--- title: Getting Started with Datadog description: Datadog, the leading service for cloud-scale monitoring. breadcrumbs: Docs > Infrastructure > Datadog Resource Catalog --- # gcp_iam_workload_identity_pool_provider_key{% #gcp_iam_workload_identity_pool_provider_key %} ## `ancestors`{% #ancestors %} **Type**: `UNORDERED_LIST_STRING` ## `expire_time`{% #expire_time %} **Type**: `TIMESTAMP`**Provider name**: `expireTime`**Description**: Output only. Time after which the key will be permanently purged and cannot be recovered. Note that the key may get purged before this timestamp if the total limit of keys per provider is crossed. ## `key_data`{% #key_data %} **Type**: `STRUCT`**Provider name**: `keyData`**Description**: Immutable. Public half of the asymmetric key. - `format`**Type**: `STRING`**Provider name**: `format`**Description**: Output only. The format of the key.**Possible values**: - `KEY_FORMAT_UNSPECIFIED` - No format has been specified. This is an invalid format and must not be used. - `RSA_X509_PEM` - A RSA public key wrapped in an X.509v3 certificate ([RFC5280] ( [https://www.ietf.org/rfc/rfc5280.txt))](https://www.ietf.org/rfc/rfc5280.txt%29%29), encoded in base64, and wrapped in [public certificate label](https://datatracker.ietf.org/doc/html/rfc7468#section-5.1). - `key`**Type**: `STRING`**Provider name**: `key`**Description**: Output only. The key data. The format of the key is represented by the format field. - `key_spec`**Type**: `STRING`**Provider name**: `keySpec`**Description**: Required. The specifications for the key.**Possible values**: - `KEY_SPEC_UNSPECIFIED` - No key specification specified. - `RSA_2048` - A 2048 bit RSA key. - `RSA_3072` - A 3072 bit RSA key. - `RSA_4096` - A 4096 bit RSA key. - `not_after_time`**Type**: `TIMESTAMP`**Provider name**: `notAfterTime`**Description**: Output only. Latest timestamp when this key is valid. Attempts to use this key after this time will fail. Only present if the key data represents a X.509 certificate. - `not_before_time`**Type**: `TIMESTAMP`**Provider name**: `notBeforeTime`**Description**: Output only. Earliest timestamp when this key is valid. Attempts to use this key before this time will fail. Only present if the key data represents a X.509 certificate. ## `labels`{% #labels %} **Type**: `UNORDERED_LIST_STRING` ## `name`{% #name %} **Type**: `STRING`**Provider name**: `name`**Description**: Output only. The resource name of the key. ## `organization_id`{% #organization_id %} **Type**: `STRING` ## `parent`{% #parent %} **Type**: `STRING` ## `project_id`{% #project_id %} **Type**: `STRING` ## `project_number`{% #project_number %} **Type**: `STRING` ## `region_id`{% #region_id %} **Type**: `STRING` ## `resource_name`{% #resource_name %} **Type**: `STRING` ## `state`{% #state %} **Type**: `STRING`**Provider name**: `state`**Description**: Output only. The state of the key.**Possible values**: - `STATE_UNSPECIFIED` - State unspecified. - `ACTIVE` - The key is active. - `DELETED` - The key is soft-deleted. Soft-deleted keys are permanently deleted after approximately 30 days. You can restore a soft-deleted key using UndeleteWorkloadIdentityPoolProviderKey. While a key is deleted, you cannot use it during the federation. ## `tags`{% #tags %} **Type**: `UNORDERED_LIST_STRING` ## `use`{% #use %} **Type**: `STRING`**Provider name**: `use`**Description**: Required. The purpose of the key.**Possible values**: - `KEY_USE_UNSPECIFIED` - The key use is not known. - `ENCRYPTION` - The public key is used for encryption purposes. ## `zone_id`{% #zone_id %} **Type**: `STRING`