Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $
You can buy this project and download/modify it how often you want.
com.pulumi.gcp.kms.kotlin.AutokeyConfigArgs.kt Maven / Gradle / Ivy
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.kms.kotlin
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.kms.AutokeyConfigArgs.builder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.String
import kotlin.Suppress
import kotlin.jvm.JvmName
/**
* ## Example Usage
* ### Kms Autokey Config All
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* import * as time from "@pulumi/time";
* // Create Folder in GCP Organization
* const autokmsFolder = new gcp.organizations.Folder("autokms_folder", {
* displayName: "my-folder",
* parent: "organizations/123456789",
* });
* // Create the key project
* const keyProject = new gcp.organizations.Project("key_project", {
* projectId: "key-proj",
* name: "key-proj",
* folderId: autokmsFolder.folderId,
* billingAccount: "000000-0000000-0000000-000000",
* }, {
* dependsOn: [autokmsFolder],
* });
* // Enable the Cloud KMS API
* const kmsApiService = new gcp.projects.Service("kms_api_service", {
* service: "cloudkms.googleapis.com",
* project: keyProject.projectId,
* disableOnDestroy: false,
* disableDependentServices: true,
* }, {
* dependsOn: [keyProject],
* });
* // Wait delay after enabling APIs
* const waitEnableServiceApi = new time.index.Sleep("wait_enable_service_api", {createDuration: "30s"}, {
* dependsOn: [kmsApiService],
* });
* //Create KMS Service Agent
* const kmsServiceAgent = new gcp.projects.ServiceIdentity("kms_service_agent", {
* service: "cloudkms.googleapis.com",
* project: keyProject.number,
* }, {
* dependsOn: [waitEnableServiceApi],
* });
* // Wait delay after creating service agent.
* const waitServiceAgent = new time.index.Sleep("wait_service_agent", {createDuration: "10s"}, {
* dependsOn: [kmsServiceAgent],
* });
* //Grant the KMS Service Agent the Cloud KMS Admin role
* const autokeyProjectAdmin = new gcp.projects.IAMMember("autokey_project_admin", {
* project: keyProject.projectId,
* role: "roles/cloudkms.admin",
* member: pulumi.interpolate`serviceAccount:service-${keyProject.number}@gcp-sa-cloudkms.iam.gserviceaccount.com`,
* }, {
* dependsOn: [waitServiceAgent],
* });
* // Wait delay after granting IAM permissions
* const waitSrvAccPermissions = new time.index.Sleep("wait_srv_acc_permissions", {createDuration: "10s"}, {
* dependsOn: [autokeyProjectAdmin],
* });
* const example_autokeyconfig = new gcp.kms.AutokeyConfig("example-autokeyconfig", {
* folder: autokmsFolder.folderId,
* keyProject: pulumi.interpolate`projects/${keyProject.projectId}`,
* }, {
* dependsOn: [waitSrvAccPermissions],
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* import pulumi_time as time
* # Create Folder in GCP Organization
* autokms_folder = gcp.organizations.Folder("autokms_folder",
* display_name="my-folder",
* parent="organizations/123456789")
* # Create the key project
* key_project = gcp.organizations.Project("key_project",
* project_id="key-proj",
* name="key-proj",
* folder_id=autokms_folder.folder_id,
* billing_account="000000-0000000-0000000-000000",
* opts = pulumi.ResourceOptions(depends_on=[autokms_folder]))
* # Enable the Cloud KMS API
* kms_api_service = gcp.projects.Service("kms_api_service",
* service="cloudkms.googleapis.com",
* project=key_project.project_id,
* disable_on_destroy=False,
* disable_dependent_services=True,
* opts = pulumi.ResourceOptions(depends_on=[key_project]))
* # Wait delay after enabling APIs
* wait_enable_service_api = time.index.Sleep("wait_enable_service_api", create_duration=30s,
* opts = pulumi.ResourceOptions(depends_on=[kms_api_service]))
* #Create KMS Service Agent
* kms_service_agent = gcp.projects.ServiceIdentity("kms_service_agent",
* service="cloudkms.googleapis.com",
* project=key_project.number,
* opts = pulumi.ResourceOptions(depends_on=[wait_enable_service_api]))
* # Wait delay after creating service agent.
