googleKmsCryptoKey
Provides access to a Google Cloud Platform KMS CryptoKey. For more information see the official documentation and API.
A CryptoKey is an interface to key material which can be used to encrypt and decrypt data. A CryptoKey belongs to a Google Cloud KMS KeyRing.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const dataGoogleKmsKeyRingMyKeyRing =
new google.dataGoogleKmsKeyRing.DataGoogleKmsKeyRing(this, "my_key_ring", {
location: "us-central1",
name: "my-key-ring",
});
new google.dataGoogleKmsCryptoKey.DataGoogleKmsCryptoKey(
this,
"my_crypto_key",
{
key_ring: dataGoogleKmsKeyRingMyKeyRing.id,
name: "my-crypto-key",
}
);
Argument Reference
The following arguments are supported:
-
name
- (Required) The CryptoKey's name. A CryptoKey’s name belonging to the specified Google Cloud Platform KeyRing and match the regular expression[aZAZ09_-]{1,63}
-
keyRing
- (Required) Theid
of the Google Cloud Platform KeyRing to which the key belongs.
Attributes Reference
In addition to the arguments listed above, the following computed attributes are exported:
-
rotationPeriod
- Every time this period passes, generate a new CryptoKeyVersion and set it as the primary. The first rotation will take place after the specified period. The rotation period has the format of a decimal number with up to 9 fractional digits, followed by the letter s (seconds). -
purpose
- Defines the cryptographic capabilities of the key. -
id
- The identifier of the created CryptoKey. Its format isprojects/{projectId}/locations/{location}/keyRings/{keyRingName}/cryptoKeys/{cryptoKeyName}
.