All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.pulumi.gcp.kms.kotlin.KmsFunctions.kt Maven / Gradle / Ivy

Go to download

Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.

There is a newer version: 8.10.0.0
Show newest version
@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.gcp.kms.kotlin

import com.pulumi.gcp.kms.KmsFunctions.getCryptoKeyIamPolicyPlain
import com.pulumi.gcp.kms.KmsFunctions.getKMSCryptoKeyPlain
import com.pulumi.gcp.kms.KmsFunctions.getKMSCryptoKeyVersionPlain
import com.pulumi.gcp.kms.KmsFunctions.getKMSKeyRingPlain
import com.pulumi.gcp.kms.KmsFunctions.getKMSSecretAsymmetricPlain
import com.pulumi.gcp.kms.KmsFunctions.getKMSSecretCiphertextPlain
import com.pulumi.gcp.kms.KmsFunctions.getKMSSecretPlain
import com.pulumi.gcp.kms.KmsFunctions.getKeyRingIamPolicyPlain
import com.pulumi.gcp.kms.kotlin.inputs.GetCryptoKeyIamPolicyPlainArgs
import com.pulumi.gcp.kms.kotlin.inputs.GetCryptoKeyIamPolicyPlainArgsBuilder
import com.pulumi.gcp.kms.kotlin.inputs.GetKMSCryptoKeyPlainArgs
import com.pulumi.gcp.kms.kotlin.inputs.GetKMSCryptoKeyPlainArgsBuilder
import com.pulumi.gcp.kms.kotlin.inputs.GetKMSCryptoKeyVersionPlainArgs
import com.pulumi.gcp.kms.kotlin.inputs.GetKMSCryptoKeyVersionPlainArgsBuilder
import com.pulumi.gcp.kms.kotlin.inputs.GetKMSKeyRingPlainArgs
import com.pulumi.gcp.kms.kotlin.inputs.GetKMSKeyRingPlainArgsBuilder
import com.pulumi.gcp.kms.kotlin.inputs.GetKMSSecretAsymmetricPlainArgs
import com.pulumi.gcp.kms.kotlin.inputs.GetKMSSecretAsymmetricPlainArgsBuilder
import com.pulumi.gcp.kms.kotlin.inputs.GetKMSSecretCiphertextPlainArgs
import com.pulumi.gcp.kms.kotlin.inputs.GetKMSSecretCiphertextPlainArgsBuilder
import com.pulumi.gcp.kms.kotlin.inputs.GetKMSSecretPlainArgs
import com.pulumi.gcp.kms.kotlin.inputs.GetKMSSecretPlainArgsBuilder
import com.pulumi.gcp.kms.kotlin.inputs.GetKeyRingIamPolicyPlainArgs
import com.pulumi.gcp.kms.kotlin.inputs.GetKeyRingIamPolicyPlainArgsBuilder
import com.pulumi.gcp.kms.kotlin.outputs.GetCryptoKeyIamPolicyResult
import com.pulumi.gcp.kms.kotlin.outputs.GetKMSCryptoKeyResult
import com.pulumi.gcp.kms.kotlin.outputs.GetKMSCryptoKeyVersionResult
import com.pulumi.gcp.kms.kotlin.outputs.GetKMSKeyRingResult
import com.pulumi.gcp.kms.kotlin.outputs.GetKMSSecretAsymmetricResult
import com.pulumi.gcp.kms.kotlin.outputs.GetKMSSecretCiphertextResult
import com.pulumi.gcp.kms.kotlin.outputs.GetKMSSecretResult
import com.pulumi.gcp.kms.kotlin.outputs.GetKeyRingIamPolicyResult
import kotlinx.coroutines.future.await
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import com.pulumi.gcp.kms.kotlin.outputs.GetCryptoKeyIamPolicyResult.Companion.toKotlin as getCryptoKeyIamPolicyResultToKotlin
import com.pulumi.gcp.kms.kotlin.outputs.GetKMSCryptoKeyResult.Companion.toKotlin as getKMSCryptoKeyResultToKotlin
import com.pulumi.gcp.kms.kotlin.outputs.GetKMSCryptoKeyVersionResult.Companion.toKotlin as getKMSCryptoKeyVersionResultToKotlin
import com.pulumi.gcp.kms.kotlin.outputs.GetKMSKeyRingResult.Companion.toKotlin as getKMSKeyRingResultToKotlin
import com.pulumi.gcp.kms.kotlin.outputs.GetKMSSecretAsymmetricResult.Companion.toKotlin as getKMSSecretAsymmetricResultToKotlin
import com.pulumi.gcp.kms.kotlin.outputs.GetKMSSecretCiphertextResult.Companion.toKotlin as getKMSSecretCiphertextResultToKotlin
import com.pulumi.gcp.kms.kotlin.outputs.GetKMSSecretResult.Companion.toKotlin as getKMSSecretResultToKotlin
import com.pulumi.gcp.kms.kotlin.outputs.GetKeyRingIamPolicyResult.Companion.toKotlin as getKeyRingIamPolicyResultToKotlin

public object KmsFunctions {
    /**
     * Retrieves the current IAM policy data for a Google Cloud KMS crypto key.
     * ## example
     * 
     * ```typescript
     * import * as pulumi from "@pulumi/pulumi";
     * import * as gcp from "@pulumi/gcp";
     * const foo = gcp.kms.getCryptoKeyIamPolicy({
     *     cryptoKeyId: cryptoKey.id,
     * });
     * ```
     * ```python
     * import pulumi
     * import pulumi_gcp as gcp
     * foo = gcp.kms.get_crypto_key_iam_policy(crypto_key_id=crypto_key["id"])
     * ```
     * ```csharp
     * using System.Collections.Generic;
     * using System.Linq;
     * using Pulumi;
     * using Gcp = Pulumi.Gcp;
     * return await Deployment.RunAsync(() =>
     * {
     *     var foo = Gcp.Kms.GetCryptoKeyIamPolicy.Invoke(new()
     *     {
     *         CryptoKeyId = cryptoKey.Id,
     *     });
     * });
     * ```
     * ```go
     * package main
     * import (
     * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms"
     * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
     * )
     * func main() {
     * 	pulumi.Run(func(ctx *pulumi.Context) error {
     * 		_, err := kms.GetCryptoKeyIamPolicy(ctx, &kms.GetCryptoKeyIamPolicyArgs{
     * 			CryptoKeyId: cryptoKey.Id,
     * 		}, nil)
     * 		if err != nil {
     * 			return err
     * 		}
     * 		return nil
     * 	})
     * }
     * ```
     * ```java
     * package generated_program;
     * import com.pulumi.Context;
     * import com.pulumi.Pulumi;
     * import com.pulumi.core.Output;
     * import com.pulumi.gcp.kms.KmsFunctions;
     * import com.pulumi.gcp.kms.inputs.GetCryptoKeyIamPolicyArgs;
     * import java.util.List;
     * import java.util.ArrayList;
     * import java.util.Map;
     * import java.io.File;
     * import java.nio.file.Files;
     * import java.nio.file.Paths;
     * public class App {
     *     public static void main(String[] args) {
     *         Pulumi.run(App::stack);
     *     }
     *     public static void stack(Context ctx) {
     *         final var foo = KmsFunctions.getCryptoKeyIamPolicy(GetCryptoKeyIamPolicyArgs.builder()
     *             .cryptoKeyId(cryptoKey.id())
     *             .build());
     *     }
     * }
     * ```
     * ```yaml
     * variables:
     *   foo:
     *     fn::invoke:
     *       Function: gcp:kms:getCryptoKeyIamPolicy
     *       Arguments:
     *         cryptoKeyId: ${cryptoKey.id}
     * ```
     * 
     * @param argument A collection of arguments for invoking getCryptoKeyIamPolicy.
     * @return A collection of values returned by getCryptoKeyIamPolicy.
     */
    public suspend fun getCryptoKeyIamPolicy(argument: GetCryptoKeyIamPolicyPlainArgs): GetCryptoKeyIamPolicyResult =
        getCryptoKeyIamPolicyResultToKotlin(getCryptoKeyIamPolicyPlain(argument.toJava()).await())

    /**
     * @see [getCryptoKeyIamPolicy].
     * @param cryptoKeyId The crypto key ID, in the form
     * @return A collection of values returned by getCryptoKeyIamPolicy.
     */
    public suspend fun getCryptoKeyIamPolicy(cryptoKeyId: String): GetCryptoKeyIamPolicyResult {
        val argument = GetCryptoKeyIamPolicyPlainArgs(
            cryptoKeyId = cryptoKeyId,
        )
        return getCryptoKeyIamPolicyResultToKotlin(getCryptoKeyIamPolicyPlain(argument.toJava()).await())
    }

    /**
     * @see [getCryptoKeyIamPolicy].
     * @param argument Builder for [com.pulumi.gcp.kms.kotlin.inputs.GetCryptoKeyIamPolicyPlainArgs].
     * @return A collection of values returned by getCryptoKeyIamPolicy.
     */
    public suspend fun getCryptoKeyIamPolicy(argument: suspend GetCryptoKeyIamPolicyPlainArgsBuilder.() -> Unit): GetCryptoKeyIamPolicyResult {
        val builder = GetCryptoKeyIamPolicyPlainArgsBuilder()
        builder.argument()
        val builtArgument = builder.build()
        return getCryptoKeyIamPolicyResultToKotlin(getCryptoKeyIamPolicyPlain(builtArgument.toJava()).await())
    }

    /**
     * Provides access to a Google Cloud Platform KMS CryptoKey. For more information see
     * [the official documentation](https://cloud.google.com/kms/docs/object-hierarchy#key)
     * and
     * [API](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys).
     * A CryptoKey is an interface to key material which can be used to encrypt and decrypt data. A CryptoKey belongs to a
     * Google Cloud KMS KeyRing.
     * ## Example Usage
     * 
     * ```typescript
     * import * as pulumi from "@pulumi/pulumi";
     * import * as gcp from "@pulumi/gcp";
     * const myKeyRing = gcp.kms.getKMSKeyRing({
     *     name: "my-key-ring",
     *     location: "us-central1",
     * });
     * const myCryptoKey = myKeyRing.then(myKeyRing => gcp.kms.getKMSCryptoKey({
     *     name: "my-crypto-key",
     *     keyRing: myKeyRing.id,
     * }));
     * ```
     * ```python
     * import pulumi
     * import pulumi_gcp as gcp
     * my_key_ring = gcp.kms.get_kms_key_ring(name="my-key-ring",
     *     location="us-central1")
     * my_crypto_key = gcp.kms.get_kms_crypto_key(name="my-crypto-key",
     *     key_ring=my_key_ring.id)
     * ```
     * ```csharp
     * using System.Collections.Generic;
     * using System.Linq;
     * using Pulumi;
     * using Gcp = Pulumi.Gcp;
     * return await Deployment.RunAsync(() =>
     * {
     *     var myKeyRing = Gcp.Kms.GetKMSKeyRing.Invoke(new()
     *     {
     *         Name = "my-key-ring",
     *         Location = "us-central1",
     *     });
     *     var myCryptoKey = Gcp.Kms.GetKMSCryptoKey.Invoke(new()
     *     {
     *         Name = "my-crypto-key",
     *         KeyRing = myKeyRing.Apply(getKMSKeyRingResult => getKMSKeyRingResult.Id),
     *     });
     * });
     * ```
     * ```go
     * package main
     * import (
     * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms"
     * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
     * )
     * func main() {
     * 	pulumi.Run(func(ctx *pulumi.Context) error {
     * 		myKeyRing, err := kms.GetKMSKeyRing(ctx, &kms.GetKMSKeyRingArgs{
     * 			Name:     "my-key-ring",
     * 			Location: "us-central1",
     * 		}, nil)
     * 		if err != nil {
     * 			return err
     * 		}
     * 		_, err = kms.GetKMSCryptoKey(ctx, &kms.GetKMSCryptoKeyArgs{
     * 			Name:    "my-crypto-key",
     * 			KeyRing: myKeyRing.Id,
     * 		}, nil)
     * 		if err != nil {
     * 			return err
     * 		}
     * 		return nil
     * 	})
     * }
     * ```
     * ```java
     * package generated_program;
     * import com.pulumi.Context;
     * import com.pulumi.Pulumi;
     * import com.pulumi.core.Output;
     * import com.pulumi.gcp.kms.KmsFunctions;
     * import com.pulumi.gcp.kms.inputs.GetKMSKeyRingArgs;
     * import com.pulumi.gcp.kms.inputs.GetKMSCryptoKeyArgs;
     * import java.util.List;
     * import java.util.ArrayList;
     * import java.util.Map;
     * import java.io.File;
     * import java.nio.file.Files;
     * import java.nio.file.Paths;
     * public class App {
     *     public static void main(String[] args) {
     *         Pulumi.run(App::stack);
     *     }
     *     public static void stack(Context ctx) {
     *         final var myKeyRing = KmsFunctions.getKMSKeyRing(GetKMSKeyRingArgs.builder()
     *             .name("my-key-ring")
     *             .location("us-central1")
     *             .build());
     *         final var myCryptoKey = KmsFunctions.getKMSCryptoKey(GetKMSCryptoKeyArgs.builder()
     *             .name("my-crypto-key")
     *             .keyRing(myKeyRing.applyValue(getKMSKeyRingResult -> getKMSKeyRingResult.id()))
     *             .build());
     *     }
     * }
     * ```
     * ```yaml
     * variables:
     *   myKeyRing:
     *     fn::invoke:
     *       Function: gcp:kms:getKMSKeyRing
     *       Arguments:
     *         name: my-key-ring
     *         location: us-central1
     *   myCryptoKey:
     *     fn::invoke:
     *       Function: gcp:kms:getKMSCryptoKey
     *       Arguments:
     *         name: my-crypto-key
     *         keyRing: ${myKeyRing.id}
     * ```
     * 
     * @param argument A collection of arguments for invoking getKMSCryptoKey.
     * @return A collection of values returned by getKMSCryptoKey.
     */
    public suspend fun getKMSCryptoKey(argument: GetKMSCryptoKeyPlainArgs): GetKMSCryptoKeyResult =
        getKMSCryptoKeyResultToKotlin(getKMSCryptoKeyPlain(argument.toJava()).await())

