Docs Home
Harness v0.5.7 published on Saturday, Mar 8, 2025 by Pulumi
harness.platform.ConnectorGcpKms
Explore with Pulumi AI
Resource for creating a GCP KMS connector.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as harness from "@pulumi/harness";
const test = new harness.platform.SecretText("test", {
identifier: "%[1]s",
name: "%[2]s",
description: "test",
tags: ["foo:bar"],
secretManagerIdentifier: "harnessSecretManager",
valueType: "Reference",
value: "secret",
});
const gcpKmsManual = new harness.platform.ConnectorGcpKms("gcp_kms_manual", {
identifier: "identifier",
name: "name",
description: "test",
tags: ["foo:bar"],
region: "us-west1",
gcpProjectId: "1234567",
keyRing: "key_ring",
keyName: "key_name",
manual: {
credentials: pulumi.interpolate`account.${test.id}`,
delegateSelectors: ["harness-delegate"],
},
});
const gcpKmsOidcPlatform = new harness.platform.ConnectorGcpKms("gcp_kms_oidc_platform", {
identifier: "identifier",
name: "name",
description: "test",
tags: ["foo:bar"],
region: "us-west1",
gcpProjectId: "1234567",
keyRing: "key_ring",
keyName: "key_name",
executeOnDelegate: false,
oidcAuthentications: [{
workloadPoolId: "harness-pool-test",
providerId: "harness",
gcpProjectId: "1234567",
serviceAccountEmail: "harness.sample@iam.gserviceaccount.com",
}],
});
const gcpKmsOidcDelegate = new harness.platform.ConnectorGcpKms("gcp_kms_oidc_delegate", {
identifier: "identifier",
name: "name",
description: "test",
tags: ["foo:bar"],
region: "us-west1",
gcpProjectId: "1234567",
keyRing: "key_ring",
keyName: "key_name",
oidcAuthentications: [{
workloadPoolId: "harness-pool-test",
providerId: "harness",
gcpProjectId: "1234567",
serviceAccountEmail: "harness.sample@iam.gserviceaccount.com",
delegateSelectors: ["harness-delegate"],
}],
});
const gcpKmsOidcDelegateDefault = new harness.platform.ConnectorGcpKms("gcp_kms_oidc_delegate_default", {
identifier: "identifier",
name: "name",
description: "test",
tags: ["foo:bar"],
region: "us-west1",
gcpProjectId: "1234567",
keyRing: "key_ring",
keyName: "key_name",
"default": true,
oidcAuthentications: [{
workloadPoolId: "harness-pool-test",
providerId: "harness",
gcpProjectId: "1234567",
serviceAccountEmail: "harness.sample@iam.gserviceaccount.com",
delegateSelectors: ["harness-delegate"],
}],
});
import pulumi
import pulumi_harness as harness
test = harness.platform.SecretText("test",
identifier="%[1]s",
name="%[2]s",
description="test",
tags=["foo:bar"],
secret_manager_identifier="harnessSecretManager",
value_type="Reference",
value="secret")
gcp_kms_manual = harness.platform.ConnectorGcpKms("gcp_kms_manual",
identifier="identifier",
name="name",
description="test",
tags=["foo:bar"],
region="us-west1",
gcp_project_id="1234567",
key_ring="key_ring",
key_name="key_name",
manual={
"credentials": test.id.apply(lambda id: f"account.{id}"),
"delegate_selectors": ["harness-delegate"],
})
gcp_kms_oidc_platform = harness.platform.ConnectorGcpKms("gcp_kms_oidc_platform",
identifier="identifier",
name="name",
description="test",
tags=["foo:bar"],
region="us-west1",
gcp_project_id="1234567",
key_ring="key_ring",
key_name="key_name",
execute_on_delegate=False,
oidc_authentications=[{
"workload_pool_id": "harness-pool-test",
"provider_id": "harness",
"gcp_project_id": "1234567",
"service_account_email": "harness.sample@iam.gserviceaccount.com",
}])
gcp_kms_oidc_delegate = harness.platform.ConnectorGcpKms("gcp_kms_oidc_delegate",
identifier="identifier",
name="name",
description="test",
tags=["foo:bar"],
region="us-west1",
gcp_project_id="1234567",
key_ring="key_ring",
key_name="key_name",
oidc_authentications=[{
"workload_pool_id": "harness-pool-test",
"provider_id": "harness",
"gcp_project_id": "1234567",
"service_account_email": "harness.sample@iam.gserviceaccount.com",
"delegate_selectors": ["harness-delegate"],
}])
gcp_kms_oidc_delegate_default = harness.platform.ConnectorGcpKms("gcp_kms_oidc_delegate_default",
identifier="identifier",
name="name",
description="test",
tags=["foo:bar"],
region="us-west1",
gcp_project_id="1234567",
key_ring="key_ring",
key_name="key_name",
default=True,
oidc_authentications=[{
"workload_pool_id": "harness-pool-test",
"provider_id": "harness",
"gcp_project_id": "1234567",