* wait_service_agent = time.index.Sleep("wait_service_agent", create_duration=10s,
* opts = pulumi.ResourceOptions(depends_on=[kms_service_agent]))
* #Grant the KMS Service Agent the Cloud KMS Admin role
* autokey_project_admin = gcp.projects.IAMMember("autokey_project_admin",
* project=key_project.project_id,
* role="roles/cloudkms.admin",
* member=key_project.number.apply(lambda number: f"serviceAccount:service-{number}@gcp-sa-cloudkms.iam.gserviceaccount.com"),
* opts = pulumi.ResourceOptions(depends_on=[wait_service_agent]))
* # Wait delay after granting IAM permissions
* wait_srv_acc_permissions = time.index.Sleep("wait_srv_acc_permissions", create_duration=10s,
* opts = pulumi.ResourceOptions(depends_on=[autokey_project_admin]))
* example_autokeyconfig = gcp.kms.AutokeyConfig("example-autokeyconfig",
* folder=autokms_folder.folder_id,
* key_project=key_project.project_id.apply(lambda project_id: f"projects/{project_id}"),
* opts = pulumi.ResourceOptions(depends_on=[wait_srv_acc_permissions]))
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* using Time = Pulumi.Time;
* return await Deployment.RunAsync(() =>
* {
* // Create Folder in GCP Organization
* var autokmsFolder = new Gcp.Organizations.Folder("autokms_folder", new()
* {
* DisplayName = "my-folder",
* Parent = "organizations/123456789",
* });
* // Create the key project
* var keyProject = new Gcp.Organizations.Project("key_project", new()
* {
* ProjectId = "key-proj",
* Name = "key-proj",
* FolderId = autokmsFolder.FolderId,
* BillingAccount = "000000-0000000-0000000-000000",
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* autokmsFolder,
* },
* });
* // Enable the Cloud KMS API
* var kmsApiService = new Gcp.Projects.Service("kms_api_service", new()
* {
* ServiceName = "cloudkms.googleapis.com",
* Project = keyProject.ProjectId,
* DisableOnDestroy = false,
* DisableDependentServices = true,
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* keyProject,
* },
* });
* // Wait delay after enabling APIs
* var waitEnableServiceApi = new Time.Index.Sleep("wait_enable_service_api", new()
* {
* CreateDuration = "30s",
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* kmsApiService,
* },
* });
* //Create KMS Service Agent
* var kmsServiceAgent = new Gcp.Projects.ServiceIdentity("kms_service_agent", new()
* {
* Service = "cloudkms.googleapis.com",
* Project = keyProject.Number,
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* waitEnableServiceApi,
* },
* });
* // Wait delay after creating service agent.
* var waitServiceAgent = new Time.Index.Sleep("wait_service_agent", new()
* {
* CreateDuration = "10s",
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* kmsServiceAgent,
* },
* });
* //Grant the KMS Service Agent the Cloud KMS Admin role
* var autokeyProjectAdmin = new Gcp.Projects.IAMMember("autokey_project_admin", new()
* {
* Project = keyProject.ProjectId,
* Role = "roles/cloudkms.admin",
* Member = keyProject.Number.Apply(number => $"serviceAccount:service-{number}@gcp-sa-cloudkms.iam.gserviceaccount.com"),
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* waitServiceAgent,
* },
* });
* // Wait delay after granting IAM permissions
* var waitSrvAccPermissions = new Time.Index.Sleep("wait_srv_acc_permissions", new()
* {
* CreateDuration = "10s",
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* autokeyProjectAdmin,
* },
* });
* var example_autokeyconfig = new Gcp.Kms.AutokeyConfig("example-autokeyconfig", new()
* {
* Folder = autokmsFolder.FolderId,
* KeyProject = keyProject.ProjectId.Apply(projectId => $"projects/{projectId}"),
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* waitSrvAccPermissions,
* },
* });
* });
* ```
* ```go
* package main
* import (
* "fmt"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/kms"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/organizations"
* "github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/projects"
