Deploy CipherTrust Manager on Google Cloud Platform

You can deploy CipherTrust Manager 2.19.0 on the Google Cloud Platform (GCP).

Before you begin 

The following procedure requires a GCP expert for this deployment.

The GCP web user interface and the location and names of its menu options change frequently. For this reason, this procedure provides only high-level instructions to launch the instance.

  • Prepare for deployment of CipherTrust Manager KMS

  • Have a GCP user account that is permitted to use disk images.

  • Have your GCP ID or Google ID.

    If you do not have an ID or an account that can use images, open a support case with Thales to get access.

Procedure 

  1. Log on to the Google Cloud Platform.

  2. In the Google Cloud Platform banner, select a project or create a new one.

    To create a new project:

    1. Select New Project.

    2. Enter a Project Name and Project ID.

      The account you are using must have billing enabled.

    3. Enter the Location that you want to use.

    4. Select Create.

  3. Go to your project ID and select it.

  4. Go to the Google Cloud Marketplace:

    1. Search for "CipherTrust Manager" images.

    2. From the results, select CipherTrust Manager Community Edition.

    3. Select Launch.

  5. Create a CipherTrust Manager instance:

    1. Enter a Deployment name for the instance.

    2. Check the New Account option

    3. Enter a new Service account name.

      By default the Service accountID is populated with the service account name that you entered. You can keep the default.

    4. Enter a Service account description.

    5. Select the Zone nearest to your location.

    6. Under the Machine type section, choose:

      1. Series: E2

      2. Machine type: e2-standard-4 (4vCPU, 16-GB memory)

    7. In the Boot Disk section, choose:

      1. Boot disk type: Standard Persistent Disk

      2. Boot disk size in GB: 100

    8. In the Network interfaces section, do one of the following:

      • Select the static IP address allocated by your company.

      • Leave the default to use a dynamic IP address.

    9. In the Firewall section, ensure the following are enabled:

      1. Allow HTTPS traffic from the Internet

      2. Allow HTTP traffic from the Internet

  6. Create the instance: select Deploy.

    Your new virtual CipherTrust Manager appears in Deployment Manager.

  7. Go to VM instances, find your CipherTrust instance, click the External IP link.

    A new browser tab opens for this address and the CipherTrust Manager Web Interface appears.

  8. Complete first-time logon to Web UI and replace SSH key.

What to do next 

Workflow: Configure CipherTrust Manager