You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, users of Google Cloud Platform (GCP) Virtual Machines (VMs) are only able to encrypt the attached disks of their VMs using a Google-managed key that is stored in Cloud Key Management Service (KMS).
Benefits
Increased security By allowing users to bring their own KMS key, they have the option to use a key that is stored in their own KMS, rather than relying on a Google-managed key. This can provide an additional layer of security, as the user has full control over the management and rotation of their own key.
Industry best practices: Many organizations have established security policies that require the use of customer-managed keys for data encryption. Allowing users to bring their own KMS key would enable GCP users to comply with these policies and align with industry best practices for data security.
The text was updated successfully, but these errors were encountered:
bschaatsbergen
changed the title
Allow users to bring their own KMS key to encrypt the boot disk.
Allow users to bring their own KMS key to encrypt the VM attached disks.
Jan 1, 2023
Currently, users of Google Cloud Platform (GCP) Virtual Machines (VMs) are only able to encrypt the attached disks of their VMs using a Google-managed key that is stored in Cloud Key Management Service (KMS).
Benefits
Increased security By allowing users to bring their own KMS key, they have the option to use a key that is stored in their own KMS, rather than relying on a Google-managed key. This can provide an additional layer of security, as the user has full control over the management and rotation of their own key.
Industry best practices: Many organizations have established security policies that require the use of customer-managed keys for data encryption. Allowing users to bring their own KMS key would enable GCP users to comply with these policies and align with industry best practices for data security.
The text was updated successfully, but these errors were encountered: