Class: Google::Cloud::Kms::V1::CryptoKey

Inherits:

Object

• Object
• Google::Cloud::Kms::V1::CryptoKey

Defined in:

lib/google/cloud/kms/v1/doc/google/cloud/kms/v1/resources.rb

Overview

A CryptoKey represents a logical key that can be used for cryptographic operations.

A CryptoKey is made up of one or more versions, which represent the actual key material used in cryptographic operations.

Defined Under Namespace

Modules: CryptoKeyPurpose

Instance Attribute Summary

• #create_time ⇒ Google::Protobuf::Timestamp

  Output only.

• #labels ⇒ Hash{String => String}

  Labels with user-defined metadata.

• #name ⇒ String

  Output only.

• #next_rotation_time ⇒ Google::Protobuf::Timestamp

  At next_rotation_time, the Key Management Service will automatically:.

• #primary ⇒ Google::Cloud::Kms::V1::CryptoKeyVersion

  Output only.

• #purpose ⇒ Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose

  The immutable purpose of this CryptoKey.

• #rotation_period ⇒ Google::Protobuf::Duration

  next_rotation_time will be advanced by this period when the service automatically rotates a key.

• #version_template ⇒ Google::Cloud::Kms::V1::CryptoKeyVersionTemplate

  A template describing settings for new CryptoKeyVersion instances.

Instance Attribute Details

#create_time ⇒ Google::Protobuf::Timestamp

Returns Output only. The time at which this CryptoKey was created.

Returns:

• (Google::Protobuf::Timestamp) —

  Output only. The time at which this CryptoKey was created.

# File 'lib/google/cloud/kms/v1/doc/google/cloud/kms/v1/resources.rb', line 92

class CryptoKey
  # {Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose CryptoKeyPurpose} describes the cryptographic capabilities of a
  # {Google::Cloud::Kms::V1::CryptoKey CryptoKey}. A given key can only be used for the operations allowed by
  # its purpose. For more information, see
  # [Key purposes](https://cloud.google.com/kms/docs/algorithms#key_purposes).
  module CryptoKeyPurpose
    # Not specified.
    CRYPTO_KEY_PURPOSE_UNSPECIFIED = 0

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::Encrypt Encrypt} and
    # {Google::Cloud::Kms::V1::KeyManagementService::Decrypt Decrypt}.
    ENCRYPT_DECRYPT = 1

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::AsymmetricSign AsymmetricSign} and
    # {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}.
    ASYMMETRIC_SIGN = 5

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::AsymmetricDecrypt AsymmetricDecrypt} and
    # {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}.
    ASYMMETRIC_DECRYPT = 6
  end
end

#labels ⇒ Hash{String => String}

Returns Labels with user-defined metadata. For more information, see Labeling Keys.

Returns:

• (Hash{String => String}) —

  Labels with user-defined metadata. For more information, see Labeling Keys.

# File 'lib/google/cloud/kms/v1/doc/google/cloud/kms/v1/resources.rb', line 92

class CryptoKey
  # {Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose CryptoKeyPurpose} describes the cryptographic capabilities of a
  # {Google::Cloud::Kms::V1::CryptoKey CryptoKey}. A given key can only be used for the operations allowed by
  # its purpose. For more information, see
  # [Key purposes](https://cloud.google.com/kms/docs/algorithms#key_purposes).
  module CryptoKeyPurpose
    # Not specified.
    CRYPTO_KEY_PURPOSE_UNSPECIFIED = 0

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::Encrypt Encrypt} and
    # {Google::Cloud::Kms::V1::KeyManagementService::Decrypt Decrypt}.
    ENCRYPT_DECRYPT = 1

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::AsymmetricSign AsymmetricSign} and
    # {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}.
    ASYMMETRIC_SIGN = 5

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::AsymmetricDecrypt AsymmetricDecrypt} and
    # {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}.
    ASYMMETRIC_DECRYPT = 6
  end
end

#name ⇒ String

Returns Output only. The resource name for this CryptoKey in the format projects/*/locations/*/keyRings/*/cryptoKeys/*.

Returns:

• (String) —

  Output only. The resource name for this CryptoKey in the format projects/*/locations/*/keyRings/*/cryptoKeys/*.

