Skip to content
This repository has been archived by the owner on Nov 14, 2024. It is now read-only.

Commit

Permalink
BigQuery Dataset default CMEK encryption
Browse files Browse the repository at this point in the history
Signed-off-by: Modular Magician <magic-modules@google.com>
  • Loading branch information
drebes authored and modular-magician committed Aug 21, 2019
1 parent 175bb18 commit fe1d88f
Show file tree
Hide file tree
Showing 5 changed files with 44 additions and 0 deletions.
4 changes: 4 additions & 0 deletions docs/resources/google_bigquery_dataset.md
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,10 @@ Properties that can be accessed from the `google_bigquery_dataset` resource:

* `location`: The geographic location where the dataset should reside. See [official docs](https://cloud.google.com/bigquery/docs/dataset-locations). There are two types of locations, regional or multi-regional. A regional location is a specific geographic place, such as Tokyo, and a multi-regional location is a large geographic area, such as the United States, that contains at least two geographic places. Possible regional values include: `asia-east1`, `asia-northeast1`, `asia-southeast1`, `australia-southeast1`, `europe-north1`, `europe-west2` and `us-east4`. Possible multi-regional values: `EU` and `US`. The default value is multi-regional location `US`. Changing this forces a new resource to be created.

* `default_encryption_configuration`: The default encryption key for all tables in the dataset. Once this property is set, all newly-created partitioned tables in the dataset will have encryption key set to this value, unless table creation request (or query) overrides the key.

* `kms_key_name`: Describes the Cloud KMS encryption key that will be used to protect destination BigQuery table. The BigQuery Service Account associated with your project requires access to this encryption key.



## GCP Permissions
Expand Down
1 change: 1 addition & 0 deletions docs/resources/google_bigquery_datasets.md
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ See [google_bigquery_dataset.md](google_bigquery_dataset.md) for more detailed i
* `ids`: an array of `google_bigquery_dataset` id
* `labels`: an array of `google_bigquery_dataset` labels
* `locations`: an array of `google_bigquery_dataset` location
* `default_encryption_configurations`: an array of `google_bigquery_dataset` default_encryption_configuration

## Filter Criteria
This resource supports all of the above properties as filter criteria, which can be used
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# frozen_string_literal: false

# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in README.md and
# CONTRIBUTING.md located at the root of this package.
#
# ----------------------------------------------------------------------------
module GoogleInSpec
module BigQuery
module Property
class DatasetDefaultEncryptionConfiguration
attr_reader :kms_key_name

def initialize(args = nil, parent_identifier = nil)
return if args.nil?
@parent_identifier = parent_identifier
@kms_key_name = args['kmsKeyName']
end

def to_s
"#{@parent_identifier} DatasetDefaultEncryptionConfiguration"
end
end
end
end
end
3 changes: 3 additions & 0 deletions libraries/google_bigquery_dataset.rb
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
require 'gcp_backend'
require 'google/bigquery/property/dataset_access'
require 'google/bigquery/property/dataset_dataset_reference'
require 'google/bigquery/property/dataset_default_encryption_configuration'

# A provider to manage BigQuery resources.
class Dataset < GcpResourceBase
Expand All @@ -36,6 +37,7 @@ class Dataset < GcpResourceBase
attr_reader :labels
attr_reader :last_modified_time
attr_reader :location
attr_reader :default_encryption_configuration

def initialize(params)
super(params.merge({ use_http_transport: true }))
Expand All @@ -57,6 +59,7 @@ def parse
@labels = @fetched['labels']
@last_modified_time = @fetched['lastModifiedTime']
@location = @fetched['location']
@default_encryption_configuration = GoogleInSpec::BigQuery::Property::DatasetDefaultEncryptionConfiguration.new(@fetched['defaultEncryptionConfiguration'], to_s)
end

# Handles parsing RFC3339 time string
Expand Down
2 changes: 2 additions & 0 deletions libraries/google_bigquery_datasets.rb
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ class Datasets < GcpResourceBase
filter_table_config.add(:ids, field: :id)
filter_table_config.add(:labels, field: :labels)
filter_table_config.add(:locations, field: :location)
filter_table_config.add(:default_encryption_configurations, field: :default_encryption_configuration)

filter_table_config.connect(self, :table)

Expand Down Expand Up @@ -76,6 +77,7 @@ def transformers
'id' => ->(obj) { return :id, obj['id'] },
'labels' => ->(obj) { return :labels, obj['labels'] },
'location' => ->(obj) { return :location, obj['location'] },
'defaultEncryptionConfiguration' => ->(obj) { return :default_encryption_configuration, GoogleInSpec::BigQuery::Property::DatasetDefaultEncryptionConfiguration.new(obj['defaultEncryptionConfiguration'], to_s) },
}
end

Expand Down

0 comments on commit fe1d88f

Please sign in to comment.