More Info:

Ensure that there is a KMS Key in the App-tier in order to protect the data that is transmitted from the application stack.

Risk Level

Medium

Address

Security

Compliance Standards

CBP

Triage and Remediation

Remediation

To remediate the misconfiguration “KMS Key Should Have Unique Key In An App-Tier” for GCP using GCP console, follow the below steps:

  1. Login to your GCP console.
  2. Go to the Cloud KMS page.
  3. Click on the Key Rings in the left-hand menu.
  4. Select the key ring in which the misconfigured key is present.
  5. Select the key that has the misconfiguration.
  6. Click on the “Edit” button at the top of the page.
  7. In the “Key rotation” section, enable the “Automatic key rotation” option.
  8. In the “Labels” section, add a label with a unique key that identifies the key as being used in the app-tier.
  9. Click on the “Save” button to save the changes.

By following the above steps, you have now remediated the misconfiguration “KMS Key Should Have Unique Key In An App-Tier” for GCP using GCP console.