Using KeyControl as a GCP EKM Provider

You can now use KeyControl as an External Key Manager (EKM) provider for GCP KMS and GCP Cloud KMS. GCP supports the following types of EKM: 

• Manual key creation—The keys are created with the EKM provider’s interface, and the key URI  is copied to the GCP console to establish the link.

• Coordinated keys—The keys are created using the interface in the GCP console.

The key resides in the EKM provider and is never moved to GCP no matter which type of EKM you choose.