Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

back

Key Broker for Google Cloud EKM

Service Guide

search

Service Guide

Service Guide

This guide provides instructions on adding the Key Broker for Google Cloud EKM service to Google Cloud EKM. Once you have added the service to Google Cloud EKM, and can access the Key Broker for Google Cloud EKM page, refer to the Key Setup Guide for detailed instructions on adding your master key.

The Key Broker for Google Cloud EKM service requires a unique DPoD tenant. Register for a service tenant by subscribing to the service through the Google Cloud Marketplace. The DPoD tenant account is used for registration and authentication of the Key Broker for Google Cloud EKM service with the service back end. You cannot use an existing service tenant.

This document provides detailed instructions on:

Registering for the service

Register for the service through the Google Cloud Marketplace. Select a region that is geographically near your Google Cloud Platform to reduce network latency issues between your Google Cloud Project and Key Broker for Google Cloud EKM service.

Your require a Google Cloud Platform Marketplace purchasing role to subscribe to the service. See Access Control for Cloud Marketplace for more information.

Access the Google Cloud Marketplace and search for the Key Broker for Google Cloud EKM service for your region.

  • CipherTrust Key Broker [NA]
  • CipherTrust Key Broker [EU]

Click Subscribe. This redirects to an Order Summary page where you can select a plan, define the Purchase details, and agree to the service Terms. Click Subscribe again.

Register with the Thales Data Protection on Demand region that is geographically near your Google Cloud Platform. Select:

  • REGISTER WITH THALES - NORTH AMERICA - OTTAWA
  • REGISTER WITH THALES - EUROPEAN UNION - FRANKFURT

Complete the service tenant registration. See About the Automated Tenant Registration Page for more information.

Record the tenant hostname. The tenant hostname is required to log in to the Key Broker for Google Cloud EKM service page. The tenant hostname is structured based on the region.

  • NA: https://<hostname>.uaa.system.snakefly.dpsas.io/login
  • EU: https://<hostname>.uaa.system.pegasus.dpsas.io/login

Creating a Key Broker for Google Cloud EKM automatically generates and binds the Key Broker for Google Cloud EKM to a DPoD tenant and registers the user as the primary tenant administrator. You can log in to the tenant url to access DPoD platform features such as User Management, Tenant Management and Reporting. The Key Broker for Google Cloud EKM may be accessed from the tenant by selecting the name of the Key Broker for Google Cloud EKM in the Services Table.

Key Broker for Google Cloud EKM service tenants do not benefit from DPoD platform features such as Subscriber Groups or Adding Services.

After you register the service you are redirected to the Key Broker for Google Cloud EKM service page for your region.

Log in to the Key Broker for Google Cloud EKM service page using your tenant hostname and DPoD user account credentials.

Removing the service

Remove the service through the Google Cloud Marketplace.

Find and select the service listing in the Google Cloud Marketplace.

  • CipherTrust Key Broker [NA]
  • CipherTrust Key Broker [EU]

Click Cancel auto-renewal to put the service into the cancellation state. The service will expire and billing will terminate at the very start of the next month.