kms_configs

Creates, updates, deletes, gets or lists a kms_configs resource.

Overview

Name	`kms_configs`
Type	Resource
Id	`google.netapp.kms_configs`

Fields

The following fields are returned by SELECT queries:

get
list

Successful response

Name	Datatype	Description
`name`	`string`	Identifier. Name of the KmsConfig.
`createTime`	`string (google-datetime)`	Output only. Create time of the KmsConfig.
`cryptoKeyName`	`string`	Required. Customer managed crypto key resource full name. Format: projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{key}.
`description`	`string`	Description of the KmsConfig.
`instructions`	`string`	Output only. Instructions to provide the access to the customer provided encryption key.
`labels`	`object`	Labels as key value pairs
`serviceAccount`	`string`	Output only. The Service account which will have access to the customer provided encryption key.
`state`	`string`	Output only. State of the KmsConfig.
`stateDetails`	`string`	Output only. State details of the KmsConfig.

Successful response

Name	Datatype	Description
`name`	`string`	Identifier. Name of the KmsConfig.
`createTime`	`string (google-datetime)`	Output only. Create time of the KmsConfig.
`cryptoKeyName`	`string`	Required. Customer managed crypto key resource full name. Format: projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{key}.
`description`	`string`	Description of the KmsConfig.
`instructions`	`string`	Output only. Instructions to provide the access to the customer provided encryption key.
`labels`	`object`	Labels as key value pairs
`serviceAccount`	`string`	Output only. The Service account which will have access to the customer provided encryption key.
`state`	`string`	Output only. State of the KmsConfig.
`stateDetails`	`string`	Output only. State details of the KmsConfig.

Methods

The following methods are available for this resource:

Name	Accessible by	Required Params	Optional Params	Description
`get`	`select`	`projectsId`, `locationsId`, `kmsConfigsId`		Returns the description of the specified KMS config by kms_config_id.
`list`	`select`	`projectsId`, `locationsId`	`pageSize`, `pageToken`, `orderBy`, `filter`	Returns descriptions of all KMS configs owned by the caller.
`create`	`insert`	`projectsId`, `locationsId`	`kmsConfigId`	Creates a new KMS config.
`patch`	`update`	`projectsId`, `locationsId`, `kmsConfigsId`	`updateMask`	Updates the Kms config properties with the full spec
`delete`	`delete`	`projectsId`, `locationsId`, `kmsConfigsId`		Warning! This operation will permanently delete the Kms config.
`encrypt`	`exec`	`projectsId`, `locationsId`, `kmsConfigsId`		Encrypt the existing volumes without CMEK encryption with the desired the KMS config for the whole region.
`verify`	`exec`	`projectsId`, `locationsId`, `kmsConfigsId`		Verifies KMS config reachability.

Parameters

Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.

Name	Datatype	Description
`kmsConfigsId`	`string`
`locationsId`	`string`
`projectsId`	`string`
`filter`	`string`
`kmsConfigId`	`string`
`orderBy`	`string`
`pageSize`	`integer (int32)`
`pageToken`	`string`
`updateMask`	`string (google-fieldmask)`

`SELECT` examples

get
list

Returns the description of the specified KMS config by kms_config_id.

SELECT
name,
createTime,
cryptoKeyName,
description,
instructions,
labels,
serviceAccount,
state,
stateDetails
FROM google.netapp.kms_configs
WHERE projectsId = '{{ projectsId }}' -- required
AND locationsId = '{{ locationsId }}' -- required
AND kmsConfigsId = '{{ kmsConfigsId }}' -- required;

Returns descriptions of all KMS configs owned by the caller.

SELECT
name,
createTime,
cryptoKeyName,
description,
instructions,
labels,
serviceAccount,
state,
stateDetails
FROM google.netapp.kms_configs
WHERE projectsId = '{{ projectsId }}' -- required
AND locationsId = '{{ locationsId }}' -- required
AND pageSize = '{{ pageSize }}'
AND pageToken = '{{ pageToken }}'
AND orderBy = '{{ orderBy }}'
AND filter = '{{ filter }}';

`INSERT` examples

create
Manifest

Creates a new KMS config.

INSERT INTO google.netapp.kms_configs (
data__name,
data__cryptoKeyName,
data__description,
data__labels,
projectsId,
locationsId,
kmsConfigId
)
SELECT 
'{{ name }}',
'{{ cryptoKeyName }}',
'{{ description }}',
'{{ labels }}',
'{{ projectsId }}',
'{{ locationsId }}',
'{{ kmsConfigId }}'
RETURNING
name,
done,
error,
metadata,
response
;

# Description fields are for documentation purposes
- name: kms_configs
  props:
    - name: projectsId
      value: string
      description: Required parameter for the kms_configs resource.
    - name: locationsId
      value: string
      description: Required parameter for the kms_configs resource.
    - name: name
      value: string
      description: >
        Identifier. Name of the KmsConfig.
        
    - name: cryptoKeyName
      value: string
      description: >
        Required. Customer managed crypto key resource full name. Format: projects/{project}/locations/{location}/keyRings/{key_ring}/cryptoKeys/{key}.
        
    - name: description
      value: string
      description: >
        Description of the KmsConfig.
        
    - name: labels
      value: object
      description: >
        Labels as key value pairs
        
    - name: kmsConfigId
      value: string

`UPDATE` examples

patch

Updates the Kms config properties with the full spec

UPDATE google.netapp.kms_configs
SET 
data__name = '{{ name }}',
data__cryptoKeyName = '{{ cryptoKeyName }}',
data__description = '{{ description }}',
data__labels = '{{ labels }}'
WHERE 
projectsId = '{{ projectsId }}' --required
AND locationsId = '{{ locationsId }}' --required
AND kmsConfigsId = '{{ kmsConfigsId }}' --required
AND updateMask = '{{ updateMask}}'
RETURNING
name,
done,
error,
metadata,
response;

`DELETE` examples

delete

Warning! This operation will permanently delete the Kms config.

DELETE FROM google.netapp.kms_configs
WHERE projectsId = '{{ projectsId }}' --required
AND locationsId = '{{ locationsId }}' --required
AND kmsConfigsId = '{{ kmsConfigsId }}' --required;

Lifecycle Methods

encrypt
verify

Encrypt the existing volumes without CMEK encryption with the desired the KMS config for the whole region.

EXEC google.netapp.kms_configs.encrypt 
@projectsId='{{ projectsId }}' --required, 
@locationsId='{{ locationsId }}' --required, 
@kmsConfigsId='{{ kmsConfigsId }}' --required;

Verifies KMS config reachability.

EXEC google.netapp.kms_configs.verify 
@projectsId='{{ projectsId }}' --required, 
@locationsId='{{ locationsId }}' --required, 
@kmsConfigsId='{{ kmsConfigsId }}' --required;

Overview​

Fields​

Methods​

Parameters​

SELECT examples​

INSERT examples​

UPDATE examples​

DELETE examples​

Lifecycle Methods​