EncryptionInfo

EncryptionInfo describes the encryption information of a cluster.

JSON representation 
{
  "encryptionType": enum (Type),
  "kmsKeyVersions": [
    string
  ],
  "kmsKeyPrimaryState": enum (KmsKeyState),
  "lastUpdateTime": string
}
Fields
encryptionType

enum (Type)

Output only. Type of encryption.
kmsKeyVersions[]

string

Output only. KMS key versions that are being used to protect the data at-rest.
kmsKeyPrimaryState

enum (KmsKeyState)

Output only. The state of the primary version of the KMS key perceived by the system. This field is not populated in backups.
lastUpdateTime

string (Timestamp format)

Output only. The most recent time when the encryption info was updated.

Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z", "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30".

Type

Possible encryption types.

Enums
TYPE_UNSPECIFIED Encryption type not specified. Defaults to GOOGLE_DEFAULT_ENCRYPTION.
GOOGLE_DEFAULT_ENCRYPTION The data is encrypted at rest with a key that is fully managed by Google. No key version will be populated. This is the default state.
CUSTOMER_MANAGED_ENCRYPTION The data is encrypted at rest with a key that is managed by the customer. KMS key versions will be populated.

KmsKeyState

The state of the KMS key perceived by the system. Refer to the public documentation for the impact of each state.

Enums
KMS_KEY_STATE_UNSPECIFIED The default value. This value is unused.
ENABLED The KMS key is enabled and correctly configured.
PERMISSION_DENIED Permission denied on the KMS key.
DISABLED The KMS key is disabled.
DESTROYED The KMS key is destroyed.
DESTROY_SCHEDULED The KMS key is scheduled to be destroyed.
EKM_KEY_UNREACHABLE_DETECTED The EKM key is unreachable.
BILLING_DISABLED Billing is disabled for the project.
UNKNOWN_FAILURE All other unknown failures.