googleKmsCryptoKeyVersion
Provides access to a Google Cloud Platform KMS CryptoKeyVersion. For more information see the official documentation and API.
A CryptoKeyVersion represents an individual cryptographic key, and the associated key material.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
new google.dataGoogleKmsCryptoKeyVersion.DataGoogleKmsCryptoKeyVersion(
this,
"my_crypto_key_version",
{
crypto_key: "${data.google_kms_crypto_key.my_key.id}",
}
);
const dataGoogleKmsKeyRingMyKeyRing =
new google.dataGoogleKmsKeyRing.DataGoogleKmsKeyRing(this, "my_key_ring", {
location: "us-central1",
name: "my-key-ring",
});
new google.dataGoogleKmsCryptoKey.DataGoogleKmsCryptoKey(
this,
"my_crypto_key",
{
key_ring: dataGoogleKmsKeyRingMyKeyRing.id,
name: "my-crypto-key",
}
);
Argument Reference
The following arguments are supported:
-
cryptoKey
- (Required) Theid
of the Google Cloud Platform CryptoKey to which the key version belongs. This is also theid
field of thegoogleKmsCryptoKey
resource/datasource. -
version
- (Optional) The version number for this CryptoKeyVersion. Defaults to1
.
Attributes Reference
In addition to the arguments listed above, the following computed attributes are exported:
-
id
- an identifier for the resource with format//cloudkmsGoogleapisCom/v1/{{cryptoKey}}/cryptoKeyVersions/{{version}}
-
name
- The resource name for this CryptoKeyVersion in the formatprojects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*
-
state
- The current state of the CryptoKeyVersion. See the state reference for possible outputs. -
protectionLevel
- The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion. See the protection_level reference for possible outputs. -
algorithm
- The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports. See the algorithm reference for possible outputs. -
publicKey
- If the enclosing CryptoKey has purposeasymmetricSign
orasymmetricDecrypt
, this block contains details about the public key associated to this CryptoKeyVersion. Structure is documented below.
The publicKey
block, if present, contains:
-
pem
- The public key, encoded in PEM format. For more information, see the RFC 7468 sections for General Considerations and Textual Encoding of Subject Public Key Info. -
algorithm
- The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.