Tetap teratur dengan koleksi
Simpan dan kategorikan konten berdasarkan preferensi Anda.
Halaman ini memberikan ringkasan tentang residensi data dan mencapai kepatuhan terhadap peraturan residensi data menggunakan secret regional.
Ringkasan residensi data
Residensi data
adalah konsep menyimpan data dalam batas geografis tertentu karena persyaratan hukum, peraturan,
atau organisasi. Residensi data bukan hanya preferensi bagi beberapa
bisnis; ini adalah kebutuhan hukum dan operasional. Residensi data sangat penting untuk
mematuhi peraturan seperti GDPR,
HIPAA, atau PIPEDA,
dan untuk mengurangi risiko denda atau tindakan hukum.
Menerapkan residensi data menggunakan secret regional
Di Secret Manager, Anda dapat menerapkan residensi data dengan memilih layanan regional dan membuat secret regional yang memastikan data sensitif Anda disimpan dan diproses dalam lokasi tertentu. Dengan secret regional, data secret Anda akan tetap berada
dalam lokasi yang dipilih setiap saat, baik dalam penyimpanan, sedang digunakan, maupun dalam pengiriman.
Secret regional berfungsi dengan cara berikut:
Saat membuat secret regional, Anda menentukan lokasi tempat Anda ingin secret tersebut
disimpan. Layanan Secret Manager memastikan bahwa data secret
tetap berada dalam infrastruktur lokasi tersebut.
Secret regional hanya dapat diakses oleh aplikasi atau layanan yang berjalan
dalam lokasi yang sama. Tindakan ini menambahkan lapisan keamanan ekstra dengan membatasi akses
ke entitas resmi dalam wilayah yang ditetapkan.
Tidak seperti secret global, yang sering direplikasi di beberapa lokasi untuk ketersediaan tinggi, secret regional tidak direplikasi secara otomatis. Hal ini memastikan residensi data yang ketat.
[[["Mudah dipahami","easyToUnderstand","thumb-up"],["Memecahkan masalah saya","solvedMyProblem","thumb-up"],["Lainnya","otherUp","thumb-up"]],[["Sulit dipahami","hardToUnderstand","thumb-down"],["Informasi atau kode contoh salah","incorrectInformationOrSampleCode","thumb-down"],["Informasi/contoh yang saya butuhkan tidak ada","missingTheInformationSamplesINeed","thumb-down"],["Masalah terjemahan","translationIssue","thumb-down"],["Lainnya","otherDown","thumb-down"]],["Terakhir diperbarui pada 2025-08-18 UTC."],[],[],null,["# About data residency and regional secrets\n\nThis page provides an overview of data residency and achieving compliance with\ndata residency regulations using regional secrets.\n\nOverview of data residency\n--------------------------\n\n[Data residency](/architecture/framework/security/meet-regulatory-compliance-and-privacy-needs#control_data_residency)\nis the concept of keeping data within specific geographical boundaries due to legal, regulatory,\nor organizational requirements. Data residency isn't just a preference for some\nbusinesses; it's a legal and operational necessity. Data residency is essential to\ncomply with regulations like [GDPR](/privacy/gdpr),\n[HIPAA](/security/compliance/hipaa-compliance), or [PIPEDA](/security/compliance/pipeda-canada),\nand to mitigate the risk of fines or legal action.\n\nTo learn more about data residency in Google Cloud, see the following\nIdentity and Security blog post:\n[Understanding your options for data residency, operational transparency, and privacy controls on\nGoogle Cloud](https://cloud.google.com/blog/products/identity-security/meet-data-residency-requirements-with-google-cloud/).\n\nEnforce data residency using regional secrets\n---------------------------------------------\n\nIn Secret Manager, you can enforce data residency by choosing the\n[regional service](/secret-manager/regional-secrets/global-regionalized-service-comparison)\nand creating regional secrets that ensure that your sensitive data is stored and\nprocessed within a specific location. With regional secrets, your secret data remains\nwithin the chosen location at all times, whether it's at rest, in use, or in transit.\n\nRegional secrets work in the following manner:\n\n- When you create a regional secret, you specify the location where you want it to be stored. The Secret Manager service ensures that the secret data stays within that location's infrastructure.\n- Regional secrets can only be accessed by applications or services running within the same location. This adds an extra layer of security by limiting access to authorized entities within the designated region.\n- Unlike [global secrets](/secret-manager/docs/create-secret-quickstart), which are often replicated across multiple locations for high availability, regional secrets are not automatically replicated. This ensures strict data residency.\n\nWhat's next\n-----------\n\n- [Enable the Secret Manager API](/secret-manager/regional-secrets/config-sm-rs)\n- [Create a regional secret](/secret-manager/regional-secrets/create-regional-secret)\n- [Add a regional secret version](/secret-manager/regional-secrets/add-secret-version-rs)"]]
