key_encryption_keys
Creates, updates, deletes, gets or lists a key_encryption_keys resource.
Overview
| Name | key_encryption_keys |
| Type | Resource |
| Id | confluent.encryption_keys.key_encryption_keys |
Fields
The following fields are returned by SELECT queries:
- get_kek
- get_kek_names
The kek info
| Name | Datatype | Description |
|---|---|---|
name | string | Name of the kek |
deleted | boolean | Whether the kek is deleted |
doc | string | Description of the kek |
kmsKeyId | string | KMS key ID of the kek |
kmsProps | object | Properties of the kek |
kmsType | string | KMS type of the kek |
shared | boolean | Whether the kek is shared |
ts | integer (int64) | Timestamp of the kek |
List of kek names
| Name | Datatype | Description |
|---|---|---|
kek_name | string |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get_kek | select | name | deleted | |
get_kek_names | select | deleted | ||
create_kek | insert | testSharing | ||
put_kek | replace | name | testSharing | |
delete_kek | delete | name | permanent | |
undelete_kek | exec | name | ||
test_kek | exec | name |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
name | string | Name of the kek |
deleted | boolean | Whether to include deleted keys |
permanent | boolean | Whether to perform a permanent delete |
testSharing | boolean | Whether to test kek sharing |
SELECT examples
- get_kek
- get_kek_names
The kek info
SELECT
name,
deleted,
doc,
kmsKeyId,
kmsProps,
kmsType,
shared,
ts
FROM confluent.encryption_keys.key_encryption_keys
WHERE name = '{{ name }}' -- required
AND deleted = '{{ deleted }}'
;
List of kek names
SELECT
kek_name
FROM confluent.encryption_keys.key_encryption_keys
WHERE deleted = '{{ deleted }}'
;
INSERT examples
- create_kek
- Manifest
No description available.
INSERT INTO confluent.encryption_keys.key_encryption_keys (
name,
kmsType,
kmsKeyId,
kmsProps,
doc,
shared,
deleted,
testSharing
)
SELECT
'{{ name }}',
'{{ kmsType }}',
'{{ kmsKeyId }}',
'{{ kmsProps }}',
'{{ doc }}',
{{ shared }},
{{ deleted }},
'{{ testSharing }}'
RETURNING
name,
deleted,
doc,
kmsKeyId,
kmsProps,
kmsType,
shared,
ts
;
# Description fields are for documentation purposes
- name: key_encryption_keys
props:
- name: name
value: "{{ name }}"
description: |
Name of the kek
- name: kmsType
value: "{{ kmsType }}"
description: |
KMS type of the kek
- name: kmsKeyId
value: "{{ kmsKeyId }}"
description: |
KMS key ID of the kek
- name: kmsProps
value: "{{ kmsProps }}"
description: |
Properties of the kek
- name: doc
value: "{{ doc }}"
description: |
Description of the kek
- name: shared
value: {{ shared }}
description: |
Whether the kek is shared
- name: deleted
value: {{ deleted }}
description: |
Whether the kek is deleted
- name: testSharing
value: {{ testSharing }}
description: Whether to test kek sharing
description: Whether to test kek sharing
REPLACE examples
- put_kek
No description available.
REPLACE confluent.encryption_keys.key_encryption_keys
SET
kmsProps = '{{ kmsProps }}',
doc = '{{ doc }}',
shared = {{ shared }}
WHERE
name = '{{ name }}' --required
AND testSharing = {{ testSharing}}
RETURNING
name,
deleted,
doc,
kmsKeyId,
kmsProps,
kmsType,
shared,
ts;
DELETE examples
- delete_kek
No description available.
DELETE FROM confluent.encryption_keys.key_encryption_keys
WHERE name = '{{ name }}' --required
AND permanent = '{{ permanent }}'
;
Lifecycle Methods
- undelete_kek
- test_kek
No Content
EXEC confluent.encryption_keys.key_encryption_keys.undelete_kek
@name='{{ name }}' --required
;
The test response
EXEC confluent.encryption_keys.key_encryption_keys.test_kek
@name='{{ name }}' --required
;