* "github.com/pulumi/pulumi-time/sdk/go/time"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* // Create Folder in GCP Organization
* autokmsFolder, err := organizations.NewFolder(ctx, "autokms_folder", &organizations.FolderArgs{
* DisplayName: pulumi.String("my-folder"),
* Parent: pulumi.String("organizations/123456789"),
* })
* if err != nil {
* return err
* }
* // Create the key project
* keyProject, err := organizations.NewProject(ctx, "key_project", &organizations.ProjectArgs{
* ProjectId: pulumi.String("key-proj"),
* Name: pulumi.String("key-proj"),
* FolderId: autokmsFolder.FolderId,
* BillingAccount: pulumi.String("000000-0000000-0000000-000000"),
* }, pulumi.DependsOn([]pulumi.Resource{
* autokmsFolder,
* }))
* if err != nil {
* return err
* }
* // Enable the Cloud KMS API
* kmsApiService, err := projects.NewService(ctx, "kms_api_service", &projects.ServiceArgs{
* Service: pulumi.String("cloudkms.googleapis.com"),
* Project: keyProject.ProjectId,
* DisableOnDestroy: pulumi.Bool(false),
* DisableDependentServices: pulumi.Bool(true),
* }, pulumi.DependsOn([]pulumi.Resource{
* keyProject,
* }))
* if err != nil {
* return err
* }
* // Wait delay after enabling APIs
* waitEnableServiceApi, err := time.NewSleep(ctx, "wait_enable_service_api", &time.SleepArgs{
* CreateDuration: "30s",
* }, pulumi.DependsOn([]pulumi.Resource{
* kmsApiService,
* }))
* if err != nil {
* return err
* }
* // Create KMS Service Agent
* kmsServiceAgent, err := projects.NewServiceIdentity(ctx, "kms_service_agent", &projects.ServiceIdentityArgs{
* Service: pulumi.String("cloudkms.googleapis.com"),
* Project: keyProject.Number,
* }, pulumi.DependsOn([]pulumi.Resource{
* waitEnableServiceApi,
* }))
* if err != nil {
* return err
* }
* // Wait delay after creating service agent.
* waitServiceAgent, err := time.NewSleep(ctx, "wait_service_agent", &time.SleepArgs{
* CreateDuration: "10s",
* }, pulumi.DependsOn([]pulumi.Resource{
* kmsServiceAgent,
* }))
* if err != nil {
* return err
* }
* // Grant the KMS Service Agent the Cloud KMS Admin role
* autokeyProjectAdmin, err := projects.NewIAMMember(ctx, "autokey_project_admin", &projects.IAMMemberArgs{
* Project: keyProject.ProjectId,
* Role: pulumi.String("roles/cloudkms.admin"),
* Member: keyProject.Number.ApplyT(func(number string) (string, error) {
* return fmt.Sprintf("serviceAccount:service-%[email protected] ", number), nil
* }).(pulumi.StringOutput),
* }, pulumi.DependsOn([]pulumi.Resource{
* waitServiceAgent,
* }))
* if err != nil {
* return err
* }
* // Wait delay after granting IAM permissions
* waitSrvAccPermissions, err := time.NewSleep(ctx, "wait_srv_acc_permissions", &time.SleepArgs{
* CreateDuration: "10s",
* }, pulumi.DependsOn([]pulumi.Resource{
* autokeyProjectAdmin,
* }))
* if err != nil {
* return err
* }
* _, err = kms.NewAutokeyConfig(ctx, "example-autokeyconfig", &kms.AutokeyConfigArgs{
* Folder: autokmsFolder.FolderId,
* KeyProject: keyProject.ProjectId.ApplyT(func(projectId string) (string, error) {
* return fmt.Sprintf("projects/%v", projectId), nil
* }).(pulumi.StringOutput),
* }, pulumi.DependsOn([]pulumi.Resource{
* waitSrvAccPermissions,
* }))
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.organizations.Folder;
* import com.pulumi.gcp.organizations.FolderArgs;
* import com.pulumi.gcp.organizations.Project;
* import com.pulumi.gcp.organizations.ProjectArgs;
* import com.pulumi.gcp.projects.Service;
* import com.pulumi.gcp.projects.ServiceArgs;
* import com.pulumi.time.sleep;
* import com.pulumi.time.SleepArgs;
* import com.pulumi.gcp.projects.ServiceIdentity;
* import com.pulumi.gcp.projects.ServiceIdentityArgs;
* import com.pulumi.gcp.projects.IAMMember;
* import com.pulumi.gcp.projects.IAMMemberArgs;
* import com.pulumi.gcp.kms.AutokeyConfig;
* import com.pulumi.gcp.kms.AutokeyConfigArgs;
