检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Figure 2 Entering the kernel editing mode The grub file is encrypted by Euler images by default. Before entering the edit mode, you need to contact customer service to obtain username and password. Locate the row containing linux16 and delete the parameters you do not require.
Figure 2 Entering the kernel editing mode The grub file is encrypted by Euler images by default. Before entering the edit mode, you need to contact customer service to obtain username and password. Locate the row containing linux16 and delete the parameters you do not require.
Run the following command: create role dbar login replication encrypted password 'xxxxx'; Run the following command to open configuration file /var/lib/pgsql/11/data/pg_hba.conf: # vim /var/lib/pgsql/11/data/pg_hba.conf Add the following content to the file: host all all 192.168.1.0
If this parameter does not exist, the system disk will not be encrypted by default. __system__cmkid No String Specifies the CMK ID, which indicates encryption in metadata. This parameter is used with __system__encrypted.
If this parameter does not exist, the system disk will not be encrypted by default. __system__cmkid No String Specifies the CMK ID, which indicates encryption in metadata. This parameter is used with __system__encrypted.
You can also use an encrypted image to create ECSs. For details, see Encrypting Images. Notes and Constraints If you use a full-ECS image to create an ECS, the EVS disks associated with the full-ECS image do not support the function of creating disks from a data disk image.
The client alive messages are sent through the encrypted channel and therefore will not be spoofable. The TCP keepalive option enabled by TCPKeepAlive is spoofable.
If this parameter does not exist, the system disk will not be encrypted by default. __system__cmkid No String Specifies the CMK ID, which indicates encryption in metadata. This parameter is used with __system__encrypted.
44c6-a4a9-84a488e0e8d3", "rel": "self" }, { "href": "https://xxx/74610f3a5ad941998e91f076297ecf27/volumes/51f45e08-1d4f-44c6-a4a9-84a488e0e8d3", "rel": "bookmark" } ], "availability_zone": "az_test_01", "bootable": "false", "encrypted
For details, see Managing Encrypted EVS Disks.
You can use an encrypted image or EVS disks when creating an ECS. In such a case, you need to use the key provided by DEW to improve data security.
Call the password obtaining APIs to obtain the ciphertext password of the public key encrypted using RSA. The API URI is in the format "GET /v2/{project_id}/servers/{server_id}/os-server-password".
If the image based on which an ECS is created is not encrypted, the system disk of the ECS is not encrypted. If the image based on which an ECS is created is encrypted, the system disk of the ECS is automatically encrypted.
When creating an ECS, if you select an encrypted image, the system disk of the created ECS is automatically encrypted, improving data security. Use either of the following methods to create an encrypted image: Use an external image file. Use an existing encrypted ECS.
AK/SK authentication: Requests are encrypted using AK/SK pairs. AK/SK authentication is recommended because it is more secure than token authentication. Token Authentication The validity period of a token is 24 hours.
Figure 6 Entering the kernel editing mode For EulerOS, the GRUB file is encrypted by default. When you enter the kernel editing mode, you will be required to enter the username and password. Contact the customer service to obtain them.
BitLocker volumes encrypted using QingTian TPM keys can only be used on the original instance. The QingTian TPM status of an ECS is not displayed in the ECS list. The QingTian TPM status is not included in image snapshots.
Encrypted images cannot be shared. A full-ECS image is shareable only when it is created from a CBR backup or from an ECS that has never had a CSBS backup. Full-ECS images created using other methods cannot be shared.
The data security administrator uses the command line tool obsutil to upload the encrypted ciphertext to a Huawei Cloud OBS bucket. For details, see Uploading an Object.
Only an encrypted private image can be created from an encrypted ECS. Name Set a name for the image. Enterprise Project Select an enterprise project from the drop-down list.
