Cloud KMS

GCPSecurityFree tier available

Cloud-hosted key management for encryption at rest with symmetric and asymmetric keys, customer-supplied keys, HSM-backed keys, and automatic rotation

FluffyStack tools
Add to Service BuilderAdd to CompareCompare with equivalentsExplore GCP in TreemapExplore security in Honeycomb
DocumentationPricing

Attributes

Hsm Support
Yes
Key Rotation
Yes
Cmek Support
Yes

Sub-services (3)

Software Keys

Software-backed cryptographic keys

Cloud HSM

Hardware security module-backed keys

Cloud EKM

External key manager integration

Compliance & Certifications

This service is attested for the following frameworks. Always verify with the provider before relying on a specific compliance posture.

GDPRSOC 2ISO 27001HIPAAPCI DSSFedRAMP

Where this runs

44 regions
28 countries
2sovereign
Sovereign regions (2)
  • T-Systems Sovereign Cloud · FrankfurtT-Systems Sovereign Cloud powered by Google Cloud
  • S3NS Sovereign Cloud · ParisS3NS — Google Cloud + Thales joint venture
Commercial regions (42)

Europe (13)

  • Belgium
  • Finland
  • Paris
  • Berlin
  • Frankfurt
  • Milan
  • Turin
  • Netherlands
  • Warsaw
  • Madrid
  • Stockholm
  • Zurich
  • London

North America (12)

  • Montréal
  • Toronto
  • Querétaro
  • Northern Virginia
  • Columbus
  • Iowa
  • Dallas
  • Las Vegas
  • Los Angeles
  • South Carolina
  • Salt Lake City
  • Oregon

South America (2)

  • São Paulo
  • Santiago

Asia (9)

  • Hong Kong
  • Delhi
  • Mumbai
  • Jakarta
  • Osaka
  • Tokyo
  • Singapore
  • Seoul
  • Taiwan

Oceania (2)

  • Melbourne
  • Sydney

Middle East (3)

  • Tel Aviv
  • Doha
  • Dammam

Africa (1)

  • Johannesburg

Tags

encryptionkey-managementHSMcryptography

Equivalent services on other platforms

AWS KMSAWS

Create and manage cryptographic keys for encryption at rest and in transit with AWS-managed, customer-managed, and imported keys, automatic rotation, and FIPS 140-2 validated HSMs

Azure Key VaultAzure

Centralised vault for cryptographic keys, secrets, and certificates with HSM-backed keys, managed certificate renewal, and RBAC or access-policy enforcement

Huawei Data Encryption Workshop (DEW)Huawei

Unified cryptographic services including Key Management Service for envelope encryption, Cloud Secret Management Service for secret storage and rotation, Key Pair Service for SSH key management, and Dedicated HSM for FIPS 140-2 Level 3 workloads

Tencent Key Management ServiceTencent

Managed cryptographic key service with customer master keys (CMKs), envelope encryption for Tencent services, automatic and manual rotation, imported key material (BYOK), Managed HSM for single-tenant FIPS 140-2 Level 3 compliance, and audit logging via CloudAudit

Pricing

Pricing model:pay-as-you-go