Difference between revisions of "KMS PATH"
Jump to navigation
Jump to search
| Line 1: | Line 1: | ||
| − | + | 0) Obtain <code>[[KMS_PATH]]</code> | |
[[gcloud kms keys list --location global --keyring sops]] | [[gcloud kms keys list --location global --keyring sops]] | ||
NAME PURPOSE ALGORITHM | NAME PURPOSE ALGORITHM | ||
| Line 11: | Line 11: | ||
SOFTWARE 1 DESTROYED | SOFTWARE 1 DESTROYED | ||
| − | + | 1) [[Encrypt]] using <code>KMS_PATH</code> | |
| − | + | * <code>[[sops --encrypt --gcp-kms]] $[[KMS_PATH]] secret.yaml > secret.yaml[[.sops]]</code> | |
== See also == | == See also == | ||
Revision as of 10:35, 27 October 2022
0) Obtain KMS_PATH
gcloud kms keys list --location global --keyring sops NAME PURPOSE ALGORITHM PROTECTION_LEVEL LABELS PRIMARY_ID PRIMARY_STATE projects/your-project/locations/global/keyRings/sops/cryptoKeys/sops-encryption-key ENCRYPT_DECRYPT GOOGLE_SYMMETRIC_ENCRYPTION HSM 1 ENABLED projects/your-project/locations/global/keyRings/sops/cryptoKeys/sops-encryption-key-data-lake ENCRYPT_DECRYPT GOOGLE_SYMMETRIC_ENCRYPTION HSM 1 ENABLED projects/your-project/locations/global/keyRings/sops/cryptoKeys/sops-key ENCRYPT_DECRYPT GOOGLE_SYMMETRIC_ENCRYPTION SOFTWARE 1 DESTROYED
1) Encrypt using KMS_PATH
sops --encrypt --gcp-kms $KMS_PATH secret.yaml > secret.yaml.sops
See also
- GCP KMS, EKM:
gcloud kms [ keys | encrypt | keyrings ] - SOPS,
sops | sops -d | sops -e | sops exec-env | sops exec-file | sops publish | sops keyservice | sops groups | sops updatekeys | sops --help - KMS, Customer Master Key (CMK), GCP KMS, AWS Key Management Service (KMS) (
aws kms), Google Cloud KMS (gcloud kms), Azure Key Vault, KMS v2 API, Kubernetes Key Management Service
Advertising:
