Introduction

This document describes the integration of Google Cloud Platform (GCP) Bring Your Own Key (BYOK), referred to as GCP BYOK in this guide, with the Entrust KeyControl Key Management Solution (KMS).

Documents to read first

This guide describes how to configure Entrust KeyControl server as a KMS in GCP.

Entrust KeyControl v10.1 supports BYOK as an add-on. You can request a free trial of Entrust KeyControl BYOK here: https://go.entrust.com/keycontrol-byok-30-day-free-trial.

To install and configure the Entrust KeyControl server see KeyControl Installation and Upgrade Guide.

Also refer to the documentation and set-up process for GCP BYOK in the Google Cloud Key Management Service documentation.

Product configurations

Entrust has successfully tested the integration of KeyControl with GCP BYOK in the following configurations:

System Version

Entrust KeyControl

10.1

Features tested

Entrust has successfully tested the following features:

Feature Tested

Create cloud key

Import cloud key

Rotate cloud key

Remove cloud key

Upload removed cloud key

Delete cloud key

Cancel cloud key deletion

Requirements

Entrust recommends that you allow only unprivileged connections unless you are performing administrative tasks.