检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
a DEK decrypt-datakey: Decrypting a DEK describe-key: Querying Key Details retire-grant: Creating a Grant encrypt-data: Encrypting Data decrypt-data: Decrypting Data name No String Grant name.
More information: Encrypting an OBS Bucket Creating an OBS Table in DLI Accessing Other Services Using an Agency Cloud services often interact with each other, with some of which dependent on other services.
SseKms string Explanation: SSE-KMS is used for encrypting objects on the server side. SseKmsKey string Explanation: ID of the KMS master key when SSE-KMS is used. SseC string Explanation: SSE-C is used for encrypting objects on the server side.
AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK pair. AK/SK-based authentication is recommended because it is more secure than token-based authentication. Token The validity period of a token is 24 hours.
Some performance overhead may be added, especially when it is used for encrypting and decrypting large amounts of data. It applies to environments that require high data transmission security, such as finance and healthcare industries.
After user 1 grants permissions, the system automatically creates key evs/default for encrypting EVS disks. When user 1 uses the encryption feature for the first time, the user must grant the KMS access permissions to EVS.
parameter Explanation: Key for encrypting the object when SSE-C is used Restrictions: The value is a Base64-encoded 256-bit key, for example, K7QkYpBkM5+hca27fsNkUnNVaobncnLht/rCB2o/9Cw=.
parameter Explanation: Key for encrypting the object when SSE-C is used Restrictions: The value is a Base64-encoded 256-bit key, for example, K7QkYpBkM5+hca27fsNkUnNVaobncnLht/rCB2o/9Cw=.
parameter Explanation: Key for encrypting the object when SSE-C is used Restrictions: The value is a Base64-encoded 256-bit key, for example, K7QkYpBkM5+hca27fsNkUnNVaobncnLht/rCB2o/9Cw=.
parameter Explanation: Key for encrypting the object when SSE-C is used Restrictions: The value is a Base64-encoded 256-bit key, for example, K7QkYpBkM5+hca27fsNkUnNVaobncnLht/rCB2o/9Cw=.
Encrypting an Object to Be Uploaded Sample code: // Hard-coded or plaintext AK/SK are risky. For security purposes, encrypt your AK/SK and store them in the configuration file or environment variables.
If the metadata contains sensitive data, take appropriate measures to protect the sensitive data, for example, controlling access permissions and encrypting the data.
Example of Encryption Encrypting an Object to Be Uploaded Sample code: SSE-C encryption static OBSClient *client; NSString *endPoint = @"your-endpoint"; // Hard-coded or plaintext AK/SK are risky.
For example, a data security administrator can create IAM users and grant them the minimum permissions, such as creating encryption keys and encrypting sensitive data.
SseKms string Explanation: SSE-KMS is used for encrypting objects on the server side. SseKmsKey string Explanation: ID of the KMS master key when SSE-KMS is used. SseC string Explanation: SSE-C is used for encrypting objects on the server side.
SseKms string Explanation: SSE-KMS is used for encrypting objects on the server side. SseKmsKey string Explanation: ID of the KMS master key when SSE-KMS is used. SseC string Explanation: SSE-C is used for encrypting objects on the server side.
SseKms string Explanation: SSE-KMS is used for encrypting objects on the server side. SseKmsKey string Explanation: ID of the KMS master key when SSE-KMS is used. SseC string Explanation: SSE-C is used for encrypting objects on the server side.
parameter Explanation: Key for encrypting the object when SSE-C is used Restrictions: The value is a Base64-encoded 256-bit key, for example, K7QkYpBkM5+hca27fsNkUnNVaobncnLht/rCB2o/9Cw=.
AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK. AK/SK-based authentication is recommended as it provides higher security.
Secure your email by digitally signing and encrypting communications with our Email certificates, also called Personal ID certificates.
