Hi there! Are you looking for the official Deno documentation? Try docs.deno.com for all your Deno learning needs.

GoogleCloudKmsV1CryptoKey

import type { GoogleCloudKmsV1CryptoKey } from "https://googleapis.deno.dev/v1/kmsinventory:v1.ts";

A CryptoKey represents a logical key that can be used for cryptographic operations. A CryptoKey is made up of zero or more versions, which represent the actual key material used in cryptographic operations.

interface GoogleCloudKmsV1CryptoKey {
readonly createTime?: Date;
cryptoKeyBackend?: string;
destroyScheduledDuration?: number;
importOnly?: boolean;
labels?: {
[key: string]: string;
};
readonly name?: string;
nextRotationTime?: Date;
readonly primary?: GoogleCloudKmsV1CryptoKeyVersion;
purpose?:
| "CRYPTO_KEY_PURPOSE_UNSPECIFIED"
| "ENCRYPT_DECRYPT"
| "ASYMMETRIC_SIGN"
| "ASYMMETRIC_DECRYPT"
| "RAW_ENCRYPT_DECRYPT"
| "MAC";
rotationPeriod?: number;
versionTemplate?: GoogleCloudKmsV1CryptoKeyVersionTemplate;
}

§Properties

§
readonly createTime?: Date
[src]

Output only. The time at which this CryptoKey was created.

§
cryptoKeyBackend?: string
[src]

Immutable. The resource name of the backend environment where the key material for all CryptoKeyVersions associated with this CryptoKey reside and where all related cryptographic operations are performed. Only applicable if CryptoKeyVersions have a ProtectionLevel of EXTERNAL_VPC, with the resource name in the format projects/*\/locations/*\/ekmConnections/*. Note, this list is non-exhaustive and may apply to additional ProtectionLevels in the future.

§
destroyScheduledDuration?: number
[src]

Immutable. The period of time that versions of this key spend in the DESTROY_SCHEDULED state before transitioning to DESTROYED. If not specified at creation time, the default duration is 24 hours.

§
importOnly?: boolean
[src]

Immutable. Whether this key may contain imported versions only.

§
labels?: {
[key: string]: string;
}
[src]

Labels with user-defined metadata. For more information, see Labeling Keys.

§
readonly name?: string
[src]

Output only. The resource name for this CryptoKey in the format projects/*\/locations/*\/keyRings/*\/cryptoKeys/*.

§
nextRotationTime?: Date
[src]

At next_rotation_time, the Key Management Service will automatically: 1. Create a new version of this CryptoKey. 2. Mark the new version as primary. Key rotations performed manually via CreateCryptoKeyVersion and UpdateCryptoKeyPrimaryVersion do not affect next_rotation_time. Keys with purpose ENCRYPT_DECRYPT support automatic rotation. For other keys, this field must be omitted.

§
readonly primary?: GoogleCloudKmsV1CryptoKeyVersion
[src]

Output only. A copy of the "primary" CryptoKeyVersion that will be used by Encrypt when this CryptoKey is given in EncryptRequest.name. The CryptoKey's primary version can be updated via UpdateCryptoKeyPrimaryVersion. Keys with purpose ENCRYPT_DECRYPT may have a primary. For other keys, this field will be omitted.

§
purpose?: "CRYPTO_KEY_PURPOSE_UNSPECIFIED" | "ENCRYPT_DECRYPT" | "ASYMMETRIC_SIGN" | "ASYMMETRIC_DECRYPT" | "RAW_ENCRYPT_DECRYPT" | "MAC"
[src]

Immutable. The immutable purpose of this CryptoKey.

§
rotationPeriod?: number
[src]

next_rotation_time will be advanced by this period when the service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours. If rotation_period is set, next_rotation_time must also be set. Keys with purpose ENCRYPT_DECRYPT support automatic rotation. For other keys, this field must be omitted.

§
versionTemplate?: GoogleCloudKmsV1CryptoKeyVersionTemplate
[src]

A template describing settings for new CryptoKeyVersion instances. The properties of new CryptoKeyVersion instances created by either CreateCryptoKeyVersion or auto-rotation are controlled by this template.