Viewing Google Cloud Keys
Use the get /v1/cckm/google/keys API to view the list of Google Cloud keys available in Google Cloud key rings linked with a Google Cloud connection.
Syntax
curl -k '<IP>/api/v1/cckm/google/keys?skip=0&limit=10&sort=updatedAt' -H 'Authorization: Bearer AUTHTOKEN' --compressed
Request Parameters
| Parameter | Type | Description |
|---|---|---|
| AUTHTOKEN | string | Authorization token. |
Request Query Parameters
| Parameter | Type | Description |
|---|---|---|
| id | string | ID of the key resource on the CipherTrust Manager, for example, 2f18eade-2fd9-4c48-85f7-550107729299. Note that this ID is different than ID of the key (key_id) on Google Cloud, for example, TestKey. Refer to Creating a Google Cloud Key to find out the resource ID of a key. |
| name | string | Name of the Google Cloud key. |
| key_id | string | ID of the Google Cloud key. |
| key_ring_id | string | ID of the Google Cloud key ring. |
| location_id | string | ID of the Google Cloud key ring location. Specify global to list keys from all Google Cloud locations. |
| project_id | string | Name or ID of the Google Cloud project where the Google Cloud key ring resides. To determine the project ID, run the post /v1/cckm/google/get-projects or get /v1/cckm/google/projects API. |
| create_status | string | Creation status of the key. The status can be: • AVAILABLE • PENDING_GENERATION • FAILED |
| organization_name | string | Name of the Google Cloud organization. |
| organization_display_name | Display name of the Google Cloud organization on Google Cloud. | |
| purpose | string | Purpose of the Google Cloud key. The purpose can be: • ENCRYPT_DECRYPT •ASYMMETRIC_SIGN •ASYMMETRIC_DECRYPT |
| algorithm | string | Algorithm of the Google Cloud key. |
| protection_level | string | Protection level of the Google Cloud key. |
| job_config_id | string | ID of the scheduler job configuration. |
| state | string | State of the Google Cloud key. The state can be: •PENDING_GENERATION •ABORTED •ENABLED •DISABLED •DESTROY_SCHEDULED •DESTROYED |
| rotation_job_enabled | string | Whether the rotation is enabled for the Google cloud key. |
| skip | integer | Number of records to skip. For example, if "skip":5 is specified, the first five records will not be displayed in the output. |
| limit | integer | Numbers of records to display. For example, if "limit":10 is specified, then the next 10 records (after skipping the number of records specified in the skip parameter) will be displayed in the output. |
| sort | string | Comma-delimited list of properties to sort the results. |
Example Request
curl -k 'https://127.0.0.1/api/v1/cckm/google/keys?skip=0&limit=10&sort=updatedAt' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI0MmFmZDExNy02YzllLTRhNGUtOTAwYS1lYjlhNDNjYWE5ZDIiLCJzdWIiOiJsb2NhbHwzMTI5ODdkMS0wOWNiLTQxZTEtOThmNy1jZjRhNzgwNTZiMTMiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiNDVmOWE3NWUtMzI1NC00NWJkLWE0NzYtOWU2NWUyNjdmNGVkIiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6IjdiYzNkOWM4LWRiYTQtNDVmMy05YWNiLWI3NGM2MzQyYzYyMCIsImlhdCI6MTYxNDc1MTg1MSwiZXhwIjoxNjE0NzUyMTUxfQ.ahdxfM7-WA4u7sotHy6qelc9MkoZytst7oZWsvE7Cr0' --compressed
Example Response
{
"skip": 0,
"limit": 10,
"total": 1,
"resources": [
{
"id": "2f18eade-2fd9-4c48-85f7-550107729299",
"uri": "kylo:kylo:cckm:gcp-keys:2f18eade-2fd9-4c48-85f7-550107729299",
"account": "kylo:kylo:admin:accounts:kylo",
"createdAt": "2021-05-04T11:29:39.906571Z",
"updatedAt": "2021-05-04T11:29:39.905379Z",
"cloud_name": "gcp",
"key_id": "NewTestKey",
"project_id": "gemalto-kyloeng",
"location_id": "global",
"key_ring_id": "ny-test-ring",
"key_ring_name": "projects/gemalto-kyloeng/locations/global/keyRings/ny-test-ring",
"gone": false,
"auto_rotate": false,
"status": "AVAILABLE",
"gcp_params": {
"name": "projects/gemalto-kyloeng/locations/global/keyRings/ny-test-ring/cryptoKeys/NewTestKey",
"primary": "projects/gemalto-kyloeng/locations/global/keyRings/ny-test-ring/cryptoKeys/NewTestKey/cryptoKeyVersions/1",
"createTime": "2021-05-04T11:29:40.551271Z",
"labels": {
"isakey": "yes"
},
"purpose": "ENCRYPT_DECRYPT",
"next_rotation_time": null,
"protectionLevel": "SOFTWARE",
"algorithm": "GOOGLE_SYMMETRIC_ENCRYPTION"
},
"organization_name": "organizations/123456789012",
"organization_display_name": "123456789012"
}
]
}
The sample output displays the list of Google Cloud keys based on the specified request query parameters.
Response Codes
| Response Code | Description |
|---|---|
| 2xx | Success |
| 4xx | Client errors |
| 5xx | Server errors |
Refer to HTTP status codes for details.