Cloud Bigtable API - Class Google::Cloud::Bigtable::EncryptionInfo (v2.11.0)

Reference documentation and code samples for the Cloud Bigtable API class Google::Cloud::Bigtable::EncryptionInfo.

EncryptionInfo

Encryption information for a given resource.

See Backup#encryption_info and Table::ClusterState#encryption_infos.

Inherits

  • Object

Examples

require "google/cloud/bigtable"

bigtable = Google::Cloud::Bigtable.new
instance = bigtable.instance "my-instance"
cluster = instance.cluster "my-cluster"

backup = cluster.backup "my-backup"

encryption_info = backup.encryption_info
encryption_info.encryption_type #=> :GOOGLE_DEFAULT_ENCRYPTION

Retrieve a table with cluster states containing encryption info.

require "google/cloud/bigtable"

bigtable = Google::Cloud::Bigtable.new

table = bigtable.table "my-instance", "my-table", view: :ENCRYPTION_VIEW, perform_lookup: true

table.cluster_states.each do |cs|
  puts cs.cluster_name
  puts cs.encryption_infos.first.encryption_type
end

Methods

#encryption_status

def encryption_status() -> Google::Cloud::Bigtable::Status, nil

The status of encrypt/decrypt calls on underlying data for the resource. Regardless of status, the existing data is always encrypted at rest.

See also #encryption_type, #kms_key_version and Instance::ClusterMap#add.

Returns

#encryption_type

def encryption_type() -> Symbol

The type of encryption used to protect the resource. Possible values:

  • ENCRYPTION_TYPE_UNSPECIFIED - Encryption type was not specified, though data at rest remains encrypted.
  • GOOGLE_DEFAULT_ENCRYPTION - The data backing the resource is encrypted at rest with a key that is fully managed by Google. No key version or status will be populated. This is the default state.
  • CUSTOMER_MANAGED_ENCRYPTION - The data backing the resource is encrypted at rest with a key that is managed by the customer. The in-use version of the key and its status are populated for CMEK-protected tables. CMEK-protected backups are pinned to the key version that was in use at the time the backup was taken. This key version is populated but its status is not tracked and is reported as UNKNOWN.

See also #encryption_status, #kms_key_version and Instance::ClusterMap#add.

Returns
  • (Symbol) — The encryption type code as an uppercase symbol.

#kms_key_version

def kms_key_version() -> String, nil

The version of the Cloud KMS key specified in the parent cluster that is in use for the data underlying the table.

See also #encryption_type, #encryption_status and Instance::ClusterMap#add.

Returns
  • (String, nil) — The Cloud KMS key version, or nil if not present.