    /**
     * @see [getKMSCryptoKey].
     * @param keyRing The `id` of the Google Cloud Platform KeyRing to which the key belongs.
     * @param name The CryptoKey's name.
     * A CryptoKey’s name belonging to the specified Google Cloud Platform KeyRing and match the regular expression `[a-zA-Z0-9_-]{1,63}`
     * @return A collection of values returned by getKMSCryptoKey.
     */
    public suspend fun getKMSCryptoKey(keyRing: String, name: String): GetKMSCryptoKeyResult {
        val argument = GetKMSCryptoKeyPlainArgs(
            keyRing = keyRing,
            name = name,
        )
        return getKMSCryptoKeyResultToKotlin(getKMSCryptoKeyPlain(argument.toJava()).await())
    }

    /**
     * @see [getKMSCryptoKey].
     * @param argument Builder for [com.pulumi.gcp.kms.kotlin.inputs.GetKMSCryptoKeyPlainArgs].
     * @return A collection of values returned by getKMSCryptoKey.
     */
    public suspend fun getKMSCryptoKey(argument: suspend GetKMSCryptoKeyPlainArgsBuilder.() -> Unit): GetKMSCryptoKeyResult {
        val builder = GetKMSCryptoKeyPlainArgsBuilder()
        builder.argument()
        val builtArgument = builder.build()
        return getKMSCryptoKeyResultToKotlin(getKMSCryptoKeyPlain(builtArgument.toJava()).await())
    }

    /**
     * Provides access to a Google Cloud Platform KMS CryptoKeyVersion. For more information see
     * [the official documentation](https://cloud.google.com/kms/docs/object-hierarchy#key_version)
     * and
     * [API](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys.cryptoKeyVersions).
     * A CryptoKeyVersion represents an individual cryptographic key, and the associated key material.
     * ## Example Usage
     * 
     * ```typescript
     * import * as pulumi from "@pulumi/pulumi";
     * import * as gcp from "@pulumi/gcp";
     * const myKeyRing = gcp.kms.getKMSKeyRing({
     *     name: "my-key-ring",
     *     location: "us-central1",
     * });
     * const myCryptoKey = myKeyRing.then(myKeyRing => gcp.kms.getKMSCryptoKey({
     *     name: "my-crypto-key",
     *     keyRing: myKeyRing.id,
     * }));
     * const myCryptoKeyVersion = gcp.kms.getKMSCryptoKeyVersion({
     *     cryptoKey: myKey.id,
     * });
     * ```
     * ```python
     * import pulumi
     * import pulumi_gcp as gcp
     * my_key_ring = gcp.kms.get_kms_key_ring(name="my-key-ring",
     *     location="us-central1")
     * my_crypto_key = gcp.kms.get_kms_crypto_key(name="my-crypto-key",
     *     key_ring=my_key_ring.id)
     * my_crypto_key_version = gcp.kms.get_kms_crypto_key_version(crypto_key=my_key["id"])
     * ```
     * ```csharp
     * using System.Collections.Generic;
     * using System.Linq;
     * using Pulumi;
     * using Gcp = Pulumi.Gcp;
     * return await Deployment.RunAsync(() =>
     * {
     *     var myKeyRing = Gcp.Kms.GetKMSKeyRing.Invoke(new()
     *     {
     *         Name = "my-key-ring",
     *         Location = "us-central1",
     *     });
     *     var myCryptoKey = Gcp.Kms.GetKMSCryptoKey.Invoke(new()
     *     {
     *         Name = "my-crypto-key",
     *         KeyRing = myKeyRing.Apply(getKMSKeyRingResult => getKMSKeyRingResult.Id),
     *     });
     *     var myCryptoKeyVersion = Gcp.Kms.GetKMSCryptoKeyVersion.Invoke(new()
     *     {
     *         CryptoKey = myKey.Id,
     *     });
     * });
     * ```
     * ```go
     * package main
     * import (
     * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms"
     * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
     * )
     * func main() {
     * 	pulumi.Run(func(ctx *pulumi.Context) error {
     * 		myKeyRing, err := kms.GetKMSKeyRing(ctx, &kms.GetKMSKeyRingArgs{
     * 			Name:     "my-key-ring",
     * 			Location: "us-central1",
     * 		}, nil)
     * 		if err != nil {
     * 			return err
     * 		}
     * 		_, err = kms.GetKMSCryptoKey(ctx, &kms.GetKMSCryptoKeyArgs{
     * 			Name:    "my-crypto-key",
     * 			KeyRing: myKeyRing.Id,
     * 		}, nil)
     * 		if err != nil {
     * 			return err
     * 		}
     * 		_, err = kms.GetKMSCryptoKeyVersion(ctx, &kms.GetKMSCryptoKeyVersionArgs{
     * 			CryptoKey: myKey.Id,
     * 		}, nil)
     * 		if err != nil {
     * 			return err
     * 		}
     * 		return nil
     * 	})
     * }
     * ```
     * ```java
     * package generated_program;
     * import com.pulumi.Context;
     * import com.pulumi.Pulumi;
     * import com.pulumi.core.Output;
     * import com.pulumi.gcp.kms.KmsFunctions;
     * import com.pulumi.gcp.kms.inputs.GetKMSKeyRingArgs;
     * import com.pulumi.gcp.kms.inputs.GetKMSCryptoKeyArgs;
     * import com.pulumi.gcp.kms.inputs.GetKMSCryptoKeyVersionArgs;
     * import java.util.List;
     * import java.util.ArrayList;
     * import java.util.Map;
     * import java.io.File;
     * import java.nio.file.Files;
     * import java.nio.file.Paths;
     * public class App {
     *     public static void main(String[] args) {
     *         Pulumi.run(App::stack);
     *     }
     *     public static void stack(Context ctx) {
     *         final var myKeyRing = KmsFunctions.getKMSKeyRing(GetKMSKeyRingArgs.builder()
     *             .name("my-key-ring")
     *             .location("us-central1")
     *             .build());
     *         final var myCryptoKey = KmsFunctions.getKMSCryptoKey(GetKMSCryptoKeyArgs.builder()
     *             .name("my-crypto-key")
     *             .keyRing(myKeyRing.applyValue(getKMSKeyRingResult -> getKMSKeyRingResult.id()))
     *             .build());
     *         final var myCryptoKeyVersion = KmsFunctions.getKMSCryptoKeyVersion(GetKMSCryptoKeyVersionArgs.builder()
     *             .cryptoKey(myKey.id())
     *             .build());
     *     }
     * }
     * ```
     * ```yaml
     * variables:
     *   myKeyRing:
     *     fn::invoke:
     *       Function: gcp:kms:getKMSKeyRing
     *       Arguments:
     *         name: my-key-ring
     *         location: us-central1
     *   myCryptoKey:
     *     fn::invoke:
     *       Function: gcp:kms:getKMSCryptoKey
     *       Arguments:
     *         name: my-crypto-key
     *         keyRing: ${myKeyRing.id}
     *   myCryptoKeyVersion:
     *     fn::invoke:
     *       Function: gcp:kms:getKMSCryptoKeyVersion
     *       Arguments:
     *         cryptoKey: ${myKey.id}
     * ```
     * 
     * @param argument A collection of arguments for invoking getKMSCryptoKeyVersion.
     * @return A collection of values returned by getKMSCryptoKeyVersion.
     */
    public suspend fun getKMSCryptoKeyVersion(argument: GetKMSCryptoKeyVersionPlainArgs): GetKMSCryptoKeyVersionResult =
        getKMSCryptoKeyVersionResultToKotlin(getKMSCryptoKeyVersionPlain(argument.toJava()).await())

    /**
     * @see [getKMSCryptoKeyVersion].
     * @param cryptoKey The `id` of the Google Cloud Platform CryptoKey to which the key version belongs. This is also the `id` field of the
     * `gcp.kms.CryptoKey` resource/datasource.
     * @param version The version number for this CryptoKeyVersion. Defaults to `1`.
     * @return A collection of values returned by getKMSCryptoKeyVersion.
     */
    public suspend fun getKMSCryptoKeyVersion(cryptoKey: String, version: Int? = null): GetKMSCryptoKeyVersionResult {
        val argument = GetKMSCryptoKeyVersionPlainArgs(
            cryptoKey = cryptoKey,
            version = version,
        )
        return getKMSCryptoKeyVersionResultToKotlin(getKMSCryptoKeyVersionPlain(argument.toJava()).await())
    }

    /**
     * @see [getKMSCryptoKeyVersion].
     * @param argument Builder for [com.pulumi.gcp.kms.kotlin.inputs.GetKMSCryptoKeyVersionPlainArgs].
     * @return A collection of values returned by getKMSCryptoKeyVersion.
     */
    public suspend fun getKMSCryptoKeyVersion(argument: suspend GetKMSCryptoKeyVersionPlainArgsBuilder.() -> Unit): GetKMSCryptoKeyVersionResult {
        val builder = GetKMSCryptoKeyVersionPlainArgsBuilder()
        builder.argument()
        val builtArgument = builder.build()
        return getKMSCryptoKeyVersionResultToKotlin(getKMSCryptoKeyVersionPlain(builtArgument.toJava()).await())
    }

    /**
     * Provides access to Google Cloud Platform KMS KeyRing. For more information see
     * [the official documentation](https://cloud.google.com/kms/docs/object-hierarchy#key_ring)
     * and
     * [API](https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings).
     * A KeyRing is a grouping of CryptoKeys for organizational purposes. A KeyRing belongs to a Google Cloud Platform Project
     * and resides in a specific location.
     * ## Example Usage
     * 
     * ```typescript
     * import * as pulumi from "@pulumi/pulumi";
     * import * as gcp from "@pulumi/gcp";
     * const myKeyRing = gcp.kms.getKMSKeyRing({
     *     name: "my-key-ring",
     *     location: "us-central1",
     * });
     * ```
     * ```python
     * import pulumi
     * import pulumi_gcp as gcp
     * my_key_ring = gcp.kms.get_kms_key_ring(name="my-key-ring",
     *     location="us-central1")
     * ```
     * ```csharp
     * using System.Collections.Generic;
     * using System.Linq;
     * using Pulumi;
     * using Gcp = Pulumi.Gcp;
     * return await Deployment.RunAsync(() =>
     * {
     *     var myKeyRing = Gcp.Kms.GetKMSKeyRing.Invoke(new()
     *     {
     *         Name = "my-key-ring",
     *         Location = "us-central1",
     *     });
     * });
     * ```
     * ```go
     * package main
     * import (
     * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms"
     * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
     * )
     * func main() {
     * 	pulumi.Run(func(ctx *pulumi.Context) error {
     * 		_, err := kms.GetKMSKeyRing(ctx, &kms.GetKMSKeyRingArgs{
     * 			Name:     "my-key-ring",
     * 			Location: "us-central1",
     * 		}, nil)
     * 		if err != nil {
     * 			return err
     * 		}
     * 		return nil
     * 	})
     * }
     * ```
     * ```java
     * package generated_program;
     * import com.pulumi.Context;
     * import com.pulumi.Pulumi;
     * import com.pulumi.core.Output;
     * import com.pulumi.gcp.kms.KmsFunctions;
     * import com.pulumi.gcp.kms.inputs.GetKMSKeyRingArgs;
     * import java.util.List;
     * import java.util.ArrayList;
     * import java.util.Map;
     * import java.io.File;
     * import java.nio.file.Files;
     * import java.nio.file.Paths;
     * public class App {
     *     public static void main(String[] args) {
     *         Pulumi.run(App::stack);
     *     }
     *     public static void stack(Context ctx) {
     *         final var myKeyRing = KmsFunctions.getKMSKeyRing(GetKMSKeyRingArgs.builder()
     *             .name("my-key-ring")
     *             .location("us-central1")
     *             .build());
     *     }
     * }
     * ```
     * ```yaml
     * variables:
     *   myKeyRing:
     *     fn::invoke:
     *       Function: gcp:kms:getKMSKeyRing
     *       Arguments:
     *         name: my-key-ring
     *         location: us-central1
     * ```
     * 
     * @param argument A collection of arguments for invoking getKMSKeyRing.
     * @return A collection of values returned by getKMSKeyRing.
     */
    public suspend fun getKMSKeyRing(argument: GetKMSKeyRingPlainArgs): GetKMSKeyRingResult =
        getKMSKeyRingResultToKotlin(getKMSKeyRingPlain(argument.toJava()).await())

    /**
     * @see [getKMSKeyRing].
     * @param location The Google Cloud Platform location for the KeyRing.
     * A full list of valid locations can be found by running `gcloud kms locations list`.
     * - - -
     * @param name The KeyRing's name.
     * A KeyRing name must exist within the provided location and match the regular expression `[a-zA-Z0-9_-]{1,63}`
     * @param project The project in which the resource belongs. If it
     * is not provided, the provider project is used.
     * @return A collection of values returned by getKMSKeyRing.
     */
    public suspend fun getKMSKeyRing(
        location: String,
        name: String,
        project: String? = null,
    ): GetKMSKeyRingResult {
        val argument = GetKMSKeyRingPlainArgs(
            location = location,
            name = name,
            project = project,
        )
        return getKMSKeyRingResultToKotlin(getKMSKeyRingPlain(argument.toJava()).await())
    }

    /**
     * @see [getKMSKeyRing].
     * @param argument Builder for [com.pulumi.gcp.kms.kotlin.inputs.GetKMSKeyRingPlainArgs].
     * @return A collection of values returned by getKMSKeyRing.
     */
    public suspend fun getKMSKeyRing(argument: suspend GetKMSKeyRingPlainArgsBuilder.() -> Unit): GetKMSKeyRingResult {
        val builder = GetKMSKeyRingPlainArgsBuilder()
        builder.argument()
        val builtArgument = builder.build()
        return getKMSKeyRingResultToKotlin(getKMSKeyRingPlain(builtArgument.toJava()).await())
    }

    /**
     * This data source allows you to use data encrypted with Google Cloud KMS
     * within your resource definitions.
     * For more information see
     * [the official documentation](https://cloud.google.com/kms/docs/encrypt-decrypt).
     * > **NOTE:** Using this data provider will allow you to conceal secret data within your
     * resource definitions, but it does not take care of protecting that data in the
     * logging output, plan output, or state output.  Please take care to secure your secret
     * data outside of resource definitions.
     * ## Example Usage
     * First, create a KMS KeyRing and CryptoKey using the resource definitions:
     * 
     * ```typescript
     * import * as pulumi from "@pulumi/pulumi";
     * import * as gcp from "@pulumi/gcp";
     * const myKeyRing = new gcp.kms.KeyRing("my_key_ring", {
     *     project: "my-project",
     *     name: "my-key-ring",
     *     location: "us-central1",
     * });
     * const myCryptoKey = new gcp.kms.CryptoKey("my_crypto_key", {
     *     name: "my-crypto-key",
     *     keyRing: myKeyRing.id,
     * });
     * ```
     * ```python
     * import pulumi
     * import pulumi_gcp as gcp
     * my_key_ring = gcp.kms.KeyRing("my_key_ring",
     *     project="my-project",
     *     name="my-key-ring",
     *     location="us-central1")
     * my_crypto_key = gcp.kms.CryptoKey("my_crypto_key",
     *     name="my-crypto-key",
     *     key_ring=my_key_ring.id)
     * ```
     * ```csharp
     * using System.Collections.Generic;
     * using System.Linq;
     * using Pulumi;
     * using Gcp = Pulumi.Gcp;
     * return await Deployment.RunAsync(() =>
     * {
     *     var myKeyRing = new Gcp.Kms.KeyRing("my_key_ring", new()
     *     {
     *         Project = "my-project",
     *         Name = "my-key-ring",
     *         Location = "us-central1",
     *     });
     *     var myCryptoKey = new Gcp.Kms.CryptoKey("my_crypto_key", new()
     *     {
     *         Name = "my-crypto-key",
     *         KeyRing = myKeyRing.Id,
     *     });
     * });
     * ```
     * ```go
     * package main
     * import (
     * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms"
     * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
     * )
     * func main() {
     * 	pulumi.Run(func(ctx *pulumi.Context) error {
     * 		myKeyRing, err := kms.NewKeyRing(ctx, "my_key_ring", &kms.KeyRingArgs{
     * 			Project:  pulumi.String("my-project"),
     * 			Name:     pulumi.String("my-key-ring"),
     * 			Location: pulumi.String("us-central1"),
     * 		})
     * 		if err != nil {
     * 			return err
     * 		}
     * 		_, err = kms.NewCryptoKey(ctx, "my_crypto_key", &kms.CryptoKeyArgs{
     * 			Name:    pulumi.String("my-crypto-key"),
     * 			KeyRing: myKeyRing.ID(),
     * 		})
     * 		if err != nil {
     * 			return err
     * 		}
     * 		return nil
     * 	})
     * }
     * ```
     * ```java
     * package generated_program;
     * import com.pulumi.Context;
     * import com.pulumi.Pulumi;
     * import com.pulumi.core.Output;
     * import com.pulumi.gcp.kms.KeyRing;
     * import com.pulumi.gcp.kms.KeyRingArgs;
     * import com.pulumi.gcp.kms.CryptoKey;
     * import com.pulumi.gcp.kms.CryptoKeyArgs;
     * import java.util.List;
     * import java.util.ArrayList;
     * import java.util.Map;
     * import java.io.File;
     * import java.nio.file.Files;
     * import java.nio.file.Paths;
     * public class App {
     *     public static void main(String[] args) {
     *         Pulumi.run(App::stack);
     *     }
     *     public static void stack(Context ctx) {
     *         var myKeyRing = new KeyRing("myKeyRing", KeyRingArgs.builder()
     *             .project("my-project")
     *             .name("my-key-ring")
     *             .location("us-central1")
     *             .build());
     *         var myCryptoKey = new CryptoKey("myCryptoKey", CryptoKeyArgs.builder()
     *             .name("my-crypto-key")
     *             .keyRing(myKeyRing.id())
     *             .build());
     *     }
     * }
     * ```
     * ```yaml
     * resources:
     *   myKeyRing:
     *     type: gcp:kms:KeyRing
     *     name: my_key_ring
     *     properties:
     *       project: my-project
     *       name: my-key-ring
     *       location: us-central1
     *   myCryptoKey:
     *     type: gcp:kms:CryptoKey
     *     name: my_crypto_key
     *     properties:
     *       name: my-crypto-key
     *       keyRing: ${myKeyRing.id}
     * ```
     * 
     * Next, use the [Cloud SDK](https://cloud.google.com/sdk/gcloud/reference/kms/encrypt) to encrypt some
     * sensitive information:
     * ```bash
     * $ echo -n my-secret-password | gcloud kms encrypt \
     * > --project my-project \
     * > --location us-central1 \
     * > --keyring my-key-ring \
     * > --key my-crypto-key \
     * > --plaintext-file - \
     * > --ciphertext-file - \
     * > | base64
     * CiQAqD+xX4SXOSziF4a8JYvq4spfAuWhhYSNul33H85HnVtNQW4SOgDu2UZ46dQCRFl5MF6ekabviN8xq+F+2035ZJ85B+xTYXqNf4mZs0RJitnWWuXlYQh6axnnJYu3kDU=
     * ```
     * Finally, reference the encrypted ciphertext in your resource definitions:
     * 
     * ```typescript
     * import * as pulumi from "@pulumi/pulumi";
     * import * as gcp from "@pulumi/gcp";
     * import * as random from "@pulumi/random";
     * const sqlUserPassword = gcp.kms.getKMSSecret({
     *     cryptoKey: myCryptoKey.id,
     *     ciphertext: "CiQAqD+xX4SXOSziF4a8JYvq4spfAuWhhYSNul33H85HnVtNQW4SOgDu2UZ46dQCRFl5MF6ekabviN8xq+F+2035ZJ85B+xTYXqNf4mZs0RJitnWWuXlYQh6axnnJYu3kDU=",
     * });
     * const dbNameSuffix = new random.RandomId("db_name_suffix", {byteLength: 4});
     * const main = new gcp.sql.DatabaseInstance("main", {
     *     name: pulumi.interpolate`main-instance-${dbNameSuffix.hex}`,
     *     databaseVersion: "MYSQL_5_7",
     *     settings: {
     *         tier: "db-f1-micro",
     *     },
     * });
     * const users = new gcp.sql.User("users", {
     *     name: "me",
     *     instance: main.name,
     *     host: "me.com",
     *     password: sqlUserPassword.then(sqlUserPassword => sqlUserPassword.plaintext),
     * });
     * ```
     * ```python
     * import pulumi
     * import pulumi_gcp as gcp
     * import pulumi_random as random
     * sql_user_password = gcp.kms.get_kms_secret(crypto_key=my_crypto_key["id"],
     *     ciphertext="CiQAqD+xX4SXOSziF4a8JYvq4spfAuWhhYSNul33H85HnVtNQW4SOgDu2UZ46dQCRFl5MF6ekabviN8xq+F+2035ZJ85B+xTYXqNf4mZs0RJitnWWuXlYQh6axnnJYu3kDU=")
     * db_name_suffix = random.RandomId("db_name_suffix", byte_length=4)
     * main = gcp.sql.DatabaseInstance("main",
     *     name=db_name_suffix.hex.apply(lambda hex: f"main-instance-{hex}"),
     *     database_version="MYSQL_5_7",
     *     settings=gcp.sql.DatabaseInstanceSettingsArgs(
     *         tier="db-f1-micro",
     *     ))
     * users = gcp.sql.User("users",
     *     name="me",
     *     instance=main.name,
     *     host="me.com",
     *     password=sql_user_password.plaintext)
     * ```
     * ```csharp
     * using System.Collections.Generic;
     * using System.Linq;
     * using Pulumi;
     * using Gcp = Pulumi.Gcp;
     * using Random = Pulumi.Random;
     * return await Deployment.RunAsync(() =>
     * {
     *     var sqlUserPassword = Gcp.Kms.GetKMSSecret.Invoke(new()
     *     {
     *         CryptoKey = myCryptoKey.Id,
     *         Ciphertext = "CiQAqD+xX4SXOSziF4a8JYvq4spfAuWhhYSNul33H85HnVtNQW4SOgDu2UZ46dQCRFl5MF6ekabviN8xq+F+2035ZJ85B+xTYXqNf4mZs0RJitnWWuXlYQh6axnnJYu3kDU=",
     *     });
     *     var dbNameSuffix = new Random.RandomId("db_name_suffix", new()
     *     {
     *         ByteLength = 4,
     *     });
     *     var main = new Gcp.Sql.DatabaseInstance("main", new()
     *     {
     *         Name = dbNameSuffix.Hex.Apply(hex => $"main-instance-{hex}"),
     *         DatabaseVersion = "MYSQL_5_7",
     *         Settings = new Gcp.Sql.Inputs.DatabaseInstanceSettingsArgs
     *         {
     *             Tier = "db-f1-micro",
     *         },
     *     });
     *     var users = new Gcp.Sql.User("users", new()
     *     {
     *         Name = "me",
     *         Instance = main.Name,
     *         Host = "me.com",
     *         Password = sqlUserPassword.Apply(getKMSSecretResult => getKMSSecretResult.Plaintext),
     *     });
     * });
     * ```
     * ```go
     * package main
     * import (
     * 	"fmt"
     * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms"
     * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/sql"
     * 	"github.com/pulumi/pulumi-random/sdk/v4/go/random"
     * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
     * )
     * func main() {
     * 	pulumi.Run(func(ctx *pulumi.Context) error {
     * 		sqlUserPassword, err := kms.GetKMSSecret(ctx, &kms.GetKMSSecretArgs{
     * 			CryptoKey:  myCryptoKey.Id,
     * 			Ciphertext: "CiQAqD+xX4SXOSziF4a8JYvq4spfAuWhhYSNul33H85HnVtNQW4SOgDu2UZ46dQCRFl5MF6ekabviN8xq+F+2035ZJ85B+xTYXqNf4mZs0RJitnWWuXlYQh6axnnJYu3kDU=",
     * 		}, nil)
     * 		if err != nil {
     * 			return err
     * 		}
     * 		dbNameSuffix, err := random.NewRandomId(ctx, "db_name_suffix", &random.RandomIdArgs{
     * 			ByteLength: pulumi.Int(4),
     * 		})
     * 		if err != nil {
     * 			return err
     * 		}
     * 		main, err := sql.NewDatabaseInstance(ctx, "main", &sql.DatabaseInstanceArgs{
     * 			Name: dbNameSuffix.Hex.ApplyT(func(hex string) (string, error) {
     * 				return fmt.Sprintf("main-instance-%v", hex), nil
     * 			}).(pulumi.StringOutput),
     * 			DatabaseVersion: pulumi.String("MYSQL_5_7"),
     * 			Settings: &sql.DatabaseInstanceSettingsArgs{
     * 				Tier: pulumi.String("db-f1-micro"),
     * 			},
     * 		})
     * 		if err != nil {
     * 			return err
     * 		}
     * 		_, err = sql.NewUser(ctx, "users", &sql.UserArgs{
     * 			Name:     pulumi.String("me"),
     * 			Instance: main.Name,
     * 			Host:     pulumi.String("me.com"),
     * 			Password: pulumi.String(sqlUserPassword.Plaintext),
     * 		})
     * 		if err != nil {
     * 			return err
     * 		}
     * 		return nil
     * 	})
     * }
     * ```
     * ```java
     * package generated_program;
     * import com.pulumi.Context;
     * import com.pulumi.Pulumi;
     * import com.pulumi.core.Output;
     * import com.pulumi.gcp.kms.KmsFunctions;
     * import com.pulumi.gcp.kms.inputs.GetKMSSecretArgs;
     * import com.pulumi.random.RandomId;
     * import com.pulumi.random.RandomIdArgs;
     * import com.pulumi.gcp.sql.DatabaseInstance;
     * import com.pulumi.gcp.sql.DatabaseInstanceArgs;
     * import com.pulumi.gcp.sql.inputs.DatabaseInstanceSettingsArgs;
     * import com.pulumi.gcp.sql.User;
     * import com.pulumi.gcp.sql.UserArgs;
     * import java.util.List;
     * import java.util.ArrayList;
     * import java.util.Map;
     * import java.io.File;
     * import java.nio.file.Files;
     * import java.nio.file.Paths;
     * public class App {
     *     public static void main(String[] args) {
     *         Pulumi.run(App::stack);
     *     }
     *     public static void stack(Context ctx) {
     *         final var sqlUserPassword = KmsFunctions.getKMSSecret(GetKMSSecretArgs.builder()
     *             .cryptoKey(myCryptoKey.id())
     *             .ciphertext("CiQAqD+xX4SXOSziF4a8JYvq4spfAuWhhYSNul33H85HnVtNQW4SOgDu2UZ46dQCRFl5MF6ekabviN8xq+F+2035ZJ85B+xTYXqNf4mZs0RJitnWWuXlYQh6axnnJYu3kDU=")
     *             .build());
     *         var dbNameSuffix = new RandomId("dbNameSuffix", RandomIdArgs.builder()
     *             .byteLength(4)
     *             .build());
     *         var main = new DatabaseInstance("main", DatabaseInstanceArgs.builder()
     *             .name(dbNameSuffix.hex().applyValue(hex -> String.format("main-instance-%s", hex)))
     *             .databaseVersion("MYSQL_5_7")
     *             .settings(DatabaseInstanceSettingsArgs.builder()
     *                 .tier("db-f1-micro")
     *                 .build())
     *             .build());
     *         var users = new User("users", UserArgs.builder()
     *             .name("me")
     *             .instance(main.name())
     *             .host("me.com")
     *             .password(sqlUserPassword.applyValue(getKMSSecretResult -> getKMSSecretResult.plaintext()))
     *             .build());
     *     }
     * }
     * ```
     * ```yaml
     * resources:
     *   dbNameSuffix:
     *     type: random:RandomId
     *     name: db_name_suffix
     *     properties:
     *       byteLength: 4
     *   main:
     *     type: gcp:sql:DatabaseInstance
     *     properties:
     *       name: main-instance-${dbNameSuffix.hex}
     *       databaseVersion: MYSQL_5_7
     *       settings:
     *         tier: db-f1-micro
     *   users:
     *     type: gcp:sql:User
     *     properties:
     *       name: me
     *       instance: ${main.name}
     *       host: me.com
     *       password: ${sqlUserPassword.plaintext}
     * variables:
     *   sqlUserPassword:
     *     fn::invoke:
     *       Function: gcp:kms:getKMSSecret
     *       Arguments:
     *         cryptoKey: ${myCryptoKey.id}
     *         ciphertext: CiQAqD+xX4SXOSziF4a8JYvq4spfAuWhhYSNul33H85HnVtNQW4SOgDu2UZ46dQCRFl5MF6ekabviN8xq+F+2035ZJ85B+xTYXqNf4mZs0RJitnWWuXlYQh6axnnJYu3kDU=
     * ```
     * 
     * This will result in a Cloud SQL user being created with password `my-secret-password`.
     * @param argument A collection of arguments for invoking getKMSSecret.
     * @return A collection of values returned by getKMSSecret.
     */
    public suspend fun getKMSSecret(argument: GetKMSSecretPlainArgs): GetKMSSecretResult =
        getKMSSecretResultToKotlin(getKMSSecretPlain(argument.toJava()).await())

