pulumi-gcp-kotlin/com.pulumi.gcp.compute.kotlin.outputs/DiskSourceSnapshotEncryptionKey

DiskSourceSnapshotEncryptionKey

data class DiskSourceSnapshotEncryptionKey(val kmsKeySelfLink: String? = null, val kmsKeyServiceAccount: String? = null, val rawKey: String? = null, val sha256: String? = null)

Constructors

Link copied to clipboard
constructor(kmsKeySelfLink: String? = null, kmsKeyServiceAccount: String? = null, rawKey: String? = null, sha256: String? = null)

Types

Link copied to clipboard
object Companion

Properties

Link copied to clipboard
val kmsKeySelfLink: String? = null

The self link of the encryption key used to encrypt the disk. Also called KmsKeyName in the cloud console. Your project's Compute Engine System service account (service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com) must have roles/cloudkms.cryptoKeyEncrypterDecrypter to use this feature. See https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys

Link copied to clipboard
val kmsKeyServiceAccount: String? = null

The service account used for the encryption request for the given KMS key. If absent, the Compute Engine Service Agent service account is used.

Link copied to clipboard
val rawKey: String? = null

Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource.

Link copied to clipboard
val sha256: String? = null

(Output) The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.