EXTERNAL` - CMK imported by user, `ALL` - all CMKs. Default value is `ALL`.
	Origin pulumi.StringPtrInput `pulumi:"origin"`
	// Used to save results.
	ResultOutputFile pulumi.StringPtrInput `pulumi:"resultOutputFile"`
	// Filter by role of the CMK creator. `0` - created by user, `1` - created by cloud product. Default value is `0`.
	Role pulumi.IntPtrInput `pulumi:"role"`
	// Words used to match the results, and the words can be: keyId and alias.
	SearchKeyAlias pulumi.StringPtrInput `pulumi:"searchKeyAlias"`
	// Tags to filter CMK.
	Tags pulumi.MapInput `pulumi:"tags"`
}

A collection of arguments for invoking getKeys.

func (GetKeysOutputArgs) ElementType 

func (GetKeysOutputArgs) ElementType() reflect.Type

type GetKeysResult 

type GetKeysResult struct {
	// The provider-assigned unique ID for this managed resource.
	Id string `pulumi:"id"`
	// A list of KMS keys.
	KeyLists []GetKeysKeyList `pulumi:"keyLists"`
	// State of CMK.
	KeyState *int `pulumi:"keyState"`
	// Usage of CMK.
	KeyUsage  *string `pulumi:"keyUsage"`
	OrderType *int    `pulumi:"orderType"`
	// Origin of CMK. `TENCENT_KMS` - CMK created by KMS, `EXTERNAL` - CMK imported by user.
	Origin           *string                `pulumi:"origin"`
	ResultOutputFile *string                `pulumi:"resultOutputFile"`
	Role             *int                   `pulumi:"role"`
	SearchKeyAlias   *string                `pulumi:"searchKeyAlias"`
	Tags             map[string]interface{} `pulumi:"tags"`
}

A collection of values returned by getKeys.

func GetKeys 

func GetKeys(ctx *pulumi.Context, args *GetKeysArgs, opts ...pulumi.InvokeOption) (*GetKeysResult, error)

Use this data source to query detailed information of KMS key

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-tencentcloud/sdk/go/tencentcloud/Kms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/tencentcloudstack/pulumi-tencentcloud/sdk/go/tencentcloud/Kms"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := Kms.GetKeys(ctx, &kms.GetKeysArgs{
			KeyState:       pulumi.IntRef(0),
			KeyUsage:       pulumi.StringRef("ALL"),
			Origin:         pulumi.StringRef("TENCENT_KMS"),
			SearchKeyAlias: pulumi.StringRef("test"),
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

type GetKeysResultOutput 

type GetKeysResultOutput struct{ *pulumi.OutputState }

A collection of values returned by getKeys.

func GetKeysOutput 

func GetKeysOutput(ctx *pulumi.Context, args GetKeysOutputArgs, opts ...pulumi.InvokeOption) GetKeysResultOutput

func (GetKeysResultOutput) ElementType 

func (GetKeysResultOutput) ElementType() reflect.Type

func (GetKeysResultOutput) Id 

func (o GetKeysResultOutput) Id() pulumi.StringOutput

The provider-assigned unique ID for this managed resource.

func (GetKeysResultOutput) KeyLists 

func (o GetKeysResultOutput) KeyLists() GetKeysKeyListArrayOutput

A list of KMS keys.

func (GetKeysResultOutput) KeyState 

func (o GetKeysResultOutput) KeyState() pulumi.IntPtrOutput

State of CMK.

func (GetKeysResultOutput) KeyUsage 

func (o GetKeysResultOutput) KeyUsage() pulumi.StringPtrOutput

Usage of CMK.

func (GetKeysResultOutput) OrderType 

func (o GetKeysResultOutput) OrderType() pulumi.IntPtrOutput

func (GetKeysResultOutput) Origin 

func (o GetKeysResultOutput) Origin() pulumi.StringPtrOutput

Origin of CMK. `TENCENT_KMS` - CMK created by KMS, `EXTERNAL` - CMK imported by user.