    /**
     * @see [getKMSSecret].
     * @param additionalAuthenticatedData The [additional authenticated data](https://cloud.google.com/kms/docs/additional-authenticated-data) used for integrity checks during encryption and decryption.
     * @param ciphertext The ciphertext to be decrypted, encoded in base64
     * @param cryptoKey The id of the CryptoKey that will be used to
     * decrypt the provided ciphertext. This is represented by the format
     * `{projectId}/{location}/{keyRingName}/{cryptoKeyName}`.
     * @return A collection of values returned by getKMSSecret.
     */
    public suspend fun getKMSSecret(
        additionalAuthenticatedData: String? = null,
        ciphertext: String,
        cryptoKey: String,
    ): GetKMSSecretResult {
        val argument = GetKMSSecretPlainArgs(
            additionalAuthenticatedData = additionalAuthenticatedData,
            ciphertext = ciphertext,
            cryptoKey = cryptoKey,
        )
        return getKMSSecretResultToKotlin(getKMSSecretPlain(argument.toJava()).await())
    }

    /**
     * @see [getKMSSecret].
     * @param argument Builder for [com.pulumi.gcp.kms.kotlin.inputs.GetKMSSecretPlainArgs].
     * @return A collection of values returned by getKMSSecret.
     */
    public suspend fun getKMSSecret(argument: suspend GetKMSSecretPlainArgsBuilder.() -> Unit): GetKMSSecretResult {
        val builder = GetKMSSecretPlainArgsBuilder()
        builder.argument()
        val builtArgument = builder.build()
        return getKMSSecretResultToKotlin(getKMSSecretPlain(builtArgument.toJava()).await())
    }

