Oracle Cloud Infrastructure v1.41.0, Jun 19 24

Oracle Cloud Infrastructure v1.41.0 published on Wednesday, Jun 19, 2024 by Pulumi

oci.Kms.Sign

Explore with Pulumi AI

Oracle Cloud Infrastructure v1.41.0 published on Wednesday, Jun 19, 2024 by Pulumi

Creates a digital signature for a message or message digest by using the private key of a public-private key pair, also known as an asymmetric key. To verify the generated signature, you can use the Verify operation. Or, if you want to validate the signature outside of the service, you can do so by using the public key of the same asymmetric key. This operation is not supported for keys having protection mode EXTERNAL.

Example Usage

Coming soon!

Coming soon!

Coming soon!

Coming soon!

Coming soon!

resources:
  testSign:
    type: oci:Kms:Sign
    name: test_sign
    properties:
      cryptoEndpoint: ${signMessageCryptoEndpoint}
      keyId: ${testKey.id}
      message: ${signMessage}
      signingAlgorithm: ${signSigningAlgorithm}
      keyVersionId: ${testKeyVersion.id}
      loggingContext: ${signLoggingContext}
      messageType: ${signMessageType}

Create Sign Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Sign(name: string, args: SignArgs, opts?: CustomResourceOptions);

@overload
def Sign(resource_name: str,
         args: SignArgs,
         opts: Optional[ResourceOptions] = None)

@overload
def Sign(resource_name: str,
         opts: Optional[ResourceOptions] = None,
         crypto_endpoint: Optional[str] = None,
         key_id: Optional[str] = None,
         message: Optional[str] = None,
         signing_algorithm: Optional[str] = None,
         key_version_id: Optional[str] = None,
         message_type: Optional[str] = None)

func NewSign(ctx *Context, name string, args SignArgs, opts ...ResourceOption) (*Sign, error)

public Sign(string name, SignArgs args, CustomResourceOptions? opts = null)

public Sign(String name, SignArgs args)
public Sign(String name, SignArgs args, CustomResourceOptions options)

type: oci:Kms:Sign
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args SignArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args SignArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SignArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SignArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args SignArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var signResource = new Oci.Kms.Sign("signResource", new()
{
    CryptoEndpoint = "string",
    KeyId = "string",
    Message = "string",
    SigningAlgorithm = "string",
    KeyVersionId = "string",
    MessageType = "string",
});

example, err := Kms.NewSign(ctx, "signResource", &Kms.SignArgs{
	CryptoEndpoint:   pulumi.String("string"),
	KeyId:            pulumi.String("string"),
	Message:          pulumi.String("string"),
	SigningAlgorithm: pulumi.String("string"),
	KeyVersionId:     pulumi.String("string"),
	MessageType:      pulumi.String("string"),
})

var signResource = new Sign("signResource", SignArgs.builder()
    .cryptoEndpoint("string")
    .keyId("string")
    .message("string")
    .signingAlgorithm("string")
    .keyVersionId("string")
    .messageType("string")
    .build());

sign_resource = oci.kms.Sign("signResource",
    crypto_endpoint="string",
    key_id="string",
    message="string",
    signing_algorithm="string",
    key_version_id="string",
    message_type="string")

const signResource = new oci.kms.Sign("signResource", {
    cryptoEndpoint: "string",
    keyId: "string",
    message: "string",
    signingAlgorithm: "string",
    keyVersionId: "string",
    messageType: "string",
});

type: oci:Kms:Sign
properties:
    cryptoEndpoint: string
    keyId: string
    keyVersionId: string
    message: string
    messageType: string
    signingAlgorithm: string

Sign Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Sign resource accepts the following input properties:

CryptoEndpoint string

The service endpoint to perform cryptographic operations against. Cryptographic operations include 'Encrypt,' 'Decrypt,', 'GenerateDataEncryptionKey', 'Sign' and 'Verify' operations. see Vault Crypto endpoint.

KeyId string

The OCID of the key used to sign the message.

Message string

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

SigningAlgorithm string

The algorithm to use to sign the message or message digest. For RSA keys, supported signature schemes include PKCS #1 and RSASSA-PSS, along with different hashing algorithms. For ECDSA keys, ECDSA is the supported signature scheme with different hashing algorithms. When you pass a message digest for signing, ensure that you specify the same hashing algorithm as used when creating the message digest.

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

KeyVersionId string

The OCID of the key version used to sign the message.

MessageType string

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

CryptoEndpoint string

KeyId string

The OCID of the key used to sign the message.

Message string

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

SigningAlgorithm string

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

KeyVersionId string

The OCID of the key version used to sign the message.

