kms.gdc.goog/v1
AEADKey
Represents a cryptographic key to use for Authenticated Encryption with Associated Data (AEAD) operations.
Appears in: - AEADKeyList
| Field | Description |
|---|---|
apiVersion string |
kms.gdc.goog/v1 |
kind string |
AEADKey |
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
spec AEADKeySpec |
|
status AEADKeyStatus |
AEADKeyList
Represents a collection of AEADKeys.
| Field | Description |
|---|---|
apiVersion string |
kms.gdc.goog/v1 |
kind string |
AEADKeyList |
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
items AEADKey array |
AEADKeySpec
Provides the specification for an AEADKey.
Appears in: - AEADKey
| Field | Description |
|---|---|
algorithm AEADAlgorithm |
AEADKeyStatus
Provides the status for an AEADKey.
Appears in: - AEADKey
| Field | Description |
|---|---|
conditions Condition array |
A report that indicates when an AEADKey creation is complete and ready for use. |
encryptedKeyMaterial integer array |
Key material encrypted by the KMS root key. |
rootKeyID string |
Identifier to the root key that wrapped the key material. Follows the format root-key-namespace/root-key-type/root-key-name/version Example - kms-system/ctm/org1-root-key/1 or kms-system/local/org-1-root-key/1 |
KeyExport
Represents a request to export a key.
Appears in: - KeyExportList
| Field | Description |
|---|---|
apiVersion string |
kms.gdc.goog/v1 |
kind string |
KeyExport |
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
spec KeyExportSpec |
|
status KeyExportStatus |
KeyExportList
Represents a collection of KeyExport resources.
| Field | Description |
|---|---|
apiVersion string |
kms.gdc.goog/v1 |
kind string |
KeyExportList |
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
items KeyExport array |
KeyExportSpec
Provides the specification for a KeyExport resource.
Appears in: - KeyExport
| Field | Description |
|---|---|
context KeySharingContext |
The information necessary to wrap the key to export. |
keyToExport TypedLocalObjectReference |
A reference to the key for export. |
KeyExportStatus
Provides the status for a KeyExport resource.
Appears in: - KeyExport
| Field | Description |
|---|---|
conditions Condition array |
The status on the KeyExport resource as successful or failed, and provides a reason for the failure. |
exportedKey WrappedKey |
The exported key material. |
KeyImport
Represents a request to import a key.
Appears in: - KeyImportList
| Field | Description |
|---|---|
apiVersion string |
kms.gdc.goog/v1 |
kind string |
KeyImport |
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
spec KeyImportSpec |
|
status KeyImportStatus |
KeyImportList
Represents a collection of key imports.
| Field | Description |
|---|---|
apiVersion string |
kms.gdc.goog/v1 |
kind string |
KeyImportList |
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
items KeyImport array |
KeyImportSpec
Provides the specification for a KeyImport resource.
Appears in: - KeyImport
| Field | Description |
|---|---|
context KeySharingContext |
The information from the sender to unwrap the key material to import. |
keyToImport WrappedKey |
The wrapped key material to import. |
KeyImportStatus
Provides the status for a KeyImport resource.
Appears in: - KeyImport
| Field | Description |
|---|---|
conditions Condition array |
The status of the KeyImport resource as awaiting, successful, or failed and a reason for the failure. |
peerContext PeerSharingContext |
The information required to wrap the key to import. |
importedKeyRef TypedLocalObjectReference |
A reference to the imported key. |
KeyMetadata
Represents the attributes required to create or re-create the customer key.
Appears in: - WrappedKey
| Field | Description |
|---|---|
algorithm string |
The algorithm to use with the key. |
KeySharingContext
Contains information by the party that initiates intent for key import and export operations.
Appears in: - KeyExportSpec - KeyImportSpec
| Field | Description |
|---|---|
mechanism KeySharingMechanism |
The algorithms to use to wrap keys. |
publicKey integer array |
PeerSharingContext
Contains information by the party that responds to the intent for key import operations.
Appears in: - KeyImportStatus
| Field | Description |
|---|---|
publicKey integer array |
|
privateKey integer array |
|
rootKeyID string |
Identifier to the root key that wrapped the key material. Follows the format root-key-namespace/root-key-type/root-key-name/version Example - kms-system/ctm/org1-root-key/1 or kms-system/local/org-1-root-key/1 |
RotationJob
Represents a cluster level resource that runs root key rotation, and re-encryption of all KMS keys in the cluster.
Appears in: - RotationJobList
| Field | Description |
|---|---|
apiVersion string |
kms.gdc.goog/v1 |
kind string |
RotationJob |
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
spec RotationJobSpec |
|
status RotationJobStatus |
RotationJobList
Represents a collection of RotationJob resources.
| Field | Description |
|---|---|
apiVersion string |
kms.gdc.goog/v1 |
kind string |
RotationJobList |
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
items RotationJob array |
RotationJobSpec
Provides the specification for a RotationJob resource.
Appears in: - RotationJob
| Field | Description |
|---|---|
rootKeyResourceName string |
The root key name specified in the form namespaces/ |
ttlSecondsAfterCompletion integer |
TTLSecondsAfterCompletion specifies how long a RotationJob should persist after it's completed. If this field is not set, it will default to 24h (86400s) |
RotationJobStatus
Provides the status for a RotationJob resource.
Appears in: - RotationJob
| Field | Description |
|---|---|
conditions Condition array |
The status of the RotationJob resource as successful or failed, and provides a reason for the failure. |
SigningKey
Represents a cryptographic key to use for creating digital signatures.
Appears in: - SigningKeyList
| Field | Description |
|---|---|
apiVersion string |
kms.gdc.goog/v1 |
kind string |
SigningKey |
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
spec SigningKeySpec |
|
status SigningKeyStatus |
SigningKeyList
Represents a collection of SigningKey resources.
| Field | Description |
|---|---|
apiVersion string |
kms.gdc.goog/v1 |
kind string |
SigningKeyList |
metadata ListMeta |
Refer to Kubernetes API documentation for fields of metadata. |
items SigningKey array |
SigningKeySpec
Provides the specification for a SigningKey resource.
Appears in: - SigningKey
| Field | Description |
|---|---|
algorithm SigningAlgorithm |
SigningKeyStatus
Provides the status for a SigningKey resource.
Appears in: - SigningKey
| Field | Description |
|---|---|
conditions Condition array |
A report that indicates when a SigningKey creation is complete and ready for use. |
encryptedKeyMaterial integer array |
Key material encrypted by the KMS root key. |
publicKey integer array |
The public key of the asymmetric signing key pair. |
rootKeyID string |
Identifier to the root key that wrapped the private key material. Follows the format root-key-namespace/root-key-type/root-key-name/version Example - kms-system/ctm/org1-root-key/1 or kms-system/local/org-1-root-key/1 |
WrappedKey
Contains the customer key wrapped for import or export operations.
Appears in: - KeyExportStatus - KeyImportSpec
| Field | Description |
|---|---|
metadata KeyMetadata |
Refer to Kubernetes API documentation for fields of metadata. |
keyMaterial integer array |
The wrapped key material. |