I guess you have two kinds of Persistent Disk and Cloud Storage as persistent storage on GCP.
Per two kinds of storage,
- are you using Google-managed keys? or GitLab(company)-managed keys (via Cloud KMS), or company-supplied keys (meaning outside of GCP)?
- are you using GCM mode for these protocols unlike CTC or CTR?
- (if are you using Google-managed keys) is this 256-bit or 128-bit AES? (128-bit is enforced when using Standard Persistent Disk)