"service_account_email": "harness.sample@iam.gserviceaccount.com",
"delegate_selectors": ["harness-delegate"],
}])
package main
import (
"fmt"
"github.com/pulumi/pulumi-harness/sdk/go/harness/platform"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
test, err := platform.NewSecretText(ctx, "test", &platform.SecretTextArgs{
Identifier: pulumi.String("%[1]s"),
Name: pulumi.String("%[2]s"),
Description: pulumi.String("test"),
Tags: pulumi.StringArray{
pulumi.String("foo:bar"),
},
SecretManagerIdentifier: pulumi.String("harnessSecretManager"),
ValueType: pulumi.String("Reference"),
Value: pulumi.String("secret"),
})
if err != nil {
return err
}
_, err = platform.NewConnectorGcpKms(ctx, "gcp_kms_manual", &platform.ConnectorGcpKmsArgs{
Identifier: pulumi.String("identifier"),
Name: pulumi.String("name"),
Description: pulumi.String("test"),
Tags: pulumi.StringArray{
pulumi.String("foo:bar"),
},
Region: pulumi.String("us-west1"),
GcpProjectId: pulumi.String("1234567"),
KeyRing: pulumi.String("key_ring"),
KeyName: pulumi.String("key_name"),
Manual: &platform.ConnectorGcpKmsManualArgs{
Credentials: test.ID().ApplyT(func(id string) (string, error) {
return fmt.Sprintf("account.%v", id), nil
}).(pulumi.StringOutput),
DelegateSelectors: pulumi.StringArray{
pulumi.String("harness-delegate"),
},
},
})
if err != nil {
return err
}
_, err = platform.NewConnectorGcpKms(ctx, "gcp_kms_oidc_platform", &platform.ConnectorGcpKmsArgs{
Identifier: pulumi.String("identifier"),
Name: pulumi.String("name"),
Description: pulumi.String("test"),
Tags: pulumi.StringArray{
pulumi.String("foo:bar"),
},
Region: pulumi.String("us-west1"),
GcpProjectId: pulumi.String("1234567"),
KeyRing: pulumi.String("key_ring"),
KeyName: pulumi.String("key_name"),
ExecuteOnDelegate: pulumi.Bool(false),
OidcAuthentications: platform.ConnectorGcpKmsOidcAuthenticationArray{
&platform.ConnectorGcpKmsOidcAuthenticationArgs{
WorkloadPoolId: pulumi.String("harness-pool-test"),
ProviderId: pulumi.String("harness"),
GcpProjectId: pulumi.String("1234567"),
ServiceAccountEmail: pulumi.String("harness.sample@iam.gserviceaccount.com"),
},
},
})
if err != nil {
return err
}
_, err = platform.NewConnectorGcpKms(ctx, "gcp_kms_oidc_delegate", &platform.ConnectorGcpKmsArgs{
Identifier: pulumi.String("identifier"),
Name: pulumi.String("name"),
Description: pulumi.String("test"),
Tags: pulumi.StringArray{
pulumi.String("foo:bar"),
},
Region: pulumi.String("us-west1"),
GcpProjectId: pulumi.String("1234567"),
KeyRing: pulumi.String("key_ring"),
KeyName: pulumi.String("key_name"),
OidcAuthentications: platform.ConnectorGcpKmsOidcAuthenticationArray{
&platform.ConnectorGcpKmsOidcAuthenticationArgs{
WorkloadPoolId: pulumi.String("harness-pool-test"),
ProviderId: pulumi.String("harness"),
GcpProjectId: pulumi.String("1234567"),
ServiceAccountEmail: pulumi.String("harness.sample@iam.gserviceaccount.com"),
DelegateSelectors: pulumi.StringArray{
pulumi.String("harness-delegate"),
},
},
},
})
if err != nil {
return err
}
_, err = platform.NewConnectorGcpKms(ctx, "gcp_kms_oidc_delegate_default", &platform.ConnectorGcpKmsArgs{
Identifier: pulumi.String("identifier"),
Name: pulumi.String("name"),
Description: pulumi.String("test"),
Tags: pulumi.StringArray{
pulumi.String("foo:bar"),
},
Region: pulumi.String("us-west1"),
GcpProjectId: pulumi.String("1234567"),
KeyRing: pulumi.String("key_ring"),
KeyName: pulumi.String("key_name"),
Default: pulumi.Bool(true),
OidcAuthentications: platform.ConnectorGcpKmsOidcAuthenticationArray{
&platform.ConnectorGcpKmsOidcAuthenticationArgs{
WorkloadPoolId: pulumi.String("harness-pool-test"),
ProviderId: pulumi.String("harness"),
GcpProjectId: pulumi.String("1234567"),
ServiceAccountEmail: pulumi.String("harness.sample@iam.gserviceaccount.com"),
DelegateSelectors: pulumi.StringArray{
pulumi.String("harness-delegate"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Harness = Pulumi.Harness;
return await Deployment.RunAsync(() =>
{
var test = new Harness.Platform.SecretText("test", new()
{
Identifier = "%[1]s",
Name = "%[2]s",
Description = "test",
Tags = new[]
{
"foo:bar",
},
SecretManagerIdentifier = "harnessSecretManager",
ValueType = "Reference",
Value = "secret",
});
var gcpKmsManual = new Harness.Platform.ConnectorGcpKms("gcp_kms_manual", new()
