KMS Python SDK Demo
Key Management Service (KMS) is a secure, reliable, and easy-to-use service that helps users centrally manage and safeguard their Customer Master Keys (CMKs).
KMS uses hardware security modules (HSMs) to protect CMKs. HSMs help you create and control CMKs with ease. All CMKs are protected by root keys in HSMs to avoid leakage. KMS implements access control and log-based tracking on all operations on CMKs. With records of use of all CMKs, it meets your audit and regulatory compliance requirements.
Creating a CMK
You can create a CMK using the Python OpenStack SDK based on the following code:
1 2 3 4 5 |
def create_key(conn):
key_dict = {
"key_alias": "test-key-123-456789223", "realm": "123"
}
key = conn.kms.create_key(**key_dict)
|
Enabling a CMK
You can enable a disabled CMK using the Python OpenStack SDK based on the following code:
1 2 3 |
def enable_key(conn, key):
# a string of key id or an object of Key
print(conn.kms.enable_key(key))
|
Creating a DEK
You can create a DEK using the Python OpenStack SDK based on the following code:
1 2 3 4 5 |
def create_data_key(conn, key):
data_key_dict={
"datakey_length":"512"
}
print(conn.kms.create_datakey(key, **data_key_dict))
|
Encrypting a DEK
You can encrypt a DEK using the Python OpenStack SDK based on the following code (The plain_text value is obtained during DEK creation):
1 2 3 4 5 6 7 8 |
def encrypt_datakey(conn, key):
params = {
"plain_text": "4c5062132d3b1b450d1aff4cd49bb828c09e602e3678b3c8d9be5429fa22be17439a1c7bd167e76d1be8f0cadda76940c98e4483bc32312534ce98db824329eb
",
"datakey_plain_length": "64"
}
datakey = conn.kms.encrypt_datakey(key, **params)
print(datakey)
|
Last Article: VBS Python SDK Demo
Next Article: Anti-DDoS Python SDK Demo
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.