- NAME
-
- gcloud kms ekm-connections update - update an ekmconnection
- SYNOPSIS
-
-
gcloud kms ekm-connections update
(EKM_CONNECTION
:--location
=LOCATION
) [--endpoint-filter
=ENDPOINT_FILTER
] [--hostname
=HOSTNAME
] [--server-certificates-files
=[SERVER_CERTIFICATES
,…]] [--service-directory-service
=SERVICE_DIRECTORY_SERVICE
] [--crypto-space-path
=CRYPTO_SPACE_PATH
--key-management-mode
=KEY_MANAGEMENT_MODE
] [GCLOUD_WIDE_FLAG …
]
-
- DESCRIPTION
- gcloud kms ekm-connections update can be used to update the ekmconnection. Updates can be made to the ekmconnection's service resolver's fields.
- EXAMPLES
-
The following command updates an ekm-connection named
laplace
service resolver's hostname within locationus-east1
:gcloud kms ekm-connections update laplace --location=us-east1 --hostname=newhostname.foo
The following command updates an ekm-connection named
laplace
service resolver's service_directory_service, endpoint_filter, hostname, and server_certificates within locationus-east1
:gcloud kms ekm-connections update laplace --location=us-east1 --service-directory-service="foo" --endpoint-filter="foo > bar" --hostname="newhostname.foo" --server-certificates-files=foo.pem,bar.pem
The following command updates an ekm-connection named
laplace
key_management_mode within locationus-east1
:gcloud kms ekm-connections update laplace --location=us-east1 --key-management-mode=manual
- POSITIONAL ARGUMENTS
-
-
Ekmconnection resource - The KMS ekm connection resource. The arguments in this
group can be used to specify the attributes of this resource. (NOTE) Some
attributes are not given arguments in this group but can be set in other ways.
To set the
project
attribute:-
provide the argument
ekm_connection
on the command line with a fully specified name; -
set the property
core/project
.
This must be specified.
EKM_CONNECTION
-
ID of the ekmconnection or fully qualified identifier for the ekmconnection.
To set the
ekmconnection
attribute:-
provide the argument
ekm_connection
on the command line.
This positional argument must be specified if any of the other arguments in this group are specified.
-
provide the argument
--location
=LOCATION
-
The Google Cloud location for the ekmconnection.
To set the
location
attribute:-
provide the argument
ekm_connection
on the command line with a fully specified name; -
provide the argument
--location
on the command line.
-
provide the argument
-
provide the argument
-
Ekmconnection resource - The KMS ekm connection resource. The arguments in this
group can be used to specify the attributes of this resource. (NOTE) Some
attributes are not given arguments in this group but can be set in other ways.
- FLAGS
-
--endpoint-filter
=ENDPOINT_FILTER
- The filter applied to the endpoints of the resolved service. If no filter is specified, all endpoints will be considered.
--hostname
=HOSTNAME
- The hostname of the EKM replica used at TLS and HTTP layers.
--server-certificates-files
=[SERVER_CERTIFICATES
,…]- A list of filenames of leaf server certificates used to authenticate HTTPS connections to the EKM replica in PEM format. If files are not in PEM, the assumed format will be DER.
--service-directory-service
=SERVICE_DIRECTORY_SERVICE
- The resource name of the Service Directory service pointing to an EKM replica.
-
Specifies the key management mode for the EkmConnection and associated fields.
--crypto-space-path
=CRYPTO_SPACE_PATH
-
Crypto space path for the EkmConnection. Required during EkmConnection creation
if
--key-management-mode=cloud-kms
. --key-management-mode
=KEY_MANAGEMENT_MODE
-
Key management mode of the ekm connection. An EkmConnection in
cloud-kms
mode means Cloud KMS will attempt to create and manage the key material that resides on the EKM for crypto keys created with this EkmConnection. An EkmConnection inmanual
mode means the external key material will not be managed by Cloud KMS. Omitting the flag defaults tomanual
.KEY_MANAGEMENT_MODE
must be one of:manual
,cloud-kms
.
- GCLOUD WIDE FLAGS
-
These flags are available to all commands:
--access-token-file
,--account
,--billing-project
,--configuration
,--flags-file
,--flatten
,--format
,--help
,--impersonate-service-account
,--log-http
,--project
,--quiet
,--trace-token
,--user-output-enabled
,--verbosity
.Run
$ gcloud help
for details. - NOTES
-
These variants are also available:
gcloud alpha kms ekm-connections update
gcloud beta kms ekm-connections update
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-02-06 UTC.