BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Topics

Choose your language

InfoQ Homepage News Google Cloud Improves SLA for Bigtable and Adds New Security Features

Google Cloud Improves SLA for Bigtable and Adds New Security Features

This item in japanese

Google Cloud has recently raised the availability SLA for Bigtable instances up to 99.999%, matching the SLA for Firestore and Cloud Spanner. The data storage system introduced as well two new security features for enterprise workloads, customer-managed encryption keys (CMEK) and data access audit logs.

Scalable to hundreds of petabytes and used by Google for services such as search and YouTube, Cloud Bigtable is a wide-column NoSQL database service made available to GCP customers in 2015 but offering in the past a less stringent SLA. David Simmons, product manager at Google, clarifies when the new 99.999% SLA applies:

Bigtable instances with a multi-cluster routing policy across three or more regions are now covered by a 99.999% monthly uptime percentage under the new SLA. Bigtable supports 99.99% monthly uptime percentage for all instances with a multi-cluster routing policy across less than three regions and 99.9% monthly uptime percentage for all instances with a Single-Cluster routing policy.

Thomas Caminade, architect and DevOps at Inside Group, comments:

The famous "five 9s" from Google... I'm glad to soon work again with GCP products!

Targeting regulated industries, the cloud provider introduced CMEK, the option to create and manage Bigtable instances using Google Cloud Key Management (KMS) encryption keys to protect data at rest. Simmons explains:

Although Bigtable already provides encryption for data-at-rest using Google-managed encryption keys, customers in regulated industries must often manage their own encryption keys (and related business processes) to satisfy regulatory and compliance requirements that are unique to their industry. CMEK for Bigtable provides customers with the tools to do so.

As an alternative to CMEK, customers can use Cloud HSM, Google’s cloud-hosted Hardware Security Module (HSM) service. Data Access audit logs help customers determine which information has been accessed in the event of a security incident. The audit logs are available in Cloud Audit Logs for viewing or for export to Google Cloud Storage, BigQuery, or Pub/Sub.

In a separate article, Priyanka Vergadia, senior developer advocate at Google, explains the main use cases and how popular the service is:

How big is Bigtable? Bigtable has nearly 10 Exabytes of data under management (...) You can use Bigtable as the storage engine for large-scale, low-latency applications as well as throughput-intensive data processing and analytics. It offers high availability with an SLA of 99.5% for zonal instances. It’s strongly consistent in a single cluster; replication between clusters adds eventual consistency.

BigTable is not the only key-value managed service to run large analytical or operational workloads on the cloud and sub-10ms latency, with Microsoft offering Azure Cosmos DB and AWS supporting Amazon DynamoDB. They both have SLA, AWS at 99,999% for Global Tables and Azure at 99.99%. It is possible to configure customer-managed keys for Azure Cosmos DB with Azure Key Vault and encrypt DynamoDB tables under a customer-managed master key.

There are no additional costs for the improved SLA or creating a CMEK-protected Bigtable instance, however Cloud KMS key usage fees will apply. Data Access audit logs are charged according to the Cloud Logging pricing model. CMEK for Bigtable is available in all Bigtable regions.

 

Rate this Article

Adoption
Style

BT