Struct googapis::google::cloud::kms::v1::CryptoKey[][src]

pub struct CryptoKey {
    pub name: String,
    pub primary: Option<CryptoKeyVersion>,
    pub purpose: i32,
    pub create_time: Option<Timestamp>,
    pub next_rotation_time: Option<Timestamp>,
    pub version_template: Option<CryptoKeyVersionTemplate>,
    pub labels: HashMap<String, String>,
    pub import_only: bool,
    pub destroy_scheduled_duration: Option<Duration>,
    pub rotation_schedule: Option<RotationSchedule>,
}
Expand description

A [CryptoKey][google.cloud.kms.v1.CryptoKey] represents a logical key that can be used for cryptographic operations.

A [CryptoKey][google.cloud.kms.v1.CryptoKey] is made up of zero or more [versions][google.cloud.kms.v1.CryptoKeyVersion], which represent the actual key material used in cryptographic operations.

Fields

name: String

Output only. The resource name for this [CryptoKey][google.cloud.kms.v1.CryptoKey] in the format projects/*/locations/*/keyRings/*/cryptoKeys/*.

primary: Option<CryptoKeyVersion>

Output only. A copy of the “primary” [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] that will be used by [Encrypt][google.cloud.kms.v1.KeyManagementService.Encrypt] when this [CryptoKey][google.cloud.kms.v1.CryptoKey] is given in [EncryptRequest.name][google.cloud.kms.v1.EncryptRequest.name].

The [CryptoKey][google.cloud.kms.v1.CryptoKey]’s primary version can be updated via [UpdateCryptoKeyPrimaryVersion][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyPrimaryVersion].

Keys with [purpose][google.cloud.kms.v1.CryptoKey.purpose] [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT] may have a primary. For other keys, this field will be omitted.

purpose: i32

Immutable. The immutable purpose of this [CryptoKey][google.cloud.kms.v1.CryptoKey].

create_time: Option<Timestamp>

Output only. The time at which this [CryptoKey][google.cloud.kms.v1.CryptoKey] was created.

next_rotation_time: Option<Timestamp>

At [next_rotation_time][google.cloud.kms.v1.CryptoKey.next_rotation_time], the Key Management Service will automatically:

  1. Create a new version of this [CryptoKey][google.cloud.kms.v1.CryptoKey].
  2. Mark the new version as primary.

Key rotations performed manually via [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion] and [UpdateCryptoKeyPrimaryVersion][google.cloud.kms.v1.KeyManagementService.UpdateCryptoKeyPrimaryVersion] do not affect [next_rotation_time][google.cloud.kms.v1.CryptoKey.next_rotation_time].

Keys with [purpose][google.cloud.kms.v1.CryptoKey.purpose] [ENCRYPT_DECRYPT][google.cloud.kms.v1.CryptoKey.CryptoKeyPurpose.ENCRYPT_DECRYPT] support automatic rotation. For other keys, this field must be omitted.

version_template: Option<CryptoKeyVersionTemplate>

A template describing settings for new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] instances. The properties of new [CryptoKeyVersion][google.cloud.kms.v1.CryptoKeyVersion] instances created by either [CreateCryptoKeyVersion][google.cloud.kms.v1.KeyManagementService.CreateCryptoKeyVersion] or auto-rotation are controlled by this template.

labels: HashMap<String, String>

Labels with user-defined metadata. For more information, see Labeling Keys.

import_only: bool

Immutable. Whether this key may contain imported versions only.

destroy_scheduled_duration: Option<Duration>

Immutable. The period of time that versions of this key spend in the [DESTROY_SCHEDULED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROY_SCHEDULED] state before transitioning to [DESTROYED][google.cloud.kms.v1.CryptoKeyVersion.CryptoKeyVersionState.DESTROYED]. If not specified at creation time, the default duration is 24 hours.

rotation_schedule: Option<RotationSchedule>

Controls the rate of automatic rotation.

Implementations

Returns the enum value of purpose, or the default if the field is set to an invalid enum value.

Sets purpose to the provided enum value.

Trait Implementations

Returns a copy of the value. Read more

Performs copy-assignment from source. Read more

Formats the value using the given formatter. Read more

Returns the “default value” for a type. Read more

Returns the encoded length of the message without a length delimiter.

Clears the message, resetting all fields to their default.

Encodes the message to a buffer. Read more

Encodes the message to a newly allocated buffer.

Encodes the message with a length-delimiter to a buffer. Read more

Encodes the message with a length-delimiter to a newly allocated buffer.

Decodes an instance of the message from a buffer. Read more

Decodes a length-delimited instance of the message from the buffer.

Decodes an instance of the message from a buffer, and merges it into self. Read more

Decodes a length-delimited instance of the message from buffer, and merges it into self. Read more

This method tests for self and other values to be equal, and is used by ==. Read more

This method tests for !=.

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Performs the conversion.

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Performs the conversion.

Wrap the input message T in a tonic::Request

The resulting type after obtaining ownership.

Creates owned data from borrowed data, usually by cloning. Read more

🔬 This is a nightly-only experimental API. (toowned_clone_into)

recently added

Uses borrowed data to replace owned data, usually by cloning. Read more

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more