{
Identifier = "identifier",
Name = "name",
Description = "test",
Tags = new[]
{
"foo:bar",
},
Region = "us-west1",
GcpProjectId = "1234567",
KeyRing = "key_ring",
KeyName = "key_name",
Manual = new Harness.Platform.Inputs.ConnectorGcpKmsManualArgs
{
Credentials = test.Id.Apply(id => $"account.{id}"),
DelegateSelectors = new[]
{
"harness-delegate",
},
},
});
var gcpKmsOidcPlatform = new Harness.Platform.ConnectorGcpKms("gcp_kms_oidc_platform", new()
{
Identifier = "identifier",
Name = "name",
Description = "test",
Tags = new[]
{
"foo:bar",
},
Region = "us-west1",
GcpProjectId = "1234567",
KeyRing = "key_ring",
KeyName = "key_name",
ExecuteOnDelegate = false,
OidcAuthentications = new[]
{
new Harness.Platform.Inputs.ConnectorGcpKmsOidcAuthenticationArgs
{
WorkloadPoolId = "harness-pool-test",
ProviderId = "harness",
GcpProjectId = "1234567",
ServiceAccountEmail = "harness.sample@iam.gserviceaccount.com",
},
},
});
var gcpKmsOidcDelegate = new Harness.Platform.ConnectorGcpKms("gcp_kms_oidc_delegate", new()
{
Identifier = "identifier",
Name = "name",
Description = "test",
Tags = new[]
{
"foo:bar",
},
Region = "us-west1",
GcpProjectId = "1234567",
KeyRing = "key_ring",
KeyName = "key_name",
OidcAuthentications = new[]
{
new Harness.Platform.Inputs.ConnectorGcpKmsOidcAuthenticationArgs
{
WorkloadPoolId = "harness-pool-test",
ProviderId = "harness",
GcpProjectId = "1234567",
ServiceAccountEmail = "harness.sample@iam.gserviceaccount.com",
DelegateSelectors = new[]
{
"harness-delegate",
},
},
},
});
var gcpKmsOidcDelegateDefault = new Harness.Platform.ConnectorGcpKms("gcp_kms_oidc_delegate_default", new()
{
Identifier = "identifier",
Name = "name",
Description = "test",
Tags = new[]
{
"foo:bar",
},
Region = "us-west1",
GcpProjectId = "1234567",
KeyRing = "key_ring",
KeyName = "key_name",
Default = true,
OidcAuthentications = new[]
{
new Harness.Platform.Inputs.ConnectorGcpKmsOidcAuthenticationArgs
{
WorkloadPoolId = "harness-pool-test",
ProviderId = "harness",
GcpProjectId = "1234567",
ServiceAccountEmail = "harness.sample@iam.gserviceaccount.com",
DelegateSelectors = new[]
{
"harness-delegate",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.harness.platform.SecretText;
import com.pulumi.harness.platform.SecretTextArgs;
import com.pulumi.harness.platform.ConnectorGcpKms;
import com.pulumi.harness.platform.ConnectorGcpKmsArgs;
import com.pulumi.harness.platform.inputs.ConnectorGcpKmsManualArgs;
import com.pulumi.harness.platform.inputs.ConnectorGcpKmsOidcAuthenticationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var test = new SecretText("test", SecretTextArgs.builder()
.identifier("%[1]s")
.name("%[2]s")
.description("test")
.tags("foo:bar")
.secretManagerIdentifier("harnessSecretManager")
.valueType("Reference")
.value("secret")
.build());
var gcpKmsManual = new ConnectorGcpKms("gcpKmsManual", ConnectorGcpKmsArgs.builder()
.identifier("identifier")
.name("name")
.description("test")
.tags("foo:bar")
.region("us-west1")
.gcpProjectId("1234567")
.keyRing("key_ring")
.keyName("key_name")
.manual(ConnectorGcpKmsManualArgs.builder()
.credentials(test.id().applyValue(id -> String.format("account.%s", id)))
.delegateSelectors("harness-delegate")
.build())
.build());
var gcpKmsOidcPlatform = new ConnectorGcpKms("gcpKmsOidcPlatform", ConnectorGcpKmsArgs.builder()
.identifier("identifier")
.name("name")
.description("test")
.tags("foo:bar")
.region("us-west1")
.gcpProjectId("1234567")
.keyRing("key_ring")
.keyName("key_name")
.executeOnDelegate(false)
.oidcAuthentications(ConnectorGcpKmsOidcAuthenticationArgs.builder()
.workloadPoolId("harness-pool-test")
.providerId("harness")
.gcpProjectId("1234567")
.serviceAccountEmail("harness.sample@iam.gserviceaccount.com")
.build())
.build());
var gcpKmsOidcDelegate = new ConnectorGcpKms("gcpKmsOidcDelegate", ConnectorGcpKmsArgs.builder()
.identifier("identifier")
.name("name")
.description("test")
.tags("foo:bar")
.region("us-west1")
.gcpProjectId("1234567")
.keyRing("key_ring")
.keyName("key_name")
.oidcAuthentications(ConnectorGcpKmsOidcAuthenticationArgs.builder()
.workloadPoolId("harness-pool-test")
.providerId("harness")
.gcpProjectId("1234567")
.serviceAccountEmail("harness.sample@iam.gserviceaccount.com")