    /**
     * ## Example Usage
     * First, create a KMS KeyRing and CryptoKey using the resource definitions:
     * 
     * ```typescript
     * import * as pulumi from "@pulumi/pulumi";
     * import * as gcp from "@pulumi/gcp";
     * const myKeyRing = new gcp.kms.KeyRing("my_key_ring", {
     *     project: "my-project",
     *     name: "my-key-ring",
     *     location: "us-central1",
     * });
     * const myCryptoKeyCryptoKey = new gcp.kms.CryptoKey("my_crypto_key", {
     *     name: "my-crypto-key",
     *     keyRing: myKeyRing.id,
     *     purpose: "ASYMMETRIC_DECRYPT",
     *     versionTemplate: {
     *         algorithm: "RSA_DECRYPT_OAEP_4096_SHA256",
     *     },
     * });
     * const myCryptoKey = gcp.kms.getKMSCryptoKeyVersionOutput({
     *     cryptoKey: myCryptoKeyCryptoKey.id,
     * });
     * ```
     * ```python
     * import pulumi
     * import pulumi_gcp as gcp
     * my_key_ring = gcp.kms.KeyRing("my_key_ring",
     *     project="my-project",
     *     name="my-key-ring",
     *     location="us-central1")
     * my_crypto_key_crypto_key = gcp.kms.CryptoKey("my_crypto_key",
     *     name="my-crypto-key",
     *     key_ring=my_key_ring.id,
     *     purpose="ASYMMETRIC_DECRYPT",
     *     version_template=gcp.kms.CryptoKeyVersionTemplateArgs(
     *         algorithm="RSA_DECRYPT_OAEP_4096_SHA256",
     *     ))
     * my_crypto_key = gcp.kms.get_kms_crypto_key_version_output(crypto_key=my_crypto_key_crypto_key.id)
     * ```
     * ```csharp
     * using System.Collections.Generic;
     * using System.Linq;
     * using Pulumi;
     * using Gcp = Pulumi.Gcp;
     * return await Deployment.RunAsync(() =>
     * {
     *     var myKeyRing = new Gcp.Kms.KeyRing("my_key_ring", new()
     *     {
     *         Project = "my-project",
     *         Name = "my-key-ring",
     *         Location = "us-central1",
     *     });
     *     var myCryptoKeyCryptoKey = new Gcp.Kms.CryptoKey("my_crypto_key", new()
     *     {
     *         Name = "my-crypto-key",
     *         KeyRing = myKeyRing.Id,
     *         Purpose = "ASYMMETRIC_DECRYPT",
     *         VersionTemplate = new Gcp.Kms.Inputs.CryptoKeyVersionTemplateArgs
     *         {
     *             Algorithm = "RSA_DECRYPT_OAEP_4096_SHA256",
     *         },
     *     });
     *     var myCryptoKey = Gcp.Kms.GetKMSCryptoKeyVersion.Invoke(new()
     *     {
     *         CryptoKey = myCryptoKeyCryptoKey.Id,
     *     });
     * });
     * ```
     * ```go
     * package main
     * import (
     * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms"
     * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
     * )
     * func main() {
     * 	pulumi.Run(func(ctx *pulumi.Context) error {
     * 		myKeyRing, err := kms.NewKeyRing(ctx, "my_key_ring", &kms.KeyRingArgs{
     * 			Project:  pulumi.String("my-project"),
     * 			Name:     pulumi.String("my-key-ring"),
     * 			Location: pulumi.String("us-central1"),
     * 		})
     * 		if err != nil {
     * 			return err
     * 		}
     * 		myCryptoKeyCryptoKey, err := kms.NewCryptoKey(ctx, "my_crypto_key", &kms.CryptoKeyArgs{
     * 			Name:    pulumi.String("my-crypto-key"),
     * 			KeyRing: myKeyRing.ID(),
     * 			Purpose: pulumi.String("ASYMMETRIC_DECRYPT"),
     * 			VersionTemplate: &kms.CryptoKeyVersionTemplateArgs{
     * 				Algorithm: pulumi.String("RSA_DECRYPT_OAEP_4096_SHA256"),
     * 			},
     * 		})
     * 		if err != nil {
     * 			return err
     * 		}
     * 		_ = kms.GetKMSCryptoKeyVersionOutput(ctx, kms.GetKMSCryptoKeyVersionOutputArgs{
     * 			CryptoKey: myCryptoKeyCryptoKey.ID(),
     * 		}, nil)
     * 		return nil
     * 	})
     * }
     * ```
     * ```java
     * package generated_program;
     * import com.pulumi.Context;
     * import com.pulumi.Pulumi;
     * import com.pulumi.core.Output;
     * import com.pulumi.gcp.kms.KeyRing;
     * import com.pulumi.gcp.kms.KeyRingArgs;
     * import com.pulumi.gcp.kms.CryptoKey;
     * import com.pulumi.gcp.kms.CryptoKeyArgs;
     * import com.pulumi.gcp.kms.inputs.CryptoKeyVersionTemplateArgs;
     * import com.pulumi.gcp.kms.KmsFunctions;
     * import com.pulumi.gcp.kms.inputs.GetKMSCryptoKeyVersionArgs;
     * import java.util.List;
     * import java.util.ArrayList;
     * import java.util.Map;
     * import java.io.File;
     * import java.nio.file.Files;
     * import java.nio.file.Paths;
     * public class App {
     *     public static void main(String[] args) {
     *         Pulumi.run(App::stack);
     *     }
     *     public static void stack(Context ctx) {
     *         var myKeyRing = new KeyRing("myKeyRing", KeyRingArgs.builder()
     *             .project("my-project")
     *             .name("my-key-ring")
     *             .location("us-central1")
     *             .build());
     *         var myCryptoKeyCryptoKey = new CryptoKey("myCryptoKeyCryptoKey", CryptoKeyArgs.builder()
     *             .name("my-crypto-key")
     *             .keyRing(myKeyRing.id())
     *             .purpose("ASYMMETRIC_DECRYPT")
     *             .versionTemplate(CryptoKeyVersionTemplateArgs.builder()
     *                 .algorithm("RSA_DECRYPT_OAEP_4096_SHA256")
     *                 .build())
     *             .build());
     *         final var myCryptoKey = KmsFunctions.getKMSCryptoKeyVersion(GetKMSCryptoKeyVersionArgs.builder()
     *             .cryptoKey(myCryptoKeyCryptoKey.id())
     *             .build());
     *     }
     * }
     * ```
     * ```yaml
     * resources:
     *   myKeyRing:
     *     type: gcp:kms:KeyRing
     *     name: my_key_ring
     *     properties:
     *       project: my-project
     *       name: my-key-ring
     *       location: us-central1
     *   myCryptoKeyCryptoKey:
     *     type: gcp:kms:CryptoKey
     *     name: my_crypto_key
     *     properties:
     *       name: my-crypto-key
     *       keyRing: ${myKeyRing.id}
     *       purpose: ASYMMETRIC_DECRYPT
     *       versionTemplate:
     *         algorithm: RSA_DECRYPT_OAEP_4096_SHA256
     * variables:
     *   myCryptoKey:
     *     fn::invoke:
     *       Function: gcp:kms:getKMSCryptoKeyVersion
     *       Arguments:
     *         cryptoKey: ${myCryptoKeyCryptoKey.id}
     * ```
     * 
     * Next, use the [Cloud SDK](https://cloud.google.com/kms/docs/encrypt-decrypt-rsa#kms-encrypt-asymmetric-cli) to encrypt
     * some sensitive information:
     * ```bash
     * ## get the public key to encrypt the secret with
     * $ gcloud kms keys versions get-public-key 1 \
     *   --project my-project \
     *   --location us-central1 \
     *   --keyring my-key-ring \
     *   --key my-crypto-key \
     *   --output-file public-key.pem
     * ## encrypt secret with the public key
     * $ echo -n my-secret-password | \
     *   openssl pkeyutl -in - \
     *     -encrypt \
     *     -pubin \
     *     -inkey public-key.pem \
     *     -pkeyopt rsa_padding_mode:oaep \
     *     -pkeyopt rsa_oaep_md:sha256 \
     *     -pkeyopt rsa_mgf1_md:sha256 > \
     *   my-secret-password.enc
     * ## base64 encode the ciphertext
     * $ openssl base64 -in my-secret-password.enc
     * M7nUoba9EGVTu2LjNjBKGdGVBYjyS/i/AY+4yQMQF0Qf/RfUfX31Jw6+VO9OuThq
     * ylu/7ihX9XD4bM7yYdXnMv9p1OHQUlorSBSbb/J6n1W9UJhcp6um8Tw8/Isx4f75
     * 4PskYS6f8Y2ItliGt1/A9iR5BTgGtJBwOxMlgoX2Ggq+Nh4E5SbdoaE5o6CO1nBx
     * eIPsPEebQ6qC4JehQM3IGuV/lrm58+hZhaXAqNzX1cEYyAt5GYqJIVCiI585SUYs
     * wRToGyTgaN+zthF0HP9IWlR4Am4LmJ/1OcePTnYw11CkU8wNRbDzVAzogwNH+rXr
     * LTmf7hxVjBm6bBSVSNFcBKAXFlllubSfIeZ5hgzGqn54OmSf6odO12L5JxllddHc
     * yAd54vWKs2kJtnsKV2V4ZdkI0w6y1TeI67baFZDNGo6qsCpFMPnvv7d46Pg2VOp1
     * J6Ivner0NnNHE4MzNmpZRk8WXMwqq4P/gTiT7F/aCX6oFCUQ4AWPQhJYh2dkcOmL
     * IP+47Veb10aFn61F1CJwpmOOiGNXKdDT1vK8CMnnwhm825K0q/q9Zqpzc1+1ae1z
     * mSqol1zCoa88CuSN6nTLQlVnN/dzfrGbc0boJPaM0iGhHtSzHk4SWg84LhiJB1q9
     * A9XFJmOVdkvRY9nnz/iVLAdd0Q3vFtLqCdUYsNN2yh4=
     * ## optionally calculate the CRC32 of the ciphertext
     * $ go get github.com/binxio/crc32
     * $ $GOPATH/bin/crc32 -polynomial castagnoli < my-secret-password.enc
     * 12c59e54
     * ```
     * Finally, reference the encrypted ciphertext in your resource definitions:
     * 
     * ```typescript
     * import * as pulumi from "@pulumi/pulumi";
     * import * as gcp from "@pulumi/gcp";
     * import * as random from "@pulumi/random";
     * const sqlUserPassword = gcp.kms.getKMSSecretAsymmetric({
     *     cryptoKeyVersion: myCryptoKey.id,
     *     crc32: "12c59e54",
     *     ciphertext: `    M7nUoba9EGVTu2LjNjBKGdGVBYjyS/i/AY+4yQMQF0Qf/RfUfX31Jw6+VO9OuThq
     *     ylu/7ihX9XD4bM7yYdXnMv9p1OHQUlorSBSbb/J6n1W9UJhcp6um8Tw8/Isx4f75
     *     4PskYS6f8Y2ItliGt1/A9iR5BTgGtJBwOxMlgoX2Ggq+Nh4E5SbdoaE5o6CO1nBx
     *     eIPsPEebQ6qC4JehQM3IGuV/lrm58+hZhaXAqNzX1cEYyAt5GYqJIVCiI585SUYs
     *     wRToGyTgaN+zthF0HP9IWlR4Am4LmJ/1OcePTnYw11CkU8wNRbDzVAzogwNH+rXr
     *     LTmf7hxVjBm6bBSVSNFcBKAXFlllubSfIeZ5hgzGqn54OmSf6odO12L5JxllddHc
     *     yAd54vWKs2kJtnsKV2V4ZdkI0w6y1TeI67baFZDNGo6qsCpFMPnvv7d46Pg2VOp1
     *     J6Ivner0NnNHE4MzNmpZRk8WXMwqq4P/gTiT7F/aCX6oFCUQ4AWPQhJYh2dkcOmL
     *     IP+47Veb10aFn61F1CJwpmOOiGNXKdDT1vK8CMnnwhm825K0q/q9Zqpzc1+1ae1z
     *     mSqol1zCoa88CuSN6nTLQlVnN/dzfrGbc0boJPaM0iGhHtSzHk4SWg84LhiJB1q9
     *     A9XFJmOVdkvRY9nnz/iVLAdd0Q3vFtLqCdUYsNN2yh4=
     * `,
     * });
     * const dbNameSuffix = new random.RandomId("db_name_suffix", {byteLength: 4});
     * const main = new gcp.sql.DatabaseInstance("main", {
     *     name: pulumi.interpolate`main-instance-${dbNameSuffix.hex}`,
     *     databaseVersion: "MYSQL_5_7",
     *     settings: {
     *         tier: "db-f1-micro",
     *     },
     * });
     * const users = new gcp.sql.User("users", {
     *     name: "me",
     *     instance: main.name,
     *     host: "me.com",
     *     password: sqlUserPasswordGoogleKmsSecret.plaintext,
     * });
     * ```
     * ```python
     * import pulumi
     * import pulumi_gcp as gcp
     * import pulumi_random as random
     * sql_user_password = gcp.kms.get_kms_secret_asymmetric(crypto_key_version=my_crypto_key["id"],
     *     crc32="12c59e54",
     *     ciphertext="""    M7nUoba9EGVTu2LjNjBKGdGVBYjyS/i/AY+4yQMQF0Qf/RfUfX31Jw6+VO9OuThq
     *     ylu/7ihX9XD4bM7yYdXnMv9p1OHQUlorSBSbb/J6n1W9UJhcp6um8Tw8/Isx4f75
     *     4PskYS6f8Y2ItliGt1/A9iR5BTgGtJBwOxMlgoX2Ggq+Nh4E5SbdoaE5o6CO1nBx
     *     eIPsPEebQ6qC4JehQM3IGuV/lrm58+hZhaXAqNzX1cEYyAt5GYqJIVCiI585SUYs
     *     wRToGyTgaN+zthF0HP9IWlR4Am4LmJ/1OcePTnYw11CkU8wNRbDzVAzogwNH+rXr
     *     LTmf7hxVjBm6bBSVSNFcBKAXFlllubSfIeZ5hgzGqn54OmSf6odO12L5JxllddHc
     *     yAd54vWKs2kJtnsKV2V4ZdkI0w6y1TeI67baFZDNGo6qsCpFMPnvv7d46Pg2VOp1
