Cloud KMS is GCP's key management service, which generates, rotates, and destroys AES256 encryption keys. Coupled with IAM and Cloud Audit Logging, we can provide granular access at a key level and monitor their usage. We can use the KMS feature via API calls and client libraries for different languages. In this recipe, we'll use KMS to encrypt a small piece of sensitive data using Google's command-line tools. This will show us the ease of use of Cloud KMS and the absence of any overhead of managing keys or encryption libraries.
Securing financial data using Cloud KMS
Getting ready
The following are the initial setup verification steps, which are required before the recipe can be executed:
- Create or select...