Difference between revisions of "KMS PATH"
Jump to navigation
Jump to search
| Line 13: | Line 13: | ||
1) [[Encrypt]] using <code>KMS_PATH</code> | 1) [[Encrypt]] using <code>KMS_PATH</code> | ||
* <code>[[sops --encrypt --gcp-kms]] $[[KMS_PATH]] secret.yaml > secret.yaml[[.sops]]</code> | * <code>[[sops --encrypt --gcp-kms]] $[[KMS_PATH]] secret.yaml > secret.yaml[[.sops]]</code> | ||
| + | |||
| + | |||
| + | == Related == | ||
| + | [[SOPS_GCP_KMS]] environment variable | ||
== See also == | == See also == | ||
Revision as of 14:51, 23 November 2022
0) Obtain KMS_PATH
gcloud kms keys list --location global --keyring sops NAME PURPOSE ALGORITHM PROTECTION_LEVEL LABELS PRIMARY_ID PRIMARY_STATE projects/your-project/locations/global/keyRings/sops/cryptoKeys/sops-encryption-key ENCRYPT_DECRYPT GOOGLE_SYMMETRIC_ENCRYPTION HSM 1 ENABLED projects/your-project/locations/global/keyRings/sops/cryptoKeys/sops-encryption-key-data-lake ENCRYPT_DECRYPT GOOGLE_SYMMETRIC_ENCRYPTION HSM 1 ENABLED projects/your-project/locations/global/keyRings/sops/cryptoKeys/sops-key ENCRYPT_DECRYPT GOOGLE_SYMMETRIC_ENCRYPTION SOFTWARE 1 DESTROYED
1) Encrypt using KMS_PATH
sops --encrypt --gcp-kms $KMS_PATH secret.yaml > secret.yaml.sops
Related
SOPS_GCP_KMS environment variable
See also
- GCP KMS, EKM:
gcloud kms [ keys | encrypt | keyrings ] - SOPS,
sops | sops -d | sops -e | sops exec-env | sops exec-file | sops publish | sops keyservice | sops groups | sops updatekeys | sops --help - KMS, Customer Master Key (CMK), GCP KMS, AWS Key Management Service (KMS) (
aws kms), Google Cloud KMS (gcloud kms), Azure Key Vault, KMS v2 API, Kubernetes Key Management Service
Advertising:
