ControlPlaneEncryption(mapping=None, *, ignore_unknown_fields=False, **kwargs)
Configuration for Customer-managed KMS key support for remote control plane cluster disk encryption.
Attributes |
|
---|---|
Name | Description |
kms_key |
str
Immutable. The Cloud KMS CryptoKey e.g. projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{cryptoKey} to use for protecting control plane disks. If not specified, a Google-managed key will be used instead. |
kms_key_active_version |
str
Output only. The Cloud KMS CryptoKeyVersion currently in use for protecting control plane disks. Only applicable if kms_key is set. |
kms_key_state |
google.cloud.edgecontainer_v1.types.KmsKeyState
Output only. Availability of the Cloud KMS CryptoKey. If not KEY_AVAILABLE , then nodes may go offline as they cannot
access their local data. This can be caused by a lack of
permissions to use the key, or if the key is disabled or
deleted.
|
kms_status |
google.rpc.status_pb2.Status
Output only. Error status returned by Cloud KMS when using this key. This field may be populated only if kms_key_state is not KMS_KEY_STATE_KEY_AVAILABLE . If
populated, this field contains the error status reported by
Cloud KMS.
|