» google_kms_key_ring

Allows creation of a Google Cloud Platform KMS KeyRing. For more information see the official documentation and API.

A KeyRing is a grouping of CryptoKeys for organizational purposes. A KeyRing belongs to a Google Cloud Platform Project and resides in a specific location.

Note: KeyRings cannot be deleted from Google Cloud Platform. Destroying a Terraform-managed KeyRing will remove it from state but will not delete the resource on the server.

» Example Usage

resource "google_kms_key_ring" "my_key_ring" {
  name     = "my-key-ring"
  location = "us-central1"
}

» Argument Reference

The following arguments are supported:

name - (Required) The KeyRing's name. A KeyRing’s name must be unique within a location and match the regular expression [a-zA-Z0-9_-]{1,63}
location - (Required) The Google Cloud Platform location for the KeyRing. A full list of valid locations can be found by running gcloud kms locations list.

project - (Optional) The project in which the resource belongs. If it is not provided, the provider project is used.

» Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

self_link - The self link of the created KeyRing. Its format is projects/{projectId}/locations/{location}/keyRings/{keyRingName}.

» Import

KeyRings can be imported using the KeyRing autogenerated id, e.g.

$ terraform import google_kms_key_ring.my_key_ring my-gcp-project/us-central1/my-key-ring

$ terraform import google_kms_key_ring.my_key_ring us-central1/my-key-ring