CryptoKey is a managed resource that represents a Google KMS Crypto Key.
Type
CRD
Group
kms.gcp.crossplane.io
Version
v1alpha1
apiVersion: kms.gcp.crossplane.io/v1alpha1
kind: CryptoKey
CryptoKeySpec defines the desired state of a CryptoKey.
CryptoKeyParameters defines parameters for a desired KMS CryptoKey https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys
KeyRingRef references a KeyRing and retrieves its URI
Policies for referencing.
KeyRingSelector selects a reference to a KeyRing
Policies for selection.
VersionTemplate: A template describing settings for new CryptoKeyVersion instances. The properties of new CryptoKeyVersion instances created by either CreateCryptoKeyVersion or auto-rotation are controlled by this template.
ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured.
Policies for referencing.
ProviderReference specifies the provider that will be used to create, observe, update, and delete this managed resource. Deprecated: Please use ProviderConfigReference, i.e. providerConfigRef
Policies for referencing.
PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource.
WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other.
CryptoKeyStatus represents the observed state of a CryptoKey.
CryptoKeyObservation is used to show the observed state of the CryptoKey resource on GCP. All fields in this structure should only be populated from GCP responses; any changes made to the k8s resource outside of the crossplane gcp controller will be ignored and overwritten.
Primary: Output only. A copy of the "primary" CryptoKeyVersion that will be used by Encrypt when this CryptoKey is given in EncryptRequest.name. The CryptoKey's primary version can be updated via UpdateCryptoKeyPrimaryVersion. Keys with purpose ENCRYPT_DECRYPT may have a primary. For other keys, this field will be omitted.
ExternalProtectionLevelOptions: ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level.
Conditions of the resource.
© 2022 Upbound, Inc.
Discover the building blocksfor your internal cloud platform.