func (GetKeysResultOutput) ResultOutputFile 

func (o GetKeysResultOutput) ResultOutputFile() pulumi.StringPtrOutput

func (GetKeysResultOutput) Role 

func (o GetKeysResultOutput) Role() pulumi.IntPtrOutput

func (GetKeysResultOutput) SearchKeyAlias 

func (o GetKeysResultOutput) SearchKeyAlias() pulumi.StringPtrOutput

func (GetKeysResultOutput) Tags 

func (o GetKeysResultOutput) Tags() pulumi.MapOutput

func (GetKeysResultOutput) ToGetKeysResultOutput 

func (o GetKeysResultOutput) ToGetKeysResultOutput() GetKeysResultOutput

func (GetKeysResultOutput) ToGetKeysResultOutputWithContext 

func (o GetKeysResultOutput) ToGetKeysResultOutputWithContext(ctx context.Context) GetKeysResultOutput

type Key 

type Key struct {
	pulumi.CustomResourceState

	// Name of CMK. The name can only contain English letters, numbers, underscore and hyphen '-'. The first character must be a letter or number.
	Alias pulumi.StringOutput `pulumi:"alias"`
	// Description of CMK. The maximum is 1024 bytes.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// Specify whether to archive key. Default value is `false`. This field is conflict with `isEnabled`, valid when keyState is `Enabled`, `Disabled`, `Archived`.
	IsArchived pulumi.BoolPtrOutput `pulumi:"isArchived"`
	// Specify whether to enable key. Default value is `false`. This field is conflict with `isArchived`, valid when keyState is `Enabled`, `Disabled`, `Archived`.
	IsEnabled pulumi.BoolPtrOutput `pulumi:"isEnabled"`
	// Specify whether to enable key rotation, valid when keyUsage is `ENCRYPT_DECRYPT`. Default value is `false`.
	KeyRotationEnabled pulumi.BoolPtrOutput `pulumi:"keyRotationEnabled"`
	// State of CMK.
	KeyState pulumi.StringOutput `pulumi:"keyState"`
	// Usage of CMK. Available values include `ENCRYPT_DECRYPT`, `ASYMMETRIC_DECRYPT_RSA_2048`, `ASYMMETRIC_DECRYPT_SM2`, `ASYMMETRIC_SIGN_VERIFY_SM2`, `ASYMMETRIC_SIGN_VERIFY_RSA_2048`, `ASYMMETRIC_SIGN_VERIFY_ECC`. Default value is `ENCRYPT_DECRYPT`.
	KeyUsage pulumi.StringPtrOutput `pulumi:"keyUsage"`
	// Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 7 days.
	PendingDeleteWindowInDays pulumi.IntPtrOutput `pulumi:"pendingDeleteWindowInDays"`
	// Tags of CMK.
	Tags pulumi.MapOutput `pulumi:"tags"`
}

Provide a resource to create a KMS key.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/tencentcloudstack/pulumi-tencentcloud/sdk/go/tencentcloud/Kms"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := Kms.NewKey(ctx, "foo", &Kms.KeyArgs{
			Alias:              pulumi.String("test"),
			Description:        pulumi.String("describe key test message."),
			KeyRotationEnabled: pulumi.Bool(true),
			IsEnabled:          pulumi.Bool(true),
			Tags: pulumi.AnyMap{
				"test-tag": pulumi.Any("key-test"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

KMS keys can be imported using the id, e.g.

```sh 

$ pulumi import tencentcloud:Kms/key:Key foo 287e8f40-7cbb-11eb-9a3a-5254004f7f94

```

func GetKey 

func GetKey(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *KeyState, opts ...pulumi.ResourceOption) (*Key, error)

GetKey gets an existing Key resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewKey 

func NewKey(ctx *pulumi.Context,
	name string, args *KeyArgs, opts ...pulumi.ResourceOption) (*Key, error)

NewKey registers a new resource with the given unique name, arguments, and options.

