Class UserManagedKeysConfig (2.55.0)

UserManagedKeysConfig(mapping=None, *, ignore_unknown_fields=False, **kwargs)

UserManagedKeysConfig holds the resource address to Keys which are used for signing certs and token that are used for communication within cluster.

Attributes

Name Description
cluster_ca str
The Certificate Authority Service caPool to use for the cluster CA in this cluster.
etcd_api_ca str
Resource path of the Certificate Authority Service caPool to use for the etcd API CA in this cluster.
etcd_peer_ca str
Resource path of the Certificate Authority Service caPool to use for the etcd peer CA in this cluster.
service_account_signing_keys MutableSequence[str]
The Cloud KMS cryptoKeyVersions to use for signing service account JWTs issued by this cluster. Format: projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{cryptoKey}/cryptoKeyVersions/{cryptoKeyVersion}
service_account_verification_keys MutableSequence[str]
The Cloud KMS cryptoKeyVersions to use for verifying service account JWTs issued by this cluster. Format: projects/{project}/locations/{location}/keyRings/{keyring}/cryptoKeys/{cryptoKey}/cryptoKeyVersions/{cryptoKeyVersion}
aggregation_ca str
The Certificate Authority Service caPool to use for the aggregation CA in this cluster.
control_plane_disk_encryption_key str
The Cloud KMS cryptoKey to use for Confidential Hyperdisk on the control plane nodes.
gkeops_etcd_backup_encryption_key str
Resource path of the Cloud KMS cryptoKey to use for encryption of internal etcd backups.