检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
For details about how to encrypt and decrypt a DEK for a user application, see sections "Encrypting a DEK" and "Decrypting a DEK" in Data Encryption Workshop API Conference. Parent Topic: Creating a Key
KMS Key Yes Key created on Key Management Service (KMS) and used for encrypting and decrypting user passwords and key pairs. You can select a created key from KMS. Host Connection Description No Descriptive information about the host connection.
KMS Key Yes Key created on Key Management Service (KMS) and used for encrypting and decrypting user passwords and key pairs. You can select a created key from KMS. Host Connection Description No Descriptive information about the host connection.
AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK pair. Token-based Authentication A token specifies temporary permissions in a computer system. A token specifies temporary permissions in a computer system.
Access Key ID/Secret Access Key (AK/SK) authentication: Requests are authenticated by encrypting the request body using an AK/SK. AK/SK Authentication AK/SK authentication supports API requests with a body no larger than 12 MB.
AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK pair. This method is recommended because it is more secure than token-based authentication. Token-based Authentication The validity period of a token is 24 hours.
Encrypting Parameters Account Management
The authorized operations must at least contain Querying key details, Encrypting data, and Decrypting data. After the conversion, you can click the cluster name to go to the Cluster Details page to view the cluster details.
For details about how to disable SSL, see Encrypting Data over SSL for a GeminiDB Redis Instance. You need to estimate the bandwidth required by services and purchase an EIP with sufficient bandwidth resources.
SseKms string Explanation: SSE-KMS is used for encrypting objects on the server side. SseKmsKey string Explanation: ID of the KMS master key when SSE-KMS is used. SseC string Explanation: SSE-C is used for encrypting objects on the server side.
Encrypting an Object to Be Uploaded Sample code: // Initialize configuration parameters. ObsConfig config = new ObsConfig(); config.Endpoint = "https://your-endpoint"; // Hard-coded or plaintext AK/SK are risky.
SseKms string Explanation: SSE-KMS is used for encrypting objects on the server side. SseKmsKey string Explanation: ID of the KMS master key when SSE-KMS is used. SseC string Explanation: SSE-C is used for encrypting objects on the server side.
KMS Key Yes Key created on Key Management Service (KMS) and used for encrypting and decrypting user passwords and key pairs. You can select a created key from KMS.
KMS Key Yes Key created on Key Management Service (KMS) and used for encrypting and decrypting user passwords and key pairs. You can select a created key from KMS.
Encrypting Data Before Storage RDB and AOF persistent files in open-source Redis do not support encryption. Therefore, DCS does not support data encryption. If you have sensitive data, please encrypt it before writing it to DCS.
${NodeId} ${NodeId}: device node ID ${ProductId}: product ID ${timestamp}: Unix timestamp, in milliseconds User Name Fixed format: ${NodeId}&${ProductId} Password Result value after encrypting the combination of device parameter and parameter value, with the device password as the
Xrole Name: set to EVSAccessKMS, which means that permissions have been assigned to EVS to obtain KMS keys for encrypting or decrypting EVS disks. KMS Key Name: specifies the name of the key used by the encrypted EVS disk.
Symmetric keys are suitable for encrypting and decrypting data. Asymmetric key ECC EC_P256 EC_P384 Elliptic curve recommended by NIST Digital signature and signature verification Asymmetric key ML-DSA NOTE: To enable the ML-DSA algorithm, submit a service ticket.
Default value: None sseCKey byte[] Yes Explanation: Key used for encrypting the object when SSE-C is used, in byte[] format. Default value: None sseCKeyBase64 String No Explanation: Base64-encoded key used for encrypting the object when SSE-C is used.
SseC string Yes when SSE-C is used Explanation: SSE-C is used for encrypting objects on the server side. Restrictions: Only AES256 is supported.
