Initializes a location-level encryption key specification. An error will result if the location has resources already created before the initialization. After the encryption specification is initialized at a location, it is immutable and all newly created resources under the location will be encrypted with the existing specification.
HTTP request
POST https://{endpoint}/v1/{encryptionSpec.name=projects/*/locations/*/encryptionSpec}:initialize
Where {endpoint}
is one of the supported service endpoints.
The URLs use gRPC Transcoding syntax.
Path parameters
Parameters | |
---|---|
encryptionSpec.name |
Immutable. The resource name of the encryption key specification resource. Format: projects/{project}/locations/{location}/encryptionSpec |
Request body
The request body contains data with the following structure:
JSON representation |
---|
{ "encryptionSpec": { "name": string, "kmsKey": string } } |
Fields | |
---|---|
encryptionSpec.kmsKey |
Required. The name of customer-managed encryption key that is used to secure a resource and its sub-resources. If empty, the resource is secured by our default encryption key. Only the key in the same location as this resource is allowed to be used for encryption. Format: |
Response body
If successful, the response body contains an instance of Operation
.
Authorization scopes
Requires the following OAuth scope:
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.