stackit-dev-tools/terraform-provider-stackitprivatepreview
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2

feat(kms): add key resource and datasource (#1055)

Browse source 
relates to STACKITTPR-411
This commit is contained in:
Ruben Hönle 2025-11-17 11:58:11 +01:00 committed by GitHub
parent b5f82e7de9
commit 5e8c7a7369
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
13 changed files with 1369 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

45
docs/data-sources/kms_key.md Normal file
View file

@ -0,0 +1,45 @@
---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "stackit_kms_key Data Source - stackit"
subcategory: ""
description: |-
KMS Key datasource schema. Uses the default_region specified in the provider configuration as a fallback in case no region is defined on datasource level.
---
# stackit_kms_key (Data Source)
KMS Key datasource schema. Uses the `default_region` specified in the provider configuration as a fallback in case no `region` is defined on datasource level.
## Example Usage
```terraform
data "stackit_kms_key" "key" {
project_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
keyring_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
key_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Required
- `key_id` (String) The ID of the key
- `keyring_id` (String) The ID of the associated key ring
- `project_id` (String) STACKIT project ID to which the key is associated.
### Optional
- `region` (String) The resource region. If not defined, the provider region is used.
### Read-Only
- `access_scope` (String) The access scope of the key. Default is `PUBLIC`. Possible values are: `PUBLIC`, `SNA`.
- `algorithm` (String) The encryption algorithm that the key will use to encrypt data. Possible values are: `aes_256_gcm`, `rsa_2048_oaep_sha256`, `rsa_3072_oaep_sha256`, `rsa_4096_oaep_sha256`, `rsa_4096_oaep_sha512`, `hmac_sha256`, `hmac_sha384`, `hmac_sha512`, `ecdsa_p256_sha256`, `ecdsa_p384_sha384`, `ecdsa_p521_sha512`.
- `description` (String) A user chosen description to distinguish multiple keys
- `display_name` (String) The display name to distinguish multiple keys
- `id` (String) Terraform's internal resource ID. It is structured as "`project_id`,`region`,`keyring_id`,`key_id`".
- `import_only` (Boolean) States whether versions can be created or only imported.
- `protection` (String) The underlying system that is responsible for protecting the key material. Possible values are: `software`.
- `purpose` (String) The purpose for which the key will be used. Possible values are: `symmetric_encrypt_decrypt`, `asymmetric_encrypt_decrypt`, `message_authentication_code`, `asymmetric_sign_verify`.