     *     J6Ivner0NnNHE4MzNmpZRk8WXMwqq4P/gTiT7F/aCX6oFCUQ4AWPQhJYh2dkcOmL
     *     IP+47Veb10aFn61F1CJwpmOOiGNXKdDT1vK8CMnnwhm825K0q/q9Zqpzc1+1ae1z
     *     mSqol1zCoa88CuSN6nTLQlVnN/dzfrGbc0boJPaM0iGhHtSzHk4SWg84LhiJB1q9
     *     A9XFJmOVdkvRY9nnz/iVLAdd0Q3vFtLqCdUYsNN2yh4=
     * """)
     * db_name_suffix = random.RandomId("db_name_suffix", byte_length=4)
     * main = gcp.sql.DatabaseInstance("main",
     *     name=db_name_suffix.hex.apply(lambda hex: f"main-instance-{hex}"),
     *     database_version="MYSQL_5_7",
     *     settings=gcp.sql.DatabaseInstanceSettingsArgs(
     *         tier="db-f1-micro",
     *     ))
     * users = gcp.sql.User("users",
     *     name="me",
     *     instance=main.name,
     *     host="me.com",
     *     password=sql_user_password_google_kms_secret["plaintext"])
     * ```
     * ```csharp
     * using System.Collections.Generic;
     * using System.Linq;
     * using Pulumi;
     * using Gcp = Pulumi.Gcp;
     * using Random = Pulumi.Random;
     * return await Deployment.RunAsync(() =>
     * {
     *     var sqlUserPassword = Gcp.Kms.GetKMSSecretAsymmetric.Invoke(new()
     *     {
     *         CryptoKeyVersion = myCryptoKey.Id,
     *         Crc32 = "12c59e54",
     *         Ciphertext = @"    M7nUoba9EGVTu2LjNjBKGdGVBYjyS/i/AY+4yQMQF0Qf/RfUfX31Jw6+VO9OuThq
     *     ylu/7ihX9XD4bM7yYdXnMv9p1OHQUlorSBSbb/J6n1W9UJhcp6um8Tw8/Isx4f75
     *     4PskYS6f8Y2ItliGt1/A9iR5BTgGtJBwOxMlgoX2Ggq+Nh4E5SbdoaE5o6CO1nBx
     *     eIPsPEebQ6qC4JehQM3IGuV/lrm58+hZhaXAqNzX1cEYyAt5GYqJIVCiI585SUYs
     *     wRToGyTgaN+zthF0HP9IWlR4Am4LmJ/1OcePTnYw11CkU8wNRbDzVAzogwNH+rXr
     *     LTmf7hxVjBm6bBSVSNFcBKAXFlllubSfIeZ5hgzGqn54OmSf6odO12L5JxllddHc
     *     yAd54vWKs2kJtnsKV2V4ZdkI0w6y1TeI67baFZDNGo6qsCpFMPnvv7d46Pg2VOp1
     *     J6Ivner0NnNHE4MzNmpZRk8WXMwqq4P/gTiT7F/aCX6oFCUQ4AWPQhJYh2dkcOmL
     *     IP+47Veb10aFn61F1CJwpmOOiGNXKdDT1vK8CMnnwhm825K0q/q9Zqpzc1+1ae1z
     *     mSqol1zCoa88CuSN6nTLQlVnN/dzfrGbc0boJPaM0iGhHtSzHk4SWg84LhiJB1q9
     *     A9XFJmOVdkvRY9nnz/iVLAdd0Q3vFtLqCdUYsNN2yh4=
     * ",
     *     });
     *     var dbNameSuffix = new Random.RandomId("db_name_suffix", new()
     *     {
     *         ByteLength = 4,
     *     });
     *     var main = new Gcp.Sql.DatabaseInstance("main", new()
     *     {
     *         Name = dbNameSuffix.Hex.Apply(hex => $"main-instance-{hex}"),
     *         DatabaseVersion = "MYSQL_5_7",
     *         Settings = new Gcp.Sql.Inputs.DatabaseInstanceSettingsArgs
     *         {
     *             Tier = "db-f1-micro",
     *         },
     *     });
     *     var users = new Gcp.Sql.User("users", new()
     *     {
     *         Name = "me",
     *         Instance = main.Name,
     *         Host = "me.com",
     *         Password = sqlUserPasswordGoogleKmsSecret.Plaintext,
     *     });
     * });
     * ```
     * ```go
     * package main
     * import (
     * 	"fmt"
     * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms"
     * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/sql"
     * 	"github.com/pulumi/pulumi-random/sdk/v4/go/random"
     * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
     * )
     * func main() {
     * 	pulumi.Run(func(ctx *pulumi.Context) error {
     * 		_, err := kms.GetKMSSecretAsymmetric(ctx, &kms.GetKMSSecretAsymmetricArgs{
     * 			CryptoKeyVersion: myCryptoKey.Id,
     * 			Crc32:            pulumi.StringRef("12c59e54"),
     * 			Ciphertext: `    M7nUoba9EGVTu2LjNjBKGdGVBYjyS/i/AY+4yQMQF0Qf/RfUfX31Jw6+VO9OuThq
     *     ylu/7ihX9XD4bM7yYdXnMv9p1OHQUlorSBSbb/J6n1W9UJhcp6um8Tw8/Isx4f75
     *     4PskYS6f8Y2ItliGt1/A9iR5BTgGtJBwOxMlgoX2Ggq+Nh4E5SbdoaE5o6CO1nBx
     *     eIPsPEebQ6qC4JehQM3IGuV/lrm58+hZhaXAqNzX1cEYyAt5GYqJIVCiI585SUYs
     *     wRToGyTgaN+zthF0HP9IWlR4Am4LmJ/1OcePTnYw11CkU8wNRbDzVAzogwNH+rXr
     *     LTmf7hxVjBm6bBSVSNFcBKAXFlllubSfIeZ5hgzGqn54OmSf6odO12L5JxllddHc
     *     yAd54vWKs2kJtnsKV2V4ZdkI0w6y1TeI67baFZDNGo6qsCpFMPnvv7d46Pg2VOp1
     *     J6Ivner0NnNHE4MzNmpZRk8WXMwqq4P/gTiT7F/aCX6oFCUQ4AWPQhJYh2dkcOmL
     *     IP+47Veb10aFn61F1CJwpmOOiGNXKdDT1vK8CMnnwhm825K0q/q9Zqpzc1+1ae1z
     *     mSqol1zCoa88CuSN6nTLQlVnN/dzfrGbc0boJPaM0iGhHtSzHk4SWg84LhiJB1q9
     *     A9XFJmOVdkvRY9nnz/iVLAdd0Q3vFtLqCdUYsNN2yh4=
     * `,
     * 		}, nil)
     * 		if err != nil {
     * 			return err
     * 		}
     * 		dbNameSuffix, err := random.NewRandomId(ctx, "db_name_suffix", &random.RandomIdArgs{
     * 			ByteLength: pulumi.Int(4),
     * 		})
     * 		if err != nil {
     * 			return err
     * 		}
     * 		main, err := sql.NewDatabaseInstance(ctx, "main", &sql.DatabaseInstanceArgs{
     * 			Name: dbNameSuffix.Hex.ApplyT(func(hex string) (string, error) {
     * 				return fmt.Sprintf("main-instance-%v", hex), nil
     * 			}).(pulumi.StringOutput),
     * 			DatabaseVersion: pulumi.String("MYSQL_5_7"),
     * 			Settings: &sql.DatabaseInstanceSettingsArgs{
     * 				Tier: pulumi.String("db-f1-micro"),
     * 			},
     * 		})
     * 		if err != nil {
     * 			return err
     * 		}
     * 		_, err = sql.NewUser(ctx, "users", &sql.UserArgs{
     * 			Name:     pulumi.String("me"),
     * 			Instance: main.Name,
     * 			Host:     pulumi.String("me.com"),
     * 			Password: pulumi.Any(sqlUserPasswordGoogleKmsSecret.Plaintext),
     * 		})
     * 		if err != nil {
     * 			return err
     * 		}
     * 		return nil
     * 	})
     * }
     * ```
     * ```java
     * package generated_program;
     * import com.pulumi.Context;
     * import com.pulumi.Pulumi;
     * import com.pulumi.core.Output;
     * import com.pulumi.gcp.kms.KmsFunctions;
     * import com.pulumi.gcp.kms.inputs.GetKMSSecretAsymmetricArgs;
     * import com.pulumi.random.RandomId;
     * import com.pulumi.random.RandomIdArgs;
     * import com.pulumi.gcp.sql.DatabaseInstance;
     * import com.pulumi.gcp.sql.DatabaseInstanceArgs;
     * import com.pulumi.gcp.sql.inputs.DatabaseInstanceSettingsArgs;
     * import com.pulumi.gcp.sql.User;
     * import com.pulumi.gcp.sql.UserArgs;
     * import java.util.List;
     * import java.util.ArrayList;
     * import java.util.Map;
     * import java.io.File;
     * import java.nio.file.Files;
     * import java.nio.file.Paths;
     * public class App {
     *     public static void main(String[] args) {
     *         Pulumi.run(App::stack);
     *     }
     *     public static void stack(Context ctx) {
     *         final var sqlUserPassword = KmsFunctions.getKMSSecretAsymmetric(GetKMSSecretAsymmetricArgs.builder()
     *             .cryptoKeyVersion(myCryptoKey.id())
     *             .crc32("12c59e54")
     *             .ciphertext("""
     *     M7nUoba9EGVTu2LjNjBKGdGVBYjyS/i/AY+4yQMQF0Qf/RfUfX31Jw6+VO9OuThq
     *     ylu/7ihX9XD4bM7yYdXnMv9p1OHQUlorSBSbb/J6n1W9UJhcp6um8Tw8/Isx4f75
     *     4PskYS6f8Y2ItliGt1/A9iR5BTgGtJBwOxMlgoX2Ggq+Nh4E5SbdoaE5o6CO1nBx
     *     eIPsPEebQ6qC4JehQM3IGuV/lrm58+hZhaXAqNzX1cEYyAt5GYqJIVCiI585SUYs
     *     wRToGyTgaN+zthF0HP9IWlR4Am4LmJ/1OcePTnYw11CkU8wNRbDzVAzogwNH+rXr
     *     LTmf7hxVjBm6bBSVSNFcBKAXFlllubSfIeZ5hgzGqn54OmSf6odO12L5JxllddHc
     *     yAd54vWKs2kJtnsKV2V4ZdkI0w6y1TeI67baFZDNGo6qsCpFMPnvv7d46Pg2VOp1
     *     J6Ivner0NnNHE4MzNmpZRk8WXMwqq4P/gTiT7F/aCX6oFCUQ4AWPQhJYh2dkcOmL
     *     IP+47Veb10aFn61F1CJwpmOOiGNXKdDT1vK8CMnnwhm825K0q/q9Zqpzc1+1ae1z
     *     mSqol1zCoa88CuSN6nTLQlVnN/dzfrGbc0boJPaM0iGhHtSzHk4SWg84LhiJB1q9
     *     A9XFJmOVdkvRY9nnz/iVLAdd0Q3vFtLqCdUYsNN2yh4=
     *             """)
     *             .build());
     *         var dbNameSuffix = new RandomId("dbNameSuffix", RandomIdArgs.builder()
     *             .byteLength(4)
     *             .build());
     *         var main = new DatabaseInstance("main", DatabaseInstanceArgs.builder()
     *             .name(dbNameSuffix.hex().applyValue(hex -> String.format("main-instance-%s", hex)))
     *             .databaseVersion("MYSQL_5_7")
     *             .settings(DatabaseInstanceSettingsArgs.builder()
     *                 .tier("db-f1-micro")
     *                 .build())
     *             .build());
     *         var users = new User("users", UserArgs.builder()
     *             .name("me")
     *             .instance(main.name())
     *             .host("me.com")
     *             .password(sqlUserPasswordGoogleKmsSecret.plaintext())
     *             .build());
     *     }
     * }
     * ```
     * ```yaml
     * resources:
     *   dbNameSuffix:
     *     type: random:RandomId
     *     name: db_name_suffix
     *     properties:
     *       byteLength: 4
     *   main:
     *     type: gcp:sql:DatabaseInstance
     *     properties:
     *       name: main-instance-${dbNameSuffix.hex}
     *       databaseVersion: MYSQL_5_7
     *       settings:
     *         tier: db-f1-micro
     *   users:
     *     type: gcp:sql:User
     *     properties:
     *       name: me
     *       instance: ${main.name}
     *       host: me.com
     *       password: ${sqlUserPasswordGoogleKmsSecret.plaintext}
     * variables:
     *   sqlUserPassword:
     *     fn::invoke:
     *       Function: gcp:kms:getKMSSecretAsymmetric
     *       Arguments:
     *         cryptoKeyVersion: ${myCryptoKey.id}
     *         crc32: 12c59e54
     *         ciphertext: |2
     *               M7nUoba9EGVTu2LjNjBKGdGVBYjyS/i/AY+4yQMQF0Qf/RfUfX31Jw6+VO9OuThq
     *               ylu/7ihX9XD4bM7yYdXnMv9p1OHQUlorSBSbb/J6n1W9UJhcp6um8Tw8/Isx4f75
     *               4PskYS6f8Y2ItliGt1/A9iR5BTgGtJBwOxMlgoX2Ggq+Nh4E5SbdoaE5o6CO1nBx
     *               eIPsPEebQ6qC4JehQM3IGuV/lrm58+hZhaXAqNzX1cEYyAt5GYqJIVCiI585SUYs
     *               wRToGyTgaN+zthF0HP9IWlR4Am4LmJ/1OcePTnYw11CkU8wNRbDzVAzogwNH+rXr
     *               LTmf7hxVjBm6bBSVSNFcBKAXFlllubSfIeZ5hgzGqn54OmSf6odO12L5JxllddHc
     *               yAd54vWKs2kJtnsKV2V4ZdkI0w6y1TeI67baFZDNGo6qsCpFMPnvv7d46Pg2VOp1
     *               J6Ivner0NnNHE4MzNmpZRk8WXMwqq4P/gTiT7F/aCX6oFCUQ4AWPQhJYh2dkcOmL
     *               IP+47Veb10aFn61F1CJwpmOOiGNXKdDT1vK8CMnnwhm825K0q/q9Zqpzc1+1ae1z
     *               mSqol1zCoa88CuSN6nTLQlVnN/dzfrGbc0boJPaM0iGhHtSzHk4SWg84LhiJB1q9
     *               A9XFJmOVdkvRY9nnz/iVLAdd0Q3vFtLqCdUYsNN2yh4=
     * ```
     * 
     * This will result in a Cloud SQL user being created with password `my-secret-password`.
     * @param argument A collection of arguments for invoking getKMSSecretAsymmetric.
     * @return A collection of values returned by getKMSSecretAsymmetric.
     */
    public suspend fun getKMSSecretAsymmetric(argument: GetKMSSecretAsymmetricPlainArgs): GetKMSSecretAsymmetricResult =
        getKMSSecretAsymmetricResultToKotlin(getKMSSecretAsymmetricPlain(argument.toJava()).await())