* import com.pulumi.resources.CustomResourceOptions;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* // Create Folder in GCP Organization
* var autokmsFolder = new Folder("autokmsFolder", FolderArgs.builder()
* .displayName("my-folder")
* .parent("organizations/123456789")
* .build());
* // Create the key project
* var keyProject = new Project("keyProject", ProjectArgs.builder()
* .projectId("key-proj")
* .name("key-proj")
* .folderId(autokmsFolder.folderId())
* .billingAccount("000000-0000000-0000000-000000")
* .build(), CustomResourceOptions.builder()
* .dependsOn(autokmsFolder)
* .build());
* // Enable the Cloud KMS API
* var kmsApiService = new Service("kmsApiService", ServiceArgs.builder()
* .service("cloudkms.googleapis.com")
* .project(keyProject.projectId())
* .disableOnDestroy(false)
* .disableDependentServices(true)
* .build(), CustomResourceOptions.builder()
* .dependsOn(keyProject)
* .build());
* // Wait delay after enabling APIs
* var waitEnableServiceApi = new Sleep("waitEnableServiceApi", SleepArgs.builder()
* .createDuration("30s")
* .build(), CustomResourceOptions.builder()
* .dependsOn(kmsApiService)
* .build());
* //Create KMS Service Agent
* var kmsServiceAgent = new ServiceIdentity("kmsServiceAgent", ServiceIdentityArgs.builder()
* .service("cloudkms.googleapis.com")
* .project(keyProject.number())
* .build(), CustomResourceOptions.builder()
* .dependsOn(waitEnableServiceApi)
* .build());
* // Wait delay after creating service agent.
* var waitServiceAgent = new Sleep("waitServiceAgent", SleepArgs.builder()
* .createDuration("10s")
* .build(), CustomResourceOptions.builder()
* .dependsOn(kmsServiceAgent)
* .build());
* //Grant the KMS Service Agent the Cloud KMS Admin role
* var autokeyProjectAdmin = new IAMMember("autokeyProjectAdmin", IAMMemberArgs.builder()
* .project(keyProject.projectId())
* .role("roles/cloudkms.admin")
* .member(keyProject.number().applyValue(number -> String.format("serviceAccount:service-%[email protected] ", number)))
* .build(), CustomResourceOptions.builder()
* .dependsOn(waitServiceAgent)
* .build());
* // Wait delay after granting IAM permissions
* var waitSrvAccPermissions = new Sleep("waitSrvAccPermissions", SleepArgs.builder()
* .createDuration("10s")
* .build(), CustomResourceOptions.builder()
* .dependsOn(autokeyProjectAdmin)
* .build());
* var example_autokeyconfig = new AutokeyConfig("example-autokeyconfig", AutokeyConfigArgs.builder()
* .folder(autokmsFolder.folderId())
* .keyProject(keyProject.projectId().applyValue(projectId -> String.format("projects/%s", projectId)))
* .build(), CustomResourceOptions.builder()
* .dependsOn(waitSrvAccPermissions)
* .build());
* }
* }
* ```
* ```yaml
* resources:
* # Create Folder in GCP Organization
* autokmsFolder:
* type: gcp:organizations:Folder
* name: autokms_folder
* properties:
* displayName: my-folder
* parent: organizations/123456789
* # Create the key project
* keyProject:
* type: gcp:organizations:Project
* name: key_project
* properties:
* projectId: key-proj
* name: key-proj
* folderId: ${autokmsFolder.folderId}
* billingAccount: 000000-0000000-0000000-000000
* options:
* dependson:
* - ${autokmsFolder}
* # Enable the Cloud KMS API
* kmsApiService:
* type: gcp:projects:Service
* name: kms_api_service
* properties:
* service: cloudkms.googleapis.com
* project: ${keyProject.projectId}
* disableOnDestroy: false
* disableDependentServices: true
* options:
* dependson:
* - ${keyProject}
* # Wait delay after enabling APIs
* waitEnableServiceApi:
* type: time:sleep
* name: wait_enable_service_api
* properties:
* createDuration: 30s
* options:
* dependson:
* - ${kmsApiService}
* #Create KMS Service Agent
* kmsServiceAgent:
* type: gcp:projects:ServiceIdentity
* name: kms_service_agent
* properties:
* service: cloudkms.googleapis.com
* project: ${keyProject.number}
* options:
* dependson:
* - ${waitEnableServiceApi}
* # Wait delay after creating service agent.
