You need to use Cloud External Key Manager to create an encryption key to encrypt specific BigQuery data at rest in Google Cloud. Which steps should you do first?
A.
1. Create or use an existing key with a unique uniform resource identifier (URI) in your Google Cloud project.2. Grant your Google Cloud project access to a supported external key management partner system.
B.
1. Create or use an existing key with a unique uniform resource identifier (URI) in Cloud Key Management Service (Cloud KMS).2. In Cloud KMS, grant your Google Cloud project access to use the key.
C.
1. Create or use an existing key with a unique uniform resource identifier (URI) in a supported external key management partner system.2. In the external key management partner system, grant access for this key to use your Google Cloud project.
D.
1. Create an external key with a unique uniform resource identifier (URI) in Cloud Key Management Service (Cloud KMS).2. In Cloud KMS, grant your Google Cloud project access to use the key.
- First, you create or use an existing key in a supported external key management partner system. This key has a unique URI or key path.
- Next, you grant your Google Cloud project access to use the key, in the external key management partner system.
- In your Google Cloud project, you create a Cloud EKM key, using the URI or key path for the externally-managed key.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit