VM Launcher configuration file for data encryption

This is the description of the JSON configuration file for a VM Launcher data encryption data operation.

The configuration file is in JSON format. It contains the following sections:

Global parameters: General information about the data operation.
Working directory parameters: Information about the input/output directories.
Credential parameters: Information about the credentials for the input/output buckets and the PGP public key.

👁️‍🗨️ Example

Here is an example of VM Launcher configuration file for data encryption:

{
    "configuration_type": "vm-launcher",
    "configuration_id": "pgp-encrypt",
    "environment": "DEV",
    "account": "000099",
    "activated": true,
    "archive": false,
    "pgp_mode": "ENCRYPT",
    "gcp_project_id": "my-project",
    "gcs_source_bucket": "my-buckeet",
    "gcs_source_prefix": "output",
    "destination_gcs_bucket": "my-bucket",
    "destination_gcs_path": "output_encrypted",
    "vm_delete": true,
    "credentials": {
        "input-credentials.json": {
            "content": {
                "cipher_aes": "xxx",
                "tag": "xxx",
                "ciphertext": "xxx",
                "enc_session_key": "xxx"
            }
        },
        "output-credentials.json": {
            "content": {
                "cipher_aes": "xxx",
                "tag": "xxx",
                "ciphertext": "xxx",
                "enc_session_key": "xxx"
            }
        },
        "public_key.pgp": {
            "recipient": "my-recipient@my-domain.com",
            "content": {
                "cipher_aes": "xxx",
                "tag": "xxx",
                "ciphertext": "xxx",
                "enc_session_key": "xxx"
            }
        }
    }
}

🌐 Global parameters

Parameter	Description
configuration_type type: string mandatory	Type of data operation. For an STS data operation, the value is always "storage-to-storage".
configuration_id type: string mandatory	ID of the data operation. You can pick any name you want, but is has to be unique for this data operation type. Note that in case of conflict, the newly deployed data operation will overwrite the previous one. To guarantee its uniqueness, the best practice is to name your data operation by concatenating: your account ID, the source bucket name, and the source directory name.
environment type: string mandatory	Deployment context. Values: PROD, PREPROD, STAGING, DEV.
account type: string mandatory	Your account ID is a 6-digit number assigned to you by your Tailer Platform administrator.
activated type: boolean optional	Flag used to enable/disable the execution of the data operation. If not specified, the default value will be "true".
archived type: boolean optional	Flag used to enable/disable the visibility of the data operation's configuration and runs in Tailer Studio. If not specified, the default value will be "false".
pgp_mode type: string optional	PGP mode. For data encryption, the value is always "ENCRYPT".

Parameter

Description

configuration_type

type: string

mandatory

Type of data operation.

For an STS data operation, the value is always "storage-to-storage".

configuration_id

type: string

mandatory

ID of the data operation.

You can pick any name you want, but is has to be unique for this data operation type.

Note that in case of conflict, the newly deployed data operation will overwrite the previous one. To guarantee its uniqueness, the best practice is to name your data operation by concatenating:

your account ID,
the source bucket name,
and the source directory name.

environment

type: string

mandatory

Deployment context.

Values: PROD, PREPROD, STAGING, DEV.

account

type: string

mandatory

Your account ID is a 6-digit number assigned to you by your Tailer Platform administrator.

activated

type: boolean

optional

Flag used to enable/disable the execution of the data operation.

If not specified, the default value will be "true".

archived

type: boolean

optional

Flag used to enable/disable the visibility of the data operation's configuration and runs in Tailer Studio.

If not specified, the default value will be "false".

pgp_mode

type: string

optional

PGP mode.

For data encryption, the value is always "ENCRYPT".

💼 Working directory parameters

Information about the script location and instructions to execute it.

Parameter	Description
gcp_project_id type: string mandatory	Google Cloud Platform project ID for the bucket containing the script.
gcs_source_bucket type: string mandatory	Name of the GCS bucket containing the files to encrypt.
gcs_source_prefix type: string mandatory	Path in the GCS bucket containing the files to encrypt, e.g. "some/sub/dir".
destination_gcs_bucket type: dict mandatory	Name of the GCS bucket containing the encrypted files.
destination_gcs_path type: array mandatory	Path in the GCS bucket containing the encrypted files, e.g. "some/sub/dir".

Parameter

Description

gcp_project_id

type: string

mandatory

Google Cloud Platform project ID for the bucket containing the script.

gcs_source_bucket

type: string

mandatory

Name of the GCS bucket containing the files to encrypt.

gcs_source_prefix

type: string

mandatory

Path in the GCS bucket containing the files to encrypt, e.g. "some/sub/dir".

destination_gcs_bucket

type: dict

mandatory

Name of the GCS bucket containing the encrypted files.

destination_gcs_path

type: array

mandatory

Path in the GCS bucket containing the encrypted files, e.g. "some/sub/dir".

🖥️ VM parameters

Information related to the Google Cloud Compute Engine VM where the script will be executed.

Parameter	Description
vm_delete type: string mandatory	If set to "true", this parameter will force the deletion of the VM at the end of the data operation. Running Compute Engine VMs will incur extra costs, so it is recommended to leave this parameter on "true". Default value: true
vm_core_number type: string mandatory	Virtual CPU (vCPU) count. It is recommended to leave the default parameter, as this should allow sufficient performance to run a standard script. Default value: 2
vm_memory_amount type: string mandatory	System memory size (in GB). It is recommended to leave the default parameter, as this should allow sufficient performance to run a standard script. Default value: 4
vm_disk_size type: string mandatory	Persistent disk size (in GB). It is recommended to leave the default parameter, as this should provide enough space to store the data to process. Default value: 20

Parameter

Description

vm_delete

type: string

mandatory

If set to "true", this parameter will force the deletion of the VM at the end of the data operation. Running Compute Engine VMs will incur extra costs, so it is recommended to leave this parameter on "true".

Default value: true

vm_core_number

type: string

mandatory

Virtual CPU (vCPU) count. It is recommended to leave the default parameter, as this should allow sufficient performance to run a standard script.

Default value: 2

vm_memory_amount

type: string

mandatory

System memory size (in GB).

It is recommended to leave the default parameter, as this should allow sufficient performance to run a standard script.

Default value: 4

vm_disk_size

type: string

mandatory

Persistent disk size (in GB).

It is recommended to leave the default parameter, as this should provide enough space to store the data to process.

Default value: 20

🔐 Credential parameters

Parameter	Description
credentials type:array mandatory	Array containing three entities: input credentials for the input bucket, output credentials for the output bucket, and the public PGP key.

Parameter

Description

credentials

type:array

mandatory

Array containing three entities: input credentials for the input bucket, output credentials for the output bucket, and the public PGP key.

PreviousEncrypt/Decrypt data with VM Launcher NextVM Launcher configuration file for data decryption

Last updated 11 months ago