Reputation: 1147
Encrypt Mongodb with Google Cloud Key Management Service
Is it possible to use Google KMS with Mongodb server on Ubuntu 18.04 (GCP) to encrypt data at rest? What are the requirements? How is it done? I want to use mongodb encryption feature for additional security.
The documentation mentions KMIP protocol and does Google provide such service?
ps: I have installed Mongodb enterprise edition on my server along with other services such as backend.
Upvotes: 0
Views: 487
Answers (2)
Reputation: 2322
From your comment and assuming your questions is on regards of how to use the KMS integration with MongoDB:
For a start, it is possible to use KMS with MongoDB. Google even provides an out-of-the-box solution of MongoDB Atlas to integrate with KMS via Market Place.
However, this integration is not available on Atlas M0, M2 and M5.
You can follow the same link for details on how to use the integration. If you have any specific question on this integration, please edit your question to include it.
Upvotes: 1
Reputation: 26997
Data on GCP is always encrypted at rest. You can optionally use your own KMS keys to encrypt the disks.
gcloud compute disks create encrypted-disk \
--kms-key projects/[KMS_PROJECT_ID]/locations/[REGION]/keyRings/[KEY_RING]/cryptoKeys/[KEY]
Upvotes: 0
Related Questions
- Data Encryption Keys and Key Encryption Keys
- Encrypting Multiple Items with Cloud KMS
- How to retain private control over the encryption keys while using Cloud services?
- gcloud kms decrypt without --ciphertext-file
- Google Cloud KMS App Engine Encrypt not working
- Google Cloud KMS - Encrypting SSH key (id_rsa)
- Google cloud KMS: encryption works but decryption fails
- unable to use @google-cloud/kms nodejs module to decrypt secret
- Encrypt a Java application with Cloud KMS example
- How to properly encrypt Elasticsearch instance with KMS