All CryptoKeys created with this
EkmConnection use EKM-side key
management operations initiated from Cloud KMS. This means that:
When a CryptoKeyVersion
associated with this EkmConnection
is
created, the EKM automatically generates new key material and a new
key path. The caller cannot supply the key path of pre-existing
external key material.
Destruction of external key material associated with this
EkmConnection can be requested by
calling DestroyCryptoKeyVersion.
Automatic rotation of key material is supported.
CLOUD_KMS = 2;
CLOUD_KMS_VALUE
All CryptoKeys created with this
EkmConnection use EKM-side key
management operations initiated from Cloud KMS. This means that:
When a CryptoKeyVersion
associated with this EkmConnection
is
created, the EKM automatically generates new key material and a new
key path. The caller cannot supply the key path of pre-existing
external key material.
Destruction of external key material associated with this
EkmConnection can be requested by
calling DestroyCryptoKeyVersion.
Automatic rotation of key material is supported.
CLOUD_KMS = 2;
KEY_MANAGEMENT_MODE_UNSPECIFIED
Not specified.
KEY_MANAGEMENT_MODE_UNSPECIFIED = 0;
KEY_MANAGEMENT_MODE_UNSPECIFIED_VALUE
Not specified.
KEY_MANAGEMENT_MODE_UNSPECIFIED = 0;
MANUAL
EKM-side key management operations on
CryptoKeys created with this
EkmConnection must be initiated from
the EKM directly and cannot be performed from Cloud KMS. This means that:
When creating a
CryptoKeyVersion associated with
this
EkmConnection, the caller must
supply the key path of pre-existing external key material that will be
linked to the CryptoKeyVersion.
Destruction of external key material cannot be requested via the
Cloud KMS API and must be performed directly in the EKM.
Automatic rotation of key material is not supported.
MANUAL = 1;
MANUAL_VALUE
EKM-side key management operations on
CryptoKeys created with this
EkmConnection must be initiated from
the EKM directly and cannot be performed from Cloud KMS. This means that:
When creating a
CryptoKeyVersion associated with
this
EkmConnection, the caller must
supply the key path of pre-existing external key material that will be
linked to the CryptoKeyVersion.
Destruction of external key material cannot be requested via the
Cloud KMS API and must be performed directly in the EKM.
Automatic rotation of key material is not supported.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-12-19 UTC."],[],[]]