An optional parameter to set the Customer-Supplied Encryption key for rewrite source object.
Application developers can generate their own encryption keys to protect the data in GCS. This is known as a Customer-Supplied Encryption key (CSEK). If the application provides a CSEK, GCS does not retain the key. The object data, the object CRC32 checksum, and its MD5 hash (if applicable) are all encrypted with this key, and the key is required to read any of these elements back.
Care must be taken to save and protect these keys, if lost, the data is not recoverable. Also, applications should avoid generating predictable keys, as this weakens the encryption.
This option is used only in rewrite operations and it defines the key used for the source object.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-21 UTC."],[[["This webpage provides documentation for the `SourceEncryptionKey` structure within the Google Cloud Storage C++ client library, detailing its use in managing Customer-Supplied Encryption Keys (CSEK)."],["The `SourceEncryptionKey` is used specifically in rewrite operations to define the encryption key for the source object, providing a way for applications to manage their own encryption keys for data protection within Google Cloud Storage (GCS)."],["The documentation outlines that losing CSEKs renders data irretrievable and suggests avoiding the use of predictable keys to ensure robust encryption, in accordance to the GCS Customer-Supplied Encryption Keys protocol."],["There are two primary methods for creating a `SourceEncryptionKey` object, `FromBinaryKey` and `FromBase64Key`, allowing keys to be provided either in binary format or as a base64-encoded string."],["The webpage also includes a list of historical library versions ranging from 2.11.0 to 2.37.0-rc, each linked to its respective documentation for the `SourceEncryptionKey` structure."]]],[]]
