This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

GCP Key Management

Posted on 09-29-2023 10:33 AM
bewalker
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Is there one “root keystore master key” per keystore or per cloud tenant or one for all GCP Cloud customers?

https://cloud.google.com/docs/security/encryption/default-encryption#key_management

1 1 344
Topic Labels
1 REPLY 1

Posted on --/--/---- --:-- AM
lawrencenelson
Staff
Reply posted on --/--/---- --:-- AM

Hi @bewalker,

Welcome to the Google Cloud Community!

It is not explicitly stated in the official documentation if the "Root Keystore Master Key" is specific per Keystore, per cloud tenant, or one for all customers so as to protect Google's security structure.

It is only indicated the the "Root Keystore Master Key" is stored in a peer-to-peer infrastructure called "Root Keystore Master Key distributor" and that one instance of the Root Keystore Master Key Distributor runs for every instance of Root Keystore.

I hope this helps. Thank you.

Top Labels in this Space