Package io.fabric8.openshift.api.model.config.v1

Class APIServerEncryption

  • All Implemented Interfaces:
    io.fabric8.kubernetes.api.builder.Editable<APIServerEncryptionBuilder>, io.fabric8.kubernetes.api.model.KubernetesResource, Serializable
    @Generated("io.fabric8.kubernetes.schema.generator.model.ModelGenerator")
public class APIServerEncryption
extends Object
implements io.fabric8.kubernetes.api.builder.Editable<APIServerEncryptionBuilder>, io.fabric8.kubernetes.api.model.KubernetesResource
    APIServerEncryption is used to encrypt sensitive resources on the cluster.
    See Also:
    Serialized Form

    • Constructor Detail

      • APIServerEncryption

        public APIServerEncryption()
        No args constructor for use in serialization

      • APIServerEncryption

        public APIServerEncryption​(KMSConfig kms,
                           String type)

    • Method Detail

      • getKms

        public KMSConfig getKms()
        APIServerEncryption is used to encrypt sensitive resources on the cluster.

      • setKms

        public void setKms​(KMSConfig kms)
        APIServerEncryption is used to encrypt sensitive resources on the cluster.

      • getType

        public String getType()
        type defines what encryption type should be used to encrypt resources at the datastore layer. When this field is unset (i.e. when it is set to the empty string), identity is implied. The behavior of unset can and will change over time. Even if encryption is enabled by default, the meaning of unset may change to a different encryption type based on changes in best practices.


        When encryption is enabled, all sensitive resources shipped with the platform are encrypted. This list of sensitive resources can and will change over time. The current authoritative list is:


        1. secrets

        2. configmaps

        3. routes.route.openshift.io

        4. oauthaccesstokens.oauth.openshift.io

        5. oauthauthorizetokens.oauth.openshift.io

      • setType

        public void setType​(String type)
        type defines what encryption type should be used to encrypt resources at the datastore layer. When this field is unset (i.e. when it is set to the empty string), identity is implied. The behavior of unset can and will change over time. Even if encryption is enabled by default, the meaning of unset may change to a different encryption type based on changes in best practices.


        When encryption is enabled, all sensitive resources shipped with the platform are encrypted. This list of sensitive resources can and will change over time. The current authoritative list is:


        1. secrets

        2. configmaps

        3. routes.route.openshift.io

        4. oauthaccesstokens.oauth.openshift.io

        5. oauthauthorizetokens.oauth.openshift.io

      • getAdditionalProperties

        public Map<String,​Object> getAdditionalProperties()

      • setAdditionalProperty

        public void setAdditionalProperty​(String name,
                                  Object value)

      • setAdditionalProperties

        public void setAdditionalProperties​(Map<String,​Object> additionalProperties)