检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Java If you are connecting to an instance using Java, an SSL certificate is optional, but downloading an SSL certificate and encrypting the connection will improve the security of your instance.
Java Scenarios If you are connecting to an instance using Java, an SSL certificate is optional, but downloading an SSL certificate and encrypting the connection will improve the security of your instance.
Encrypting Data in ECS Encrypting Data in OBS Encrypting Data in EVS Encrypting Data in IMS Encrypting an RDS DB Instance Encrypting a DDS DB Instance
Code Example: Encrypting (SSE-C) and Uploading an Object The following code shows an example of encrypting an object with SSE-C before uploading it: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 // Enter the endpoint corresponding to the bucket.
Generally, KMS provides open APIs encrypt-data and decrypt-data for encrypting and decrypting a small volume of data. The calculation of the APIs is based on KMS, which wraps the ciphertext. So offline data encryption and decryption are not supported.
Keys for encrypting file systems are provided by Key Management Service (KMS), which is secure and convenient. You do not need to establish and maintain key management infrastructure.
Authentication Requests for calling an API can be authenticated using either of the following methods: AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK pair.
Scenarios To share an encrypted image, you need to authorize the key used for encrypting the image. This section describes how to authorize a key. The key can only be a custom key. The default key cannot be authorized. Prerequisites You have confirmed the key to be authorized.
Authentication Requests for calling an API can be authenticated using either of the following methods: AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK pair. Token-based authentication: Requests are authenticated using a token.
Authentication Requests for calling an API can be authenticated using either of the following methods: AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK pair.
The keys used for encrypting disks are provided by the Key Management Service (KMS) of Data Encryption Workshop (DEW). The following keys are supported. For details, see Managing Encrypted EVS Disks.
Keys used for encrypting system disks are provided by Key Management Service (KMS) in Data Encryption Workshop (DEW). You do not need to build and maintain the key management infrastructure.
Authentication You can use either of the following authentication methods when calling APIs: AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK pair.
Authentication You can use either of the following authentication methods when calling APIs: AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK.
Common Functions The HCL supports various built-in functions you can call by function name for processing strings, calculating values, encrypting values, and converting types. The syntax is as follows: <Function name>(<Argument 1>, <Argument 2>...)
Using KMS to Encrypt and Decrypt Data for Cloud Services Overview Encrypting Data in ECS Encrypting Data in EVS Encrypting Data in IMS Encrypting Data in OBS Encrypting an RDS DB Instance Encrypting a DDS DB Instance Parent topic: Key Management Service
Helpful Links Document Link Best Practices Encrypting or Decrypting Small Volumes of Data Encrypting or Decrypting a Large Amount of Data API Example Encrypting or Decrypting Small Volumes of Data Encrypting or Decrypting a Large Amount of Data Parent topic: KMS
Table 1 Keys Name Description Function DEK An encryption key that is used for encrypting data. Encrypts specific data. Custom key An encryption key created using DEW for encrypting DEKs. A custom key can encrypt multiple DEKs. Supports CMK disabling and scheduled deletion.
Solution Refer to the following steps to enable SSL encryption: Encrypting Data over SSL for a GeminiDB Redis Instance Encrypting Data over SSL for a GeminiDB Cassandra Instance Encrypting Data over SSL for a GeminiDB Influx Instance Encrypting Data over SSL for a GeminiDB Mongo Instance
For details about image encryption, see Encrypting Data in IMS. When creating an ECS, you can encrypt added data disks. For details about data disk encryption, see Encrypting Data in IMS.
