See the supported connectors for Application Integration.
Encryption methods
Encryption is a defensive mechanism that helps protect the privacy of your data stored in Google Cloud. Using encryption ensures that the data stored in Google Cloud is protected against malicious attacks or breaches which might lead to compromising the security of your entire project or organization.
To know more about how encryption is handled in Google Cloud, see Encryption.
Application Integration is a regional service and the infrastructure that runs your integrations is located in the associated provisioned regions. When using Application Integration in your Google Cloud project, data related to your integrations, within the scope of the specific region, is stored on persistent disks (PDs).
Compliant with Google Cloud's security standards for storing customer data, Application Integration automatically encrypts the PDs using one of the following data encryption methods:
Google-owned and Google-managed keys
By default, Application Integration automatically encrypts data at rest using Google-owned and Google-managed keys. These encryption keys are handled by Google and are encrypted using the Advanced Encryption Standard (AES) algorithm, AES-256. You don't have to perform any actions or configuration changes to use Google-owned and Google-managed keys for Application Integration. For more information, see Default encryption at rest.
When you use Google-owned and Google-managed keys in Application Integration, your tenant projects consumes Cloud KMS cryptographic requests quotas. The default limit for cryptographic request is 60,000 QPM
. If your execution fails due to exceeding the Cloud KMS quota, use CMEK and raise the quota in your project.
Customer-managed encryption key
In addition to the standard, Google-managed encryption method, you can also use Cloud Key Management Service (KMS) or Customer-managed encryption keys to encrypt and decrypt your data at rest. These encryption keys are created, managed, and owned by you. For more information, see Customer-managed encryption keys.
Encrypted data
The following table lists the data encrypted in Application Integration:
Resource | Encrypted data |
---|---|
Integration details |
|
Integration execution information |
|
Authentication profile credentials | |
Approval/Suspension task details | Approval or suspension configurations |