Cloud Key Management Service documentation
Cloud Key Management Service allows you to create, import, and manage cryptographic keys and perform cryptographic operations in a single centralized cloud service. You can use these keys and perform these operations by using Cloud KMS directly, by using Cloud HSM or Cloud External Key Manager, or by using Customer-Managed Encryption Keys (CMEK) integrations within other Google Cloud services.
With Cloud KMS you are the ultimate custodian of your data, you can manage cryptographic keys in the cloud in the same ways you do on-premises, and you have a provable and monitorable root of trust over your data.
Documentation resources
Guides
-
Quickstart: Create encryption keys with Cloud KMS
-
Encrypting and decrypting data with a symmetric key
-
Encrypting and decrypting data with an asymmetric key
-
Cloud HSM
-
Creating symmetric keys
-
Cloud External Key Manager
-
Importing a key into Cloud KMS
-
Retrieving a public key
-
Destroying and restoring key versions
-