检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Encrypt a DEK Use a specified CMK to encrypt a DEK. Decrypt a DEK Use a specified CMK to decrypt a DEK.
Constraints You can specify a symmetric CMK to encrypt secrets. If the kms_key_id parameter is not specified, the default master key csms/default will be used to encrypt the secrets created under your account in a project.
DEW APIs use the HTTPS protocol to encrypt and secure transmission, preventing man-in-the-middle attacks. Parent topic: General
Dedicated HSM can encrypt sensitive data in the service systems on your ECS. You can control the generation, storage, and access authorization of keys to ensure the integrity and confidentiality of data during transmission and storage.
Encrypt the string "hello world!" offline using a public key.
Retire the grant. encrypt-data: Encrypt data. decrypt-data: Decrypt data.
Feature Description Phase Document 1 API usage examples Examples of using APIs to encrypt and decrypt data, encrypt and decrypt DEKs, and query key information -- Example 1: Encrypting or Decrypting Data Example 2: Encrypting or Decrypting a DEK Example 3: Querying Information About
a DEK √ √ x x Decrypt a DEK √ √ x x Obtain parameters for importing a key √ √ x x Import key materials √ √ x x Delete key materials √ √ x x Create a grant √ √ x x Revoke a grant √ √ x x Retire a grant √ √ x x Query the grant list √ √ x x Query retirable grants √ √ x x Encrypt data
Java Python Go More Create a 512-bit plaintext DEK and encrypt it using the key whose ID is 0d0466b0-e727-4d9c-b35d-f84bb474a37f.
Java Python Go More Create a 512-bit plaintext DEK and encrypt it using the key whose ID is 0d0466b0-e727-4d9c-b35d-f84bb474a37f.
a DEK √ √ Decrypt a DEK √ √ Obtain parameters for importing a key √ √ Import key materials √ √ Delete key materials √ √ Create a grant √ √ Revoke a grant √ √ Retire a grant √ √ Query the grant list √ √ Query retirable grants √ √ Encrypt data √ √ Decrypt data √ √ Send signature messages
If a key is used to encrypt DDS, RDS, or NoSQL, after you click OK, a message "Key XXX is being used by XXX. Are you sure you want to delete it?" is displayed, as shown in Figure 2. Click Yes.
You can use shared KMS to encrypt the secrets and key pairs in DEW, and create an encryption task for instances in Relational Database Service (RDS), Document Database Service (DDS), and Object Storage Service (OBS).
Encrypt the AK/SK in the configuration file or environment variables for storage. In this example, the AK/SK stored in the environment variables are used for identity authentication.
Encrypt the AK/SK in the configuration file or environment variables for storage. In this example, the AK/SK stored in the environment variables are used for identity authentication.
Encrypt the AK/SK in the configuration file or environment variables for storage. In this example, the AK/SK stored in the environment variables are used for identity authentication.
Encrypt the AK/SK in the configuration file or environment variables for storage. In this example, the AK/SK stored in the environment variables are used for identity authentication.
Encrypt the AK/SK in the configuration file or environment variables for storage. In this example, the AK/SK stored in the environment variables are used for identity authentication.
Use a correct algorithm type. 400 KMS.1114 EC keys do not support to encrypt/decrypt. The key cannot be encrypted or decrypted. Use the correct key for encryption and decryption. 400 KMS.1115 Symmetric keys do not support to sign/verify.
Importing a Key Creating a CMK Using the Online Tool to Encrypt and Decrypt Small-Size Data Adding a Tag Creating a Key Pair For system security purposes, it is recommended that you use the key pair authentication mode to authenticate the user who attempts to log in to an ECS.