.delegateSelectors("harness-delegate")
.build())
.build());
var gcpKmsOidcDelegateDefault = new ConnectorGcpKms("gcpKmsOidcDelegateDefault", ConnectorGcpKmsArgs.builder()
.identifier("identifier")
.name("name")
.description("test")
.tags("foo:bar")
.region("us-west1")
.gcpProjectId("1234567")
.keyRing("key_ring")
.keyName("key_name")
.default_(true)
.oidcAuthentications(ConnectorGcpKmsOidcAuthenticationArgs.builder()
.workloadPoolId("harness-pool-test")
.providerId("harness")
.gcpProjectId("1234567")
.serviceAccountEmail("harness.sample@iam.gserviceaccount.com")
.delegateSelectors("harness-delegate")
.build())
.build());
}
}
resources:
test:
type: harness:platform:SecretText
properties:
identifier: '%[1]s'
name: '%[2]s'
description: test
tags:
- foo:bar
secretManagerIdentifier: harnessSecretManager
valueType: Reference
value: secret
gcpKmsManual:
type: harness:platform:ConnectorGcpKms
name: gcp_kms_manual
properties:
identifier: identifier
name: name
description: test
tags:
- foo:bar
region: us-west1
gcpProjectId: '1234567'
keyRing: key_ring
keyName: key_name
manual:
credentials: account.${test.id}
delegateSelectors:
- harness-delegate
gcpKmsOidcPlatform:
type: harness:platform:ConnectorGcpKms
name: gcp_kms_oidc_platform
properties:
identifier: identifier
name: name
description: test
tags:
- foo:bar
region: us-west1
gcpProjectId: '1234567'
keyRing: key_ring
keyName: key_name
executeOnDelegate: false
oidcAuthentications:
- workloadPoolId: harness-pool-test
providerId: harness
gcpProjectId: '1234567'
serviceAccountEmail: harness.sample@iam.gserviceaccount.com
gcpKmsOidcDelegate:
type: harness:platform:ConnectorGcpKms
name: gcp_kms_oidc_delegate
properties:
identifier: identifier
name: name
description: test
tags:
- foo:bar
region: us-west1
gcpProjectId: '1234567'
keyRing: key_ring
keyName: key_name
oidcAuthentications:
- workloadPoolId: harness-pool-test
providerId: harness
gcpProjectId: '1234567'
serviceAccountEmail: harness.sample@iam.gserviceaccount.com
delegateSelectors:
- harness-delegate
gcpKmsOidcDelegateDefault:
type: harness:platform:ConnectorGcpKms
name: gcp_kms_oidc_delegate_default
properties:
identifier: identifier
name: name
description: test
tags:
- foo:bar
region: us-west1
gcpProjectId: '1234567'
keyRing: key_ring
keyName: key_name
default: true
oidcAuthentications:
- workloadPoolId: harness-pool-test
providerId: harness
gcpProjectId: '1234567'
serviceAccountEmail: harness.sample@iam.gserviceaccount.com
delegateSelectors:
- harness-delegate
Create ConnectorGcpKms Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ConnectorGcpKms(name: string, args: ConnectorGcpKmsArgs, opts?: CustomResourceOptions);@overload
def ConnectorGcpKms(resource_name: str,
args: ConnectorGcpKmsArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ConnectorGcpKms(resource_name: str,
opts: Optional[ResourceOptions] = None,
key_ring: Optional[str] = None,
key_name: Optional[str] = None,
region: Optional[str] = None,
gcp_project_id: Optional[str] = None,
identifier: Optional[str] = None,
default: Optional[bool] = None,
description: Optional[str] = None,
manual: Optional[ConnectorGcpKmsManualArgs] = None,
org_id: Optional[str] = None,
oidc_authentications: Optional[Sequence[ConnectorGcpKmsOidcAuthenticationArgs]] = None,
name: Optional[str] = None,
project_id: Optional[str] = None,
execute_on_delegate: Optional[bool] = None,
tags: Optional[Sequence[str]] = None)func NewConnectorGcpKms(ctx *Context, name string, args ConnectorGcpKmsArgs, opts ...ResourceOption) (*ConnectorGcpKms, error)public ConnectorGcpKms(string name, ConnectorGcpKmsArgs args, CustomResourceOptions? opts = null)
public ConnectorGcpKms(String name, ConnectorGcpKmsArgs args)
public ConnectorGcpKms(String name, ConnectorGcpKmsArgs args, CustomResourceOptions options)
type: harness:platform:ConnectorGcpKms
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ConnectorGcpKmsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ConnectorGcpKmsArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ConnectorGcpKmsArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ConnectorGcpKmsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ConnectorGcpKmsArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var connectorGcpKmsResource = new Harness.Platform.ConnectorGcpKms("connectorGcpKmsResource", new()
