google_kms_ekm_connection

Ekm Connections are used to control the connection settings for an EXTERNAL_VPC CryptoKey. It is used to connect customer's external key manager to Google Cloud EKM.

To get more information about EkmConnection, see:

Example Usage - Kms Ekm Connection Basic

resource "google_kms_ekm_connection" "example-ekmconnection" {
  name              = "ekmconnection_example"
  location      = "us-central1"
  key_management_mode   = "MANUAL"
  service_resolvers     {
      service_directory_service  = "projects/project_id/locations/us-central1/namespaces/namespace_name/services/service_name"
      hostname           = "example-ekm.goog"
      server_certificates        {
            raw_der = "==HAwIBCCAr6gAwIBAgIUWR+EV4lqiV7Ql12VY=="
        }
    }
}

Argument Reference

The following arguments are supported:

The service_resolvers block supports:

The server_certificates block supports:


Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

Timeouts

This resource provides the following Timeouts configuration options:

Import

EkmConnection can be imported using any of these accepted formats:

In Terraform v1.5.0 and later, use an import block to import EkmConnection using one of the formats above. For example:

import {
  id = "projects/{{project}}/locations/{{location}}/ekmConnections/{{name}}"
  to = google_kms_ekm_connection.default
}

When using the terraform import command, EkmConnection can be imported using one of the formats above. For example:

$ terraform import google_kms_ekm_connection.default projects/{{project}}/locations/{{location}}/ekmConnections/{{name}}
$ terraform import google_kms_ekm_connection.default {{project}}/{{location}}/{{name}}
$ terraform import google_kms_ekm_connection.default {{location}}/{{name}}

User Project Overrides

This resource supports User Project Overrides.