I am creating a GKE cluster with Terraform script, I need to use Application layer secrets encryption in the cluster so I am not getting a block for this on terraform's official documentation can anyone please tell me how to enable Application layer secrets encryption in terraform script
How to enable Application layer secrets encryption in GKE cluster with terraform?
1.1k Views Asked by Yash Saini At
2
There are 2 best solutions below
0
user2577098
On
I used this one:
database_encryption {
state = "ENCRYPTED"
key_name = google_kms_crypto_key.encryption-kms-key.self_link
}
And this depends_on for used the kKMS keyring created with Terraform.
depends_on = [
google_kms_key_ring.keyring
]
Ref: https://www.terraform.io/docs/providers/google/d/google_kms_crypto_key.html
Related Questions in GOOGLE-CLOUD-PLATFORM
- Google Logging API - What service name to use when writing entries from non-Google application?
- Custom exception message from google endpoints exception
- Unable to connect database of lamp instance from servlet running on tomcat instance of google cloud
- How to launch a Jar file using Spark on hadoop
- Google Cloud Bigtable Durability/Availability Guarantees
- How do I add a startup script to an existing VM from the developer console?
- What is the difference between an Instance and an Instance group
- How do i change files using ftp in google cloud?
- How to update all machines in an instance group on Google Cloud Platform?
- Setting up freeswitch server on Google cloud compute
- Google Cloud Endpoints: verifyToken: Signature length not correct
- Google Cloud BigTable connection setup time
- How GCE HTTP Cross-Region Load Balancing implemented
- Google Cloud Bigtable compression
- Google cloud SDK code to execute via cron
Related Questions in TERRAFORM
- Terraform: associate an aws_iam_role with an aws_iam_policy
- How to change the subnet association from one route table to another route table using terraform?
- How to avoid the destroy action in terraform apply?
- Is there a way to create EMR security config with CloudFormation/Terraform
- Referring to variables in another terraform file you can't modify
- EC2 instances launched via Terraform do not pass the status checks or have insufficient data
- Recreate Same Security Group Rule Each time I execute "terrafrom apply/plan"
- Trouble setting terraform variable from CLI
- Terraform -var-file not working for file present in the same directory
- How to get the most recent ebs snapshot using terraform datasource?
- protocol Tcp with floatingIP disabled, must not be used with the same backend IP
- Shell script producing the escaping character (\) with escaped double qoutes
- vpc_zone_identifier should be a list
- Building a custom terraform provider errors out
- Create AWS RDS instance in non default VPC using terraform
Related Questions in GOOGLE-KUBERNETES-ENGINE
- Cannot access google cloud SQL from google container engine
- Cluster communication and firewalls in Google Container Engine
- Google Container Engine (GKE): "Hello Wordpress" tutorial not working (ERR_CONNECTION_REFUSED)
- Setting up continuous deployment to Google Compute Engine running Kubernetes
- Does Google Container Registry undergo issues?
- How to mount volume for docker container via yaml manifest?
- LogSeverity on aggregated logs in Google Container Engine
- How do I permanently edit cluster/saltbase/pillar/privilege.sls to allow_privledged with Google Container Engine?
- Static outgoing IP in Kubernetes
- Docker container curl to web
- enable stackdriver monitoring agent google container engine clusters on gci image
- Networking between flex environment app engine and cluster engine?
- Set vm.max_map_count on cluster nodes
- How to reduce nodes(vm) running in a Kubernetes cluster of GKE gracefully?
- Google Container Engine StatefulSets in kubernetes 1.5.1 don't seem to work
Related Questions in TERRAFORM-PROVIDER-GCP
- Terraform throws Error setting IAM policy for service account ... Permission iam.serviceAccounts.setIamPolicy is required
- Can we able to change GCP cloud build settings using terraform or gcloud command
- Failing to create Cloud SQL Instance through Terraform
- How to get default GCP project and region with Terraform?
- Terraform google_proejct_iam_member giving Error 400: Policy members must be of the form "<type>:<value>"., badRequest
- Moving objects from one GCS bucket to another Bucket using Terraform
- Can we cron schedule bash file execution in Terraform
- Terraform: how to iterate over key-value pairs of map input via json file
- Using bash variables in arguments in Google Cloud Build provider
- Terraform/GCP Kubernetes error when trying to create namespace
- How do I configure GCP monitoring policy documentation in Terraform?
- is there any way to add a service account automatically whenever a project is created?
- Google Cloud forwarding rule http -> https using terraform
- How do I reference the secondary ranges in Terraform code?
- Terraform syntax for putting json as value in a map
Related Questions in TERRAFORM-PROVIDER-OPENSTACK
- How to dynamically attach multiple volumes to multiple instances via terraform in openstack?
- Terraform Openstack: Attach network interface during creation
- Dynamic provisioning of Cinder volume and Persistent volume using Terraform through Kubernetes
- Terraform Openstack Output parameter for CPU & Memory
- Terraform Openstack: deploy new instance with same security groups as existing one
- How to enable instance termination protection for OpenStack using terraform?
- Reference to other module resource in Terraform
- how to associate floating ip address to a instance in openstack using terraform
- azure Terraform parameter with CSV file
- How to enable Application layer secrets encryption in GKE cluster with terraform?
- Output CSV file using terraform
- Experiencing an error when try to output content of a csv file using terraform
- Getting attributes from Decode Json file and add them as string to a variable on terraform
- Terraform with openstack federated users on CLI
- terraform apply fails while creating a resource that exists already
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
To enable it you need to set
database_encryptionofgoogle_container_clusterresourcehttps://www.terraform.io/docs/providers/google/r/container_cluster.html#database_encryption