# File 'lib/google/cloud/kms/v1/doc/google/cloud/kms/v1/resources.rb', line 92

class CryptoKey
  # {Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose CryptoKeyPurpose} describes the cryptographic capabilities of a
  # {Google::Cloud::Kms::V1::CryptoKey CryptoKey}. A given key can only be used for the operations allowed by
  # its purpose. For more information, see
  # [Key purposes](https://cloud.google.com/kms/docs/algorithms#key_purposes).
  module CryptoKeyPurpose
    # Not specified.
    CRYPTO_KEY_PURPOSE_UNSPECIFIED = 0

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::Encrypt Encrypt} and
    # {Google::Cloud::Kms::V1::KeyManagementService::Decrypt Decrypt}.
    ENCRYPT_DECRYPT = 1

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::AsymmetricSign AsymmetricSign} and
    # {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}.
    ASYMMETRIC_SIGN = 5

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::AsymmetricDecrypt AsymmetricDecrypt} and
    # {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}.
    ASYMMETRIC_DECRYPT = 6
  end
end

#next_rotation_time ⇒ Google::Protobuf::Timestamp

Returns At next_rotation_time, the Key Management Service will automatically:

1. Create a new version of this CryptoKey.
2. Mark the new version as primary.

Key rotations performed manually via CreateCryptoKeyVersion and UpdateCryptoKeyPrimaryVersion do not affect next_rotation_time.

Keys with purpose ENCRYPT_DECRYPT support automatic rotation. For other keys, this field must be omitted.

Returns:

• (Google::Protobuf::Timestamp) —

  At next_rotation_time, the Key Management Service will automatically:

  1. Create a new version of this CryptoKey.
  2. Mark the new version as primary.

  Key rotations performed manually via CreateCryptoKeyVersion and UpdateCryptoKeyPrimaryVersion do not affect next_rotation_time.

  Keys with purpose ENCRYPT_DECRYPT support automatic rotation. For other keys, this field must be omitted.

# File 'lib/google/cloud/kms/v1/doc/google/cloud/kms/v1/resources.rb', line 92

class CryptoKey
  # {Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose CryptoKeyPurpose} describes the cryptographic capabilities of a
  # {Google::Cloud::Kms::V1::CryptoKey CryptoKey}. A given key can only be used for the operations allowed by
  # its purpose. For more information, see
  # [Key purposes](https://cloud.google.com/kms/docs/algorithms#key_purposes).
  module CryptoKeyPurpose
    # Not specified.
    CRYPTO_KEY_PURPOSE_UNSPECIFIED = 0

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::Encrypt Encrypt} and
    # {Google::Cloud::Kms::V1::KeyManagementService::Decrypt Decrypt}.
    ENCRYPT_DECRYPT = 1

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::AsymmetricSign AsymmetricSign} and
    # {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}.
    ASYMMETRIC_SIGN = 5

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::AsymmetricDecrypt AsymmetricDecrypt} and
    # {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}.
    ASYMMETRIC_DECRYPT = 6
  end
end

#primary ⇒ Google::Cloud::Kms::V1::CryptoKeyVersion

Returns Output only. A copy of the "primary" CryptoKeyVersion that will be used by Encrypt when this CryptoKey is given in EncryptRequest#name.

The CryptoKey's primary version can be updated via UpdateCryptoKeyPrimaryVersion.

All keys with purpose ENCRYPT_DECRYPT have a primary. For other keys, this field will be omitted.

Returns:

• (Google::Cloud::Kms::V1::CryptoKeyVersion) —

  Output only. A copy of the "primary" CryptoKeyVersion that will be used by Encrypt when this CryptoKey is given in EncryptRequest#name.

  The CryptoKey's primary version can be updated via UpdateCryptoKeyPrimaryVersion.

  All keys with purpose ENCRYPT_DECRYPT have a primary. For other keys, this field will be omitted.

# File 'lib/google/cloud/kms/v1/doc/google/cloud/kms/v1/resources.rb', line 92

class CryptoKey
  # {Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose CryptoKeyPurpose} describes the cryptographic capabilities of a
  # {Google::Cloud::Kms::V1::CryptoKey CryptoKey}. A given key can only be used for the operations allowed by
  # its purpose. For more information, see
  # [Key purposes](https://cloud.google.com/kms/docs/algorithms#key_purposes).
  module CryptoKeyPurpose
    # Not specified.
    CRYPTO_KEY_PURPOSE_UNSPECIFIED = 0

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::Encrypt Encrypt} and
    # {Google::Cloud::Kms::V1::KeyManagementService::Decrypt Decrypt}.
    ENCRYPT_DECRYPT = 1

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::AsymmetricSign AsymmetricSign} and
    # {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}.
    ASYMMETRIC_SIGN = 5

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::AsymmetricDecrypt AsymmetricDecrypt} and
    # {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}.
    ASYMMETRIC_DECRYPT = 6
  end
end

#purpose ⇒ Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose

Returns The immutable purpose of this CryptoKey.

Returns:

• (Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose) —

  The immutable purpose of this CryptoKey.

