How to handle KMSes that are parts of test deployments?
14 views
Skip to first unread message
Igor Chubin
Jun 8, 2021, 9:19:58 AM6/8/21
to Google Cloud Developers
In my GCP deployment, I use its own KMS that is created on the fly. The deployment is created hundred times a day (for tests). After a test is finished, deployment is terminated and removed. So far so good. The only problem is that after the deletion, created KMS, or better to say its remnants stay forever.
My tests test the deployment, i.e. they need to make a new deployment for each run, and because the KMS is supposed to be a part of the deployment (on the customer side), it can't be eliminated from the tested deployment.
How am I supposed to solve this task?
Adebisi Ibirogba
Jun 10, 2021, 10:10:28 AM6/10/21
to Google Cloud Developers
Q: The only problem is that after the deletion, created KMS, or better to say its remnants stay forever.
Ans: Keys can not be deleted but can be disabled or destroyed. The reason for this is to "ensures that a key version's resource identifier is unique and always points to the original key material for that key version."
Ans: Keys can not be deleted but can be disabled or destroyed. The reason for this is to "ensures that a key version's resource identifier is unique and always points to the original key material for that key version."
So in essence you can disable or destroyed it after test
Reply all
Reply to author
Forward
0 new messages