O'Reilly logo

Google Cloud Platform Administration by Ranjit Singh Thakurratan

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Key management service

Cloud KMS is a hosted KMS that lets you manage your encryption keys in the cloud. You can create/generate, rotate, use, and destroy AES256 encryption keys just like you would in your on-premises environments. You can also use the cloud KMS REST API to encrypt and decrypt data. Before we explore Cloud KMS, we need to understand the object hierarchy structure. Let's briefly go over the object hierarchy and then explore Cloud KMS on the GCP console.

To enhance access control management, Cloud KMS stores keys in a hierarchical structure. There are different levels in the hierarchical structure:

  1. Project: Like every other GCP resource, Cloud KMS resources belong to a project. All primitive IAM roles that are applied to a ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required