Class: Google::Cloud::Workstations::V1::WorkstationConfig::CustomerEncryptionKey
- Inherits:
-
Object
- Object
- Google::Cloud::Workstations::V1::WorkstationConfig::CustomerEncryptionKey
- Extended by:
- Protobuf::MessageExts::ClassMethods
- Includes:
- Protobuf::MessageExts
- Defined in:
- proto_docs/google/cloud/workstations/v1/workstations.rb
Overview
A customer-managed encryption key (CMEK) for the Compute Engine resources of the associated workstation configuration. Specify the name of your Cloud KMS encryption key and the default service account. We recommend that you use a separate service account and follow Cloud KMS best practices.
Instance Attribute Summary collapse
-
#kms_key ⇒ ::String
Immutable.
-
#kms_key_service_account ⇒ ::String
Immutable.
Instance Attribute Details
#kms_key ⇒ ::String
Returns Immutable. The name of the Google Cloud KMS encryption key. For example,
"projects/PROJECT_ID/locations/REGION/keyRings/KEY_RING/cryptoKeys/KEY_NAME"
.
The key must be in the same region as the workstation configuration.
572 573 574 575 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 572 class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end |
#kms_key_service_account ⇒ ::String
Returns Immutable. The service account to use with the specified
KMS key. We recommend that you use a separate service account
and follow KMS best practices. For more information, see
Separation of
duties and
gcloud kms keys add-iam-policy-binding
--member
.
572 573 574 575 |
# File 'proto_docs/google/cloud/workstations/v1/workstations.rb', line 572 class CustomerEncryptionKey include ::Google::Protobuf::MessageExts extend ::Google::Protobuf::MessageExts::ClassMethods end |