Skip to content

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.
  • Labs icon Lab
  • A Cloud Guru
Labs

Handling Encryption Keys with Cloud KMS

The process of encrypting and decrypting files requires cryptographic keys. Google Cloud’s Key Management Service (Cloud KMS) allows you to generate, use, rotate, and destroy cryptographic keys in a variety of formats. Managing the keys is another challenge, one that Cloud KMS meets with its ability to create keyrings as well as keys. In this hands-on lab, we’ll establish a new keyring and key, use them to encrypt a formerly top-secret file, and then decrypt the encrypted version.

Try for free Contact sales
Labs

Path Info

Level
Clock icon Beginner
Duration
Clock icon 30m
Published
Clock icon Jun 14, 2019

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.

Table of Contents

  1. Challenge

    Enable Cloud KMS

    1. From the main Google Cloud console navigation, choose APIs & Services > Library.
    2. Search for KMS, and enable the service.

  2. Challenge

    Create a Keyring and Key

    1. Activate the Cloud Shell by clicking its icon in the top navigation bar.
    2. In the Cloud Shell, create the initial keyring.
    3. Create a key for the new keyring.
    4. List the existing keys within the CLI.

  3. Challenge

    Retrieve the Example File

    1. Clone the GitHub repository: git clone https://github.com/linuxacademy/content-gcpro-security-engineer
    2. Change directory to the content-gcpro-security-engineer/kms-encrypt-lab folder: cd content-gcpro-security-engineer/kms-encrypt-lab
    3. Open the Cloud Shell Editor by clicking the pencil icon.
    4. Review the file top-secret-ufo-1950.txt.

  4. Challenge

    Encrypt and Decrypt the File

    1. In the Cloud Shell, encrypt the top-secret-ufo-1950.txt file and set the name to top-secret-ufo-1950.txt.encrypted.
    2. Review the top-secret-ufo-1950.txt.encrypted file.
    3. In the Cloud Shell, decrypt the encrypted file and set the name to top-secret-ufo-1950.txt.decrypted.
    4. Review the top-secret-ufo-1950.txt.decrypted file.
A Cloud Guru - Labs - Handling Encryption Keys with Cloud KMS
Author
A Cloud Guru

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Provided environment for hands-on practice

We will provide the credentials and environment necessary for you to practice right within your browser.

Guided walkthrough

Follow along with the author’s guided walkthrough and build something new in your provided environment!

Did you know?

On average, you retain 75% more of your learning if you get time for practice.

Start learning by doing today

View Plans