* waitServiceAgent:
* type: time:sleep
* name: wait_service_agent
* properties:
* createDuration: 10s
* options:
* dependson:
* - ${kmsServiceAgent}
* #Grant the KMS Service Agent the Cloud KMS Admin role
* autokeyProjectAdmin:
* type: gcp:projects:IAMMember
* name: autokey_project_admin
* properties:
* project: ${keyProject.projectId}
* role: roles/cloudkms.admin
* member: serviceAccount:service-${keyProject.number}@gcp-sa-cloudkms.iam.gserviceaccount.com
* options:
* dependson:
* - ${waitServiceAgent}
* # Wait delay after granting IAM permissions
* waitSrvAccPermissions:
* type: time:sleep
* name: wait_srv_acc_permissions
* properties:
* createDuration: 10s
* options:
* dependson:
* - ${autokeyProjectAdmin}
* example-autokeyconfig:
* type: gcp:kms:AutokeyConfig
* properties:
* folder: ${autokmsFolder.folderId}
* keyProject: projects/${keyProject.projectId}
* options:
* dependson:
* - ${waitSrvAccPermissions}
* ```
*
* ## Import
* AutokeyConfig can be imported using any of these accepted formats:
* * `folders/{{folder}}/autokeyConfig`
* * `{{folder}}`
* When using the `pulumi import` command, AutokeyConfig can be imported using one of the formats above. For example:
* ```sh
* $ pulumi import gcp:kms/autokeyConfig:AutokeyConfig default folders/{{folder}}/autokeyConfig
* ```
* ```sh
* $ pulumi import gcp:kms/autokeyConfig:AutokeyConfig default {{folder}}
* ```
* @property folder The folder for which to retrieve config.
* - - -
* @property keyProject The target key project for a given folder where KMS Autokey will provision a
* CryptoKey for any new KeyHandle the Developer creates. Should have the form
* `projects/`.
*/
public data class AutokeyConfigArgs(
public val folder: Output? = null,
public val keyProject: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.gcp.kms.AutokeyConfigArgs =
com.pulumi.gcp.kms.AutokeyConfigArgs.builder()
.folder(folder?.applyValue({ args0 -> args0 }))
.keyProject(keyProject?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [AutokeyConfigArgs].
*/
@PulumiTagMarker
public class AutokeyConfigArgsBuilder internal constructor() {
private var folder: Output? = null
private var keyProject: Output? = null
/**
* @param value The folder for which to retrieve config.
* - - -
*/
@JvmName("bmtelfhwpsniqvsu")
public suspend fun folder(`value`: Output) {
this.folder = value
}
/**
* @param value The target key project for a given folder where KMS Autokey will provision a
* CryptoKey for any new KeyHandle the Developer creates. Should have the form
* `projects/`.
*/
@JvmName("iqkvtjuanhcfehlg")
public suspend fun keyProject(`value`: Output) {
this.keyProject = value
}
/**
* @param value The folder for which to retrieve config.
* - - -
*/
@JvmName("eukamxxpbtatojyc")
public suspend fun folder(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.folder = mapped
}
/**
* @param value The target key project for a given folder where KMS Autokey will provision a
* CryptoKey for any new KeyHandle the Developer creates. Should have the form
* `projects/`.
*/
@JvmName("ntjucyskpxjbqeyt")
public suspend fun keyProject(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.keyProject = mapped
}
internal fun build(): AutokeyConfigArgs = AutokeyConfigArgs(
folder = folder,
keyProject = keyProject,
)
}
