KeyControl as a GCP EKM Overview
Use the following procedures to configure KeyControl as a GCP EKM and get started using it:
|
Step |
Description | Notes |
|---|---|---|
|
1 |
Create a KeyControl Vault for Cloud Keys. | See Creating a Vault. |
|
2 |
Create a service account and an access key in GCP, then download the JSON file. | See GCP Requirements for BYOK and GCP Requirements for BYOK. |
|
3 |
Create a CSP account using the JSON file that you downloaded. | See Adding a CSP Account for GCP. |
|
4 |
View the Details tab on the CSP account that you created, and update the External Key Manager, Key Access Justification Policy, and EKM Access Control List sections. | See Prerequisites for using KeyControl as a GCP EKM Provider. |
|
5 |
Create a KeySet for GCP. | See Creating a Key Set. |
|
6 |
Create a CloudKey for GCP. | See Creating a CloudKey for GCP. |
|
7 |
Create Manually Managed External Keys | See Creating External Keys via Internet and Creating External Keys via VPC |
|
8 |
Create Coordinated External Keys |
