Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for Customer supplied Encryption in Google #5053

Closed
andreadecorte opened this issue Feb 8, 2016 · 6 comments
Closed

Add support for Customer supplied Encryption in Google #5053

andreadecorte opened this issue Feb 8, 2016 · 6 comments
Labels
enhancement provider/google-cloud

Comments

@andreadecorte
Copy link

Google has added since a few months the ability to use Customer supplied encryption in GCE. It would be good if Terraform offered an encryption parameter in google_compute_instance and google_compute_disk resources
@billf
Copy link
Contributor

billf commented Feb 9, 2016

disclaimer: i use the google provider a lot but i neither work for google nor am i a terraform committer.

It's still a beta feature. To access it, Terraform would have to use the beta gcloud go SDK. gcloud resources refer to each by self_link (basically, a URL pointing to the resource). contrast that with AWS resources which reference each other by name. the self_link generated by any users of a beta SDK would have a different URL than non-beta resources. For example, use of the beta SDK for compute instances to get this feature would cause google_compute_instance's self_link attribute to change and that would cause resources that use that attribute to be marked dirty even with zero changes to the terraform files. Then, when the feature moves from beta to general availability any resources that depend on it would again become tainted by the URL change by going back to the release SDK. the schema would have to account for this via versioning and various transition functions.

what i'm saying is even if it's a trivial change to map a single resource attribute to a single field in a map passed to the SDK, use of the beta SDK itself has widespread ramifications.

@lwander
Copy link
Contributor

lwander commented Feb 13, 2016

Hey, @klenje, I agree with @billf and will tag this issue as upstream to revisit when this API reaches v1.

@billf billf mentioned this issue Feb 29, 2016
Closed
@lwander lwander mentioned this issue Mar 10, 2016
Closed
@phinze phinze mentioned this issue Mar 10, 2016
Closed
@sbadia
Copy link
Contributor

sbadia commented Aug 4, 2016

Hi here, CSEK(customer supplied encryption key) is now generally available since the 2016/08/01

@qvallance-ctc
Copy link

Looks like this issue addressed in #11167

@danawillow
Copy link
Contributor

Yes, this is done.

@ghost
Copy link

ghost commented Apr 17, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators Apr 17, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement provider/google-cloud
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
8 participants
@andreadecorte @stack72 @billf @radeksimko @sbadia @danawillow @lwander @qvallance-ctc