Skip to main content
With the Google Cloud KMS setup complete, this section focuses on configuring the VirtuCrypt side of the integration. It shows how to establish the necessary user identity, assign appropriate roles for Google Key Management operations, and create the symmetric encryption key that VirtuCrypt manages externally but is accessible to Google Cloud services. This configuration ensures secure authentication and proper key management permissions between the two platforms.
Before proceeding with the steps in this section, you must create a new VIP user inside your VirtuCrypt account. The name of this user must match the service account email that Google EKM provided in the previous section (such as service-54255661635@gcp-sa-ekms.iam.gserviceaccount.com). Reach out to the Futurex Xceptional support team to request that this user be added to your account.

Log in to the EKM service in VIP

Perform the following steps to log in to the Enterprise Key Management service in VIP:
1
Log in at https://vip.virtucrypt.com/login with an account identity that is authorized to access the Enterprise Key Management service created for integration with Google EKM.
2
After you log in to the VIP, select the Google EKM service, and select [ Manage ] in the upper-right corner of the page.

Create a new identity

Perform the following steps to create a new identity and assign it the Google Key Management role
1
In the Google EKM service, go to the Service Users page in the left-side menu.
2
Select [ Add Identity ] in the upper-right corner of the page.
3
In the VIP User field, select the VIP user that you added to your VirtuCrypt account at the beginning of this section (such as service-54255661635@gcp-sa-ekms.iam.gserviceaccount.com).
4
In the Roles field, select the Google Key Management role. Select [ Submit ] to save the changes.

Create a new symmetric key

To create a symmetric key, add a new key group and then create the key.

Add a new key group

Perform the following steps to add a key group:
1
Go to the Symmetric Keys page in the left-side menu, and select [ Add Key Group ] at the top of the page.
2
Specify a key group name and the key retrieval algorithm to use.
3
Select [ OK ] to save.
A message should appear at the top of the screen stating that the key group was created successfully.

Create a new symmetric key

Perform the following steps to create a symmetric key:
1
Select the key group that you just created, and select [ Add Key ].
2
In the General tab, perform the following steps:
  1. Select Random as the encryption mode.
  2. Select Data Encryption Key as the key type.
  3. Choose one of the AES algorithms.
  4. Enter a name for the key.
Using the AES algorithm enables setting key usages for the key. The key usages for Data Encryption Keys in VirtuCrypt are Encrypt/Decrypt. Therefore, Google EKM can use the same key for encryption and decryption.
3
In the Validity tab, set the desired validity start and end dates.
4
Select [ OK ] to save.
If successful, A message appears at the top of the screen stating that the key was created successfully.