Merge branch 'data-e2e-01' of github.com:terraform-google-modules/cloud-foundation-fabric into data-e2e-01
This commit is contained in:
commit
8c67563f44
|
@ -1,14 +1,11 @@
|
||||||
# GCP Data Services examples
|
# GCP Data Services examples
|
||||||
|
|
||||||
The examples in this folder implement **typical data servicies topologies**, or **end-to-end scenarios** that allow testing specific features like Cloud KMS to encrypt your data or VPC-SC to mitigate data exfiltration.
|
The examples in this folder implement **typical data service topologies** and **end-to-end scenarios**, that allow testing specific features like Cloud KMS to encrypt your data, or VPC-SC to mitigate data exfiltration.
|
||||||
|
|
||||||
They are meant to be used as minimal but complete starting points to create actual infrastructure, and as playgrounds to experiment with specific Google Cloud features.
|
They are meant to be used as minimal but complete starting points to create actual infrastructure, and as playgrounds to experiment with specific Google Cloud features.
|
||||||
|
|
||||||
## Examples
|
## Examples
|
||||||
|
|
||||||
### Cloud KMS with Cloud Storage and Compute Engine
|
### CMEK for Cloud Storage and Compute Engine via centralized KMS
|
||||||
|
|
||||||
<a href="./cloud-kms/" title="Cloud KMS with Cloud Storage and Compute Engine"><img src="./cloud-kms/diagram.png" align="left" width="280px"></a> This [example](./cloud-kms/) implements a project to host a centralized Cloud KMS instance and a service project that will use Crypto keys to encrypt resources at rest.
|
<a href="./cloud-kms/" title="Cloud KMS with Cloud Storage and Compute Engine"><img src="./cloud-kms/diagram.png" align="left" width="280px"></a> This [example](./cloud-kms/) implements [CMEK](https://cloud.google.com/kms/docs/cmek) for GCS and GCE, via keys hosted in KMS running in a centralized project. The example shows the basic resources and permissions for the typical use case of application projects implementing encryption at rest via a centrally managed KMS service.
|
||||||
|
|
||||||
The sample highlights roles and permissions needed to implement the architecture described.
|
|
||||||
<br clear="left">
|
|
||||||
|
|
Loading…
Reference in New Issue