检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Code Example: Encrypting (SSE-C) and Uploading an Object The following code shows an example of encrypting an object with SSE-C before uploading it: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 // Enter the endpoint corresponding to the bucket.
Generally, KMS provides open APIs encrypt-data and decrypt-data for encrypting and decrypting a small volume of data. The calculation of the APIs is based on KMS, which wraps the ciphertext. So offline data encryption and decryption are not supported.
Keys for encrypting file systems are provided by Key Management Service (KMS), which is secure and convenient. You do not need to establish and maintain key management infrastructure.
Scenarios To share an encrypted image, you need to authorize the key used for encrypting the image. This section describes how to authorize a key. The key can only be a custom key. The default key cannot be authorized. Prerequisites You have confirmed the key to be authorized.
Authentication Requests for calling an API can be authenticated using either of the following methods: AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK pair.
Authentication Requests for calling an API can be authenticated using either of the following methods: AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK pair. Token-based authentication: Requests are authenticated using a token.
Authentication Requests for calling an API can be authenticated using either of the following methods: AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK pair.
Authentication You can use either of the following authentication methods when calling APIs: AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK pair.
Authentication You can use either of the following authentication methods when calling APIs: AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK pair.
Common Functions The HCL supports various built-in functions you can call by function name for processing strings, calculating values, encrypting values, and converting types. The syntax is as follows: <Function name>(<Argument 1>, <Argument 2>...)
Using KMS to Encrypt and Decrypt Data for Cloud Services Overview Encrypting Data in ECS Encrypting Data in EVS Encrypting Data in IMS Encrypting Data in OBS Encrypting an RDS DB Instance Encrypting a DDS DB Instance Parent topic: Key Management Service
Helpful Links Document Link Best Practices Encrypting or Decrypting Small Volumes of Data Encrypting or Decrypting a Large Amount of Data API Example Encrypting or Decrypting Small Volumes of Data Encrypting or Decrypting a Large Amount of Data Parent topic: KMS
Table 1 Keys Name Description Function DEK An encryption key that is used for encrypting data. Encrypts specific data. Custom key An encryption key created using DEW for encrypting DEKs. A custom key can encrypt multiple DEKs. Supports CMK disabling and scheduled deletion.
Using KMS to Encrypt Offline Data Encrypting or Decrypting Small Volumes of Data Encrypting or Decrypting a Large Amount of Data Parent topic: Key Management Service
Application Examples Example 1: Encrypting or Decrypting Small Volumes of Data Example 2: Encrypting or Decrypting Large Volumes of Data Example 3: Querying Information About Keys
For details about image encryption, see Encrypting Data in IMS. When creating an ECS, you can encrypt added data disks. For details about data disk encryption, see Encrypting Data in IMS.
Image Management Service (IMS) Encrypting Data in IMS Storage Object Storage Service (OBS) Encrypting Data in OBS Elastic Volume Service (EVS) Encrypting Data in EVS Volume Backup Service (VBS) VBS generally creates online backups for a single EVS disk (system or data disk) of the
For details about image encryption, see Encrypting Data in IMS. When creating an ECS, you can encrypt added data disks. For details about data disk encryption, see Encrypting Data in IMS.
Encrypting data in transit Medium apig:::instance N/A RGC-GR_CONFIG_APIG_INSTANCES_SSL_ENABLED Checks whether any domain name of a dedicated API gateway is associated with an SSL certificate.
Table 1 Keys Name Description Function DEK An encryption key that is used for encrypting data. Encrypts specific data. Custom key An encryption key created using DEW for encrypting DEKs. A custom key can encrypt multiple DEKs. Supports CMK disabling and scheduled deletion.