GoogleCloudKmsV1CryptoKeyVersion

import type { GoogleCloudKmsV1CryptoKeyVersion } from "https://googleapis.deno.dev/v1/kmsinventory:v1.ts";

A CryptoKeyVersion represents an individual cryptographic key, and the associated key material. An ENABLED version can be used for cryptographic operations. For security reasons, the raw cryptographic key material represented by a CryptoKeyVersion can never be viewed or exported. It can only be used to encrypt, decrypt, or sign data when an authorized user or application invokes Cloud KMS.

interface GoogleCloudKmsV1CryptoKeyVersion {

readonly algorithm?:

| "CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED"

| "GOOGLE_SYMMETRIC_ENCRYPTION"

| "AES_128_GCM"

| "AES_256_GCM"

| "AES_128_CBC"

| "AES_256_CBC"

| "AES_128_CTR"

| "AES_256_CTR"

| "RSA_SIGN_PSS_2048_SHA256"

| "RSA_SIGN_PSS_3072_SHA256"

| "RSA_SIGN_PSS_4096_SHA256"

| "RSA_SIGN_PSS_4096_SHA512"

| "RSA_SIGN_PKCS1_2048_SHA256"

| "RSA_SIGN_PKCS1_3072_SHA256"

| "RSA_SIGN_PKCS1_4096_SHA256"

| "RSA_SIGN_PKCS1_4096_SHA512"

| "RSA_SIGN_RAW_PKCS1_2048"

| "RSA_SIGN_RAW_PKCS1_3072"

| "RSA_SIGN_RAW_PKCS1_4096"

| "RSA_DECRYPT_OAEP_2048_SHA256"

| "RSA_DECRYPT_OAEP_3072_SHA256"

| "RSA_DECRYPT_OAEP_4096_SHA256"

| "RSA_DECRYPT_OAEP_4096_SHA512"

| "RSA_DECRYPT_OAEP_2048_SHA1"

| "RSA_DECRYPT_OAEP_3072_SHA1"

| "RSA_DECRYPT_OAEP_4096_SHA1"

| "EC_SIGN_P256_SHA256"

| "EC_SIGN_P384_SHA384"

| "EC_SIGN_SECP256K1_SHA256"

| "EC_SIGN_ED25519"

| "HMAC_SHA256"

| "HMAC_SHA1"

| "HMAC_SHA384"

| "HMAC_SHA512"

| "HMAC_SHA224"

| "EXTERNAL_SYMMETRIC_ENCRYPTION";

readonly attestation?: GoogleCloudKmsV1KeyOperationAttestation;

readonly createTime?: Date;

readonly destroyEventTime?: Date;

readonly destroyTime?: Date;

readonly externalDestructionFailureReason?: string;

externalProtectionLevelOptions?: GoogleCloudKmsV1ExternalProtectionLevelOptions;

readonly generateTime?: Date;

readonly generationFailureReason?: string;

readonly importFailureReason?: string;

readonly importJob?: string;

readonly importTime?: Date;

readonly name?: string;

readonly protectionLevel?:

| "PROTECTION_LEVEL_UNSPECIFIED"

| "SOFTWARE"

| "HSM"

| "EXTERNAL"

| "EXTERNAL_VPC";

readonly reimportEligible?: boolean;

state?:

| "CRYPTO_KEY_VERSION_STATE_UNSPECIFIED"

| "PENDING_GENERATION"

| "ENABLED"

| "DISABLED"

| "DESTROYED"

| "DESTROY_SCHEDULED"

| "PENDING_IMPORT"

| "IMPORT_FAILED"

| "GENERATION_FAILED"

| "PENDING_EXTERNAL_DESTRUCTION"

| "EXTERNAL_DESTRUCTION_FAILED";

}

§Properties

[src]

Output only. The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.

readonly attestation?: GoogleCloudKmsV1KeyOperationAttestation

[src]

Output only. Statement that was generated and signed by the HSM at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google. Only provided for key versions with protection_level HSM.

readonly createTime?: Date

[src]

Output only. The time at which this CryptoKeyVersion was created.

readonly destroyEventTime?: Date

[src]

Output only. The time this CryptoKeyVersion's key material was destroyed. Only present if state is DESTROYED.

readonly destroyTime?: Date

[src]

Output only. The time this CryptoKeyVersion's key material is scheduled for destruction. Only present if state is DESTROY_SCHEDULED.

readonly externalDestructionFailureReason?: string

[src]

Output only. The root cause of the most recent external destruction failure. Only present if state is EXTERNAL_DESTRUCTION_FAILED.

externalProtectionLevelOptions?: GoogleCloudKmsV1ExternalProtectionLevelOptions

[src]

ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level and EXTERNAL_VPC protection levels.

readonly generateTime?: Date

[src]

Output only. The time this CryptoKeyVersion's key material was generated.

readonly generationFailureReason?: string

[src]

Output only. The root cause of the most recent generation failure. Only present if state is GENERATION_FAILED.

readonly importFailureReason?: string

[src]

Output only. The root cause of the most recent import failure. Only present if state is IMPORT_FAILED.

readonly importJob?: string

[src]

Output only. The name of the ImportJob used in the most recent import of this CryptoKeyVersion. Only present if the underlying key material was imported.

readonly importTime?: Date

[src]

Output only. The time at which this CryptoKeyVersion's key material was most recently imported.

readonly name?: string

[src]

Output only. The resource name for this CryptoKeyVersion in the format projects/*\/locations/*\/keyRings/*\/cryptoKeys/*\/cryptoKeyVersions/*.

readonly protectionLevel?: "PROTECTION_LEVEL_UNSPECIFIED" | "SOFTWARE" | "HSM" | "EXTERNAL" | "EXTERNAL_VPC"

[src]

Output only. The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion.

readonly reimportEligible?: boolean

[src]

Output only. Whether or not this key version is eligible for reimport, by being specified as a target in ImportCryptoKeyVersionRequest.crypto_key_version.

[src]

The current state of the CryptoKeyVersion.