import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * EdgeCacheKeyset represents a collection of public keys used for validating signed requests. * * To get more information about EdgeCacheKeyset, see: * * * [API documentation](https://cloud.google.com/media-cdn/docs/reference/rest/v1/projects.locations.edgeCacheKeysets) * * How-to Guides * * [Create keysets](https://cloud.google.com/media-cdn/docs/create-keyset) * * ## Example Usage * * ### Network Services Edge Cache Keyset Basic * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const _default = new gcp.networkservices.EdgeCacheKeyset("default", { * name: "my-keyset", * description: "The default keyset", * publicKeys: [ * { * id: "my-public-key", * value: "FHsTyFHNmvNpw4o7-rp-M1yqMyBF8vXSBRkZtkQ0RKY", * }, * { * id: "my-public-key-2", * value: "hzd03llxB1u5FOLKFkZ6_wCJqC7jtN0bg7xlBqS6WVM", * }, * ], * }); * ``` * ### Network Services Edge Cache Keyset Dual Token * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const secret_basic = new gcp.secretmanager.Secret("secret-basic", { * secretId: "secret-name", * replication: { * auto: {}, * }, * }); * const secret_version_basic = new gcp.secretmanager.SecretVersion("secret-version-basic", { * secret: secret_basic.id, * secretData: "secret-data", * }); * const _default = new gcp.networkservices.EdgeCacheKeyset("default", { * name: "my-keyset", * description: "The default keyset", * publicKeys: [{ * id: "my-public-key", * managed: true, * }], * validationSharedKeys: [{ * secretVersion: secret_version_basic.id, * }], * }); * ``` * * ## Import * * EdgeCacheKeyset can be imported using any of these accepted formats: * * * `projects/{{project}}/locations/global/edgeCacheKeysets/{{name}}` * * `{{project}}/{{name}}` * * `{{name}}` * * When using the `pulumi import` command, EdgeCacheKeyset can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:networkservices/edgeCacheKeyset:EdgeCacheKeyset default projects/{{project}}/locations/global/edgeCacheKeysets/{{name}} * $ pulumi import gcp:networkservices/edgeCacheKeyset:EdgeCacheKeyset default {{project}}/{{name}} * $ pulumi import gcp:networkservices/edgeCacheKeyset:EdgeCacheKeyset default {{name}} * ``` */ export declare class EdgeCacheKeyset extends pulumi.CustomResource { /** * Get an existing EdgeCacheKeyset resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: EdgeCacheKeysetState, opts?: pulumi.CustomResourceOptions): EdgeCacheKeyset; /** * Returns true if the given object is an instance of EdgeCacheKeyset. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is EdgeCacheKeyset; /** * A human-readable description of the resource. */ readonly description: pulumi.Output; /** * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. */ readonly effectiveLabels: pulumi.Output<{ [key: string]: string; }>; /** * Set of label tags associated with the EdgeCache resource. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effectiveLabels` for all of the labels present on the resource. */ readonly labels: pulumi.Output<{ [key: string]: string; } | undefined>; /** * Name of the resource; provided by the client when the resource is created. * The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, * and all following characters must be a dash, underscore, letter or digit. */ readonly name: pulumi.Output; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ readonly project: pulumi.Output; /** * An ordered list of Ed25519 public keys to use for validating signed requests. * You must specify `publicKeys` or `validationSharedKeys` (or both). The keys in `publicKeys` are checked first. * You may specify no more than one Google-managed public key. * If you specify `publicKeys`, you must specify at least one (1) key and may specify up to three (3) keys. * Ed25519 public keys are not secret, and only allow Google to validate a request was signed by your corresponding private key. * Ensure that the private key is kept secret, and that only authorized users can add public keys to a keyset. * Structure is documented below. */ readonly publicKeys: pulumi.Output; /** * The combination of labels configured directly on the resource * and default labels configured on the provider. */ readonly pulumiLabels: pulumi.Output<{ [key: string]: string; }>; /** * An ordered list of shared keys to use for validating signed requests. * Shared keys are secret. Ensure that only authorized users can add `validationSharedKeys` to a keyset. * You can rotate keys by appending (pushing) a new key to the list of `validationSharedKeys` and removing any superseded keys. * You must specify `publicKeys` or `validationSharedKeys` (or both). The keys in `publicKeys` are checked first. * Structure is documented below. */ readonly validationSharedKeys: pulumi.Output; /** * Create a EdgeCacheKeyset resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args?: EdgeCacheKeysetArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering EdgeCacheKeyset resources. */ export interface EdgeCacheKeysetState { /** * A human-readable description of the resource. */ description?: pulumi.Input; /** * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. */ effectiveLabels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Set of label tags associated with the EdgeCache resource. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effectiveLabels` for all of the labels present on the resource. */ labels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Name of the resource; provided by the client when the resource is created. * The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, * and all following characters must be a dash, underscore, letter or digit. */ name?: pulumi.Input; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input; /** * An ordered list of Ed25519 public keys to use for validating signed requests. * You must specify `publicKeys` or `validationSharedKeys` (or both). The keys in `publicKeys` are checked first. * You may specify no more than one Google-managed public key. * If you specify `publicKeys`, you must specify at least one (1) key and may specify up to three (3) keys. * Ed25519 public keys are not secret, and only allow Google to validate a request was signed by your corresponding private key. * Ensure that the private key is kept secret, and that only authorized users can add public keys to a keyset. * Structure is documented below. */ publicKeys?: pulumi.Input[]>; /** * The combination of labels configured directly on the resource * and default labels configured on the provider. */ pulumiLabels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * An ordered list of shared keys to use for validating signed requests. * Shared keys are secret. Ensure that only authorized users can add `validationSharedKeys` to a keyset. * You can rotate keys by appending (pushing) a new key to the list of `validationSharedKeys` and removing any superseded keys. * You must specify `publicKeys` or `validationSharedKeys` (or both). The keys in `publicKeys` are checked first. * Structure is documented below. */ validationSharedKeys?: pulumi.Input[]>; } /** * The set of arguments for constructing a EdgeCacheKeyset resource. */ export interface EdgeCacheKeysetArgs { /** * A human-readable description of the resource. */ description?: pulumi.Input; /** * Set of label tags associated with the EdgeCache resource. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field `effectiveLabels` for all of the labels present on the resource. */ labels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Name of the resource; provided by the client when the resource is created. * The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, * and all following characters must be a dash, underscore, letter or digit. */ name?: pulumi.Input; /** * The ID of the project in which the resource belongs. * If it is not provided, the provider project is used. */ project?: pulumi.Input; /** * An ordered list of Ed25519 public keys to use for validating signed requests. * You must specify `publicKeys` or `validationSharedKeys` (or both). The keys in `publicKeys` are checked first. * You may specify no more than one Google-managed public key. * If you specify `publicKeys`, you must specify at least one (1) key and may specify up to three (3) keys. * Ed25519 public keys are not secret, and only allow Google to validate a request was signed by your corresponding private key. * Ensure that the private key is kept secret, and that only authorized users can add public keys to a keyset. * Structure is documented below. */ publicKeys?: pulumi.Input[]>; /** * An ordered list of shared keys to use for validating signed requests. * Shared keys are secret. Ensure that only authorized users can add `validationSharedKeys` to a keyset. * You can rotate keys by appending (pushing) a new key to the list of `validationSharedKeys` and removing any superseded keys. * You must specify `publicKeys` or `validationSharedKeys` (or both). The keys in `publicKeys` are checked first. * Structure is documented below. */ validationSharedKeys?: pulumi.Input[]>; }