Skip to content
This repository has been archived by the owner on Jul 2, 2024. It is now read-only.

Commit

Permalink
edit text
Browse files Browse the repository at this point in the history
  • Loading branch information
@evict
evict committed Apr 17, 2024
1 parent aadb7c0 commit 910445c
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions content/departments/cloud/technical-docs/cmek.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ Benefits:
- customer data is encrypted using a non-default key not provided by Google, ensuring that neither Google nor any other entity can decrypt the data.
- database data is encrypted with a different key as GKE persistent volumes, to increase security
- dedicated CMEK can be rotated manually or automatically when required
- [AES_256_CTR](https://cloud.google.com/kms/docs/reference/rest/v1/CryptoKeyVersionAlgorithm) algorithm is used for encryption/descryption with `SOFTWARE` protection level
- the [AES_256_CTR](https://cloud.google.com/kms/docs/reference/rest/v1/CryptoKeyVersionAlgorithm) algorithm is used for encryption/decryption with `SOFTWARE` protection level

## How to enable CMEK

Expand All @@ -23,7 +23,7 @@ modify instance `config.yaml` with given annotation:
"cloud.sourcegraph.com/cmek-algorithm" = "AES_256_CTR"
```

> [!WARNING] If customer wants to use different algoritm, please contact Security Team.
> [!WARNING] If customer wants to use a different algorithm, please contact Security Team.
## How to disable CMEK

Expand Down

0 comments on commit 910445c

Please sign in to comment.