func (*Key) ElementType 

func (*Key) ElementType() reflect.Type

func (*Key) ToKeyOutput 

func (i *Key) ToKeyOutput() KeyOutput

func (*Key) ToKeyOutputWithContext 

func (i *Key) ToKeyOutputWithContext(ctx context.Context) KeyOutput

type KeyArgs 

type KeyArgs struct {
	// Name of CMK. The name can only contain English letters, numbers, underscore and hyphen '-'. The first character must be a letter or number.
	Alias pulumi.StringInput
	// Description of CMK. The maximum is 1024 bytes.
	Description pulumi.StringPtrInput
	// Specify whether to archive key. Default value is `false`. This field is conflict with `isEnabled`, valid when keyState is `Enabled`, `Disabled`, `Archived`.
	IsArchived pulumi.BoolPtrInput
	// Specify whether to enable key. Default value is `false`. This field is conflict with `isArchived`, valid when keyState is `Enabled`, `Disabled`, `Archived`.
	IsEnabled pulumi.BoolPtrInput
	// Specify whether to enable key rotation, valid when keyUsage is `ENCRYPT_DECRYPT`. Default value is `false`.
	KeyRotationEnabled pulumi.BoolPtrInput
	// Usage of CMK. Available values include `ENCRYPT_DECRYPT`, `ASYMMETRIC_DECRYPT_RSA_2048`, `ASYMMETRIC_DECRYPT_SM2`, `ASYMMETRIC_SIGN_VERIFY_SM2`, `ASYMMETRIC_SIGN_VERIFY_RSA_2048`, `ASYMMETRIC_SIGN_VERIFY_ECC`. Default value is `ENCRYPT_DECRYPT`.
	KeyUsage pulumi.StringPtrInput
	// Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 7 days.
	PendingDeleteWindowInDays pulumi.IntPtrInput
	// Tags of CMK.
	Tags pulumi.MapInput
}

The set of arguments for constructing a Key resource.

func (KeyArgs) ElementType 

func (KeyArgs) ElementType() reflect.Type

type KeyArray 

type KeyArray []KeyInput

func (KeyArray) ElementType 

func (KeyArray) ElementType() reflect.Type

func (KeyArray) ToKeyArrayOutput 

func (i KeyArray) ToKeyArrayOutput() KeyArrayOutput

func (KeyArray) ToKeyArrayOutputWithContext 

func (i KeyArray) ToKeyArrayOutputWithContext(ctx context.Context) KeyArrayOutput

type KeyArrayInput 

type KeyArrayInput interface {
	pulumi.Input

	ToKeyArrayOutput() KeyArrayOutput
	ToKeyArrayOutputWithContext(context.Context) KeyArrayOutput
}

KeyArrayInput is an input type that accepts KeyArray and KeyArrayOutput values. You can construct a concrete instance of `KeyArrayInput` via: 

KeyArray{ KeyArgs{...} }

type KeyArrayOutput 

type KeyArrayOutput struct{ *pulumi.OutputState }

func (KeyArrayOutput) ElementType 

func (KeyArrayOutput) ElementType() reflect.Type

func (KeyArrayOutput) Index 

func (o KeyArrayOutput) Index(i pulumi.IntInput) KeyOutput

func (KeyArrayOutput) ToKeyArrayOutput 

func (o KeyArrayOutput) ToKeyArrayOutput() KeyArrayOutput

func (KeyArrayOutput) ToKeyArrayOutputWithContext 

func (o KeyArrayOutput) ToKeyArrayOutputWithContext(ctx context.Context) KeyArrayOutput

type KeyInput 

type KeyInput interface {
	pulumi.Input

	ToKeyOutput() KeyOutput
	ToKeyOutputWithContext(ctx context.Context) KeyOutput
}

type KeyMap 

type KeyMap map[string]KeyInput

func (KeyMap) ElementType 

func (KeyMap) ElementType() reflect.Type

func (KeyMap) ToKeyMapOutput 

func (i KeyMap) ToKeyMapOutput() KeyMapOutput

func (KeyMap) ToKeyMapOutputWithContext 

func (i KeyMap) ToKeyMapOutputWithContext(ctx context.Context) KeyMapOutput

type KeyMapInput 

type KeyMapInput interface {
	pulumi.Input

	ToKeyMapOutput() KeyMapOutput
	ToKeyMapOutputWithContext(context.Context) KeyMapOutput
}

KeyMapInput is an input type that accepts KeyMap and KeyMapOutput values. You can construct a concrete instance of `KeyMapInput` via: 

KeyMap{ "key": KeyArgs{...} }

type KeyMapOutput 

type KeyMapOutput struct{ *pulumi.OutputState }

func (KeyMapOutput) ElementType 

func (KeyMapOutput) ElementType() reflect.Type

func (KeyMapOutput) MapIndex 

func (o KeyMapOutput) MapIndex(k pulumi.StringInput) KeyOutput

func (KeyMapOutput) ToKeyMapOutput 

func (o KeyMapOutput) ToKeyMapOutput() KeyMapOutput

func (KeyMapOutput) ToKeyMapOutputWithContext 

func (o KeyMapOutput) ToKeyMapOutputWithContext(ctx context.Context) KeyMapOutput

type KeyOutput 

type KeyOutput struct{ *pulumi.OutputState }

func (KeyOutput) Alias 

func (o KeyOutput) Alias() pulumi.StringOutput

Name of CMK. The name can only contain English letters, numbers, underscore and hyphen '-'. The first character must be a letter or number.

