Class: Google::Cloud::Container::V1::DatabaseEncryption

Inherits:

Object

• Object
• Google::Cloud::Container::V1::DatabaseEncryption

Extended by:

Protobuf::MessageExts::ClassMethods

Includes:

Protobuf::MessageExts

Defined in:

proto_docs/google/container/v1/cluster_service.rb

Overview

Configuration of etcd encryption.

Defined Under Namespace

Modules: CurrentState, State Classes: OperationError

Instance Attribute Summary

• #current_state ⇒ ::Google::Cloud::Container::V1::DatabaseEncryption::CurrentState readonly

  Output only.

• #decryption_keys ⇒ ::Array<::String> readonly

  Output only.

• #key_name ⇒ ::String

  Name of CloudKMS key to use for the encryption of secrets in etcd.

• #last_operation_errors ⇒ ::Array<::Google::Cloud::Container::V1::DatabaseEncryption::OperationError> readonly

  Output only.

• #state ⇒ ::Google::Cloud::Container::V1::DatabaseEncryption::State

  The desired state of etcd encryption.

Instance Attribute Details

#current_state ⇒ ::Google::Cloud::Container::V1::DatabaseEncryption::CurrentState (readonly)

Returns Output only. The current state of etcd encryption.

Returns:

• (::Google::Cloud::Container::V1::DatabaseEncryption::CurrentState) —

  Output only. The current state of etcd encryption.

# File 'proto_docs/google/container/v1/cluster_service.rb', line 6759

class DatabaseEncryption
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # OperationError records errors seen from CloudKMS keys
  # encountered during updates to DatabaseEncryption configuration.
  # @!attribute [rw] key_name
  #   @return [::String]
  #     CloudKMS key resource that had the error.
  # @!attribute [rw] error_message
  #   @return [::String]
  #     Description of the error seen during the operation.
  # @!attribute [rw] timestamp
  #   @return [::Google::Protobuf::Timestamp]
  #     Time when the CloudKMS error was seen.
  class OperationError
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # State of etcd encryption.
  module State
    # Should never be set
    UNKNOWN = 0

    # Secrets in etcd are encrypted.
    ENCRYPTED = 1

    # Secrets in etcd are stored in plain text (at etcd level) - this is
    # unrelated to Compute Engine level full disk encryption.
    DECRYPTED = 2

    # Encryption of all objects in the storage is enabled. There is no
    # guarantee that all objects in the storage are encrypted, but eventually
    # they will be.
    ALL_OBJECTS_ENCRYPTION_ENABLED = 3
  end

  # Current State of etcd encryption.
  module CurrentState
    # Should never be set
    CURRENT_STATE_UNSPECIFIED = 0

    # Secrets in etcd are encrypted.
    CURRENT_STATE_ENCRYPTED = 7

    # Secrets in etcd are stored in plain text (at etcd level) - this is
    # unrelated to Compute Engine level full disk encryption.
    CURRENT_STATE_DECRYPTED = 2

    # Encryption (or re-encryption with a different CloudKMS key)
    # of Secrets is in progress.
    CURRENT_STATE_ENCRYPTION_PENDING = 3

    # Encryption (or re-encryption with a different CloudKMS key) of Secrets in
    # etcd encountered an error.
    CURRENT_STATE_ENCRYPTION_ERROR = 4

    # De-crypting Secrets to plain text in etcd is in progress.
    CURRENT_STATE_DECRYPTION_PENDING = 5

    # De-crypting Secrets to plain text in etcd encountered an error.
    CURRENT_STATE_DECRYPTION_ERROR = 6

    # Encryption of all objects in the storage is enabled.
    # It does not guarantee that all objects in the storage are encrypted,
    # but eventually they will be.
    CURRENT_STATE_ALL_OBJECTS_ENCRYPTION_ENABLED = 8

    # Enablement of the encryption of all objects in storage is pending.
    CURRENT_STATE_ALL_OBJECTS_ENCRYPTION_PENDING = 9

    # Enabling encryption of all objects in storage encountered an error.
    CURRENT_STATE_ALL_OBJECTS_ENCRYPTION_ERROR = 10
  end
end

#decryption_keys ⇒ ::Array<::String> (readonly)

Returns Output only. Keys in use by the cluster for decrypting existing objects, in addition to the key in key_name.