    /**
     * @see [getKMSSecretAsymmetric].
     * @param ciphertext The ciphertext to be decrypted, encoded in base64
     * @param crc32 The crc32 checksum of the `ciphertext` in hexadecimal notation. If not specified, it will be computed.
     * @param cryptoKeyVersion The id of the CryptoKey version that will be used to
     * decrypt the provided ciphertext. This is represented by the format
     * `projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{key}/cryptoKeyVersions/{version}`.
     * @return A collection of values returned by getKMSSecretAsymmetric.
     */
    public suspend fun getKMSSecretAsymmetric(
        ciphertext: String,
        crc32: String? = null,
        cryptoKeyVersion: String,
    ): GetKMSSecretAsymmetricResult {
        val argument = GetKMSSecretAsymmetricPlainArgs(
            ciphertext = ciphertext,
            crc32 = crc32,
            cryptoKeyVersion = cryptoKeyVersion,
        )
        return getKMSSecretAsymmetricResultToKotlin(getKMSSecretAsymmetricPlain(argument.toJava()).await())
    }

    /**
     * @see [getKMSSecretAsymmetric].
     * @param argument Builder for [com.pulumi.gcp.kms.kotlin.inputs.GetKMSSecretAsymmetricPlainArgs].
     * @return A collection of values returned by getKMSSecretAsymmetric.
     */
    public suspend fun getKMSSecretAsymmetric(argument: suspend GetKMSSecretAsymmetricPlainArgsBuilder.() -> Unit): GetKMSSecretAsymmetricResult {
        val builder = GetKMSSecretAsymmetricPlainArgsBuilder()
        builder.argument()
        val builtArgument = builder.build()
        return getKMSSecretAsymmetricResultToKotlin(getKMSSecretAsymmetricPlain(builtArgument.toJava()).await())
    }

    /**
     * !> **Warning:** This data source is deprecated. Use the `gcp.kms.SecretCiphertext` **resource** instead.
     * This data source allows you to encrypt data with Google Cloud KMS and use the
     * ciphertext within your resource definitions.
     * For more information see
     * [the official documentation](https://cloud.google.com/kms/docs/encrypt-decrypt).
     * > **NOTE:** Using this data source will allow you to conceal secret data within your
     * resource definitions, but it does not take care of protecting that data in the
     * logging output, plan output, or state output.  Please take care to secure your secret
     * data outside of resource definitions.
     * ## Example Usage
     * First, create a KMS KeyRing and CryptoKey using the resource definitions:
     * 
     * ```typescript
     * import * as pulumi from "@pulumi/pulumi";
     * import * as gcp from "@pulumi/gcp";
     * const myKeyRing = new gcp.kms.KeyRing("my_key_ring", {
     *     project: "my-project",
     *     name: "my-key-ring",
     *     location: "us-central1",
     * });
     * const myCryptoKey = new gcp.kms.CryptoKey("my_crypto_key", {
     *     name: "my-crypto-key",
     *     keyRing: myKeyRing.id,
     * });
     * ```
     * ```python
     * import pulumi
     * import pulumi_gcp as gcp
     * my_key_ring = gcp.kms.KeyRing("my_key_ring",
     *     project="my-project",
     *     name="my-key-ring",
     *     location="us-central1")
     * my_crypto_key = gcp.kms.CryptoKey("my_crypto_key",
     *     name="my-crypto-key",
     *     key_ring=my_key_ring.id)
     * ```
     * ```csharp
     * using System.Collections.Generic;
     * using System.Linq;
     * using Pulumi;
     * using Gcp = Pulumi.Gcp;
     * return await Deployment.RunAsync(() =>
     * {
     *     var myKeyRing = new Gcp.Kms.KeyRing("my_key_ring", new()
     *     {
     *         Project = "my-project",
     *         Name = "my-key-ring",
     *         Location = "us-central1",
     *     });
     *     var myCryptoKey = new Gcp.Kms.CryptoKey("my_crypto_key", new()
     *     {
     *         Name = "my-crypto-key",
     *         KeyRing = myKeyRing.Id,
     *     });
     * });
     * ```
     * ```go
     * package main
     * import (
     * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms"
     * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
     * )
     * func main() {
     * 	pulumi.Run(func(ctx *pulumi.Context) error {
     * 		myKeyRing, err := kms.NewKeyRing(ctx, "my_key_ring", &kms.KeyRingArgs{
     * 			Project:  pulumi.String("my-project"),
     * 			Name:     pulumi.String("my-key-ring"),
     * 			Location: pulumi.String("us-central1"),
     * 		})
     * 		if err != nil {
     * 			return err
     * 		}
     * 		_, err = kms.NewCryptoKey(ctx, "my_crypto_key", &kms.CryptoKeyArgs{
     * 			Name:    pulumi.String("my-crypto-key"),
     * 			KeyRing: myKeyRing.ID(),
     * 		})
     * 		if err != nil {
     * 			return err
     * 		}
     * 		return nil
     * 	})
     * }
     * ```
     * ```java
     * package generated_program;
     * import com.pulumi.Context;
     * import com.pulumi.Pulumi;
     * import com.pulumi.core.Output;
     * import com.pulumi.gcp.kms.KeyRing;
     * import com.pulumi.gcp.kms.KeyRingArgs;
     * import com.pulumi.gcp.kms.CryptoKey;
     * import com.pulumi.gcp.kms.CryptoKeyArgs;
     * import java.util.List;
     * import java.util.ArrayList;
     * import java.util.Map;
     * import java.io.File;
     * import java.nio.file.Files;
     * import java.nio.file.Paths;
     * public class App {
     *     public static void main(String[] args) {
     *         Pulumi.run(App::stack);
     *     }
     *     public static void stack(Context ctx) {
     *         var myKeyRing = new KeyRing("myKeyRing", KeyRingArgs.builder()
     *             .project("my-project")
     *             .name("my-key-ring")
     *             .location("us-central1")
     *             .build());
     *         var myCryptoKey = new CryptoKey("myCryptoKey", CryptoKeyArgs.builder()
     *             .name("my-crypto-key")
     *             .keyRing(myKeyRing.id())
     *             .build());
     *     }
     * }
     * ```
     * ```yaml
     * resources:
     *   myKeyRing:
     *     type: gcp:kms:KeyRing
     *     name: my_key_ring
     *     properties:
     *       project: my-project
     *       name: my-key-ring
     *       location: us-central1
     *   myCryptoKey:
     *     type: gcp:kms:CryptoKey
     *     name: my_crypto_key
     *     properties:
     *       name: my-crypto-key
     *       keyRing: ${myKeyRing.id}
     * ```
     * 
     * Next, encrypt some sensitive information and use the encrypted data in your resource definitions:
     * 
     * ```typescript
     * import * as pulumi from "@pulumi/pulumi";
     * import * as gcp from "@pulumi/gcp";
     * const myPassword = gcp.kms.getKMSSecretCiphertext({
     *     cryptoKey: myCryptoKey.id,
     *     plaintext: "my-secret-password",
     * });
     * const instance = new gcp.compute.Instance("instance", {
     *     networkInterfaces: [{
     *         accessConfigs: [{}],
     *         network: "default",
     *     }],
     *     name: "test",
     *     machineType: "e2-medium",
     *     zone: "us-central1-a",
     *     bootDisk: {
     *         initializeParams: {
     *             image: "debian-cloud/debian-11",
     *         },
     *     },
     *     metadata: {
     *         password: myPassword.then(myPassword => myPassword.ciphertext),
     *     },
     * });
     * ```
     * ```python
     * import pulumi
     * import pulumi_gcp as gcp
     * my_password = gcp.kms.get_kms_secret_ciphertext(crypto_key=my_crypto_key["id"],
     *     plaintext="my-secret-password")
     * instance = gcp.compute.Instance("instance",
     *     network_interfaces=[gcp.compute.InstanceNetworkInterfaceArgs(
     *         access_configs=[gcp.compute.InstanceNetworkInterfaceAccessConfigArgs()],
     *         network="default",
     *     )],
     *     name="test",
     *     machine_type="e2-medium",
     *     zone="us-central1-a",
     *     boot_disk=gcp.compute.InstanceBootDiskArgs(
     *         initialize_params=gcp.compute.InstanceBootDiskInitializeParamsArgs(
     *             image="debian-cloud/debian-11",
     *         ),
     *     ),
     *     metadata={
     *         "password": my_password.ciphertext,
     *     })
     * ```
     * ```csharp
     * using System.Collections.Generic;
     * using System.Linq;
     * using Pulumi;
     * using Gcp = Pulumi.Gcp;
     * return await Deployment.RunAsync(() =>
     * {
     *     var myPassword = Gcp.Kms.GetKMSSecretCiphertext.Invoke(new()
     *     {
     *         CryptoKey = myCryptoKey.Id,
     *         Plaintext = "my-secret-password",
     *     });
     *     var instance = new Gcp.Compute.Instance("instance", new()
     *     {
     *         NetworkInterfaces = new[]
     *         {
     *             new Gcp.Compute.Inputs.InstanceNetworkInterfaceArgs
     *             {
     *                 AccessConfigs = new[]
     *                 {
     *                     null,
     *                 },
     *                 Network = "default",
     *             },
     *         },
     *         Name = "test",
     *         MachineType = "e2-medium",
     *         Zone = "us-central1-a",
     *         BootDisk = new Gcp.Compute.Inputs.InstanceBootDiskArgs
     *         {
     *             InitializeParams = new Gcp.Compute.Inputs.InstanceBootDiskInitializeParamsArgs
     *             {
     *                 Image = "debian-cloud/debian-11",
     *             },
     *         },
     *         Metadata =
     *         {
     *             { "password", myPassword.Apply(getKMSSecretCiphertextResult => getKMSSecretCiphertextResult.Ciphertext) },
     *         },
     *     });
     * });
     * ```
     * ```go
     * package main
     * import (
     * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
     * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms"
     * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
     * )
     * func main() {
     * 	pulumi.Run(func(ctx *pulumi.Context) error {
     * 		myPassword, err := kms.GetKMSSecretCiphertext(ctx, &kms.GetKMSSecretCiphertextArgs{
     * 			CryptoKey: myCryptoKey.Id,
     * 			Plaintext: "my-secret-password",
     * 		}, nil)
     * 		if err != nil {
     * 			return err
     * 		}
     * 		_, err = compute.NewInstance(ctx, "instance", &compute.InstanceArgs{
     * 			NetworkInterfaces: compute.InstanceNetworkInterfaceArray{
     * 				&compute.InstanceNetworkInterfaceArgs{
     * 					AccessConfigs: compute.InstanceNetworkInterfaceAccessConfigArray{
     * 						nil,
     * 					},
     * 					Network: pulumi.String("default"),
     * 				},
     * 			},
     * 			Name:        pulumi.String("test"),
     * 			MachineType: pulumi.String("e2-medium"),
     * 			Zone:        pulumi.String("us-central1-a"),
     * 			BootDisk: &compute.InstanceBootDiskArgs{
     * 				InitializeParams: &compute.InstanceBootDiskInitializeParamsArgs{
     * 					Image: pulumi.String("debian-cloud/debian-11"),
     * 				},
     * 			},
     * 			Metadata: pulumi.StringMap{
     * 				"password": pulumi.String(myPassword.Ciphertext),
     * 			},
     * 		})
     * 		if err != nil {
     * 			return err
     * 		}
     * 		return nil
     * 	})
     * }
     * ```
     * ```java
     * package generated_program;
     * import com.pulumi.Context;
     * import com.pulumi.Pulumi;
     * import com.pulumi.core.Output;
     * import com.pulumi.gcp.kms.KmsFunctions;
     * import com.pulumi.gcp.kms.inputs.GetKMSSecretCiphertextArgs;
     * import com.pulumi.gcp.compute.Instance;
     * import com.pulumi.gcp.compute.InstanceArgs;
     * import com.pulumi.gcp.compute.inputs.InstanceNetworkInterfaceArgs;
     * import com.pulumi.gcp.compute.inputs.InstanceBootDiskArgs;
     * import com.pulumi.gcp.compute.inputs.InstanceBootDiskInitializeParamsArgs;
     * import java.util.List;
     * import java.util.ArrayList;
     * import java.util.Map;
     * import java.io.File;
     * import java.nio.file.Files;
     * import java.nio.file.Paths;
     * public class App {
     *     public static void main(String[] args) {
     *         Pulumi.run(App::stack);
     *     }
     *     public static void stack(Context ctx) {
     *         final var myPassword = KmsFunctions.getKMSSecretCiphertext(GetKMSSecretCiphertextArgs.builder()
     *             .cryptoKey(myCryptoKey.id())
     *             .plaintext("my-secret-password")
     *             .build());
     *         var instance = new Instance("instance", InstanceArgs.builder()
     *             .networkInterfaces(InstanceNetworkInterfaceArgs.builder()
     *                 .accessConfigs()
     *                 .network("default")
     *                 .build())
     *             .name("test")
     *             .machineType("e2-medium")
     *             .zone("us-central1-a")
     *             .bootDisk(InstanceBootDiskArgs.builder()
     *                 .initializeParams(InstanceBootDiskInitializeParamsArgs.builder()
     *                     .image("debian-cloud/debian-11")
     *                     .build())
     *                 .build())
     *             .metadata(Map.of("password", myPassword.applyValue(getKMSSecretCiphertextResult -> getKMSSecretCiphertextResult.ciphertext())))
     *             .build());
     *     }
     * }
     * ```
     * ```yaml
     * resources:
     *   instance:
     *     type: gcp:compute:Instance
     *     properties:
     *       networkInterfaces:
     *         - accessConfigs:
     *             - {}
     *           network: default
     *       name: test
     *       machineType: e2-medium
     *       zone: us-central1-a
     *       bootDisk:
     *         initializeParams:
     *           image: debian-cloud/debian-11
     *       metadata:
     *         password: ${myPassword.ciphertext}
     * variables:
     *   myPassword:
     *     fn::invoke:
     *       Function: gcp:kms:getKMSSecretCiphertext
     *       Arguments:
     *         cryptoKey: ${myCryptoKey.id}
     *         plaintext: my-secret-password
     * ```
     * 
     * The resulting instance can then access the encrypted password from its metadata
     * and decrypt it, e.g. using the [Cloud SDK](https://cloud.google.com/sdk/gcloud/reference/kms/decrypt)):
     * ```bash
     * $ curl -H "Metadata-Flavor: Google" http://metadata.google.internal/computeMetadata/v1/instance/attributes/password \
     * > | base64 -d | gcloud kms decrypt \
     * > --project my-project \
     * > --location us-central1 \
     * > --keyring my-key-ring \
     * > --key my-crypto-key \
     * > --plaintext-file - \
     * > --ciphertext-file - \
     * my-secret-password
     * ```
     * @param argument A collection of arguments for invoking getKMSSecretCiphertext.
     * @return A collection of values returned by getKMSSecretCiphertext.
     */
    public suspend fun getKMSSecretCiphertext(argument: GetKMSSecretCiphertextPlainArgs): GetKMSSecretCiphertextResult =
        getKMSSecretCiphertextResultToKotlin(getKMSSecretCiphertextPlain(argument.toJava()).await())

