检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
HTTPS enhances cluster security by encrypting all communication over the public network. User permissions can be configured to ensure proper isolation.
HTTPS enhances cluster security by encrypting all communication over the public network. User permissions can be configured to ensure proper isolation.
SseKms string Explanation: SSE-KMS is used for encrypting objects on the server side. SseKmsKey string Explanation: ID of the KMS master key when SSE-KMS is used. SseC string Explanation: SSE-C is used for encrypting objects on the server side.
Default value: None sseCKey byte[] Yes Explanation: Key used for encrypting the object when SSE-C is used, in byte[] format. Default value: None sseCKeyBase64 String No Explanation: Base64-encoded key used for encrypting the object when SSE-C is used.
Default value: None sseCKey byte[] Yes Explanation: Key used for encrypting the object when SSE-C is used, in byte[] format. Default value: None sseCKeyBase64 String No Explanation: Base64-encoded key used for encrypting the object when SSE-C is used.
Example: "expiry-date=\"Mon, 11 Sep 2023 00:00:00 GMT\"" Default value: None sseKms str Explanation: SSE-KMS is used for encrypting objects on the server side.
For details about the example code, see ISV Server Encrypting the Username and Password After Resource Enabling. ip No String 64 IP address of the website. memo No String 1,024 Remarks. For details about how to obtain accessKey, see Obtaining the Key.
This relieves servers from decrypting or encrypting data. SSL encryption/decryption is performed on backend servers, compromising server performance.
Figure 2 Encrypting environment variables Function public access configuration Public access: By default, a function can access the public network. All tenants share the bandwidth, which may cause external network attacks.
For details, see Encrypting Images. Constraints If you use a full-ECS image to create an ECS, the EVS disks associated with the full-ECS image do not support the function of creating disks from a data disk image.
Value range: 40 GB to 2048 GB cmk_id No String Specifies a custom key used for encrypting an image. For its value, see the Key Management Service User Guide. tags No Array of strings Lists the image tags. This parameter is left blank by default.
For details, see Encrypting Data over SSL for a GeminiDB Influx Instance. For details about how to disable SSL, see Encrypting Data over SSL for a GeminiDB Influx Instance. Table 6 Tags Parameter Description Tags The setting is optional.
Default value: None sseCKey byte[] Yes Explanation: Key used for encrypting the object when SSE-C is used, in byte[] format. Default value: None sseCKeyBase64 String No Explanation: Base64-encoded key used for encrypting the object when SSE-C is used.
Table 7 SseKmsHeader Parameter Type Mandatory (Yes/No) Description encryption ServerEncryption Yes Explanation: SSE-KMS used for encrypting objects. Explanation: SSE-KMS is used for encrypting objects on the server side. Value range: kms. For details, see Table 9.
Default value: None sseKms str Explanation: SSE-KMS is used for encrypting objects on the server side.
► SSL certificate management improves user privacy and payment data security by encrypting data transmission. ► Host Security Service (HSS) provides host-level protection, such as intrusion detection, antivirus, and patch management, and real-time monitoring to prevent service interruption
Preparations Before encrypting data in OBS, register a Huawei Cloud account and enable Huawei Cloud services. For details, see Signing Up for a HUAWEI ID and Enabling Huawei Cloud Services. If you have enabled Huawei Cloud, skip this step.
Figure 3 Custom encryption Download a full backup and use the third-party full backup tool Percona XtraBackup to restore the backup locally. prepare phase: --transition-key = {custom_key} copy-back phase: --transition-key={custom_key} --generate-new-master-key Encrypting or Decrypting
Certificate Source: source of a certificate for encrypting and authenticating HTTPS data transmission. If you select a TLS key, you must create a key certificate of the IngressTLS or kubernetes.io/tls type beforehand. For details, see Creating a Secret.
Default value: None sseCKey byte[] Yes Explanation: Key used for encrypting the object when SSE-C is used, in byte[] format. Default value: None sseCKeyBase64 String No Explanation: Base64-encoded key used for encrypting the object when SSE-C is used.