# File 'lib/google/cloud/kms/v1/doc/google/cloud/kms/v1/resources.rb', line 92

class CryptoKey
  # {Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose CryptoKeyPurpose} describes the cryptographic capabilities of a
  # {Google::Cloud::Kms::V1::CryptoKey CryptoKey}. A given key can only be used for the operations allowed by
  # its purpose. For more information, see
  # [Key purposes](https://cloud.google.com/kms/docs/algorithms#key_purposes).
  module CryptoKeyPurpose
    # Not specified.
    CRYPTO_KEY_PURPOSE_UNSPECIFIED = 0

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::Encrypt Encrypt} and
    # {Google::Cloud::Kms::V1::KeyManagementService::Decrypt Decrypt}.
    ENCRYPT_DECRYPT = 1

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::AsymmetricSign AsymmetricSign} and
    # {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}.
    ASYMMETRIC_SIGN = 5

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::AsymmetricDecrypt AsymmetricDecrypt} and
    # {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}.
    ASYMMETRIC_DECRYPT = 6
  end
end

#rotation_period ⇒ Google::Protobuf::Duration

Returns next_rotation_time will be advanced by this period when the service automatically rotates a key. Must be at least one day.

If rotation_period is set, next_rotation_time must also be set.

Keys with purpose ENCRYPT_DECRYPT support automatic rotation. For other keys, this field must be omitted.

Returns:

• (Google::Protobuf::Duration) —

  next_rotation_time will be advanced by this period when the service automatically rotates a key. Must be at least one day.

  If rotation_period is set, next_rotation_time must also be set.

  Keys with purpose ENCRYPT_DECRYPT support automatic rotation. For other keys, this field must be omitted.

# File 'lib/google/cloud/kms/v1/doc/google/cloud/kms/v1/resources.rb', line 92

class CryptoKey
  # {Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose CryptoKeyPurpose} describes the cryptographic capabilities of a
  # {Google::Cloud::Kms::V1::CryptoKey CryptoKey}. A given key can only be used for the operations allowed by
  # its purpose. For more information, see
  # [Key purposes](https://cloud.google.com/kms/docs/algorithms#key_purposes).
  module CryptoKeyPurpose
    # Not specified.
    CRYPTO_KEY_PURPOSE_UNSPECIFIED = 0

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::Encrypt Encrypt} and
    # {Google::Cloud::Kms::V1::KeyManagementService::Decrypt Decrypt}.
    ENCRYPT_DECRYPT = 1

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::AsymmetricSign AsymmetricSign} and
    # {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}.
    ASYMMETRIC_SIGN = 5

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::AsymmetricDecrypt AsymmetricDecrypt} and
    # {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}.
    ASYMMETRIC_DECRYPT = 6
  end
end

#version_template ⇒ Google::Cloud::Kms::V1::CryptoKeyVersionTemplate

Returns A template describing settings for new CryptoKeyVersion instances. The properties of new CryptoKeyVersion instances created by either CreateCryptoKeyVersion or auto-rotation are controlled by this template.

Returns:

• (Google::Cloud::Kms::V1::CryptoKeyVersionTemplate) —

  A template describing settings for new CryptoKeyVersion instances. The properties of new CryptoKeyVersion instances created by either CreateCryptoKeyVersion or auto-rotation are controlled by this template.

# File 'lib/google/cloud/kms/v1/doc/google/cloud/kms/v1/resources.rb', line 92

class CryptoKey
  # {Google::Cloud::Kms::V1::CryptoKey::CryptoKeyPurpose CryptoKeyPurpose} describes the cryptographic capabilities of a
  # {Google::Cloud::Kms::V1::CryptoKey CryptoKey}. A given key can only be used for the operations allowed by
  # its purpose. For more information, see
  # [Key purposes](https://cloud.google.com/kms/docs/algorithms#key_purposes).
  module CryptoKeyPurpose
    # Not specified.
    CRYPTO_KEY_PURPOSE_UNSPECIFIED = 0

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::Encrypt Encrypt} and
    # {Google::Cloud::Kms::V1::KeyManagementService::Decrypt Decrypt}.
    ENCRYPT_DECRYPT = 1

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::AsymmetricSign AsymmetricSign} and
    # {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}.
    ASYMMETRIC_SIGN = 5

    # {Google::Cloud::Kms::V1::CryptoKey CryptoKeys} with this purpose may be used with
    # {Google::Cloud::Kms::V1::KeyManagementService::AsymmetricDecrypt AsymmetricDecrypt} and
    # {Google::Cloud::Kms::V1::KeyManagementService::GetPublicKey GetPublicKey}.
    ASYMMETRIC_DECRYPT = 6
  end
end