Skip to main content
This section walks through the initial configuration steps required within the Google Cloud Platform console to prepare for the Google Cloud EKM integration with VirtuCrypt:
  • Create a key ring to organize your keys.
  • Configure the appropriate location settings for optimal performance.
  • Obtain the service account email that is essential for the VirtuCrypt configuration in the following section.
These foundational steps establish the Google Cloud side of the integration before moving to the VirtuCrypt Intelligence Portal (VIP) configuration.

Go to the Cloud KMS Dashboard

Perform the following step to open the Dashboard:
1
From the main GCP dashboard, enter Key Management Service into the search bar at the top of the page. Then, select Cryptographic Keys.

Create a new Key Ring

Perform the following steps to create a new Key Ring:
1
From the Cryptographic Keys dashboard, select [ Create Key Ring ] at the top of the page.
2
In the Create key ring wizard, perform the following steps
  1. Enter a Key ring name.
    • Key ring names can contain letters, numbers, underscores (_), and hyphens (-). You can’t remove or delete key rings.
  2. Specify the Key ring location and select [Create].
Note the following points about the key ring location:
  • Cloud EKM needs to be able to reach your keys quickly to avoid an error. When creating a Cloud EKM key, choose a Google Cloud location that is geographically near the VirtuCrypt region where the key resides.
  • You can use Cloud EKM in any Google Cloud location supported for Cloud KMS, except for global.

Identify the service account email

Perform the following steps to note the service account email for the externally managed key:
1
After you create the Key Ring, the browser redirects to the key creation wizard. Select the Externally managed key option and scroll down to the bottom of the page.
2
Note the service account email address, because the next section, covering various configurations that you must make in the VIP, uses it.