zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cloud-foundation-fabric/data-solutions
History
Lorenzo Caggioni 718a851af4 Fix encryption_keys variable name 2020-06-10 16:31:42 +02:00
..
cmek-via-centralized-kms Fix encryption_keys variable name 2020-06-10 16:31:42 +02:00
README.md - Rename example to `cmek-via-centralized-kms` 2020-06-10 15:22:43 +02:00

README.md

GCP Data Services examples

The examples in this folder implement typical data service topologies and end-to-end scenarios, that allow testing specific features like Cloud KMS to encrypt your data, or VPC-SC to mitigate data exfiltration.

They are meant to be used as minimal but complete starting points to create actual infrastructure, and as playgrounds to experiment with specific Google Cloud features.

Examples

CMEK for Cloud Storage and Compute Engine via centralized KMS

This example implements CMEK for GCS and GCE, via keys hosted in KMS running in a centralized project. The example shows the basic resources and permissions for the typical use case of application projects implementing encryption at rest via a centrally managed KMS service.