public/terraform-provider-google
0
0
Fork 0
mirror of https://github.com/letic/terraform-provider-google.git synced 2024-10-06 18:51:13 +00:00
Code Issues Projects Releases Wiki Activity

providers/google: Add support for encrypting a disk (#11167)

Browse Source 
* providers/google: add support for encrypting a disk

* providers/google: Add docs for encrypting disks

* providers/google: CSEK small fixes: sensitive params and mismatched state files
This commit is contained in:
Dana Hoffman 2017-01-18 05:49:48 -08:00 committed by Paul Stack
parent e789ba3fab
commit 7974fd1a41
2 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
r/compute_disk.html.markdown
View File

@ -32,6 +32,11 @@ The following arguments are supported:
- - -
* `disk_encryption_key_raw` - (Optional) A 256-bit [customer-supplied encryption key]
(https://cloud.google.com/compute/docs/disks/customer-supplied-encryption),
encoded in [RFC 4648 base64](https://tools.ietf.org/html/rfc4648#section-4)
to encrypt this disk.
* `image` - (Optional) The image from which to initialize this disk. Either the
full URL, a contraction of the form "project/name", or just a name (in which
case the current project is used).
@ -51,4 +56,9 @@ The following arguments are supported:
In addition to the arguments listed above, the following computed attributes are
exported:
* `disk_encryption_key_sha256` - The [RFC 4648 base64]
(https://tools.ietf.org/html/rfc4648#section-4) encoded SHA-256 hash of the
[customer-supplied encryption key](https://cloud.google.com/compute/docs/disks/customer-supplied-encryption)
that protects this resource.
* `self_link` - The URI of the created resource.

9
r/compute_instance.html.markdown
View File

@ -136,6 +136,11 @@ the type is "local-ssd", in which case scratch must be true).
* `device_name` - (Optional) Name with which attached disk will be accessible
under `/dev/disk/by-id/`
* `disk_encryption_key_raw` - (Optional) A 256-bit [customer-supplied encryption key]
(https://cloud.google.com/compute/docs/disks/customer-supplied-encryption),
encoded in [RFC 4648 base64](https://tools.ietf.org/html/rfc4648#section-4)
to encrypt this disk.
The `network_interface` block supports:
* `network` - (Optional) The name or self_link of the network to attach this interface to.
@ -204,3 +209,7 @@ exported:
* `network_interface.0.address` - The internal ip address of the instance, either manually or dynamically assigned.
* `network_interface.0.access_config.0.assigned_nat_ip` - If the instance has an access config, either the given external ip (in the `nat_ip` field) or the ephemeral (generated) ip (if you didn't provide one).
* `disk.0.disk_encryption_key_sha256` - The [RFC 4648 base64](https://tools.ietf.org/html/rfc4648#section-4)
encoded SHA-256 hash of the [customer-supplied encryption key]
(https://cloud.google.com/compute/docs/disks/customer-supplied-encryption) that protects this resource.