UCONN

UCONN
UCONN

Cloud Key Management Service

 Cloud Key Management Service


Cloud Key Management Service (KMS) is a managed service that allows for creation and storage of cryptographic keys.

Key Rings are a grouping to organize keys in a location. be deleted.

Keys (CryptoKeys) object that represents logical keys.

Symmetric Encryption same key to encrypt and decrypt data.

Asymmetric Encryption uses public/private key pair.

Key Versions allows for multiple versions of keys to exist when keys are rotated.

To use KMS we must first enable it. 

Note: Using the same directory as assignment number 1 which is assign.


john_iacovacci1@cloudshell:~/assign (cloud-project-examples)$ gcloud services enable cloudkms.googleapis.com --project "${GOOGLE_CLOUD_PROJECT}"

Operation "operations/acat.p2-517129368909-093a3c61-ee18-4f9c-a07a-674bb5830cf6" finished successfully.

john_iacovacci1@cloudshell:~/assign (cloud-project-examples)$ 


Next we will create a KMS key called my-keyring in the global region.


john_iacovacci1@cloudshell:~/assign (cloud-project-examples)$  gcloud kms keyrings create "my-keyring" --location "global"

Now we will create a symmetric key called my-symmetric key.

john_iacovacci1@cloudshell:~/assign (cloud-project-examples)$ gcloud kms keys create "my-symmetric-key" --location "global" --keyring "my-keyring" --purpose "encryption"

Create a file with your data in it using linux shell programming.


Use the shell script from the first lesson to load the data into that file.


profile.sh


=========================================================

#!/bin/bash

# My First scripts

echo "Enter your full name : "

read my_name

echo "Enter your major : "

read my_major

gradyear=2025

cyear=1


while true; do

    echo -n "Enter your class standing (Freshman, Sophomore, Junior, Senior): "

    read standing

    case "$standing" in

        [Ff]reshman)

            echo "✅ You entered: Freshman"

            cyear=4

            break

            ;;

        [Ss]ophomore)

            echo "✅ You entered: Sophomore"

            cyear=3

            break

            ;;

        [Jj]unior)

            echo "✅ You entered: Junior"

            cyear=2

            break

            ;;

        [Ss]enior)

            echo "✅ You entered: Senior"

            cyear=1

            break

            ;;

        *)

            echo "❌ Invalid entry. Please try again."

            ;;

    esac

done

# Perform addition

sum=$((gradyear + cyear))


# Display result

echo "Your Graduation year is $sum"


echo "My Name is : " $my_name > my_profile.txt

echo "My major is : " $my_major >> my_profile.txt

echo "My grade is : " $standing >> my_profile.txt

echo "I will graduate in the year : " $sum >> my_profile.txt


===============================================


Now execute profile.sh


 john_iacovacci1@cloudshell:~/assign (cloud-project-examples)$ chmod +x profile.sh

john_iacovacci1@cloudshell:~/assign (cloud-project-examples)$ ./profile.sh

Enter your full name : 

John Iacovacci

Enter your major : 

Computer Science

Enter your class standing (Freshman, Sophomore, Junior, Senior): Senior

✅ You entered: Senior

Your Graduation year is 2026

john_iacovacci1@cloudshell:~/assign (cloud-project-examples)$ 


Check for your file my_profile.txt

john_iacovacci1@cloudshell:~/assign (cloud-project-examples)$ ls -lt my_profile.txt

-rw-rw-r-- 1 john_iacovacci1 john_iacovacci1 119 Mar  8 18:07 my_profile.txt



 

 

use the gcloud command line tool to encrypt the data in the file:


john_iacovacci1@cloudshell:~/assign (cloud-project-examples)$ gcloud kms encrypt  --location "global"  --keyring "my-keyring"  --key "my-symmetric-key"  --plaintext-file ./my_profile.txt  --ciphertext-file ./my_profile.txt.enc


Check for both files the plain text and encrypted 

john_iacovacci1@cloudshell:~/assign (cloud-project-examples)$ ls -l my_p*

-rw-rw-r-- 1 john_iacovacci1 john_iacovacci1 119 Mar  8 18:07 my_profile.txt

-rw-rw-r-- 1 john_iacovacci1 john_iacovacci1 201 Mar  8 18:13 my_profile.txt.enc

I can display the plain text file


john_iacovacci1@cloudshell:~/assign (cloud-project-examples)$ cat my_profile.txt

My Name is :  John Iacovacci

My major is :  Computer Science

My grade is :  Senior

I will graduate in the year :  2026

When we try to display the encrypted file it it unreadable.

john_iacovacci1@cloudshell:~/assign (cloud-project-examples)$ cat my_profile.txt.enc

>)<dgPjohn_iacovacci1@cloudshell:~/assign (cloud-project-examples)$ 

Now click the 3 bars on right hand side of screen

Download both files and email to me 

No comments:

Post a Comment

Subscribe to: Comments (Atom)

Optional Assignment #4

  I created a shorter simpler version for the Python CRUD example for those who were having issues and wish to try it out. https://uconnstam...

  • Assignment #2 due Friday 2/7/25
     Assignment #2 due Friday 2/7/25 Create a web site with  main page of index.html and 2 other linked original content  html pages  At least 2...
  • Assignment #1 due 1/31/25
    https://uconnstamfordslp.blogspot.com/p/linux-explained.html Create a linux shell program to state Name Major Graduation Year What you want ...
  •  Assignment # 6 due Friday 10/24/25 
      https://uconnstamfordslp.blogspot.com/p/assignment-exercise-python-datastore.html  Recreate the app engine project above and send me a wor...