Deploy the Google Cloud EKM service in CryptoHub

we offer full integration with google cloud external key manager (ekm) create, store, and manage keys in a separate environment from your encrypted data our fips 140 2 level 3 validated key management solution enhances data privacy and maintains control over cryptographic keys keys are created inside what is referred to as a cryptospace , enabling you to manage key creation, rotation, and destruction of {{ch}} stored keys directly from the google cloud dashboard this integration supports both symmetric and asymmetric keys, as well as various algorithms log in to the {{ch}} web dashboard perform the following steps to log in to the {{ch}} web dashboard open the {{ch}} web dashboard in a browser log in under dual control with your administrator identities deploy the google cloud ekm service perform the following steps to deploy the google cloud ekm service select the google cloud ekm service on the service management page select \[ deploy ] specify a service name and service category , and select \[ next ] (optional) grant any roles and identities you want to be able to access the service, and select \[ next ] specify the project id , project number , and service account name find the project id and project number on the welcome page in the google cloud dashboard copy and paste the service account email address you noted at the end of the previous section select \[ deploy ] a message confirms that the google cloud ekm service was successfully deployed create a cryptospace if you selected \[ manage service ] on the confirmation page after deploying the google cloud ekm service, the service management page opens follow the steps below to create a new cryptospace select \[ cryptospaces ] under actions select \[ add new ] in the create cryptospace wizard, specify a cryptospace name , check the boxes for all justifications that are applicable, and select the permissions you want your google cloud project to have on the cryptospace select \[ create cryptospace ] when finished create keys inside the cryptospace next, create a few keys inside the cryptospace later in this guide, these keys are created as external keys in google ekm essentially, associating the key material stored in {{ch}} with the instance of the key in google ekm the new cryptospace is now listed on the manage cryptospaces page select the cryptospace name select \[ keys ] select \[ add new ] in the create key wizard, perform the follwing steps specify a key name select the key algorithm to use check the boxes for all justifications you want to allow specify the rotation period select \[ create key ] when finished