{
KeyRing = "string",
KeyName = "string",
Region = "string",
GcpProjectId = "string",
Identifier = "string",
Default = false,
Description = "string",
Manual = new Harness.Platform.Inputs.ConnectorGcpKmsManualArgs
{
Credentials = "string",
DelegateSelectors = new[]
{
"string",
},
},
OrgId = "string",
OidcAuthentications = new[]
{
new Harness.Platform.Inputs.ConnectorGcpKmsOidcAuthenticationArgs
{
GcpProjectId = "string",
ProviderId = "string",
ServiceAccountEmail = "string",
WorkloadPoolId = "string",
DelegateSelectors = new[]
{
"string",
},
},
},
Name = "string",
ProjectId = "string",
ExecuteOnDelegate = false,
Tags = new[]
{
"string",
},
});
example, err := platform.NewConnectorGcpKms(ctx, "connectorGcpKmsResource", &platform.ConnectorGcpKmsArgs{
KeyRing: pulumi.String("string"),
KeyName: pulumi.String("string"),
Region: pulumi.String("string"),
GcpProjectId: pulumi.String("string"),
Identifier: pulumi.String("string"),
Default: pulumi.Bool(false),
Description: pulumi.String("string"),
Manual: &platform.ConnectorGcpKmsManualArgs{
Credentials: pulumi.String("string"),
DelegateSelectors: pulumi.StringArray{
pulumi.String("string"),
},
},
OrgId: pulumi.String("string"),
OidcAuthentications: platform.ConnectorGcpKmsOidcAuthenticationArray{
&platform.ConnectorGcpKmsOidcAuthenticationArgs{
GcpProjectId: pulumi.String("string"),
ProviderId: pulumi.String("string"),
ServiceAccountEmail: pulumi.String("string"),
WorkloadPoolId: pulumi.String("string"),
DelegateSelectors: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Name: pulumi.String("string"),
ProjectId: pulumi.String("string"),
ExecuteOnDelegate: pulumi.Bool(false),
Tags: pulumi.StringArray{
pulumi.String("string"),
},
})
var connectorGcpKmsResource = new ConnectorGcpKms("connectorGcpKmsResource", ConnectorGcpKmsArgs.builder()
.keyRing("string")
.keyName("string")
.region("string")
.gcpProjectId("string")
.identifier("string")
.default_(false)
.description("string")
.manual(ConnectorGcpKmsManualArgs.builder()
.credentials("string")
.delegateSelectors("string")
.build())
.orgId("string")
.oidcAuthentications(ConnectorGcpKmsOidcAuthenticationArgs.builder()
.gcpProjectId("string")
.providerId("string")
.serviceAccountEmail("string")
.workloadPoolId("string")
.delegateSelectors("string")
.build())
.name("string")
.projectId("string")
.executeOnDelegate(false)
.tags("string")
.build());
connector_gcp_kms_resource = harness.platform.ConnectorGcpKms("connectorGcpKmsResource",
key_ring="string",
key_name="string",
region="string",
gcp_project_id="string",
identifier="string",
default=False,
description="string",
manual={
"credentials": "string",
"delegate_selectors": ["string"],
},
org_id="string",
oidc_authentications=[{
"gcp_project_id": "string",
"provider_id": "string",
"service_account_email": "string",
"workload_pool_id": "string",
"delegate_selectors": ["string"],
}],
name="string",
project_id="string",
execute_on_delegate=False,
tags=["string"])
const connectorGcpKmsResource = new harness.platform.ConnectorGcpKms("connectorGcpKmsResource", {
keyRing: "string",
keyName: "string",
region: "string",
gcpProjectId: "string",
identifier: "string",
"default": false,
description: "string",
manual: {
credentials: "string",
delegateSelectors: ["string"],
},
orgId: "string",
oidcAuthentications: [{
gcpProjectId: "string",
providerId: "string",
serviceAccountEmail: "string",
workloadPoolId: "string",
delegateSelectors: ["string"],
}],
name: "string",
projectId: "string",
executeOnDelegate: false,
tags: ["string"],
});
type: harness:platform:ConnectorGcpKms
properties:
default: false
description: string
executeOnDelegate: false
gcpProjectId: string
identifier: string
keyName: string
keyRing: string
manual:
credentials: string
delegateSelectors:
- string
name: string
oidcAuthentications:
- delegateSelectors:
- string
gcpProjectId: string
providerId: string
serviceAccountEmail: string
workloadPoolId: string
orgId: string
projectId: string
region: string
tags:
- string
ConnectorGcpKms Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ConnectorGcpKms resource accepts the following input properties:
- Gcp
Project stringId - The project ID of the GCP KMS.