MessageType string

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

cryptoEndpoint String

keyId String

The OCID of the key used to sign the message.

message String

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

signingAlgorithm String

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

keyVersionId String

The OCID of the key version used to sign the message.

messageType String

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

cryptoEndpoint string

keyId string

The OCID of the key used to sign the message.

message string

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

signingAlgorithm string

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

keyVersionId string

The OCID of the key version used to sign the message.

messageType string

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

crypto_endpoint str

key_id str

The OCID of the key used to sign the message.

message str

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

signing_algorithm str

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

key_version_id str

The OCID of the key version used to sign the message.

message_type str

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

cryptoEndpoint String

keyId String

The OCID of the key used to sign the message.

message String

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

signingAlgorithm String

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

keyVersionId String

The OCID of the key version used to sign the message.

messageType String

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

Outputs

All input properties are implicitly available as output properties. Additionally, the Sign resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
Signature string: The base64-encoded binary data object denoting the cryptographic signature generated for the message or message digest.

Id string: The provider-assigned unique ID for this managed resource.
Signature string: The base64-encoded binary data object denoting the cryptographic signature generated for the message or message digest.

id String: The provider-assigned unique ID for this managed resource.
signature String: The base64-encoded binary data object denoting the cryptographic signature generated for the message or message digest.

id string: The provider-assigned unique ID for this managed resource.
signature string: The base64-encoded binary data object denoting the cryptographic signature generated for the message or message digest.

id str: The provider-assigned unique ID for this managed resource.
signature str: The base64-encoded binary data object denoting the cryptographic signature generated for the message or message digest.

id String: The provider-assigned unique ID for this managed resource.
signature String: The base64-encoded binary data object denoting the cryptographic signature generated for the message or message digest.

Look up Existing Sign Resource

Get an existing Sign resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: SignState, opts?: CustomResourceOptions): Sign

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        crypto_endpoint: Optional[str] = None,
        key_id: Optional[str] = None,
        key_version_id: Optional[str] = None,
        message: Optional[str] = None,
        message_type: Optional[str] = None,
        signature: Optional[str] = None,
        signing_algorithm: Optional[str] = None) -> Sign

func GetSign(ctx *Context, name string, id IDInput, state *SignState, opts ...ResourceOption) (*Sign, error)

public static Sign Get(string name, Input<string> id, SignState? state, CustomResourceOptions? opts = null)

public static Sign get(String name, Output<String> id, SignState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

CryptoEndpoint string

KeyId string

The OCID of the key used to sign the message.

KeyVersionId string

The OCID of the key version used to sign the message.

Message string

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

MessageType string

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

Signature string

The base64-encoded binary data object denoting the cryptographic signature generated for the message or message digest.

SigningAlgorithm string

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

CryptoEndpoint string

KeyId string

The OCID of the key used to sign the message.

KeyVersionId string

The OCID of the key version used to sign the message.

Message string

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

MessageType string

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

Signature string

The base64-encoded binary data object denoting the cryptographic signature generated for the message or message digest.

SigningAlgorithm string

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

cryptoEndpoint String

keyId String

The OCID of the key used to sign the message.

keyVersionId String

The OCID of the key version used to sign the message.

message String

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

messageType String

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

signature String

The base64-encoded binary data object denoting the cryptographic signature generated for the message or message digest.

signingAlgorithm String

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

cryptoEndpoint string

keyId string

The OCID of the key used to sign the message.

keyVersionId string

The OCID of the key version used to sign the message.

message string

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

messageType string

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

signature string

The base64-encoded binary data object denoting the cryptographic signature generated for the message or message digest.

signingAlgorithm string

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

crypto_endpoint str

key_id str

The OCID of the key used to sign the message.

key_version_id str

The OCID of the key version used to sign the message.

message str

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

message_type str

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

signature str

The base64-encoded binary data object denoting the cryptographic signature generated for the message or message digest.

signing_algorithm str

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

cryptoEndpoint String

keyId String

The OCID of the key used to sign the message.

keyVersionId String

The OCID of the key version used to sign the message.

message String

The base64-encoded binary data object denoting the message or message digest to sign. You can have a message up to 4096 bytes in size. To sign a larger message, provide the message digest.

messageType String

Denotes whether the value of the message parameter is a raw message or a message digest. The default value, RAW, indicates a message. To indicate a message digest, use DIGEST.

signature String

The base64-encoded binary data object denoting the cryptographic signature generated for the message or message digest.

signingAlgorithm String

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

Import

Sign can be imported using the id, e.g.

$ pulumi import oci:Kms/sign:Sign test_sign "id"

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: oci pulumi/pulumi-oci
License: Apache-2.0
Notes: This Pulumi package is based on the oci Terraform Provider.

Oracle Cloud Infrastructure v1.41.0 published on Wednesday, Jun 19, 2024 by Pulumi

pulumi/pulumi-oci

oci.Kms.Sign

On this page

On this page

Example Usage

Create Sign Resource

Constructor syntax

Parameters

Constructor example

Sign Resource Properties

Inputs

Outputs

Look up Existing Sign Resource

Import

Package Details

On this page

On this page