Each item is a CloudKMS key resource.

Returns:

• (::Array<::String>) —

  Output only. Keys in use by the cluster for decrypting existing objects, in addition to the key in key_name.

  Each item is a CloudKMS key resource.

# File 'proto_docs/google/container/v1/cluster_service.rb', line 6759

class DatabaseEncryption
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # OperationError records errors seen from CloudKMS keys
  # encountered during updates to DatabaseEncryption configuration.
  # @!attribute [rw] key_name
  #   @return [::String]
  #     CloudKMS key resource that had the error.
  # @!attribute [rw] error_message
  #   @return [::String]
  #     Description of the error seen during the operation.
  # @!attribute [rw] timestamp
  #   @return [::Google::Protobuf::Timestamp]
  #     Time when the CloudKMS error was seen.
  class OperationError
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # State of etcd encryption.
  module State
    # Should never be set
    UNKNOWN = 0

    # Secrets in etcd are encrypted.
    ENCRYPTED = 1

    # Secrets in etcd are stored in plain text (at etcd level) - this is
    # unrelated to Compute Engine level full disk encryption.
    DECRYPTED = 2

    # Encryption of all objects in the storage is enabled. There is no
    # guarantee that all objects in the storage are encrypted, but eventually
    # they will be.
    ALL_OBJECTS_ENCRYPTION_ENABLED = 3
  end

  # Current State of etcd encryption.
  module CurrentState
    # Should never be set
    CURRENT_STATE_UNSPECIFIED = 0

    # Secrets in etcd are encrypted.
    CURRENT_STATE_ENCRYPTED = 7

    # Secrets in etcd are stored in plain text (at etcd level) - this is
    # unrelated to Compute Engine level full disk encryption.
    CURRENT_STATE_DECRYPTED = 2

    # Encryption (or re-encryption with a different CloudKMS key)
    # of Secrets is in progress.
    CURRENT_STATE_ENCRYPTION_PENDING = 3

    # Encryption (or re-encryption with a different CloudKMS key) of Secrets in
    # etcd encountered an error.
    CURRENT_STATE_ENCRYPTION_ERROR = 4

    # De-crypting Secrets to plain text in etcd is in progress.
    CURRENT_STATE_DECRYPTION_PENDING = 5

    # De-crypting Secrets to plain text in etcd encountered an error.
    CURRENT_STATE_DECRYPTION_ERROR = 6

    # Encryption of all objects in the storage is enabled.
    # It does not guarantee that all objects in the storage are encrypted,
    # but eventually they will be.
    CURRENT_STATE_ALL_OBJECTS_ENCRYPTION_ENABLED = 8

    # Enablement of the encryption of all objects in storage is pending.
    CURRENT_STATE_ALL_OBJECTS_ENCRYPTION_PENDING = 9

    # Enabling encryption of all objects in storage encountered an error.
    CURRENT_STATE_ALL_OBJECTS_ENCRYPTION_ERROR = 10
  end
end

#key_name ⇒ ::String

Returns Name of CloudKMS key to use for the encryption of secrets in etcd. Ex. projects/my-project/locations/global/keyRings/my-ring/cryptoKeys/my-key.

Returns:

• (::String) —

  Name of CloudKMS key to use for the encryption of secrets in etcd. Ex. projects/my-project/locations/global/keyRings/my-ring/cryptoKeys/my-key

# File 'proto_docs/google/container/v1/cluster_service.rb', line 6759

class DatabaseEncryption
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # OperationError records errors seen from CloudKMS keys
  # encountered during updates to DatabaseEncryption configuration.
  # @!attribute [rw] key_name
  #   @return [::String]
  #     CloudKMS key resource that had the error.
  # @!attribute [rw] error_message
  #   @return [::String]
  #     Description of the error seen during the operation.
  # @!attribute [rw] timestamp
  #   @return [::Google::Protobuf::Timestamp]
  #     Time when the CloudKMS error was seen.
  class OperationError
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # State of etcd encryption.
  module State
    # Should never be set
    UNKNOWN = 0

