Using Console
Using CLI
<keyring-name>
with a name of your choice.<key-name>
with a name of your choice and <keyring-name>
with the name of the keyring created in the previous step.<key-name>
with the name of the key created in step 5 and <keyring-name>
with the name of the keyring created in step 4. Also, replace <service-account-email>
with the email address of the Cloud Spanner service account.<database-id>
with the ID of the Spanner database and <service-account-email>
with the email address of the Cloud Spanner service account.<database-id>
with the ID of the Spanner database.If the command returns the KMS key name, then the database is encrypted. If it returns an empty string, then the database is not encrypted.By following these steps, you can remediate the misconfiguration and encrypt the Spanner database in GCP using GCP CLI.Using Python
instance_id
, database_id
, key_name
, and your-project-id/your-key-location/your-key-ring/your-key-name
with your respective values.