/
getKey.go
145 lines (121 loc) · 6.53 KB
/
getKey.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
// Code generated by the Pulumi SDK Generator DO NOT EDIT.
// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! ***
package v1
import (
"context"
"reflect"
"github.com/pulumi/pulumi-google-native/sdk/go/google/internal"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
// Gets a ServiceAccountKey.
func LookupKey(ctx *pulumi.Context, args *LookupKeyArgs, opts ...pulumi.InvokeOption) (*LookupKeyResult, error) {
opts = internal.PkgInvokeDefaultOpts(opts)
var rv LookupKeyResult
err := ctx.Invoke("google-native:iam/v1:getKey", args, &rv, opts...)
if err != nil {
return nil, err
}
return &rv, nil
}
type LookupKeyArgs struct {
KeyId string `pulumi:"keyId"`
Project *string `pulumi:"project"`
PublicKeyType *string `pulumi:"publicKeyType"`
ServiceAccountId string `pulumi:"serviceAccountId"`
}
type LookupKeyResult struct {
// The key status.
Disabled bool `pulumi:"disabled"`
// Specifies the algorithm (and possibly key size) for the key.
KeyAlgorithm string `pulumi:"keyAlgorithm"`
// The key origin.
KeyOrigin string `pulumi:"keyOrigin"`
// The key type.
KeyType string `pulumi:"keyType"`
// The resource name of the service account key in the following format `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`.
Name string `pulumi:"name"`
// The private key data. Only provided in `CreateServiceAccountKey` responses. Make sure to keep the private key data secure because it allows for the assertion of the service account identity. When base64 decoded, the private key data can be used to authenticate with Google API client libraries and with gcloud auth activate-service-account.
PrivateKeyData string `pulumi:"privateKeyData"`
// The output format for the private key. Only provided in `CreateServiceAccountKey` responses, not in `GetServiceAccountKey` or `ListServiceAccountKey` responses. Google never exposes system-managed private keys, and never retains user-managed private keys.
PrivateKeyType string `pulumi:"privateKeyType"`
// The public key data. Only provided in `GetServiceAccountKey` responses.
PublicKeyData string `pulumi:"publicKeyData"`
// The key can be used after this timestamp.
ValidAfterTime string `pulumi:"validAfterTime"`
// The key can be used before this timestamp. For system-managed key pairs, this timestamp is the end time for the private key signing operation. The public key could still be used for verification for a few hours after this time.
ValidBeforeTime string `pulumi:"validBeforeTime"`
}
func LookupKeyOutput(ctx *pulumi.Context, args LookupKeyOutputArgs, opts ...pulumi.InvokeOption) LookupKeyResultOutput {
return pulumi.ToOutputWithContext(context.Background(), args).
ApplyT(func(v interface{}) (LookupKeyResult, error) {
args := v.(LookupKeyArgs)
r, err := LookupKey(ctx, &args, opts...)
var s LookupKeyResult
if r != nil {
s = *r
}
return s, err
}).(LookupKeyResultOutput)
}
type LookupKeyOutputArgs struct {
KeyId pulumi.StringInput `pulumi:"keyId"`
Project pulumi.StringPtrInput `pulumi:"project"`
PublicKeyType pulumi.StringPtrInput `pulumi:"publicKeyType"`
ServiceAccountId pulumi.StringInput `pulumi:"serviceAccountId"`
}
func (LookupKeyOutputArgs) ElementType() reflect.Type {
return reflect.TypeOf((*LookupKeyArgs)(nil)).Elem()
}
type LookupKeyResultOutput struct{ *pulumi.OutputState }
func (LookupKeyResultOutput) ElementType() reflect.Type {
return reflect.TypeOf((*LookupKeyResult)(nil)).Elem()
}
func (o LookupKeyResultOutput) ToLookupKeyResultOutput() LookupKeyResultOutput {
return o
}
func (o LookupKeyResultOutput) ToLookupKeyResultOutputWithContext(ctx context.Context) LookupKeyResultOutput {
return o
}
// The key status.
func (o LookupKeyResultOutput) Disabled() pulumi.BoolOutput {
return o.ApplyT(func(v LookupKeyResult) bool { return v.Disabled }).(pulumi.BoolOutput)
}
// Specifies the algorithm (and possibly key size) for the key.
func (o LookupKeyResultOutput) KeyAlgorithm() pulumi.StringOutput {
return o.ApplyT(func(v LookupKeyResult) string { return v.KeyAlgorithm }).(pulumi.StringOutput)
}
// The key origin.
func (o LookupKeyResultOutput) KeyOrigin() pulumi.StringOutput {
return o.ApplyT(func(v LookupKeyResult) string { return v.KeyOrigin }).(pulumi.StringOutput)
}
// The key type.
func (o LookupKeyResultOutput) KeyType() pulumi.StringOutput {
return o.ApplyT(func(v LookupKeyResult) string { return v.KeyType }).(pulumi.StringOutput)
}
// The resource name of the service account key in the following format `projects/{PROJECT_ID}/serviceAccounts/{ACCOUNT}/keys/{key}`.
func (o LookupKeyResultOutput) Name() pulumi.StringOutput {
return o.ApplyT(func(v LookupKeyResult) string { return v.Name }).(pulumi.StringOutput)
}
// The private key data. Only provided in `CreateServiceAccountKey` responses. Make sure to keep the private key data secure because it allows for the assertion of the service account identity. When base64 decoded, the private key data can be used to authenticate with Google API client libraries and with gcloud auth activate-service-account.
func (o LookupKeyResultOutput) PrivateKeyData() pulumi.StringOutput {
return o.ApplyT(func(v LookupKeyResult) string { return v.PrivateKeyData }).(pulumi.StringOutput)
}
// The output format for the private key. Only provided in `CreateServiceAccountKey` responses, not in `GetServiceAccountKey` or `ListServiceAccountKey` responses. Google never exposes system-managed private keys, and never retains user-managed private keys.
func (o LookupKeyResultOutput) PrivateKeyType() pulumi.StringOutput {
return o.ApplyT(func(v LookupKeyResult) string { return v.PrivateKeyType }).(pulumi.StringOutput)
}
// The public key data. Only provided in `GetServiceAccountKey` responses.
func (o LookupKeyResultOutput) PublicKeyData() pulumi.StringOutput {
return o.ApplyT(func(v LookupKeyResult) string { return v.PublicKeyData }).(pulumi.StringOutput)
}
// The key can be used after this timestamp.
func (o LookupKeyResultOutput) ValidAfterTime() pulumi.StringOutput {
return o.ApplyT(func(v LookupKeyResult) string { return v.ValidAfterTime }).(pulumi.StringOutput)
}
// The key can be used before this timestamp. For system-managed key pairs, this timestamp is the end time for the private key signing operation. The public key could still be used for verification for a few hours after this time.
func (o LookupKeyResultOutput) ValidBeforeTime() pulumi.StringOutput {
return o.ApplyT(func(v LookupKeyResult) string { return v.ValidBeforeTime }).(pulumi.StringOutput)
}
func init() {
pulumi.RegisterOutputType(LookupKeyResultOutput{})
}