Hello Ruban,
This document outlines when Cloud SQL interacts with CMEK keys such as during Instance creation, Backup creation, Instance restore, Replica creation, Clone creation and Instance update.
As mentioned here, CMEK can not be used to encrypt user data in transit, such as user queries and responses.
I have noticed you have also asked the same question at the StackOverflow thread where one of the Google Cloud Support agents has responded to your query as well.On Friday, August 28, 2020 at 2:28:33 PM UTC-4 ruban...@gmail.com wrote:
Hi,I understand with CloudSQL, can encrypt the data at persistence using encryption key using CMEK so it's managed by the end user.Does this only apply to during update/insert or is it using read too?Just wondering how it works during data retrieval.
You received this message because you are subscribed to the Google Groups "Google Cloud SQL discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-cloud-sql-discuss+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-cloud-sql-discuss/eb0fe1da-563f-4a55-b606-11e762675c96n%40googlegroups.com.
No comments:
Post a Comment