Cloud key management

this section explores how cloud key management works and the tools available on {{ch}} what is cloud key management? cloud key management enables you to create and manage cryptographic keys and perform cryptographic operations from a single centralized cloud service each service is designed to help you complete different tasks or better integrate with specific applications cloud keys the {{ch}} supports byok functionality for cloud provider use cases you can generate keys locally by using the hsm entropy source and then push them to a cloud provider {{ch}} designates these cloud keys as hsm protected keys the byok functionality enables you to manage your cloud keys in the same place as your local working keys the {{ch}} generates and manages your cloud keys, but the keys exist for cryptographic operations on the cloud provider side and not on {{ch}} the google ekm service is an exception to this rule integrating your {{ch}} through google ekm enables the {{ch}} to host and manage your cloud keys review our google cloud ekm docid\ xeku533ojijf0l khwdta page for more information cloud key management on {{ch}} we designed {{ch}} to help you handle all of the complexities of cloud key management, including creating, importing, and managing cryptographic keys from a single centralized cloud service when you use the {{cld}} , your keys are already stored on {{futurex}} servers, and you can integrate other third party cloud management services as needed we support a range of integrated third party tools to enable you to run your workflow effectively we regularly add more services and update our existing third party features to learn more about managing cloud keys through these services, explore the integrated services section of this guide for a full list of every third party tool available on {{ch}} integration guides the following guides help you leverage the full capabilities of your cloud key management infrastructure, providing step by step instructions and best practices for seamless integration with cloud key management services amazon xks (external key store) docid\ m2rrdd50nr0u7bx7d6vma google cloud ekm (external key manager) docid\ i3vwfk9eddgwvtr7ejtwu