You can add or modify a GCP Key Management Server from the Command Center.
Before You Begin
Verify that the account that you configure has the following permissions:
-
cloudkms.cryptoKeys.create
-
cloudkms.cryptoKeyVersions.useToEncrypt
-
cloudkms.cryptoKeyVersions.useToDecrypt
-
cloudkms.cryptoKeyVersions.destroy
Procedure
-
From the navigation pane, go to Manage > Security.
The Security page appears.
-
Click the Key management servers tile.
The Key management servers page appears.
-
Click Add at the top right, and then select GCP KMS.
The Add GCP KMS dialog box appears.
-
In the Name box, enter the name of the key provider.
-
From the Protection level list, select a level: HSM or Software.
-
In the Key ring box, enter the key ring.
-
From the Region list, select a region.
-
In the JSON file path, browse and select the Credential JSON file.
-
Click Submit.