google-cloud-platformterraformgoogle-kubernetes-engineterraform-provider-gcpterraform-provider-openstack
Yash Saini
Reputation: 11
How to enable Application layer secrets encryption in GKE cluster with terraform?
I am creating a GKE cluster with Terraform script, I need to use Application layer secrets encryption in the cluster so I am not getting a block for this on terraform's official documentation can anyone please tell me how to enable Application layer secrets encryption in terraform script
Upvotes: 0
Views: 1418
Answers (2)
user2577098
Reputation: 1
I used this one:
database_encryption {
state = "ENCRYPTED"
key_name = google_kms_crypto_key.encryption-kms-key.self_link
}
And this depends_on for used the kKMS keyring created with Terraform.
depends_on = [
google_kms_key_ring.keyring
]
Ref: https://www.terraform.io/docs/providers/google/d/google_kms_crypto_key.html
Upvotes: 0
Victor Godoy
Reputation: 1692
To enable it you need to set database_encryption of google_container_clusterresource
https://www.terraform.io/docs/providers/google/r/container_cluster.html#database_encryption
Upvotes: 1
Related Questions
- Kubernetes Encryption Configuration
- How to pass GKE credential to kubernetes provider with Terraform?
- Create GCP service account and store service account key in secret manager in terraform
- How to enable Secrets encryption on EKS cluster?
- How to create a secret in Google Cloud Secret Manager by Terraform?
- terraform create k8s secret from gcp secret
- Use Kubernetes provider on Terraform with private GKE cluster
- Kubernetes Application Level Encryption on GKE
- Kubernetes secrets encryption
- How to try "Encrypt secret data at rest" feature in GKE