Integration with other Google Cloud services
This document provides a summary of the Google Cloud services that have an integration with Certificate Authority Service.
Cloud Service Mesh
Cloud Service Mesh is a suite of tools that helps you monitor and manage a reliable service mesh on-premises or on Google Cloud. You can configure Cloud Service Mesh to use CA Service for the following use cases:
- If you need a dedicated certificate authority (CA) to sign workload certificates that's not shared with other users, or different CAs on different clusters.
- If you need to back your signing keys in a managed HSM.
- If you are in a highly regulated industry and are subject to compliance.
- If you want your workload certificates in Cloud Service Mesh to chain up to an existing enterprise root CA certificate.
To learn how to use CA Service with Cloud Service Mesh, see Install default features and Certificate Authority (CA).
Cloud Service Mesh
Cloud Service Mesh lets you secure service-to-service communications in your mesh. CA Service integrates with Cloud Service Mesh to provide identity certificates to workloads running on Google Kubernetes Engine. You can modify your pods to allow workloads to receive and use these credentials for mTLS.
To learn how to use CA Service with Cloud Service Mesh, see the following pages:
Certificate Manager
CA Service integrates with Certificate Manager to simplify the process of managing the lifecycle of private certificates and provisioning private certificates to your load balancers before the certificates expire. CA Service contains the CA pool that issues the private certificates while Certificate Manager lets you configure the issuance and provisioning of certificates to your load balancers.
To learn how to use Certificate Manager with CA Service, see Configure CA Service integration with Certificate Manager.
What's next
- Prepare your environment for Certificate Authority Service.
- Get started with CA Service.