> For the complete documentation index, see [llms.txt](https://docs.tailer.ai/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.tailer.ai/data-pipeline-operations/execute-code-processings-with-vm-launcher/encrypt-decrypt-data-with-vm-launcher/vm-launcher-data-decryption-configuration-file.md). # VM Launcher configuration file for data decryption The configuration file is in JSON format. It contains the following sections: * Global parameters: General information about the data operation. * Working directory parameters: Information about the input/output directories. * Credential parameters: Information about the credentials for the input/output buckets and the PGP private key. ## :eye\_in\_speech\_bubble: Example Here is an example of VM Launcher configuration file for data decryption: ```json { "configuration_type": "vm-launcher", "configuration_id": "pgp-decrypt", "environment": "DEV", "account": "000099", "activated": true, "archive": false, "pgp_mode": "DECRYPT", "gcp_project_id": "my-project", "gcs_source_bucket": "my-bucket", "gcs_source_prefix": "input", "destination_gcs_bucket": "my-bucket", "destination_gcs_path": "input_decrypted", "vm_delete": true, "credentials": { "input-credentials.json": { "content": { "cipher_aes": "", "tag": "", "ciphertext": "", "enc_session_key": "" } }, "output-credentials.json": { "content": { "cipher_aes": "", "tag": "", "ciphertext": "", "enc_session_key": "" } }, "private_key.pgp": { "passphrase": { "cipher_aes": "", "tag": "", "ciphertext": "", "enc_session_key": "" }, "recipient": "my.recipient@domain.com", "content": { "cipher_aes": "", "tag": "", "ciphertext": "", "enc_session_key": "" } } } } ``` ## 🌐 Global parameters | Parameter | Description | | ------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | |

configuration\_type

type: string

mandatory

|

Type of data operation.

For an STS data operation, the value is always "storage-to-storage".

| |

configuration\_id

type: string

mandatory

|

ID of the data operation.

You can pick any name you want, but is has to be unique for this data operation type.

Note that in case of conflict, the newly deployed data operation will overwrite the previous one. To guarantee its uniqueness, the best practice is to name your data operation by concatenating:

| |

environment

type: string

mandatory

|

Deployment context.

Values: PROD, PREPROD, STAGING, DEV.

| |

account

type: string

mandatory

| Your account ID is a 6-digit number assigned to you by your Tailer Platform administrator. | |

activated

type: boolean

optional

|

Flag used to enable/disable the execution of the data operation.

If not specified, the default value will be "true".

| |

archived

type: boolean

optional

|

Flag used to enable/disable the visibility of the data operation's configuration and runs in Tailer Studio.

If not specified, the default value will be "false".

| |

pgp\_mode

type: string

optional

|

PGP mode.

For data decryption, the value is always "DECRYPT".

| ## 💼 Working directory parameters Information about the script location and instructions to execute it. | Parameter | Description | | --------------------------------------------------------------------------------- | -------------------------------------------------------------------------------- | |

gcp\_project\_id

type: string

mandatory

| Google Cloud Platform project ID for the bucket containing the files to decrypt. | |

gcs\_source\_bucket

type: string

mandatory

| Name of the GCS bucket containing the files to decrypt. | |

gcs\_source\_prefix

type: string

mandatory

| Path in the GCS bucket containing the files to decrypt, e.g. "some/sub/dir". | |

destination\_gcs\_bucket

type: dict

mandatory

| Name of the GCS bucket containing the decrypted files. | |

destination\_gcs\_path

type: array

mandatory

| Path in the GCS bucket containing the decrypted files, e.g. "some/sub/dir". | ## 🖥 VM parameters Information related to the Google Cloud Compute Engine VM where the script will be executed. | Parameter | Description | | ----------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | |

vm\_delete

type: string

mandatory

|

If set to "true", this parameter will force the deletion of the VM at the end of the data operation. Running Compute Engine VMs will incur extra costs, so it is recommended to leave this parameter on "true".

Default value: true

| |

vm\_core\_number

type: string

mandatory

|

Virtual CPU (vCPU) count.
It is recommended to leave the default parameter, as this should allow sufficient performance to run a standard script.

Default value: 2

| |

vm\_memory\_amount

type: string

mandatory

|

System memory size (in GB).

It is recommended to leave the default parameter, as this should allow sufficient performance to run a standard script.

Default value: 4

| |

vm\_disk\_size

type: string

mandatory

|

Persistent disk size (in GB).

It is recommended to leave the default parameter, as this should provide enough space to store the data to process.

Default value: 20

| ## 🔐 Credential parameters | Parameter | Description | | -------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | |

credentials

type:array

mandatory

|

Array containing three entities:
input credentials for the input bucket,
output credentials for the output bucket,
and the private PGP key.

| --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.tailer.ai/data-pipeline-operations/execute-code-processings-with-vm-launcher/encrypt-decrypt-data-with-vm-launcher/vm-launcher-data-decryption-configuration-file.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.