Increased security by a dedicated disk encryption key for your cluster for data at rest.
User Problem
C8 SaaS uses one encryption key per GCP cluster but not per actual organisation.
The encryption key is owned and managed by GCP, not by Camunda.
Some customers would like to have a dedicated encryption key for data at REST in our SaaS. This encryption key should at least be managed by Camunda, not by GCP.
Release Notes
You can now decide for advanced encryption key mechanisms on C8 SaaS when creating new clusters. Besides default GCP disk encryption, you can now choose between Software and Hardware Keys (HSM) managed by Camunda on GCP KMS. You can do this per cluster, meaning every cluster has a dedicated encryption key.
User Stories
As an Admin or Owner of an Enterprise org, I can decide to use a dedicated encryption key when creating a new cluster - default GCP encryption is the default (current)
As an Admin or Owner of an Enterprise org, I can choose between Software and Hardware Keys (HSM).
As a Camunda Enterprise customer, I can trust that access to the Encryption Keys is handled in a safe way.
As a Camunda Enterprise customer, I can trust that access to the keys is very restricted.
Implementation Notes
What we are looking to offer as an option would be something like this:
Per default everything stays the same - using for clusters the GCP default encryption.
For Enterprise customers, they can choose to create a Camunda cluster using a dedicated encryption key
By default, the encryption key would be a "software" encryption key.
These keys comply with FIPS 140-2 Level 1.
This option would target most of our customers would want a "dedicated encryption" but don't have more stronger requirements. It should be a cheaper and faster (to be defined) option for us
#prj-encryptionkey-per-org#prj-encryptionkey-per-org-implemValue Proposition Statement
Increased security by a dedicated disk encryption key for your cluster for data at rest.
User Problem
C8 SaaS uses one encryption key per GCP cluster but not per actual organisation.
The encryption key is owned and managed by GCP, not by Camunda.
Some customers would like to have a dedicated encryption key for data at REST in our SaaS. This encryption key should at least be managed by Camunda, not by GCP.
Release Notes
You can now decide for advanced encryption key mechanisms on C8 SaaS when creating new clusters. Besides default GCP disk encryption, you can now choose between Software and Hardware Keys (HSM) managed by Camunda on GCP KMS. You can do this per cluster, meaning every cluster has a dedicated encryption key.
User Stories
Implementation Notes
What we are looking to offer as an option would be something like this:
Per default everything stays the same - using for clusters the GCP default encryption.
For Enterprise customers, they can choose to create a Camunda cluster using a dedicated encryption key
:robot: This issue is automatically synced from: source