检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
For details about how to disable SSL, see Encrypting Data over SSL for a GeminiDB Redis Instance. You need to estimate the bandwidth required by services and purchase an EIP with sufficient bandwidth resources.
AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK pair. This method is recommended because it is more secure than token-based authentication. Token-based Authentication The validity period of a token is 24 hours.
Default value: None crypto_iv str or bytes No Explanation: Initial value used for encrypting data Restrictions: Length: 16 bytes If crypto_iv is specified, all objects are encrypted using the specified initial value.
For details about how to encrypt and decrypt a DEK for a user application, see sections "Encrypting a DEK" and "Decrypting a DEK" in Data Encryption Workshop API Conference. Parent Topic: Creating a Key
For details, see Encrypting the Database. After a normal cluster is created, you can convert it to an encrypted cluster. After Encrypt DataStore is enabled, the key cannot be disabled, deleted, or frozen when being used.
SseKms string Explanation: SSE-KMS is used for encrypting objects on the server side. SseKmsKey string Explanation: ID of the KMS master key when SSE-KMS is used. SseC string Explanation: SSE-C is used for encrypting objects on the server side.
SseKms string Explanation: SSE-KMS is used for encrypting objects on the server side. SseKmsKey string Explanation: ID of the KMS master key when SSE-KMS is used. SseC string Explanation: SSE-C is used for encrypting objects on the server side.
Encrypting an Object to Be Uploaded Sample code: // Initialize configuration parameters. ObsConfig config = new ObsConfig(); config.Endpoint = "https://your-endpoint"; // Hard-coded or plaintext AK/SK are risky.
SseKms string Explanation: SSE-KMS is used for encrypting objects on the server side. SseKmsKey string Explanation: ID of the KMS master key when SSE-KMS is used. SseC string Explanation: SSE-C is used for encrypting objects on the server side.
Symmetric keys are suitable for encrypting and decrypting data. Asymmetric key ECC EC_P256 EC_P384 Elliptic curve recommended by NIST Digital signature and signature verification Asymmetric key ML-DSA NOTE: To enable the ML-DSA algorithm, submit a service ticket.
Xrole Name: set to EVSAccessKMS, which means that permissions have been assigned to EVS to obtain KMS keys for encrypting or decrypting EVS disks. KMS Key Name: specifies the name of the key used by the encrypted EVS disk.
KMS Key Yes Key created on Key Management Service (KMS) and used for encrypting and decrypting user passwords and key pairs. You can select a created key from KMS.
KMS Key Yes Key created on Key Management Service (KMS) and used for encrypting and decrypting user passwords and key pairs. You can select a created key from KMS.
Encrypting Data Before Storage RDB and AOF persistent files in open-source Redis do not support encryption. Therefore, DCS does not support data encryption. If you have sensitive data, please encrypt it before writing it to DCS.
${NodeId} ${NodeId}: device node ID ${ProductId}: product ID ${timestamp}: Unix timestamp, in milliseconds User Name Fixed format: ${NodeId}&${ProductId} Password Result value after encrypting the combination of device parameter and parameter value, with the device password as the
SseC string Yes when SSE-C is used Explanation: SSE-C is used for encrypting objects on the server side. Restrictions: Only AES256 is supported.
Default value: None sseCKey byte[] Yes Explanation: Key used for encrypting the object when SSE-C is used, in byte[] format. Default value: None sseCKeyBase64 String No Explanation: Base64-encoded key used for encrypting the object when SSE-C is used.
SseKms String Algorithm used in SSE-KMS SseKmsKey String ID of the KMS master key when SSE-KMS is used SseC String Algorithm used in SSE-C SseCKeyMd5 String MD5 value of the key for encrypting objects when SSE-C is used.
AK/SK-based authentication: Requests are authenticated by encrypting the request body using an AK/SK pair. AK/SK authentication is recommended because it is more secure than token authentication. Token-based Authentication The validity period of a token is 24 hours.
Table 1 Key algorithms supported by SWR Key Algorithm Specifications Description Used For Asymmetric ECC EC_P256 ECDSA_SHA_256 EC_P384 ECDSA_SHA_384 NIST Elliptic Curve Cryptography (ECC) Creating digital signatures Asymmetric SM2 SM2 SM2 asymmetric key Encrypting and decrypting a
