What features does Google Cloud KMS have?

Below are the top features of Google Cloud KMS.

  • Google Cloud KMS can store keys in either an HSM or a software application. This key storage can be accessed by both the customer and the CSP.
  • Google Cloud KMS is FIPS 140-2 Level 3 compliant if an HSM is used, and FIPS 140-2 Level 1 compliant if software keys are used. Google Cloud KMS supports symmetric and asymmetric keys. It also supports 256-bit Advanced Encryption Standard (AES-256) keys in Galois Counter Mode (GCM), padded with Cloud KMS-internal metadata and RSA keys of sizes 2048, 3072 and 4096.
  • Google Cloud KMS is capable of key management, storage, and auditing, encryption, encryption for Kubernetes, and both HSM and software key management.