2
– Integrating Google Cloud Platform with SafeNet Luna HSM
Google Cloud Platform Integration Guide
17
7. After few seconds your instance will be ready to connect by SSH using the external IP assigned by cloud
network.
Refer to the Google Cloud Documentation to connect the instances using SSH. Steps for connecting the VM
using SSH are provided in the Appendix as an example.
NOTE:
The beta version of the CSEK feature includes a console limitation of not
being able to start a VM that has been encrypted via CSEK, use the gcloud utility as
described next in this Integration Guide to start the VM.
Using gcloud Command-Line Tool
Gcloud is the part of google cloud SDK and it provides various commands to perform operations on google
cloud. You can use this tool to create encrypted disk or VM using CSEK and start/stop the VM when needed as
well as other operations like creating snapshots from encrypted disk.
1. When you use the gcloud compute command-line tool to set your keys, you provide encoded keys using a
key file that contains your encoded keys as a JSON list. A key file can contain multiple keys, allowing you to
manage many keys in a single place. Alternatively, you can create single key files to handle each key
separately.
Each entry in your key file must provide:
The fully-qualified URI to the resource the key protects
The corresponding key
The type of key, either raw or rsa-encrypted
An example key file looks like this:
[
{