Skip to content

Latest commit

 

History

History
29 lines (25 loc) · 2.25 KB

io.md

File metadata and controls

29 lines (25 loc) · 2.25 KB

Inputs

Name Description Type Default Required
environment Environment name string "dev" no
google_kms_crypto_key_iam_binding_enabled (Optional) Whether or not to create IAM bindings for the Google Cloud KMS crypto key within the module. Set to true to include IAM bindings, false to exclude them. bool true no
key_algorithm The algorithm to use when creating a version based on this template. See the https://cloud.google.com/kms/docs/reference/rest/v1/CryptoKeyVersionAlgorithm for possible inputs. string "GOOGLE_SYMMETRIC_ENCRYPTION" no
key_protection_level The protection level to use when creating a version based on this template. Default value: "SOFTWARE" Possible values: ["SOFTWARE", "HSM"] string "SOFTWARE" no
key_rotation_period specifies the duration, expressed in seconds, for the automatic rotation of cryptographic keys string null no
keyring Keyring name. string n/a yes
keys Key names. list(string)
[
"KMS-KEY"
]
no
label_order Label order, e.g. name,application. list(any)
[
"name",
"environment"
]
no
location Location for the keyring. string "" no
module_enabled (Optional) Whether or not to create resources within the module. bool true no
prevent_destroy Set the prevent_destroy lifecycle attribute on keys. bool true no
project_id (Optional) The ID of the project in which the resource belongs. If it is not set, the provider project is used. string null no
purpose The immutable purpose of the CryptoKey. Possible values are ENCRYPT_DECRYPT, ASYMMETRIC_SIGN, and ASYMMETRIC_DECRYPT. string "ENCRYPT_DECRYPT" no
role this role use for permissions string "roles/cloudkms.cryptoKeyEncrypterDecrypter" no
service_accounts List of comma-separated owners for each key declared in set_owners_for. list(string) [] no

Outputs

Name Description
key n/a
keyring Self link of the keyring.
keyring_name Name of the keyring.
keyring_resource Keyring resource.