AutokeyConfig(mapping=None, *, ignore_unknown_fields=False, **kwargs)Cloud KMS Autokey configuration for a folder.
Attributes |
|
|---|---|
| Name | Description |
name |
str
Identifier. Name of the AutokeyConfig resource, e.g. folders/{FOLDER_NUMBER}/autokeyConfig or
projects/{PROJECT_NUMBER}/autokeyConfig.
|
key_project |
str
Optional. Name of the key project, e.g. projects/{PROJECT_ID} or projects/{PROJECT_NUMBER},
where Cloud KMS Autokey will provision a new
CryptoKey when a
KeyHandle is created. On
UpdateAutokeyConfig,
the caller will require cloudkms.cryptoKeys.setIamPolicy
permission on this key project. Once configured, for Cloud
KMS Autokey to function properly, this key project must have
the Cloud KMS API activated and the Cloud KMS Service Agent
for this key project must be granted the cloudkms.admin
role (or pertinent permissions). A request with an empty key
project field will clear the configuration.
|
state |
google.cloud.kms_v1.types.AutokeyConfig.State
Output only. The state for the AutokeyConfig. |
etag |
str
Optional. A checksum computed by the server based on the value of other fields. This may be sent on update requests to ensure that the client has an up-to-date value before proceeding. The request will be rejected with an ABORTED error on a mismatched etag. |
key_project_resolution_mode |
google.cloud.kms_v1.types.AutokeyConfig.KeyProjectResolutionMode
Optional. KeyProjectResolutionMode for the AutokeyConfig. Valid values are DEDICATED_KEY_PROJECT,
RESOURCE_PROJECT, or DISABLED.
|
Classes
KeyProjectResolutionMode
KeyProjectResolutionMode(value)Defines the resolution mode enum for the key project. The KeyProjectResolutionMode determines the mechanism by which AutokeyConfig identifies a key_project at its specific configuration node. This parameter also determines if Autokey can be used within this project or folder.
State
State(value)The states AutokeyConfig can be in.