mirror of
https://github.com/letic/terraform-provider-google.git
synced 2024-10-06 18:51:13 +00:00
providers/google: Add support for encrypting a disk (#11167)
* providers/google: add support for encrypting a disk * providers/google: Add docs for encrypting disks * providers/google: CSEK small fixes: sensitive params and mismatched state files
This commit is contained in:
parent
e789ba3fab
commit
7974fd1a41
@ -32,6 +32,11 @@ The following arguments are supported:
|
||||
|
||||
- - -
|
||||
|
||||
* `disk_encryption_key_raw` - (Optional) A 256-bit [customer-supplied encryption key]
|
||||
(https://cloud.google.com/compute/docs/disks/customer-supplied-encryption),
|
||||
encoded in [RFC 4648 base64](https://tools.ietf.org/html/rfc4648#section-4)
|
||||
to encrypt this disk.
|
||||
|
||||
* `image` - (Optional) The image from which to initialize this disk. Either the
|
||||
full URL, a contraction of the form "project/name", or just a name (in which
|
||||
case the current project is used).
|
||||
@ -51,4 +56,9 @@ The following arguments are supported:
|
||||
In addition to the arguments listed above, the following computed attributes are
|
||||
exported:
|
||||
|
||||
* `disk_encryption_key_sha256` - The [RFC 4648 base64]
|
||||
(https://tools.ietf.org/html/rfc4648#section-4) encoded SHA-256 hash of the
|
||||
[customer-supplied encryption key](https://cloud.google.com/compute/docs/disks/customer-supplied-encryption)
|
||||
that protects this resource.
|
||||
|
||||
* `self_link` - The URI of the created resource.
|
||||
|
@ -136,6 +136,11 @@ the type is "local-ssd", in which case scratch must be true).
|
||||
* `device_name` - (Optional) Name with which attached disk will be accessible
|
||||
under `/dev/disk/by-id/`
|
||||
|
||||
* `disk_encryption_key_raw` - (Optional) A 256-bit [customer-supplied encryption key]
|
||||
(https://cloud.google.com/compute/docs/disks/customer-supplied-encryption),
|
||||
encoded in [RFC 4648 base64](https://tools.ietf.org/html/rfc4648#section-4)
|
||||
to encrypt this disk.
|
||||
|
||||
The `network_interface` block supports:
|
||||
|
||||
* `network` - (Optional) The name or self_link of the network to attach this interface to.
|
||||
@ -204,3 +209,7 @@ exported:
|
||||
* `network_interface.0.address` - The internal ip address of the instance, either manually or dynamically assigned.
|
||||
|
||||
* `network_interface.0.access_config.0.assigned_nat_ip` - If the instance has an access config, either the given external ip (in the `nat_ip` field) or the ephemeral (generated) ip (if you didn't provide one).
|
||||
|
||||
* `disk.0.disk_encryption_key_sha256` - The [RFC 4648 base64](https://tools.ietf.org/html/rfc4648#section-4)
|
||||
encoded SHA-256 hash of the [customer-supplied encryption key]
|
||||
(https://cloud.google.com/compute/docs/disks/customer-supplied-encryption) that protects this resource.
|
Loading…
Reference in New Issue
Block a user