检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Default value: None sseCKey byte[] Yes Explanation: Key used for encrypting the object when SSE-C is used, in byte[] format. Default value: None sseCKeyBase64 String No Explanation: Base64-encoded key used for encrypting the object when SSE-C is used.
parameter Explanation: Key for encrypting the object when SSE-C is used Restrictions: The value is a Base64-encoded 256-bit key, for example, K7QkYpBkM5+hca27fsNkUnNVaobncnLht/rCB2o/9Cw=.
parameter Explanation: Key for encrypting the object when SSE-C is used Restrictions: The value is a Base64-encoded 256-bit key, for example, K7QkYpBkM5+hca27fsNkUnNVaobncnLht/rCB2o/9Cw=.
Encryption and Decryption Principles Large-size data encryption Figure 1 Encrypting a local file The process is as follows: Create a CMK on KMS. Call the create-datakey API of KMS to create a DEK. Then you get a plaintext DEK and a ciphertext DEK.
Default value: None sseKms str Explanation: SSE-KMS is used for encrypting objects on the server side.
Encrypting an Object Method 1: Enable server-side encryption when you create a bucket. Then, all types of objects uploaded to the bucket will be automatically encrypted with the encryption method and key you specified during bucket creation.
For details, see Encrypting an Image in the Image Management Service User Guide. The encryption attribute of an existing disk cannot be changed. You can create new disks and determine whether to encrypt the disks or not.
For details about the example code, see ISV Server Encrypting the Username and Password After Resource Enabling. memo No String 1,024 Remarks. The following table describes the UsageInfo data structure.
SseKms string Explanation: SSE-KMS is used for encrypting objects on the server side. SseKmsKey string Explanation: ID of the KMS master key when SSE-KMS is used. SseC string Explanation: SSE-C is used for encrypting objects on the server side.
More information: Encrypting an OBS Bucket Creating an OBS Table in DLI Accessing Other Services Using an Agency Cloud services often interact with each other, with some of which dependent on other services.
Encrypting AK/SK for Deploying an APM Agent in a CCE Container Encrypt the AK/SK when deploying an APM Agent on CCE. Suggestions on APM Security Configuration This document provides guidance for enhancing the overall security of APM.
Some performance overhead may be added, especially when it is used for encrypting and decrypting large amounts of data. It applies to environments that require high data transmission security, such as finance and healthcare industries.
With the agency, SFS can obtain KMS keys for encrypting or decrypting file systems. You can view the agency in the agency list on the IAM console. Creating a Cloud Service Agency on the IAM Console Log in to the IAM console.
parameter Explanation: Key for encrypting the object when SSE-C is used Restrictions: The value is a Base64-encoded 256-bit key, for example, K7QkYpBkM5+hca27fsNkUnNVaobncnLht/rCB2o/9Cw=.
parameter Explanation: Key for encrypting the object when SSE-C is used Restrictions: The value is a Base64-encoded 256-bit key, for example, K7QkYpBkM5+hca27fsNkUnNVaobncnLht/rCB2o/9Cw=.
parameter Explanation: Key for encrypting the object when SSE-C is used Restrictions: The value is a Base64-encoded 256-bit key, for example, K7QkYpBkM5+hca27fsNkUnNVaobncnLht/rCB2o/9Cw=.
parameter Explanation: Key for encrypting the object when SSE-C is used Restrictions: The value is a Base64-encoded 256-bit key, for example, K7QkYpBkM5+hca27fsNkUnNVaobncnLht/rCB2o/9Cw=.
AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK pair. AK/SK-based authentication is recommended because it is more secure than token-based authentication. Token The validity period of a token is 24 hours.
Some performance overhead may be added, especially when it is used for encrypting and decrypting large amounts of data. It applies to environments that require high data transmission security, such as finance and healthcare industries.
After user 1 grants permissions, the system automatically creates key evs/default for encrypting EVS disks. When user 1 uses the encryption feature for the first time, the user must grant the KMS access permissions to EVS.
