Class: Google::Apis::CloudkmsV1::ImportJob
- Inherits:
-
Object
- Object
- Google::Apis::CloudkmsV1::ImportJob
- Defined in:
- generated/google/apis/cloudkms_v1/classes.rb,
generated/google/apis/cloudkms_v1/representations.rb,
generated/google/apis/cloudkms_v1/representations.rb
Overview
An ImportJob can be used to create CryptoKeys and CryptoKeyVersions using pre-existing key material, generated outside of Cloud KMS. When an ImportJob is created, Cloud KMS will generate a "wrapping key", which is a public/private key pair. You use the wrapping key to encrypt (also known as wrap) the pre-existing key material to protect it during the import process. The nature of the wrapping key depends on the choice of import_method. When the wrapping key generation is complete, the state will be set to ACTIVE and the public_key can be fetched. The fetched public key can then be used to wrap your pre-existing key material. Once the key material is wrapped, it can be imported into a new CryptoKeyVersion in an existing CryptoKey by calling ImportCryptoKeyVersion. Multiple CryptoKeyVersions can be imported with a single ImportJob. Cloud KMS uses the private key portion of the wrapping key to unwrap the key material. Only Cloud KMS has access to the private key. An ImportJob expires 3 days after it is created. Once expired, Cloud KMS will no longer be able to import or unwrap any key material that was wrapped with the ImportJob's public key. For more information, see Importing a key.
Instance Attribute Summary collapse
-
#attestation ⇒ Google::Apis::CloudkmsV1::KeyOperationAttestation
Contains an HSM-generated attestation about a key operation.
-
#create_time ⇒ String
Output only.
-
#expire_event_time ⇒ String
Output only.
-
#expire_time ⇒ String
Output only.
-
#generate_time ⇒ String
Output only.
-
#import_method ⇒ String
Required and immutable.
-
#name ⇒ String
Output only.
-
#protection_level ⇒ String
Required and immutable.
-
#public_key ⇒ Google::Apis::CloudkmsV1::WrappingPublicKey
The public key component of the wrapping key.
-
#state ⇒ String
Output only.
Instance Method Summary collapse
-
#initialize(**args) ⇒ ImportJob
constructor
A new instance of ImportJob.
-
#update!(**args) ⇒ Object
Update properties of this object.
Methods included from Google::Apis::Core::JsonObjectSupport
Methods included from Google::Apis::Core::Hashable
Constructor Details
#initialize(**args) ⇒ ImportJob
Returns a new instance of ImportJob
856 857 858 |
# File 'generated/google/apis/cloudkms_v1/classes.rb', line 856 def initialize(**args) update!(**args) end |
Instance Attribute Details
#attestation ⇒ Google::Apis::CloudkmsV1::KeyOperationAttestation
Contains an HSM-generated attestation about a key operation. For more
information, see Verifying attestations.
Corresponds to the JSON property attestation
799 800 801 |
# File 'generated/google/apis/cloudkms_v1/classes.rb', line 799 def attestation @attestation end |
#create_time ⇒ String
Output only. The time at which this ImportJob was created.
Corresponds to the JSON property createTime
804 805 806 |
# File 'generated/google/apis/cloudkms_v1/classes.rb', line 804 def create_time @create_time end |
#expire_event_time ⇒ String
Output only. The time this ImportJob expired. Only present if
state is EXPIRED.
Corresponds to the JSON property expireEventTime
810 811 812 |
# File 'generated/google/apis/cloudkms_v1/classes.rb', line 810 def expire_event_time @expire_event_time end |
#expire_time ⇒ String
Output only. The time at which this ImportJob is scheduled for
expiration and can no longer be used to import key material.
Corresponds to the JSON property expireTime
816 817 818 |
# File 'generated/google/apis/cloudkms_v1/classes.rb', line 816 def expire_time @expire_time end |
#generate_time ⇒ String
Output only. The time this ImportJob's key material was generated.
Corresponds to the JSON property generateTime
821 822 823 |
# File 'generated/google/apis/cloudkms_v1/classes.rb', line 821 def generate_time @generate_time end |
#import_method ⇒ String
Required and immutable. The wrapping method to be used for incoming
key material.
Corresponds to the JSON property importMethod
827 828 829 |
# File 'generated/google/apis/cloudkms_v1/classes.rb', line 827 def import_method @import_method end |
#name ⇒ String
Output only. The resource name for this ImportJob in the format
projects/*/locations/*/keyRings/*/importJobs/*
.
Corresponds to the JSON property name
833 834 835 |
# File 'generated/google/apis/cloudkms_v1/classes.rb', line 833 def name @name end |
#protection_level ⇒ String
Required and immutable. The protection level of the ImportJob. This
must match the
protection_level of the
version_template on the CryptoKey you
attempt to import into.
Corresponds to the JSON property protectionLevel
842 843 844 |
# File 'generated/google/apis/cloudkms_v1/classes.rb', line 842 def protection_level @protection_level end |
#public_key ⇒ Google::Apis::CloudkmsV1::WrappingPublicKey
The public key component of the wrapping key. For details of the type of
key this public key corresponds to, see the ImportMethod.
Corresponds to the JSON property publicKey
848 849 850 |
# File 'generated/google/apis/cloudkms_v1/classes.rb', line 848 def public_key @public_key end |
#state ⇒ String
Output only. The current state of the ImportJob, indicating if it can
be used.
Corresponds to the JSON property state
854 855 856 |
# File 'generated/google/apis/cloudkms_v1/classes.rb', line 854 def state @state end |
Instance Method Details
#update!(**args) ⇒ Object
Update properties of this object
861 862 863 864 865 866 867 868 869 870 871 872 |
# File 'generated/google/apis/cloudkms_v1/classes.rb', line 861 def update!(**args) @attestation = args[:attestation] if args.key?(:attestation) @create_time = args[:create_time] if args.key?(:create_time) @expire_event_time = args[:expire_event_time] if args.key?(:expire_event_time) @expire_time = args[:expire_time] if args.key?(:expire_time) @generate_time = args[:generate_time] if args.key?(:generate_time) @import_method = args[:import_method] if args.key?(:import_method) @name = args[:name] if args.key?(:name) @protection_level = args[:protection_level] if args.key?(:protection_level) @public_key = args[:public_key] if args.key?(:public_key) @state = args[:state] if args.key?(:state) end |