Set up for data encryption
You can use cryptographic keys stored and managed in your AWS account KMS to encrypt your organization's data stored in Gong.
For Gong to use the external CMK (Customer Managed Key), two conditions must be satisfied:
-
The CMK should have a policy that allows a Gong-owned principal (specifically an IAM role), to use the CMK with a set of predefined permissions, for example, Encrypt or Decrypt.
-
The principal should have an attached policy to use the CMK with appropriate permissions.
To satisfy these conditions, your administrator must set up the CMK in your AWS account as explained in this article.