Skip to content

Commit

Permalink
Update oss-terraform-automation/README.md
Browse files Browse the repository at this point in the history 
Co-authored-by: Alessio Buraggina <28165200+tdbhacks@users.noreply.github.com>
  • Loading branch information
@romanini-ciandt @tdbhacks
romanini-ciandt and tdbhacks authored May 3, 2024
1 parent 974d47a commit 186256f
Showing 1 changed file with 13 additions and 3 deletions.
16 changes: 13 additions & 3 deletions oss-terraform-automation/README.md
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,21 @@
# Terraform automation for example use cases on Cloud KMS using PKCS #11

PKCS #11 is a standard that specifies an API for managing cryptographic keys, and performing operations with them. Cloud KMS provides a library that conforms to this standard, in order to interoperate with existing applications that consume the PKCS #11 API.
PKCS #11 is a standard that specifies an API for managing cryptographic keys, and performing operations with them.
Cloud KMS provides a library that conforms to this standard, in order to interoperate with existing applications that consume the PKCS #11 API.

This repository contains three terraform automated use cases examples for that library:
This repository contains two terraform automated use cases examples for that library:

- [Use a Cloud HSM key to serve Apache traffic](./1-apache-web-server/README.md)
- [Use a Cloud HSM key for TLS offloading with NGINX](./2-nginx-ssl-offloading/README.md)

You can find the PKCS #11 library documentation and the manual steps used to build this automation [here](https://cloud.google.com/kms/docs/reference/pkcs11-library).

Microsoft Cryptography API: Next Generation (CNG) is an application programming interface that lets application developers add authentication, encoding, and encryption to Windows-based applications.
CNG also lets you perform crypto operations with tools such as Windows signtool through CNG providers installed on the system.
Cloud KMS offers a provider that conforms to this standard, in order to interoperate with existing applications that leverage the CNG API.

This repository contains a terraform automation example for the provider:

- [Use CNG Provider and SignTool to sign Windows artifacts](./3-cng-provider/README.md)

You can find the documentation related to PKCS #11 lib and the manual steps used to build this automation [here](https://cloud.google.com/kms/docs/reference/pkcs11-library).
Note that the automation also relies on the PKCS #11 library mentioned above. You can find more information about the CNG provider [here](https://cloud.google.com/kms/docs/reference/cng-provider).

0 comments on commit 186256f

Please sign in to comment.