    # Secrets in etcd are encrypted.
    ENCRYPTED = 1

    # Secrets in etcd are stored in plain text (at etcd level) - this is
    # unrelated to Compute Engine level full disk encryption.
    DECRYPTED = 2

    # Encryption of all objects in the storage is enabled. There is no
    # guarantee that all objects in the storage are encrypted, but eventually
    # they will be.
    ALL_OBJECTS_ENCRYPTION_ENABLED = 3
  end

  # Current State of etcd encryption.
  module CurrentState
    # Should never be set
    CURRENT_STATE_UNSPECIFIED = 0

    # Secrets in etcd are encrypted.
    CURRENT_STATE_ENCRYPTED = 7

    # Secrets in etcd are stored in plain text (at etcd level) - this is
    # unrelated to Compute Engine level full disk encryption.
    CURRENT_STATE_DECRYPTED = 2

    # Encryption (or re-encryption with a different CloudKMS key)
    # of Secrets is in progress.
    CURRENT_STATE_ENCRYPTION_PENDING = 3

    # Encryption (or re-encryption with a different CloudKMS key) of Secrets in
    # etcd encountered an error.
    CURRENT_STATE_ENCRYPTION_ERROR = 4

    # De-crypting Secrets to plain text in etcd is in progress.
    CURRENT_STATE_DECRYPTION_PENDING = 5

    # De-crypting Secrets to plain text in etcd encountered an error.
    CURRENT_STATE_DECRYPTION_ERROR = 6

    # Encryption of all objects in the storage is enabled.
    # It does not guarantee that all objects in the storage are encrypted,
    # but eventually they will be.
    CURRENT_STATE_ALL_OBJECTS_ENCRYPTION_ENABLED = 8

    # Enablement of the encryption of all objects in storage is pending.
    CURRENT_STATE_ALL_OBJECTS_ENCRYPTION_PENDING = 9

    # Enabling encryption of all objects in storage encountered an error.
    CURRENT_STATE_ALL_OBJECTS_ENCRYPTION_ERROR = 10
  end
end

#last_operation_errors ⇒ ::Array<::Google::Cloud::Container::V1::DatabaseEncryption::OperationError> (readonly)

Returns Output only. Records errors seen during DatabaseEncryption update operations.

Returns:

• (::Array<::Google::Cloud::Container::V1::DatabaseEncryption::OperationError>) —

  Output only. Records errors seen during DatabaseEncryption update operations.

# File 'proto_docs/google/container/v1/cluster_service.rb', line 6759

class DatabaseEncryption
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # OperationError records errors seen from CloudKMS keys
  # encountered during updates to DatabaseEncryption configuration.
  # @!attribute [rw] key_name
  #   @return [::String]
  #     CloudKMS key resource that had the error.
  # @!attribute [rw] error_message
  #   @return [::String]
  #     Description of the error seen during the operation.
  # @!attribute [rw] timestamp
  #   @return [::Google::Protobuf::Timestamp]
  #     Time when the CloudKMS error was seen.
  class OperationError
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # State of etcd encryption.
  module State
    # Should never be set
    UNKNOWN = 0

    # Secrets in etcd are encrypted.
    ENCRYPTED = 1

    # Secrets in etcd are stored in plain text (at etcd level) - this is
    # unrelated to Compute Engine level full disk encryption.
    DECRYPTED = 2

    # Encryption of all objects in the storage is enabled. There is no
    # guarantee that all objects in the storage are encrypted, but eventually
    # they will be.
    ALL_OBJECTS_ENCRYPTION_ENABLED = 3
  end

  # Current State of etcd encryption.
  module CurrentState
    # Should never be set
    CURRENT_STATE_UNSPECIFIED = 0

    # Secrets in etcd are encrypted.
    CURRENT_STATE_ENCRYPTED = 7

    # Secrets in etcd are stored in plain text (at etcd level) - this is
    # unrelated to Compute Engine level full disk encryption.
    CURRENT_STATE_DECRYPTED = 2

    # Encryption (or re-encryption with a different CloudKMS key)
    # of Secrets is in progress.
    CURRENT_STATE_ENCRYPTION_PENDING = 3

