检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK pair.
AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK pair.
AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK pair. Token-based Authentication The validity period of a token is 24 hours.
For details, see Encrypting Images. Notes and Constraints If you use a full-ECS image to create an ECS, the EVS disks associated with the full-ECS image do not support the function of creating disks from a data disk image.
This parameter must be used with kms_id. kms_id No String Key ID used for transferring and encrypting trace files. This key ID is obtained from Key Management Service (KMS).
Symmetric keys are suitable for encrypting and decrypting data. Asymmetric key ECC EC_P256 EC_P384 Elliptic curve recommended by NIST Digital signature and signature verification Asymmetric key ML-DSA NOTE: To enable the ML-DSA algorithm, submit a service ticket.
Encrypting Data Before Being Stored To improve data security, enable server-side encryption. After it is enabled, data will be encrypted on the server before being stored when you create a DB instance or scale up storage space. This reduces the risk of data leakage.
Function Overview Function Overview ALL Creating a Private Image Importing a Private Image Creating an ECS from an Image Modifying an Image Sharing Images Exporting Images Encrypting Images Replicating Images Tagging an Image Exporting Image Information Converting the Image Format
Encrypting Data Before Being Stored To improve data security, enable server-side encryption. After it is enabled, data will be encrypted on the server before being stored when you create a DB instance or scale up storage space. This reduces the risk of data leakage.
Encrypting Data Before Storage You can enable SSE-KMS for an OBS bucket, so that each object uploaded to this bucket can be encrypted using the KMS key you specified before being stored in OBS.
Default value: None sseKms str Explanation: SSE-KMS is used for encrypting objects on the server side.
The public key is used only for encrypting data during the agreement. Decipher only: Select this usage if Key agreement is selected. The public key is used only deciphering data during the key agreement. Extended key usage Extended usage of the certificate key.
Table 1 Header used in SSE-OBS Header Description x-obs-server-side-encryption Indicates that SSE-OBS is used for encrypting objects.
Feature Description Phase Document 1 Ransomware prevention HSS monitors critical files stored on your servers and prevents unauthorized applications from encrypting or modifying the files, protecting your servers from ransomware.
This parameter must be used with kms_id. kms_id String Key ID used for transferring and encrypting trace files. This key ID is obtained from Key Management Service (KMS).
Encrypting disks EVS Data Encryption Workshop (DEW) To use the disk encryption function, an IAM user must be granted SMS FullAccess and EVS KMSAccess. Viewing the migration progress / No other roles or policies are required.
AK/SK-based authentication: Requests are authenticated by encrypting the request body using an Access Key ID/Secret Access Key (AK/SK) pair. Token Authentication A token is a character string generated by the server and is used as a token for a client to send a request.
SseKms string Explanation: SSE-KMS is used for encrypting objects on the server side. SseKmsKey string Explanation: ID of the KMS master key when SSE-KMS is used. SseC string Explanation: SSE-C is used for encrypting objects on the server side.
Default value: None sseCKey byte[] Yes Explanation: Key used for encrypting the object when SSE-C is used, in byte[] format. Default value: None sseCKeyBase64 String No Explanation: Base64-encoded key used for encrypting the object when SSE-C is used.
The header value is a 256-bit, base64-encoded key. x-obs-server-side-encryption-customer-key-MD5: MD5 value of the key used for encrypting an object Uploading an Object - POST Initiating a Multipart Upload Uploading Parts Querying Object Metadata Downloading an Object Copying Parts
