Skip to main content
An asymmetric KMS key that may contain several versions of the cryptographic material.

Schema

Required

  • algorithm (String) : Cryptographic algorithm that should be used with the key. Must be specified only during create operations. Cannot be updated.

    Supported values

    Supported asymmetric algorithms. Possible values:
    • ASYMMETRIC_ALGORITHM_UNSPECIFIED
    • ECDSA_NIST_P256_SHA_256 - ECDSA signature with NIST P-256 curve and SHA-256
    • ECDSA_NIST_P384_SHA_384 - ECDSA signature with NIST P-384 curve and SHA-384
    • RSA_4096_ENC_OAEP_SHA_256 - RSA encryption with RSA-4096 key, OAEP padding and SHA-256.
  • parent_id (String) Identifier of the parent resource to which the resource belongs.

Optional

  • description (String) Description of the key.
  • labels (Map of String) : Labels associated with the resource.
  • metadata (Attributes) :

    Inner value description

    Common resource metadata. (see below for nested schema)
  • name (String) Human readable name for the resource.

Read-Only

  • created_at (String) : Timestamp indicating when the resource was created. A string representing a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ or YYYY-MM-DDTHH:MM:SS.SSS±HH:MM
  • id (String) Identifier for the resource, unique for its resource type.
  • resource_version (Number) : Version of the resource for safe concurrent modifications and consistent reads. Positive and monotonically increases on each resource spec change (but not on each change of the resource’s container(s) or status). Service allows zero value or current.
  • status (Attributes) The current status of the asymmetric key. (see below for nested schema)
  • updated_at (String) : Timestamp indicating when the resource was last updated. A string representing a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ or YYYY-MM-DDTHH:MM:SS.SSS±HH:MM

Nested Schema for metadata

Nested Schema for status

Read-Only:
  • deleted_at (String) : Time when the key was scheduled for deletion. A string representing a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ or YYYY-MM-DDTHH:MM:SS.SSS±HH:MM
  • purge_at (String) : Time when the key will be permanently deleted. A string representing a timestamp in ISO 8601 format: YYYY-MM-DDTHH:MM:SSZ or YYYY-MM-DDTHH:MM:SS.SSS±HH:MM
  • state (String) : State (ACTIVE, SCHEDULED_FOR_DELETION)

    Supported values

    Key state Possible values:
    • KEY_STATE_UNSPECIFIED
    • ACTIVE - Key is active, ready for use
    • SCHEDULED_FOR_DELETION - Key is scheduled for deletion.