    # Encryption (or re-encryption with a different CloudKMS key) of Secrets in
    # etcd encountered an error.
    CURRENT_STATE_ENCRYPTION_ERROR = 4

    # De-crypting Secrets to plain text in etcd is in progress.
    CURRENT_STATE_DECRYPTION_PENDING = 5

    # De-crypting Secrets to plain text in etcd encountered an error.
    CURRENT_STATE_DECRYPTION_ERROR = 6

    # Encryption of all objects in the storage is enabled.
    # It does not guarantee that all objects in the storage are encrypted,
    # but eventually they will be.
    CURRENT_STATE_ALL_OBJECTS_ENCRYPTION_ENABLED = 8

    # Enablement of the encryption of all objects in storage is pending.
    CURRENT_STATE_ALL_OBJECTS_ENCRYPTION_PENDING = 9

    # Enabling encryption of all objects in storage encountered an error.
    CURRENT_STATE_ALL_OBJECTS_ENCRYPTION_ERROR = 10
  end
end

#state ⇒ ::Google::Cloud::Container::V1::DatabaseEncryption::State

Returns The desired state of etcd encryption.

Returns:

• (::Google::Cloud::Container::V1::DatabaseEncryption::State) —

  The desired state of etcd encryption.

# File 'proto_docs/google/container/v1/cluster_service.rb', line 6759

class DatabaseEncryption
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # OperationError records errors seen from CloudKMS keys
  # encountered during updates to DatabaseEncryption configuration.
  # @!attribute [rw] key_name
  #   @return [::String]
  #     CloudKMS key resource that had the error.
  # @!attribute [rw] error_message
  #   @return [::String]
  #     Description of the error seen during the operation.
  # @!attribute [rw] timestamp
  #   @return [::Google::Protobuf::Timestamp]
  #     Time when the CloudKMS error was seen.
  class OperationError
    include ::Google::Protobuf::MessageExts
    extend ::Google::Protobuf::MessageExts::ClassMethods
  end

  # State of etcd encryption.
  module State
    # Should never be set
    UNKNOWN = 0

    # Secrets in etcd are encrypted.
    ENCRYPTED = 1

    # Secrets in etcd are stored in plain text (at etcd level) - this is
    # unrelated to Compute Engine level full disk encryption.
    DECRYPTED = 2

    # Encryption of all objects in the storage is enabled. There is no
    # guarantee that all objects in the storage are encrypted, but eventually
    # they will be.
    ALL_OBJECTS_ENCRYPTION_ENABLED = 3
  end

  # Current State of etcd encryption.
  module CurrentState
    # Should never be set
    CURRENT_STATE_UNSPECIFIED = 0

    # Secrets in etcd are encrypted.
    CURRENT_STATE_ENCRYPTED = 7

    # Secrets in etcd are stored in plain text (at etcd level) - this is
    # unrelated to Compute Engine level full disk encryption.
    CURRENT_STATE_DECRYPTED = 2

    # Encryption (or re-encryption with a different CloudKMS key)
    # of Secrets is in progress.
    CURRENT_STATE_ENCRYPTION_PENDING = 3

    # Encryption (or re-encryption with a different CloudKMS key) of Secrets in
    # etcd encountered an error.
    CURRENT_STATE_ENCRYPTION_ERROR = 4

    # De-crypting Secrets to plain text in etcd is in progress.
    CURRENT_STATE_DECRYPTION_PENDING = 5

    # De-crypting Secrets to plain text in etcd encountered an error.
    CURRENT_STATE_DECRYPTION_ERROR = 6

    # Encryption of all objects in the storage is enabled.
    # It does not guarantee that all objects in the storage are encrypted,
    # but eventually they will be.
    CURRENT_STATE_ALL_OBJECTS_ENCRYPTION_ENABLED = 8

    # Enablement of the encryption of all objects in storage is pending.
    CURRENT_STATE_ALL_OBJECTS_ENCRYPTION_PENDING = 9

    # Enabling encryption of all objects in storage encountered an error.
    CURRENT_STATE_ALL_OBJECTS_ENCRYPTION_ERROR = 10
  end
end