import_job#

State module for managing Cloud Key Management Service import job.

async idem_gcp.states.gcp.cloudkms.import_job.present(hub, ctx, name: str, import_method: str, protection_level: str, import_job_id: str = None, project_id: str = None, location_id: str = None, key_ring_id: str = None, create_time: str = None, generate_time: str = None, expire_time: str = None, expire_event_time: str = None, job_state: str = None, public_key: str = None, attestation: KeyOperationAttestation = None, resource_id: str = None) Dict[str, Any][source]#

Create a new ImportJob within a KeyRing.

Parameters:

  • name (str) – Idem name.

  • import_job_id (str, Optional) – Import job id. It must be unique within a KeyRing and match the regular expression [a-zA-Z0-9_-]{1,63}

  • project_id (str, Optional) – Project Id of the new crypto key.

  • location_id (str, Optional) – Location Id of the new crypto key.

  • key_ring_id (str, Optional) – Keyring Id of the new crypto key.

  • import_method (str) – Immutable. The wrapping method to be used for incoming key material. See ImportMethod.

  • protection_level (str) – Immutable. The protection level of the ImportJob. This must match the `protectionLevel`_ of the versionTemplate on the CryptoKey you attempt to import into.

  • create_time (str, Optional) –

    Output only. The time at which this ImportJob was created.

    A timestamp in RFC3339 UTC “Zulu” format, with nanosecond resolution and up to nine fractional digits. Examples: “2014-10-02T15:01:23Z” and “2014-10-02T15:01:23.045123456Z”.

  • generate_time (str, Optional) –

    Output only. The time this ImportJob’s key material was generated.

    A timestamp in RFC3339 UTC “Zulu” format, with nanosecond resolution and up to nine fractional digits. Examples: “2014-10-02T15:01:23Z” and “2014-10-02T15:01:23.045123456Z”.

  • expire_time (str, Optional) –

    Output only. The time at which this ImportJob is scheduled for expiration and can no longer be used to import key material.

    A timestamp in RFC3339 UTC “Zulu” format, with nanosecond resolution and up to nine fractional digits. Examples: “2014-10-02T15:01:23Z” and “2014-10-02T15:01:23.045123456Z”.

  • expire_event_time (str, Optional) –

    Output only. The time this ImportJob expired. Only present if state is EXPIRED.

    A timestamp in RFC3339 UTC “Zulu” format, with nanosecond resolution and up to nine fractional digits. Examples: “2014-10-02T15:01:23Z” and “2014-10-02T15:01:23.045123456Z”.

  • job_state (str, Optional) – Output only. The current state of the ImportJob, indicating if it can be used.

  • public_key (str, Optional) –

    Output only. The public key with which to wrap key material prior to import. Only returned if state is

    ACTIVE.

  • attestation (Dict[str, Any], Optional) –

    Output only. Statement that was generated and signed by the key creator (for example, an HSM) at key creation time. Use this statement to verify attributes of the key as stored on the HSM, independently of Google. Only present if the chosen ImportMethod is one with a protection level of HSM.

    • format(str, Optional):

      Output only. The format of the attestation data. Enum type. Allowed values:

      ”ATTESTATION_FORMAT_UNSPECIFIED” “CAVIUM_V1_COMPRESSED” “CAVIUM_V2_COMPRESSED”

    • content(str, Optional):

      Output only. The attestation data provided by the HSM when the key operation was performed.

    • cert_chains(Dict[str, Any], Optional):

      Output only. The certificate chains needed to validate the attestation. Certificate chains needed to verify the attestation. Certificates in chains are PEM-encoded and are ordered based on https://tools.ietf.org/html/rfc5246#section-7.4.2.

      • cavium_certs(list[str], Optional):

        Cavium certificate chain corresponding to the attestation.

      • google_card_certs(list[str], Optional):

        Google card certificate chain corresponding to the attestation.

      • google_partition_certs(list[str], Optional):

        Google partition certificate chain corresponding to the attestation.

  • resource_id (str, Optional) –

    Idem resource id. Formatted as

    projects/{project_id}/locations/{location_id}/keyRings/{key_ring_id}/importJobs/{import_job_id}

Returns:

Dict[str, Any]

Examples

import_job_present:
  gcp.cloudkms.import_job.present:
    - import_method: RSA_OAEP_4096_SHA256
    - protection_level: SOFTWARE
    - project_id: project-name
    - location_id: us-east1
    - key_ring_id: key-ring-id
    - import_job_id: import-job-id
async idem_gcp.states.gcp.cloudkms.import_job.absent(hub, ctx, name: str) Dict[str, Any][source]#

Absent is not supported for this resource.

Parameters:

name (str) – Idem name

Returns:

{
    "result": False,
    "comment": "...",
    "old_state": None,
    "new_state": None,
}

async idem_gcp.states.gcp.cloudkms.import_job.describe(hub, ctx) Dict[str, Dict[str, Any]][source]#

Describe the resource in a way that can be recreated/managed with the corresponding “present” function.

Retrieve the list of available import jobs.

Returns:

Dict[str, Any]

Examples

$ idem describe gcp.cloudkms.import_job
idem_gcp.states.gcp.cloudkms.import_job.is_pending(hub, ret: dict, state: str = None, **pending_kwargs) bool[source]#

Default implemented for each module.