dek_versions
Creates, updates, deletes, gets or lists a dek_versions resource.
Overview
| Name | dek_versions |
| Type | Resource |
| Id | confluent.encryption_keys.dek_versions |
Fields
The following fields are returned by SELECT queries:
- get_dek_by_version
- get_dek_versions
The dek info
| Name | Datatype | Description |
|---|---|---|
algorithm | string | Algorithm of the dek (AES128_GCM, AES256_GCM, AES256_SIV) |
deleted | boolean | Whether the dek is deleted |
encryptedKeyMaterial | string | Encrypted key material of the dek |
kekName | string | Kek name of the dek |
keyMaterial | string | Raw key material of the dek |
subject | string | Subject of the dek |
ts | integer (int64) | Timestamp of the dek |
version | integer (int32) | Version of the dek |
List of version numbers for dek
| Name | Datatype | Description |
|---|---|---|
dek_version | integer |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get_dek_by_version | select | name, subject, version | algorithm, deleted | |
get_dek_versions | select | name, subject | algorithm, deleted, offset, limit | |
delete_dek_version | delete | name, subject, version | algorithm, permanent | |
undelete_dek_version | exec | name, subject, version | algorithm |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
name | string | Name of the kek |
subject | string | Subject of the dek |
version | string | Version of the dek |
algorithm | string | Algorithm of the dek |
deleted | boolean | Whether to include deleted keys |
limit | integer | Pagination size for results. Ignored if negative |
offset | integer | Pagination offset for results |
permanent | boolean | Whether to perform a permanent delete |
SELECT examples
- get_dek_by_version
- get_dek_versions
The dek info
SELECT
algorithm,
deleted,
encryptedKeyMaterial,
kekName,
keyMaterial,
subject,
ts,
version
FROM confluent.encryption_keys.dek_versions
WHERE name = '{{ name }}' -- required
AND subject = '{{ subject }}' -- required
AND version = '{{ version }}' -- required
AND algorithm = '{{ algorithm }}'
AND deleted = '{{ deleted }}'
;
List of version numbers for dek
SELECT
dek_version
FROM confluent.encryption_keys.dek_versions
WHERE name = '{{ name }}' -- required
AND subject = '{{ subject }}' -- required
AND algorithm = '{{ algorithm }}'
AND deleted = '{{ deleted }}'
AND offset = '{{ offset }}'
AND limit = '{{ limit }}'
;
DELETE examples
- delete_dek_version
No description available.
DELETE FROM confluent.encryption_keys.dek_versions
WHERE name = '{{ name }}' --required
AND subject = '{{ subject }}' --required
AND version = '{{ version }}' --required
AND algorithm = '{{ algorithm }}'
AND permanent = '{{ permanent }}'
;
Lifecycle Methods
- undelete_dek_version
No Content
EXEC confluent.encryption_keys.dek_versions.undelete_dek_version
@name='{{ name }}' --required,
@subject='{{ subject }}' --required,
@version='{{ version }}' --required,
@algorithm='{{ algorithm }}'
;