Policy: GCP > Kubernetes Engine > Region Cluster > Approved > Encryption at Rest > Customer Managed Key
The ID of a GCP KMS symmetric key that must be used as the encryption key for a GCP > Kubernetes Engine > Region Cluster.
This policy will be evaluated by the Approved control. If a GCP Kubernetes Engine region cluster is not encrypted with the specified key, it will be subject to the action specified in the GCP > Kubernetes Engine > Region Cluster > Approved policy.
See Approved for more information.
Targets
This policy targets the following resource types:
Primary Policy
This policy is used with the following primary policy:
Controls
Setting this policy configures this control:
Policy Specification
Schema Type | |
|---|---|
Examples [YAML] | projects/my-kms-project/locations/us-east1/keyRings/my-keyring/cryptoKeys/my-key |
Category
In Your Workspace
Developers
- tmod:@turbot/turbot#/control/categories/resourceApproved
- tmod:@turbot/gcp-kubernetesengine#/policy/types/regionClusterApprovedEncryptionAtRestCustomerManagedKey
- turbot graphql policy-type --id "tmod:@turbot/gcp-kubernetesengine#/policy/types/regionClusterApprovedEncryptionAtRestCustomerManagedKey"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/gcp-kubernetesengine#/policy/types/regionClusterApprovedEncryptionAtRestCustomerManagedKey"
Get Policy TypeGet Policy Settings
Category URI
Policy Type URI
GraphQL
CLI