- Identifier string
- Unique identifier of the resource.
- Key
Name string - The key name of the GCP KMS.
- Key
Ring string - The key ring of the GCP KMS.
- Region string
- The region of the GCP KMS.
- Default bool
- Set this flag to set this secret manager as default secret manager.
- Description string
- Description of the resource.
- Execute
On boolDelegate - Enable this flag to execute on Delegate.
- Manual
Connector
Gcp Kms Manual - Manual credential configuration.
- Name string
- Name of the resource.
- Oidc
Authentications List<ConnectorGcp Kms Oidc Authentication> - Authentication using harness oidc.
- Org
Id string - Unique identifier of the organization.
- Project
Id string - Unique identifier of the project.
- List<string>
- Tags to associate with the resource.
- Gcp
Project stringId - The project ID of the GCP KMS.
- Identifier string
- Unique identifier of the resource.
- Key
Name string - The key name of the GCP KMS.
- Key
Ring string - The key ring of the GCP KMS.
- Region string
- The region of the GCP KMS.
- Default bool
- Set this flag to set this secret manager as default secret manager.
- Description string
- Description of the resource.
- Execute
On boolDelegate - Enable this flag to execute on Delegate.
- Manual
Connector
Gcp Kms Manual Args - Manual credential configuration.
- Name string
- Name of the resource.
- Oidc
Authentications []ConnectorGcp Kms Oidc Authentication Args - Authentication using harness oidc.
- Org
Id string - Unique identifier of the organization.
- Project
Id string - Unique identifier of the project.
- []string
- Tags to associate with the resource.
- gcp
Project StringId - The project ID of the GCP KMS.
- identifier String
- Unique identifier of the resource.
- key
Name String - The key name of the GCP KMS.
- key
Ring String - The key ring of the GCP KMS.
- region String
- The region of the GCP KMS.
- default_ Boolean
- Set this flag to set this secret manager as default secret manager.
- description String
- Description of the resource.
- execute
On BooleanDelegate - Enable this flag to execute on Delegate.
- manual
Connector
Gcp Kms Manual - Manual credential configuration.
- name String
- Name of the resource.
- oidc
Authentications List<ConnectorGcp Kms Oidc Authentication> - Authentication using harness oidc.
- org
Id String - Unique identifier of the organization.
- project
Id String - Unique identifier of the project.
- List<String>
- Tags to associate with the resource.
- gcp
Project stringId - The project ID of the GCP KMS.
- identifier string
- Unique identifier of the resource.
- key
Name string - The key name of the GCP KMS.
- key
Ring string - The key ring of the GCP KMS.
- region string
- The region of the GCP KMS.
- default boolean
- Set this flag to set this secret manager as default secret manager.
- description string
- Description of the resource.
- execute
On booleanDelegate - Enable this flag to execute on Delegate.
- manual
Connector
Gcp Kms Manual - Manual credential configuration.
- name string
- Name of the resource.
- oidc
Authentications ConnectorGcp Kms Oidc Authentication[] - Authentication using harness oidc.
- org
Id string - Unique identifier of the organization.
- project
Id string - Unique identifier of the project.
- string[]
- Tags to associate with the resource.
- gcp_
project_ strid - The project ID of the GCP KMS.
- identifier str
- Unique identifier of the resource.
- key_
name str - The key name of the GCP KMS.
- key_
ring str - The key ring of the GCP KMS.
- region str
- The region of the GCP KMS.
- default bool
- Set this flag to set this secret manager as default secret manager.
- description str
- Description of the resource.
- execute_
on_ booldelegate - Enable this flag to execute on Delegate.
- manual
Connector
Gcp Kms Manual Args - Manual credential configuration.
- name str
- Name of the resource.
- oidc_
authentications Sequence[ConnectorGcp Kms Oidc Authentication Args] - Authentication using harness oidc.
- org_
id str - Unique identifier of the organization.
- project_
id str - Unique identifier of the project.
- Sequence[str]
- Tags to associate with the resource.
- gcp
Project StringId - The project ID of the GCP KMS.
- identifier String
- Unique identifier of the resource.
- key
Name String - The key name of the GCP KMS.
- key
Ring String - The key ring of the GCP KMS.
- region String
- The region of the GCP KMS.
- default Boolean
- Set this flag to set this secret manager as default secret manager.
- description String
- Description of the resource.
- execute
On BooleanDelegate - Enable this flag to execute on Delegate.
- manual Property Map
- Manual credential configuration.
- name String
- Name of the resource.
- oidc
Authentications List<Property Map> - Authentication using harness oidc.
- org
Id String - Unique identifier of the organization.
- project
Id String - Unique identifier of the project.
- List<String>
- Tags to associate with the resource.
