gcp_iam_workload_identity_pool_provider_key

ancestors

Type: UNORDERED_LIST_STRING

expire_time

Type: TIMESTAMP
Provider name: expireTime
Description: Output only. Time after which the key will be permanently purged and cannot be recovered. Note that the key may get purged before this timestamp if the total limit of keys per provider is crossed.

key_data

Type: STRUCT
Provider name: keyData
Description: Immutable. Public half of the asymmetric key.

• format
  Type: STRING
  Provider name: format
  Description: Output only. The format of the key.
  Possible values:
  
  • KEY_FORMAT_UNSPECIFIED - No format has been specified. This is an invalid format and must not be used.
    
  • RSA_X509_PEM - A RSA public key wrapped in an X.509v3 certificate ([RFC5280] ( https://www.ietf.org/rfc/rfc5280.txt)), encoded in base64, and wrapped in public certificate label.
    
• key
  Type: STRING
  Provider name: key
  Description: Output only. The key data. The format of the key is represented by the format field.
  
• key_spec
  Type: STRING
  Provider name: keySpec
  Description: Required. The specifications for the key.
  Possible values:
  
  • KEY_SPEC_UNSPECIFIED - No key specification specified.
    
  • RSA_2048 - A 2048 bit RSA key.
    
  • RSA_3072 - A 3072 bit RSA key.
    
  • RSA_4096 - A 4096 bit RSA key.
    
• not_after_time
  Type: TIMESTAMP
  Provider name: notAfterTime
  Description: Output only. Latest timestamp when this key is valid. Attempts to use this key after this time will fail. Only present if the key data represents a X.509 certificate.
  
• not_before_time
  Type: TIMESTAMP
  Provider name: notBeforeTime
  Description: Output only. Earliest timestamp when this key is valid. Attempts to use this key before this time will fail. Only present if the key data represents a X.509 certificate.
  

labels

Type: UNORDERED_LIST_STRING

name

Type: STRING
Provider name: name
Description: Output only. The resource name of the key.

organization_id

Type: STRING

parent

Type: STRING

project_id

Type: STRING

project_number

Type: STRING

region_id

Type: STRING

resource_name

Type: STRING

state

Type: STRING
Provider name: state
Description: Output only. The state of the key.
Possible values:

• STATE_UNSPECIFIED - State unspecified.
  
• ACTIVE - The key is active.
  
• DELETED - The key is soft-deleted. Soft-deleted keys are permanently deleted after approximately 30 days. You can restore a soft-deleted key using UndeleteWorkloadIdentityPoolProviderKey. While a key is deleted, you cannot use it during the federation.
  

tags

Type: UNORDERED_LIST_STRING

use

Type: STRING
Provider name: use
Description: Required. The purpose of the key.
Possible values:

• KEY_USE_UNSPECIFIED - The key use is not known.
  
• ENCRYPTION - The public key is used for encryption purposes.
  

zone_id

Type: STRING