What are the Service integrations and technical considerations in Google EKM

What are the Service integrations and technical considerations in Google EKM

The following services support Cloud EKM keys:

  • Compute Engine/Persistent Disk
    Compute Engine encrypts customer data at rest by default. By using cloud EKM, organizations can control and manage default encryption and Data Encryption Keys (DEK) used to protect the Persistent Disks.
  • BigQuery
    Organizations can encrypt data stored in BigQuery. They need to provide additional approval to access keys for revoking data from BigQuery cache.
  • Google Kubernetes Engine (GKE)
    In GKE, Cloud EKM keys can be used to protect data on Virtual Machine disks (node boot disks and attached disks) and Application-layer Secrets.
  • Cloud SQL
    loud EKM keys can be used to encrypt Cloud SQLs and their backups with the same Key

webinar cta