Provides access to a Google Cloud Platform KMS CryptoKeyVersion. For more information see the official documentation and API.
A CryptoKeyVersion represents an individual cryptographic key, and the associated key material.
data "google_kms_key_ring" "my_key_ring" {
name = "my-key-ring"
location = "us-central1"
}
data "google_kms_crypto_key" "my_crypto_key" {
name = "my-crypto-key"
key_ring = data.google_kms_key_ring.my_key_ring.id
}
data "google_kms_crypto_key_version" "my_crypto_key_version" {
crypto_key = data.google_kms_crypto_key.my_key.id
}
The following arguments are supported:
crypto_key
- (Required) The id
of the Google Cloud Platform CryptoKey to which the key version belongs. This is also the id
field of the
google_kms_crypto_key
resource/datasource.
version
- (Optional) The version number for this CryptoKeyVersion. Defaults to 1
.
In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with format //cloudkms.googleapis.com/v1/{{crypto_key}}/cryptoKeyVersions/{{version}}
name
- The resource name for this CryptoKeyVersion in the format projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersions/*
state
- The current state of the CryptoKeyVersion. See the state reference for possible outputs.
protection_level
- The ProtectionLevel describing how crypto operations are performed with this CryptoKeyVersion. See the protection_level reference for possible outputs.
algorithm
- The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports. See the algorithm reference for possible outputs.
public_key
- If the enclosing CryptoKey has purpose ASYMMETRIC_SIGN
or ASYMMETRIC_DECRYPT
, this block contains details about the public key associated to this CryptoKeyVersion. Structure is documented below.
The public_key
block, if present, contains:
pem
- The public key, encoded in PEM format. For more information, see the RFC 7468 sections for General Considerations and Textual Encoding of Subject Public Key Info.
algorithm
- The CryptoKeyVersionAlgorithm that this CryptoKeyVersion supports.