class Google::Apis::CloudkmsV1::CryptoKey
A CryptoKey
represents a logical key that can be used for cryptographic operations. A CryptoKey
is made up of zero or more versions, which represent the actual key material used in cryptographic operations.
Attributes
Output only. The time at which this CryptoKey
was created. Corresponds to the JSON property `createTime` @return [String]
Immutable. The period of time that versions of this key spend in the DESTROY_SCHEDULED state before transitioning to DESTROYED. If not specified at creation time, the default duration is 24 hours. Corresponds to the JSON property `destroyScheduledDuration` @return [String]
Immutable. Whether this key may contain imported versions only. Corresponds to the JSON property `importOnly` @return [Boolean]
Immutable. Whether this key may contain imported versions only. Corresponds to the JSON property `importOnly` @return [Boolean]
Labels with user-defined metadata. For more information, see [Labeling Keys]( cloud.google.com/kms/docs/labeling-keys). Corresponds to the JSON property `labels` @return [Hash<String,String>]
Output only. The resource name for this CryptoKey
in the format `projects/*/ locations//keyRings//cryptoKeys/*`. Corresponds to the JSON property `name` @return [String]
At next_rotation_time
, the Key Management Service will automatically: 1. Create a new version of this CryptoKey
. 2. Mark the new version as primary. Key rotations performed manually via CreateCryptoKeyVersion and UpdateCryptoKeyPrimaryVersion do not affect next_rotation_time. Keys with purpose ENCRYPT_DECRYPT support automatic rotation. For other keys, this field must be omitted. Corresponds to the JSON property `nextRotationTime` @return [String]
A CryptoKeyVersion
represents an individual cryptographic key, and the associated key material. An ENABLED version can be used for cryptographic operations. For security reasons, the raw cryptographic key material represented by a CryptoKeyVersion
can never be viewed or exported. It can only be used to encrypt, decrypt, or sign data when an authorized user or application invokes Cloud KMS. Corresponds to the JSON property `primary` @return [Google::Apis::CloudkmsV1::CryptoKeyVersion]
Immutable. The immutable purpose of this CryptoKey
. Corresponds to the JSON property `purpose` @return [String]
next_rotation_time
will be advanced by this period when the service automatically rotates a key. Must be at least 24 hours and at most 876,000 hours. If rotation_period
is set, next_rotation_time
must also be set. Keys with purpose ENCRYPT_DECRYPT support automatic rotation. For other keys, this field must be omitted. Corresponds to the JSON property `rotationPeriod` @return [String]
A CryptoKeyVersionTemplate
specifies the properties to use when creating a new CryptoKeyVersion
, either manually with CreateCryptoKeyVersion or automatically as a result of auto-rotation. Corresponds to the JSON property `versionTemplate` @return [Google::Apis::CloudkmsV1::CryptoKeyVersionTemplate]
Public Class Methods
# File lib/google/apis/cloudkms_v1/classes.rb, line 466 def initialize(**args) update!(**args) end
Public Instance Methods
Update properties of this object
# File lib/google/apis/cloudkms_v1/classes.rb, line 471 def update!(**args) @create_time = args[:create_time] if args.key?(:create_time) @destroy_scheduled_duration = args[:destroy_scheduled_duration] if args.key?(:destroy_scheduled_duration) @import_only = args[:import_only] if args.key?(:import_only) @labels = args[:labels] if args.key?(:labels) @name = args[:name] if args.key?(:name) @next_rotation_time = args[:next_rotation_time] if args.key?(:next_rotation_time) @primary = args[:primary] if args.key?(:primary) @purpose = args[:purpose] if args.key?(:purpose) @rotation_period = args[:rotation_period] if args.key?(:rotation_period) @version_template = args[:version_template] if args.key?(:version_template) end