Share At:

Deep Dive Into Google Cloud Key Management Services

What is Cloud KMS?

Cloud KMS is designed as a cryptographic system.
You can’t get the keys out which means keys are locked inside the system and you need not worry about them leaking.
The only thing you can do with these keys is encryption, decryption, and any other cryptographic operation.
These keys are useful for protecting data, or even for encrypting secrets,
For e.g. if you want to keep a database password as a secret so that you should be able to use or send elsewhere, you can store an encrypted version, then use Cloud KMS to decrypt it.

Lab Details:

This lab walks you through Cloud KMS.
You will encrypt and decrypt a file.

Lab Tasks:

Creating a KeyRing and Key.
Encrypting the file.
Decrypting the file.

Creating a Keyring and Key

Click on the Security option under the products section

In the left sidebar, click on Key Management

Click on create key ring, You might find create key ring option at the top, there might be existing keyrings in the project.

Enter the keyring name like admin-keyring. The name can be different. Make a note of it.
Choose the keyring location as us-central1

Click on Create
Enter the Key name like admin-key-1.The name can be different. Make a note of it.

Keep the other options as is and click on Create.

Click on the Cloud Shell icon on the top right corner. If prompted click on Continue.

Enter the below command to create a file with “Welcome to Cloudblogg” text.

echo “Welcome to Cloudblogg” > ./file.txt

11. Enter the below command to encrypt the file and store the encrypted file in file.txt.enc (Replace the keyring and key name that you created above). If prompted click on Authorise.

gcloud kms encrypt \
–location “us-central1” \
–keyring “admin-keyring” \
–key “admin-key-1” \
–plaintext-file ./file.txt \
–ciphertext-file ./file.txt.enc

Enter the below command to decrypt the file and display the message on the screen.(Replace the keyring and key name that you created above)

gcloud kms decrypt \
–location “us-central1” \
–keyring “admin-keyring” \
–key “admin-key-1” \
–plaintext-file – \
–ciphertext-file ./file.txt.enc

You will See below output:

Completion and Conclusion:

In this lab, you have created a Keyring and Key.
You have encrypted and decrypted a file.

Happy Learning !!!

Share At:

Google Cloud: Encrypting and Decrypting data using Cloud KMS

Tags

Categories

Share At:

Recent Posts

Most Popular Posts

Google Cloud: Creating a Streaming Data Pipeline for a Real-Time Dashboard with Dataflow

Google Cloud: Optimizing network spend with Network Tiers

Google Cloud: Introduction to Cloud Source Repositories

Terraform Basics : Creating a simple file with contents using terraform

Docker Swarm: Performing Rolling Upgrade of a Service

Ansible: Writing ansible playbook to update “Motd” to display banner with Facts

K-Means Clustering : Performing Customer Segmentation

Google Cloud: Introduction to Cloud SDK

Sentinel: Introduction to Sentinel Language – Part-2

Google Cloud: Cloud Migration Journey Overview

Recent Comments

Contact Us

Google Cloud: Encrypting and Decrypting data using Cloud KMS

Google Cloud: Encrypting and Decrypting data using Cloud KMS

What is Cloud KMS?

Lab Details:

Lab Tasks:

Creating a Keyring and Key

Completion and Conclusion:

Happy Learning !!!

admin

Related Posts

Google Cloud: Creating a Streaming Data Pipeline for a Real-Time Dashboard with Dataflow

Google Cloud: Optimizing network spend with Network Tiers

Google Cloud: Introduction to Cloud Source Repositories

Terraform Basics : Creating a simple file with contents using terraform

Docker Swarm: Performing Rolling Upgrade of a Service

Ansible: Writing ansible playbook to update “Motd” to display banner with Facts

K-Means Clustering : Performing Customer Segmentation

Google Cloud: Introduction to Cloud SDK

Sentinel: Introduction to Sentinel Language – Part-2

Google Cloud: Cloud Migration Journey Overview

Contact Us