Implementing Customer Managed Encryption Keys (CMEK) with Google Key Management Service
This course covers the creation and validation of secrets and keys and the use of the Google Key Management Service (KMS) to rotate keys, create hierarchies, and work with keys and secrets on the cloud.
What you'll learn
At the core of cloud data encryption is a thorough knowledge of Customer-Managed Encryption Keying (CMEK). In this course, Implementing Customer Managed Encryption Keys (CMEK) with Google Key Management Service, you’ll see how to implement and manage encryption keys on the Google Cloud Platform. First, you’ll learn what symmetric and asymmetric keys are and how to create and rotate them. Next, you’ll explore how to protect secrets using symmetric keys and how to validate them using digital signatures. Finally, you’ll discover how to use advanced features to further secure your data and resources on the cloud. When you’re finished with this course, you’ll have a foundational knowledge of the Google Key Management Service that will help you as you move forward to create and rotate cloud-hosted keys and manage secrets on the GCP.
Table of contents
- Module Overview 1m
- Web Console: Creating and Managing Symmetric Keys 4m
- gcloud: Creating and Managing Symmetric Keys 4m
- Web Console and gcloud: Creating and Managing Asymmetric Keys 4m
- Symmetric Keys: Encrypting and Decrypting Data - Part 1 6m
- Symmetric Keys: Encrypting and Decrypting Data - Part 2 3m
- Key Rotation 3m
- Working with Symmetric Keys Using AAD 6m
- Asymmetric Keys: Encrypting and Decrypting Data 4m
- Rotating Keys Automatically and Manually 2m
- Creating and Validating Digital Signatures 7m