Outputs
All input properties are implicitly available as output properties. Additionally, the ConnectorGcpKms resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing ConnectorGcpKms Resource
Get an existing ConnectorGcpKms resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ConnectorGcpKmsState, opts?: CustomResourceOptions): ConnectorGcpKms@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
default: Optional[bool] = None,
description: Optional[str] = None,
execute_on_delegate: Optional[bool] = None,
gcp_project_id: Optional[str] = None,
identifier: Optional[str] = None,
key_name: Optional[str] = None,
key_ring: Optional[str] = None,
manual: Optional[ConnectorGcpKmsManualArgs] = None,
name: Optional[str] = None,
oidc_authentications: Optional[Sequence[ConnectorGcpKmsOidcAuthenticationArgs]] = None,
org_id: Optional[str] = None,
project_id: Optional[str] = None,
region: Optional[str] = None,
tags: Optional[Sequence[str]] = None) -> ConnectorGcpKmsfunc GetConnectorGcpKms(ctx *Context, name string, id IDInput, state *ConnectorGcpKmsState, opts ...ResourceOption) (*ConnectorGcpKms, error)public static ConnectorGcpKms Get(string name, Input<string> id, ConnectorGcpKmsState? state, CustomResourceOptions? opts = null)public static ConnectorGcpKms get(String name, Output<String> id, ConnectorGcpKmsState state, CustomResourceOptions options)resources: _: type: harness:platform:ConnectorGcpKms get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Default bool
- Set this flag to set this secret manager as default secret manager.
- Description string
- Description of the resource.
- Execute
On boolDelegate - Enable this flag to execute on Delegate.
- Gcp
Project stringId - The project ID of the GCP KMS.
- Identifier string
- Unique identifier of the resource.
- Key
Name string - The key name of the GCP KMS.
- Key
Ring string - The key ring of the GCP KMS.
- Manual
Connector
Gcp Kms Manual - Manual credential configuration.
- Name string
- Name of the resource.
- Oidc
Authentications List<ConnectorGcp Kms Oidc Authentication> - Authentication using harness oidc.
- Org
Id string - Unique identifier of the organization.
- Project
Id string - Unique identifier of the project.
- Region string
- The region of the GCP KMS.
- List<string>
- Tags to associate with the resource.
- Default bool
- Set this flag to set this secret manager as default secret manager.
- Description string
- Description of the resource.
- Execute
On boolDelegate - Enable this flag to execute on Delegate.
- Gcp
Project stringId - The project ID of the GCP KMS.
- Identifier string
- Unique identifier of the resource.
- Key
Name string - The key name of the GCP KMS.
- Key
Ring string - The key ring of the GCP KMS.
- Manual
Connector
Gcp Kms Manual Args - Manual credential configuration.
- Name string
- Name of the resource.
- Oidc
Authentications []ConnectorGcp Kms Oidc Authentication Args - Authentication using harness oidc.
- Org
Id string - Unique identifier of the organization.
- Project
Id string - Unique identifier of the project.
- Region string
- The region of the GCP KMS.
- []string
- Tags to associate with the resource.
- default_ Boolean
- Set this flag to set this secret manager as default secret manager.
- description String
- Description of the resource.
- execute
On BooleanDelegate - Enable this flag to execute on Delegate.
- gcp
Project StringId - The project ID of the GCP KMS.
- identifier String
- Unique identifier of the resource.
- key
Name String - The key name of the GCP KMS.
- key
Ring String - The key ring of the GCP KMS.
- manual
Connector
Gcp Kms Manual - Manual credential configuration.
- name String
- Name of the resource.
- oidc
Authentications List<ConnectorGcp Kms Oidc Authentication> - Authentication using harness oidc.
- org
Id String - Unique identifier of the organization.
- project
Id String - Unique identifier of the project.
- region String
- The region of the GCP KMS.
- List<String>
- Tags to associate with the resource.
- default boolean
- Set this flag to set this secret manager as default secret manager.
- description string
- Description of the resource.
- execute
On booleanDelegate - Enable this flag to execute on Delegate.
- gcp
Project stringId - The project ID of the GCP KMS.
- identifier string
- Unique identifier of the resource.
- key
Name string - The key name of the GCP KMS.
- key
Ring string - The key ring of the GCP KMS.
- manual
Connector
Gcp Kms Manual - Manual credential configuration.
- name string
- Name of the resource.
- oidc
Authentications ConnectorGcp Kms Oidc Authentication[] - Authentication using harness oidc.
- org
Id string - Unique identifier of the organization.
- project
Id string - Unique identifier of the project.
- region string
- The region of the GCP KMS.
- string[]
- Tags to associate with the resource.
- default bool
- Set this flag to set this secret manager as default secret manager.
- description str
- Description of the resource.
- execute_
on_ booldelegate - Enable this flag to execute on Delegate.
- gcp_
project_ strid - The project ID of the GCP KMS.
- identifier str
- Unique identifier of the resource.
- key_
name str - The key name of the GCP KMS.
- key_
ring str - The key ring of the GCP KMS.
- manual
Connector
Gcp Kms Manual Args - Manual credential configuration.
- name str
- Name of the resource.
- oidc_
authentications Sequence[ConnectorGcp Kms Oidc Authentication Args] - Authentication using harness oidc.
- org_
id str - Unique identifier of the organization.
- project_
id str - Unique identifier of the project.
- region str
- The region of the GCP KMS.
- Sequence[str]
- Tags to associate with the resource.
- default Boolean
- Set this flag to set this secret manager as default secret manager.
- description String
- Description of the resource.
- execute
On BooleanDelegate - Enable this flag to execute on Delegate.
- gcp
Project StringId - The project ID of the GCP KMS.
- identifier String
- Unique identifier of the resource.
- key
Name String - The key name of the GCP KMS.
- key
Ring String - The key ring of the GCP KMS.
- manual Property Map
- Manual credential configuration.
- name String
- Name of the resource.
- oidc
Authentications List<Property Map> - Authentication using harness oidc.
- org
Id String - Unique identifier of the organization.
- project
Id String - Unique identifier of the project.
- region String
- The region of the GCP KMS.
- List<String>
- Tags to associate with the resource.
Supporting Types
ConnectorGcpKmsManual, ConnectorGcpKmsManualArgs
- Credentials string
- Reference to the Harness secret containing the secret key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
- Delegate
Selectors List<string> - The delegates to connect with.
- Credentials string
- Reference to the Harness secret containing the secret key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
- Delegate
Selectors []string - The delegates to connect with.
- credentials String
- Reference to the Harness secret containing the secret key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
- delegate
Selectors List<String> - The delegates to connect with.
- credentials string
- Reference to the Harness secret containing the secret key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
- delegate
Selectors string[] - The delegates to connect with.
- credentials str
- Reference to the Harness secret containing the secret key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
- delegate_
selectors Sequence[str] - The delegates to connect with.
- credentials String
- Reference to the Harness secret containing the secret key. To reference a secret at the organization scope, prefix 'org' to the expression: org.{identifier}. To reference a secret at the account scope, prefix 'account` to the expression: account.{identifier}.
- delegate
Selectors List<String> - The delegates to connect with.
ConnectorGcpKmsOidcAuthentication, ConnectorGcpKmsOidcAuthenticationArgs
- Gcp
Project stringId - The project number of the GCP project that is used to create the workload identity.
- Provider
Id string - The OIDC provider ID value configured in GCP.
- Service
Account stringEmail - The service account linked to workload identity pool while setting GCP workload identity provider.
- Workload
Pool stringId - The workload pool ID value created in GCP.
- Delegate
Selectors List<string> - The delegates to inherit the credentials from.
- Gcp
Project stringId - The project number of the GCP project that is used to create the workload identity.
- Provider
Id string - The OIDC provider ID value configured in GCP.
- Service
Account stringEmail - The service account linked to workload identity pool while setting GCP workload identity provider.
- Workload
Pool stringId - The workload pool ID value created in GCP.
- Delegate
Selectors []string - The delegates to inherit the credentials from.
- gcp
Project StringId - The project number of the GCP project that is used to create the workload identity.
- provider
Id String - The OIDC provider ID value configured in GCP.
- service
Account StringEmail - The service account linked to workload identity pool while setting GCP workload identity provider.
- workload
Pool StringId - The workload pool ID value created in GCP.
- delegate
Selectors List<String> - The delegates to inherit the credentials from.
- gcp
Project stringId - The project number of the GCP project that is used to create the workload identity.
- provider
Id string - The OIDC provider ID value configured in GCP.
- service
Account stringEmail - The service account linked to workload identity pool while setting GCP workload identity provider.
- workload
Pool stringId - The workload pool ID value created in GCP.
- delegate
Selectors string[] - The delegates to inherit the credentials from.
- gcp_
project_ strid - The project number of the GCP project that is used to create the workload identity.
- provider_
id str - The OIDC provider ID value configured in GCP.
- service_
account_ stremail - The service account linked to workload identity pool while setting GCP workload identity provider.
- workload_
pool_ strid - The workload pool ID value created in GCP.
- delegate_
selectors Sequence[str] - The delegates to inherit the credentials from.
- gcp
Project StringId - The project number of the GCP project that is used to create the workload identity.
- provider
Id String - The OIDC provider ID value configured in GCP.
- service
Account StringEmail - The service account linked to workload identity pool while setting GCP workload identity provider.
- workload
Pool StringId - The workload pool ID value created in GCP.
- delegate
Selectors List<String> - The delegates to inherit the credentials from.
Import
Import account level gcp connector
$ pulumi import harness:platform/connectorGcpKms:ConnectorGcpKms example <connector_id>
Import org level gcp connector
$ pulumi import harness:platform/connectorGcpKms:ConnectorGcpKms example <ord_id>/<connector_id>
Import project level gcp connector
$ pulumi import harness:platform/connectorGcpKms:ConnectorGcpKms example <org_id>/<project_id>/<connector_id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- harness pulumi/pulumi-harness
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
harnessTerraform Provider.