Method: projects.locations.encryptionSpec.initialize

Initializes a location-level encryption key specification. An error will be thrown if the location has resources already created before the initialization. Once the encryption specification is initialized at a location, it is immutable and all newly created resources under the location will be encrypted with the existing specification.

HTTP request

POST https://{endpoint}/v2/{encryptionSpec.name=projects/*/locations/*/encryptionSpec}:initialize

Where {endpoint} is one of the supported service endpoints.

The URLs use gRPC Transcoding syntax.

Path parameters

Parameters
encryptionSpec.name

string

Immutable. The resource name of the encryption key specification resource. Format: projects/{project}/locations/{location}/encryptionSpec

Request body

The request body contains data with the following structure:

JSON representation
{
  "encryptionSpec": {
    "name": string,
    "kmsKey": string
  }
}
Fields
encryptionSpec.kmsKey

string

Required. The name of customer-managed encryption key that is used to secure a resource and its sub-resources. If empty, the resource is secured by the default Google encryption key. Only the key in the same location as this resource is allowed to be used for encryption. Format: projects/{project}/locations/{location}/keyRings/{keyRing}/cryptoKeys/{key}

Response body

If successful, the response body contains an instance of Operation.

Authorization scopes

Requires one of the following OAuth scopes:

  • https://www.googleapis.com/auth/cloud-platform
  • https://www.googleapis.com/auth/dialogflow

For more information, see the Authentication Overview.