This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Is there Encryption in Transit between GKE/GCE and Filestore?

Posted on 11-22-2021 12:24 PM
glen_yu
Google Developer Expert
Google Developer Expert
Reply posted on --/--/---- --:-- AM

Hi,

 

Filestore doesn't support NFSv4 -- only supports NFSv3, which does not meet the encryption requirement...however in the recently updated Encryption in Transit document, there is now Encryption in Transit by Default between VMs even within the GCP network.  Now...I couldn't find anything in the Filestore documentation explicitly stating whether Filestore runs on VMs/GCEs in the background, but it does say that Filestore instances are zonal resources which does lead me to believe that it does indeed run on a VM...in which case it would be covered by the new encryption in transit changes and that would mean that even if I were to use Cloud Filestore in NFSv3 mode, there would be encryption, correct? 

 

Can anyone confirm that my thinking is correct here?


EDIT:  I want to add that I know Private Service Access is available with Filestore and that should be secure enough, but because my clients are in a highly-regulated industry, they're looking for a checkmark in the "encryption" column -- which is what I'm trying to confirm if I have based on the addition of encryption in transit by default

Solved Solved
0 3 846
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
krik
Staff
Reply posted on --/--/---- --:-- AM

Hello,

 

In order to confirm that, I think it would be better reaching out to the Cloud Filestore team in this public issue tracker or opening a ticket with the Google Cloud support team as they can have better insights of what would be best in your scenario.

View solution in original post

Jump to Solution
3 REPLIES 3

Posted on --/--/---- --:-- AM
krik
Staff
Reply posted on --/--/---- --:-- AM

Hello,

 

In order to confirm that, I think it would be better reaching out to the Cloud Filestore team in this public issue tracker or opening a ticket with the Google Cloud support team as they can have better insights of what would be best in your scenario.

Jump to Solution

Posted on --/--/---- --:-- AM
glen_yu
Google Developer Expert
Google Developer Expert
Reply posted on --/--/---- --:-- AM

Thanks!  I've just created an issue tracker ticket with the Filestore team.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
glen_yu
Google Developer Expert
Google Developer Expert
Reply posted on --/--/---- --:-- AM

UPDATE: the Filestore team got back to me last week.  The answer is as I described.  It's a yes! The encryption-in-transit by default does apply in this case. 

Jump to Solution