I am creating a GKE cluster with Terraform script, I need to use Application layer secrets encryption in the cluster so I am not getting a block for this on terraform's official documentation can anyone please tell me how to enable Application layer secrets encryption in terraform script
How to enable Application layer secrets encryption in GKE cluster with terraform?
1.1k Views Asked by Yash Saini At
2
There are 2 best solutions below
0
user2577098
On
I used this one:
database_encryption {
state = "ENCRYPTED"
key_name = google_kms_crypto_key.encryption-kms-key.self_link
}
And this depends_on for used the kKMS keyring created with Terraform.
depends_on = [
google_kms_key_ring.keyring
]
Ref: https://www.terraform.io/docs/providers/google/d/google_kms_crypto_key.html
Related Questions in GOOGLE-CLOUD-PLATFORM
- Why do I need to wait to reaccess to Firestore database even though it has already done before?
- Unable to call datastore using GCP service account key json
- Troubleshooting Airflow Task Failures: Slack Notification Timeout
- GoogleCloud Error: Not Found The requested URL was not found on this server
- Kubernetes cluster on GCE connection refused error
- Best way to upload images to Google Cloud Storage?
- Permission 'storage.buckets.get' denied on resource (or it may not exist)
- Google Datastream errors on larger MySQL tables
- Can anyone explain the output of apache-beam streaming pipeline with Fixed Window of 60 seconds?
- Parametrizing backend in terraform on gcp
- Nonsense error using a Python Google Cloud Function
- Unable to deploy to GAE from Github Actions
- Assigned A record for Subdomain in Cloud DNS to Compute Engine VM instance but not propagated/resolved yet
- Task failure in DataprocCreateClusterOperator when i add metadata
- How can I get the long running operation with google.api_core.operations_v1.AbstractOperationsClient
Related Questions in TERRAFORM
- Why does terraform aws_cognito_user_pool always show as "updated in-place" on every single terraform plan?
- Terraform - loop over complex data in data source
- Terraform cidrsubnets
- Encountered an error (ServiceUnavailable) from host runtime on Azure Function App
- Problem to add service principal permissions with terraform
- Multiple resources for the depends_on dependencies is throwing an Error
- Parametrizing backend in terraform on gcp
- AWS EKS Fargate pod scheduling issue with Prometheus deployment
- Terraform valdiate that one of N variables is set to "true"
- How to assign a value to a string variable, that includes embedded '=' in the value
- Terraform loop over Map variable to provision multiple Databricks catalogs
- Terraform OCI error when creating Network Load Balancer
- logiapp teams api connection terraform user sign in
- Difference between google_project_iam_* and other google_*_iam_* resources
- JSON representation of the current Terraform configuration
Related Questions in GOOGLE-KUBERNETES-ENGINE
- Golang == Error: OCI runtime create failed: unable to start container process: exec: "./bin": stat ./bin: no such file or directory: unknown
- Kubectl command throws error when executed from python script but manual execution works fine
- Unable to add TLS certificate to GKE from Google Secret Manager
- GKE Clusters no indication within metrics or logs after failure
- Getting connection refused to Private GKE Internal point. Autopilot private cluster
- Can I have the Google managed service range on a standard gke cluster created with Terraform- non auto-pilot
- Configure Lens with GKE cluster - gke_gcloud_auth_plugin issue
- Having issues joining my kubernetes worker noed to a controller node
- How to deploy airflow in kubernetes cluster that uses istio
- GKE cluster shutdown
- Artifactory 404 error from virtual repository where docker pulls fine but crictl does not
- Scraping from Mexico in GCP EKG?
- not able to connect via cloud sql proxy
- SQL connection throws error when adding DistributedSession, SessionMiddleware
- CronJob pod repeats pending forever even after deleting it
Related Questions in TERRAFORM-PROVIDER-GCP
- Difference between google_project_iam_* and other google_*_iam_* resources
- Permissions issue for google cloud build terraform
- How to release terraform state lock file from GCP backend when using automation for deployment
- Terraform - Google cloud - create multiple service accounts with multiple roles
- How to resolve terraform message: 'google_compute_ssl_certificate.xxx must be replace'?
- GCP IP address range
- Provision Google Cloud Composer 2 with Terraform
- how to disable soft delete from a GCS bucket
- What is the equivalent of this gcloud add-iam-policy-binding in terraform?
- GCP VPC SC No Matching Access Level for FetchUserPreference Method
- 502 "failed_to_pick_backend" when using PSC backend with Classic Load Balancer
- GKE Autopilote EgressNATPolicy with terraform
- Terraform Script to copy Big query dataset to GCS Bucket
- Using HEREDOC in Terraform config always triggers update
- Trouble with Terraform Provisioner File: Copying File to GCP VM
Related Questions in TERRAFORM-PROVIDER-OPENSTACK
- I need Terraform to retrieve a Network data by name
- How to delete openstack_blockstorage_volume_v2 with this module
- Force volume recreation with Terraform Cloud (VCS)
- Terraform Openstack Could not retrieve the list of available versions for provider
- Enable Azure Monitor for existing Virtual machines using terraform
- Getting attributes from Decode Json file and add them as string to a variable on terraform
- Experiencing an error when try to output content of a csv file using terraform
- Output CSV file using terraform
- Terraform Openstack: deploy new instance with same security groups as existing one
- Terraform Openstack: Attach network interface during creation
- How to dynamically attach multiple volumes to multiple instances via terraform in openstack?
- Terraform create list
- Terraform - Error creating OpenStack loadbalancer: Resource not found
- Terraform & OpenStack - Zero downtime flavor change
- azure Terraform parameter with CSV file
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
To enable it you need to set
database_encryptionofgoogle_container_clusterresourcehttps://www.terraform.io/docs/providers/google/r/container_cluster.html#database_encryption