CustomerEncryptionKeyArgs

data class CustomerEncryptionKeyArgs(val kmsKeyName: Output<String>? = null, val kmsKeyServiceAccount: Output<String>? = null, val rawKey: Output<String>? = null, val rsaEncryptedKey: Output<String>? = null) : ConvertibleToJava<CustomerEncryptionKeyArgs>

Constructors

Link copied to clipboard
fun CustomerEncryptionKeyArgs(kmsKeyName: Output<String>? = null, kmsKeyServiceAccount: Output<String>? = null, rawKey: Output<String>? = null, rsaEncryptedKey: Output<String>? = null)

Functions

Link copied to clipboard
open override fun toJava(): CustomerEncryptionKeyArgs

Properties

Link copied to clipboard
val kmsKeyName: Output<String>? = null

The name of the encryption key that is stored in Google Cloud KMS. For example: "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/ key_region/cryptoKeys/key

Link copied to clipboard
val kmsKeyServiceAccount: Output<String>? = null

The service account being used for the encryption request for the given KMS key. If absent, the Compute Engine default service account is used. For example: "kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com/

Link copied to clipboard
val rawKey: Output<String>? = null

Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rawKey": "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="

Link copied to clipboard
val rsaEncryptedKey: Output<String>? = null

Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit customer-supplied encryption key to either encrypt or decrypt this resource. You can provide either the rawKey or the rsaEncryptedKey. For example: "rsaEncryptedKey": "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe==" The key must meet the following requirements before you can provide it to Compute Engine: 1. The key is wrapped using a RSA public key certificate provided by Google. 2. After being wrapped, the key must be encoded in RFC 4648 base64 encoding. Gets the RSA public key certificate provided by Google at: https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem