See the supported connectors for Application Integration.

Encryption methods

Encryption is a defensive mechanism that helps protect the privacy of your data stored in Google Cloud. Using encryption ensures that the data stored in Google Cloud is protected against malicious attacks or breaches which might lead to compromising the security of your entire project or organization.

To know more about how encryption is handled in Google Cloud, see Encryption.

Application Integration is a regional service and the infrastructure that runs your integrations is located in the associated provisioned regions. When using Application Integration in your Google Cloud project, data related to your integrations, within the scope of the specific region, is stored on persistent disks (PDs).

Compliant with Google Cloud's security standards for storing customer data, Application Integration automatically encrypts the PDs using one of the following data encryption methods:

• Google-managed encryption keys
• Customer-managed encryption key

Google-managed encryption keys

By default, Application Integration automatically encrypts data at rest using Google-managed encryption keys. These encryption keys are handled by Google and are encrypted using the Advanced Encryption Standard (AES) algorithm, AES-256. You don't have to perform any actions or configuration changes to use Google-managed encryption keys for Application Integration. For more information, see Default encryption at rest.

Customer-managed encryption key

In addition to the standard, Google-managed encryption method, you can also use Cloud Key Management Service (KMS) or Customer-managed encryption keys to encrypt and decrypt your data at rest. These encryption keys are created, managed, and owned by you. For more information, see Customer-managed encryption keys.

Encrypted data

The following table lists the data encrypted in Application Integration:

Resource	Encrypted data
Integration details	Task configuration parameters Task configuration descriptions
Integration execution information	Request parameters Response parameters Task execution details
Authentication profile credentials	Username and passwords API keys OAuth 2.0 authorization code OAuth 2.0 client credentials OAuth 2.0 resource owner password credentials Auth tokens JWT tokens Service accounts SSL/TLS client certificates Google OIDC ID tokens
Approval/Suspension task details	Approval or suspension configurations