Initial setup in Google Cloud External Key Manager (EKM)

perform the following tasks to set up in googlecloud ekm for the first time go to the google cloud key management dashboard perform the following step to go to the google cloud management dashboard from the main google cloud dashboard, enter key management in the search bar at the top of the page then, select key management security service create a new key ring perform the following syeps to create a new key ring from the key management dashboard, select \[ create key ring ] at the top of the page in the create key ring wizard perform the following steps enter a name for the key ring key ring names can only contain letters, numbers, underscores ( ), and hyphens ( ) they can't be renamed or deleted select region as the location type (ekm does not support multi region) then, in the drop down menu, select the google region where you want to create the key ring select \[ create ] note the following regarding the key ring location cloud ekm needs to be able to reach your keys quickly to avoid an error when creating a cloud ekm key, choose a google cloud location that is geographically near the location of the cryptohub you can use cloud ekm in any google cloud location supported for cloud kms, except for global note the service account email address after the key ring is created, the browser redirects to the key creation wizard perform the following steps to find the ip address enter a name for the key select external as the protection level for the key select either via internet or via vpc as the external key manager (ekm) connection type select \[ continue ] note the service account email address in the key material section the service account email address will be configured in cryptohub in the next section you return to this dialog in the google cloud dashboard after creating a google crypto space on the {{ch}}