    /**
     * @see [getKMSSecretCiphertext].
     * @param cryptoKey The id of the CryptoKey that will be used to
     * encrypt the provided plaintext. This is represented by the format
     * `{projectId}/{location}/{keyRingName}/{cryptoKeyName}`.
     * @param plaintext The plaintext to be encrypted
     * @return A collection of values returned by getKMSSecretCiphertext.
     */
    public suspend fun getKMSSecretCiphertext(cryptoKey: String, plaintext: String): GetKMSSecretCiphertextResult {
        val argument = GetKMSSecretCiphertextPlainArgs(
            cryptoKey = cryptoKey,
            plaintext = plaintext,
        )
        return getKMSSecretCiphertextResultToKotlin(getKMSSecretCiphertextPlain(argument.toJava()).await())
    }

    /**
     * @see [getKMSSecretCiphertext].
     * @param argument Builder for [com.pulumi.gcp.kms.kotlin.inputs.GetKMSSecretCiphertextPlainArgs].
     * @return A collection of values returned by getKMSSecretCiphertext.
     */
    public suspend fun getKMSSecretCiphertext(argument: suspend GetKMSSecretCiphertextPlainArgsBuilder.() -> Unit): GetKMSSecretCiphertextResult {
        val builder = GetKMSSecretCiphertextPlainArgsBuilder()
        builder.argument()
        val builtArgument = builder.build()
        return getKMSSecretCiphertextResultToKotlin(getKMSSecretCiphertextPlain(builtArgument.toJava()).await())
    }

    /**
     * Retrieves the current IAM policy data for a Google Cloud KMS key ring.
     * ## example
     * 
     * ```typescript
     * import * as pulumi from "@pulumi/pulumi";
     * import * as gcp from "@pulumi/gcp";
     * const testKeyRingIamPolicy = gcp.kms.getKeyRingIamPolicy({
     *     keyRingId: "{project_id}/{location_name}/{key_ring_name}",
     * });
     * ```
     * ```python
     * import pulumi
     * import pulumi_gcp as gcp
     * test_key_ring_iam_policy = gcp.kms.get_key_ring_iam_policy(key_ring_id="{project_id}/{location_name}/{key_ring_name}")
     * ```
     * ```csharp
     * using System.Collections.Generic;
     * using System.Linq;
     * using Pulumi;
     * using Gcp = Pulumi.Gcp;
     * return await Deployment.RunAsync(() =>
     * {
     *     var testKeyRingIamPolicy = Gcp.Kms.GetKeyRingIamPolicy.Invoke(new()
     *     {
     *         KeyRingId = "{project_id}/{location_name}/{key_ring_name}",
     *     });
     * });
     * ```
     * ```go
     * package main
     * import (
     * 	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms"
     * 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
     * )
     * func main() {
     * 	pulumi.Run(func(ctx *pulumi.Context) error {
     * 		_, err := kms.GetKeyRingIamPolicy(ctx, &kms.GetKeyRingIamPolicyArgs{
     * 			KeyRingId: "{project_id}/{location_name}/{key_ring_name}",
     * 		}, nil)
     * 		if err != nil {
     * 			return err
     * 		}
     * 		return nil
     * 	})
     * }
     * ```
     * ```java
     * package generated_program;
     * import com.pulumi.Context;
     * import com.pulumi.Pulumi;
     * import com.pulumi.core.Output;
     * import com.pulumi.gcp.kms.KmsFunctions;
     * import com.pulumi.gcp.kms.inputs.GetKeyRingIamPolicyArgs;
     * import java.util.List;
     * import java.util.ArrayList;
     * import java.util.Map;
     * import java.io.File;
     * import java.nio.file.Files;
     * import java.nio.file.Paths;
     * public class App {
     *     public static void main(String[] args) {
     *         Pulumi.run(App::stack);
     *     }
     *     public static void stack(Context ctx) {
     *         final var testKeyRingIamPolicy = KmsFunctions.getKeyRingIamPolicy(GetKeyRingIamPolicyArgs.builder()
     *             .keyRingId("{project_id}/{location_name}/{key_ring_name}")
     *             .build());
     *     }
     * }
     * ```
     * ```yaml
     * variables:
     *   testKeyRingIamPolicy:
     *     fn::invoke:
     *       Function: gcp:kms:getKeyRingIamPolicy
     *       Arguments:
     *         keyRingId: '{project_id}/{location_name}/{key_ring_name}'
     * ```
     * 
     * @param argument A collection of arguments for invoking getKeyRingIamPolicy.
     * @return A collection of values returned by getKeyRingIamPolicy.
     */
    public suspend fun getKeyRingIamPolicy(argument: GetKeyRingIamPolicyPlainArgs): GetKeyRingIamPolicyResult =
        getKeyRingIamPolicyResultToKotlin(getKeyRingIamPolicyPlain(argument.toJava()).await())

    /**
     * @see [getKeyRingIamPolicy].
     * @param keyRingId The key ring ID, in the form
     * `{project_id}/{location_name}/{key_ring_name}` or
     * `{location_name}/{key_ring_name}`. In the second form, the provider's
     * project setting will be used as a fallback.
     * @return A collection of values returned by getKeyRingIamPolicy.
     */
    public suspend fun getKeyRingIamPolicy(keyRingId: String): GetKeyRingIamPolicyResult {
        val argument = GetKeyRingIamPolicyPlainArgs(
            keyRingId = keyRingId,
        )
        return getKeyRingIamPolicyResultToKotlin(getKeyRingIamPolicyPlain(argument.toJava()).await())
    }

    /**
     * @see [getKeyRingIamPolicy].
     * @param argument Builder for [com.pulumi.gcp.kms.kotlin.inputs.GetKeyRingIamPolicyPlainArgs].
     * @return A collection of values returned by getKeyRingIamPolicy.
     */
    public suspend fun getKeyRingIamPolicy(argument: suspend GetKeyRingIamPolicyPlainArgsBuilder.() -> Unit): GetKeyRingIamPolicyResult {
        val builder = GetKeyRingIamPolicyPlainArgsBuilder()
        builder.argument()
        val builtArgument = builder.build()
        return getKeyRingIamPolicyResultToKotlin(getKeyRingIamPolicyPlain(builtArgument.toJava()).await())
    }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy