Initializes a location-level encryption key specification. An error will result if the location has resources already created before the initialization. After the encryption specification is initialized at a location, it is immutable and all newly created resources under the location will be encrypted with the existing specification.
HTTP request
POST https://{endpoint}/v1/{encryptionSpec.name=projects/*/locations/*/encryptionSpec}:initialize
Required. The name of customer-managed encryption key that is used to secure a resource and its sub-resources. If empty, the resource is secured by our default encryption key. Only the key in the same location as this resource is allowed to be used for encryption. Format: projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{key}
Response body
If successful, the response body contains an instance of Operation.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-07-30 UTC."],[[["\u003cp\u003eThis endpoint initializes a location-level encryption key specification, which becomes immutable after creation, encrypting all subsequent resources in that location.\u003c/p\u003e\n"],["\u003cp\u003eThe HTTP request is a \u003ccode\u003ePOST\u003c/code\u003e request to a specific endpoint URL that utilizes gRPC Transcoding syntax.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003eencryptionSpec.name\u003c/code\u003e path parameter is required and represents the immutable resource name of the encryption key specification in the format: \u003ccode\u003eprojects/{project}/locations/{location}/encryptionSpec\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eThe request body, in JSON format, must include the \u003ccode\u003eencryptionSpec\u003c/code\u003e field, containing the customer-managed encryption key's name (\u003ccode\u003ekmsKey\u003c/code\u003e) which is used to encrypt the resource and its sub-resources.\u003c/p\u003e\n"],["\u003cp\u003eAuthorization for this operation requires the OAuth scope: \u003ccode\u003ehttps://www.googleapis.com/auth/cloud-platform\u003c/code\u003e.\u003c/p\u003e\n"]]],[],null,["# Method: projects.locations.encryptionSpec.initialize\n\n- [HTTP request](#body.HTTP_TEMPLATE)\n- [Path parameters](#body.PATH_PARAMETERS)\n- [Request body](#body.request_body)\n - [JSON representation](#body.request_body.SCHEMA_REPRESENTATION)\n- [Response body](#body.response_body)\n- [Authorization scopes](#body.aspect)\n- [IAM Permissions](#body.aspect_1)\n- [Try it!](#try-it)\n\nInitializes a location-level encryption key specification. An error will result if the location has resources already created before the initialization. After the encryption specification is initialized at a location, it is immutable and all newly created resources under the location will be encrypted with the existing specification.\n\n### HTTP request\n\n`POST https://{endpoint}/v1/{encryptionSpec.name=projects/*/locations/*/encryptionSpec}:initialize`\n\nWhere `{endpoint}` is one of the [supported service endpoints](/contact-center/insights/docs/reference/rest#rest_endpoints).\n\nThe URLs use [gRPC Transcoding](https://google.aip.dev/127) syntax.\n\n### Path parameters\n\n### Request body\n\nThe request body contains data with the following structure:\n\n### Response body\n\nIf successful, the response body contains an instance of [Operation](/contact-center/insights/docs/reference/rest/Shared.Types/ListOperationsResponse#Operation).\n\n### Authorization scopes\n\nRequires the following OAuth scope:\n\n- `https://www.googleapis.com/auth/cloud-platform`\n\nFor more information, see the [Authentication Overview](/docs/authentication#authorization-gcp).\n\n### IAM Permissions\n\nRequires the following [IAM](https://cloud.google.com/iam/docs) permission on the `name` resource:\n\n- `contactcenterinsights.encryptionSpecs.initialize`\n\nFor more information, see the [IAM documentation](https://cloud.google.com/iam/docs)."]]