func (KeyOutput) Description 

func (o KeyOutput) Description() pulumi.StringPtrOutput

Description of CMK. The maximum is 1024 bytes.

func (KeyOutput) ElementType 

func (KeyOutput) ElementType() reflect.Type

func (KeyOutput) IsArchived 

func (o KeyOutput) IsArchived() pulumi.BoolPtrOutput

Specify whether to archive key. Default value is `false`. This field is conflict with `isEnabled`, valid when keyState is `Enabled`, `Disabled`, `Archived`.

func (KeyOutput) IsEnabled 

func (o KeyOutput) IsEnabled() pulumi.BoolPtrOutput

Specify whether to enable key. Default value is `false`. This field is conflict with `isArchived`, valid when keyState is `Enabled`, `Disabled`, `Archived`.

func (KeyOutput) KeyRotationEnabled 

func (o KeyOutput) KeyRotationEnabled() pulumi.BoolPtrOutput

Specify whether to enable key rotation, valid when keyUsage is `ENCRYPT_DECRYPT`. Default value is `false`.

func (KeyOutput) KeyState 

func (o KeyOutput) KeyState() pulumi.StringOutput

State of CMK.

func (KeyOutput) KeyUsage 

func (o KeyOutput) KeyUsage() pulumi.StringPtrOutput

Usage of CMK. Available values include `ENCRYPT_DECRYPT`, `ASYMMETRIC_DECRYPT_RSA_2048`, `ASYMMETRIC_DECRYPT_SM2`, `ASYMMETRIC_SIGN_VERIFY_SM2`, `ASYMMETRIC_SIGN_VERIFY_RSA_2048`, `ASYMMETRIC_SIGN_VERIFY_ECC`. Default value is `ENCRYPT_DECRYPT`.

func (KeyOutput) PendingDeleteWindowInDays 

func (o KeyOutput) PendingDeleteWindowInDays() pulumi.IntPtrOutput

Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 7 days.

func (KeyOutput) Tags 

func (o KeyOutput) Tags() pulumi.MapOutput

Tags of CMK.

func (KeyOutput) ToKeyOutput 

func (o KeyOutput) ToKeyOutput() KeyOutput

func (KeyOutput) ToKeyOutputWithContext 

func (o KeyOutput) ToKeyOutputWithContext(ctx context.Context) KeyOutput

type KeyState 

type KeyState struct {
	// Name of CMK. The name can only contain English letters, numbers, underscore and hyphen '-'. The first character must be a letter or number.
	Alias pulumi.StringPtrInput
	// Description of CMK. The maximum is 1024 bytes.
	Description pulumi.StringPtrInput
	// Specify whether to archive key. Default value is `false`. This field is conflict with `isEnabled`, valid when keyState is `Enabled`, `Disabled`, `Archived`.
	IsArchived pulumi.BoolPtrInput
	// Specify whether to enable key. Default value is `false`. This field is conflict with `isArchived`, valid when keyState is `Enabled`, `Disabled`, `Archived`.
	IsEnabled pulumi.BoolPtrInput
	// Specify whether to enable key rotation, valid when keyUsage is `ENCRYPT_DECRYPT`. Default value is `false`.
	KeyRotationEnabled pulumi.BoolPtrInput
	// State of CMK.
	KeyState pulumi.StringPtrInput
	// Usage of CMK. Available values include `ENCRYPT_DECRYPT`, `ASYMMETRIC_DECRYPT_RSA_2048`, `ASYMMETRIC_DECRYPT_SM2`, `ASYMMETRIC_SIGN_VERIFY_SM2`, `ASYMMETRIC_SIGN_VERIFY_RSA_2048`, `ASYMMETRIC_SIGN_VERIFY_ECC`. Default value is `ENCRYPT_DECRYPT`.
	KeyUsage pulumi.StringPtrInput
	// Duration in days after which the key is deleted after destruction of the resource, must be between 7 and 30 days. Defaults to 7 days.
	PendingDeleteWindowInDays pulumi.IntPtrInput
	// Tags of CMK.
	Tags pulumi.MapInput
}

func (KeyState) ElementType 

func (KeyState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.