import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * Key Management Service (KMS) is a one-stop key management and data encryption platform on Volcano Engine. It provides easy-to-use encryption interfaces. KMS helps users easily manage keys and protect the security of core cloud data. It also greatly reduces the procurement and development costs for users to deploy their own cryptographic infrastructure. KMS helps businesses easily meet regulatory and compliance requirements. * * ## Import * * ```sh * $ pulumi import volcenginecc:kms/key:Key example "keyring_name|key_id" * ``` */ export declare class Key extends pulumi.CustomResource { /** * Get an existing Key resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: KeyState, opts?: pulumi.CustomResourceOptions): Key; /** * Returns true if the given object is an instance of Key. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is Key; /** * Asymmetric encryption action parameters and results. AsymmetricEncrypt can be triggered during the Create/Update phase; the result is only guaranteed to be returned in the current response. */ readonly asymmetricCiphertext: pulumi.Output; /** * Asymmetric signature action parameters and results. AsymmetricSign can be triggered during the Create/Update phase; the result is only guaranteed to be returned in the current response. */ readonly asymmetricSignature: pulumi.Output; /** * Symmetric encryption action parameters and results. Encrypt can be triggered during the Create/Update phase; the result is only guaranteed to be returned in the current response. */ readonly ciphertext: pulumi.Output; /** * Key creation time. */ readonly createdTime: pulumi.Output; /** * Key description: Length 0–8192 characters. */ readonly description: pulumi.Output; /** * User master key archive operation (enter 1 to archive, 2 to unarchive). */ readonly keyArchiveOperation: pulumi.Output; /** * User master key enable operation (enter 1 to enable, 2 to disable). */ readonly keyEnableOperation: pulumi.Output; /** * Key unique identifier in UUID format. */ readonly keyId: pulumi.Output; /** * Key material expiration time. If empty, the key does not expire. */ readonly keyMaterialExpireTime: pulumi.Output; /** * Master key name. Length 2–31 characters. Valid characters: [a-zA-Z0-9-_]. */ readonly keyName: pulumi.Output; /** * Primary region of the multi-region key. Set the target primary region during the Create/Update phase; the current primary region is returned during the Read phase. */ readonly keyPrimaryRegion: pulumi.Output; /** * User master key rotation operation (enter 1 to enable, 2 to disable). */ readonly keyRotationOperation: pulumi.Output; /** * Symmetric keys: SYMMETRIC*256, SYMMETRIC*128; asymmetric keys: RSA*2048, RSA*3072, RSA*4096, EC*P256, EC*P256K, EC*P384, EC*P521, EC*SM2. */ readonly keySpec: pulumi.Output; /** * Key status: Enable, Disable, PendingDelete, Archived, PendingImport. */ readonly keyState: pulumi.Output; /** * Key usage. Options: ENCRYPT*DECRYPT, SIGN*VERIFY, GENERATE*VERIFY*MAC. */ readonly keyUsage: pulumi.Output; /** * Key ring name. Length 2–31 characters. Valid characters: [a-zA-Z0-9-_]. */ readonly keyringName: pulumi.Output; /** * Key last rotation time. */ readonly lastRotationTime: pulumi.Output; /** * Is this a multi-region type master key. */ readonly multiRegion: pulumi.Output; /** * Multi-region key configuration information. */ readonly multiRegionConfiguration: pulumi.Output; /** * Key source. Options: CloudKMS, External, ExternalKeyStore. */ readonly origin: pulumi.Output; /** * Key protection level. Options: SOFTWARE, HSM. */ readonly protectionLevel: pulumi.Output; /** * Re-encryption action parameters and results. ReEncrypt can be triggered during the Create/Update phase; the result is only guaranteed to be returned in the current response. */ readonly reEncrypt: pulumi.Output; /** * Replicate key action parameters and results. ReplicateKey can be triggered during the Create/Update phase; the result is only guaranteed to be returned in the current response. */ readonly replicateKey: pulumi.Output; /** * Key rotation period (days). Range: [90, 2560]. */ readonly rotateInterval: pulumi.Output; /** * Key rotation status. Options: Enable, Disable. */ readonly rotateState: pulumi.Output; /** * Key deletion time. */ readonly scheduleDeleteTime: pulumi.Output; /** * Key rotation time. */ readonly scheduleRotationTime: pulumi.Output; readonly tags: pulumi.Output; /** * Resource name. Format should be trn:${Service}:${Region}:${AccountID}:${ResourcePath}. */ readonly trn: pulumi.Output; /** * Key update time. */ readonly updatedTime: pulumi.Output; /** * Create a Key resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: KeyArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering Key resources. */ export interface KeyState { /** * Asymmetric encryption action parameters and results. AsymmetricEncrypt can be triggered during the Create/Update phase; the result is only guaranteed to be returned in the current response. */ asymmetricCiphertext?: pulumi.Input; /** * Asymmetric signature action parameters and results. AsymmetricSign can be triggered during the Create/Update phase; the result is only guaranteed to be returned in the current response. */ asymmetricSignature?: pulumi.Input; /** * Symmetric encryption action parameters and results. Encrypt can be triggered during the Create/Update phase; the result is only guaranteed to be returned in the current response. */ ciphertext?: pulumi.Input; /** * Key creation time. */ createdTime?: pulumi.Input; /** * Key description: Length 0–8192 characters. */ description?: pulumi.Input; /** * User master key archive operation (enter 1 to archive, 2 to unarchive). */ keyArchiveOperation?: pulumi.Input; /** * User master key enable operation (enter 1 to enable, 2 to disable). */ keyEnableOperation?: pulumi.Input; /** * Key unique identifier in UUID format. */ keyId?: pulumi.Input; /** * Key material expiration time. If empty, the key does not expire. */ keyMaterialExpireTime?: pulumi.Input; /** * Master key name. Length 2–31 characters. Valid characters: [a-zA-Z0-9-_]. */ keyName?: pulumi.Input; /** * Primary region of the multi-region key. Set the target primary region during the Create/Update phase; the current primary region is returned during the Read phase. */ keyPrimaryRegion?: pulumi.Input; /** * User master key rotation operation (enter 1 to enable, 2 to disable). */ keyRotationOperation?: pulumi.Input; /** * Symmetric keys: SYMMETRIC*256, SYMMETRIC*128; asymmetric keys: RSA*2048, RSA*3072, RSA*4096, EC*P256, EC*P256K, EC*P384, EC*P521, EC*SM2. */ keySpec?: pulumi.Input; /** * Key status: Enable, Disable, PendingDelete, Archived, PendingImport. */ keyState?: pulumi.Input; /** * Key usage. Options: ENCRYPT*DECRYPT, SIGN*VERIFY, GENERATE*VERIFY*MAC. */ keyUsage?: pulumi.Input; /** * Key ring name. Length 2–31 characters. Valid characters: [a-zA-Z0-9-_]. */ keyringName?: pulumi.Input; /** * Key last rotation time. */ lastRotationTime?: pulumi.Input; /** * Is this a multi-region type master key. */ multiRegion?: pulumi.Input; /** * Multi-region key configuration information. */ multiRegionConfiguration?: pulumi.Input; /** * Key source. Options: CloudKMS, External, ExternalKeyStore. */ origin?: pulumi.Input; /** * Key protection level. Options: SOFTWARE, HSM. */ protectionLevel?: pulumi.Input; /** * Re-encryption action parameters and results. ReEncrypt can be triggered during the Create/Update phase; the result is only guaranteed to be returned in the current response. */ reEncrypt?: pulumi.Input; /** * Replicate key action parameters and results. ReplicateKey can be triggered during the Create/Update phase; the result is only guaranteed to be returned in the current response. */ replicateKey?: pulumi.Input; /** * Key rotation period (days). Range: [90, 2560]. */ rotateInterval?: pulumi.Input; /** * Key rotation status. Options: Enable, Disable. */ rotateState?: pulumi.Input; /** * Key deletion time. */ scheduleDeleteTime?: pulumi.Input; /** * Key rotation time. */ scheduleRotationTime?: pulumi.Input; tags?: pulumi.Input[]>; /** * Resource name. Format should be trn:${Service}:${Region}:${AccountID}:${ResourcePath}. */ trn?: pulumi.Input; /** * Key update time. */ updatedTime?: pulumi.Input; } /** * The set of arguments for constructing a Key resource. */ export interface KeyArgs { /** * Asymmetric encryption action parameters and results. AsymmetricEncrypt can be triggered during the Create/Update phase; the result is only guaranteed to be returned in the current response. */ asymmetricCiphertext?: pulumi.Input; /** * Asymmetric signature action parameters and results. AsymmetricSign can be triggered during the Create/Update phase; the result is only guaranteed to be returned in the current response. */ asymmetricSignature?: pulumi.Input; /** * Symmetric encryption action parameters and results. Encrypt can be triggered during the Create/Update phase; the result is only guaranteed to be returned in the current response. */ ciphertext?: pulumi.Input; /** * Key description: Length 0–8192 characters. */ description?: pulumi.Input; /** * User master key archive operation (enter 1 to archive, 2 to unarchive). */ keyArchiveOperation?: pulumi.Input; /** * User master key enable operation (enter 1 to enable, 2 to disable). */ keyEnableOperation?: pulumi.Input; /** * Master key name. Length 2–31 characters. Valid characters: [a-zA-Z0-9-_]. */ keyName: pulumi.Input; /** * Primary region of the multi-region key. Set the target primary region during the Create/Update phase; the current primary region is returned during the Read phase. */ keyPrimaryRegion?: pulumi.Input; /** * User master key rotation operation (enter 1 to enable, 2 to disable). */ keyRotationOperation?: pulumi.Input; /** * Symmetric keys: SYMMETRIC*256, SYMMETRIC*128; asymmetric keys: RSA*2048, RSA*3072, RSA*4096, EC*P256, EC*P256K, EC*P384, EC*P521, EC*SM2. */ keySpec?: pulumi.Input; /** * Key usage. Options: ENCRYPT*DECRYPT, SIGN*VERIFY, GENERATE*VERIFY*MAC. */ keyUsage?: pulumi.Input; /** * Key ring name. Length 2–31 characters. Valid characters: [a-zA-Z0-9-_]. */ keyringName: pulumi.Input; /** * Is this a multi-region type master key. */ multiRegion?: pulumi.Input; /** * Key source. Options: CloudKMS, External, ExternalKeyStore. */ origin?: pulumi.Input; /** * Key protection level. Options: SOFTWARE, HSM. */ protectionLevel?: pulumi.Input; /** * Re-encryption action parameters and results. ReEncrypt can be triggered during the Create/Update phase; the result is only guaranteed to be returned in the current response. */ reEncrypt?: pulumi.Input; /** * Replicate key action parameters and results. ReplicateKey can be triggered during the Create/Update phase; the result is only guaranteed to be returned in the current response. */ replicateKey?: pulumi.Input; /** * Key rotation period (days). Range: [90, 2560]. */ rotateInterval?: pulumi.Input; tags?: pulumi.Input[]>; }