Which Cloud Services Are Provided with Default Keys by KMS?
When other cloud services, such as Object Storage Service (OBS), use KMS to automatically create a key for the first time, a default key whose alias ends with /default is generated.
You can use the management console to query but cannot disable or schedule the deletion of default keys.
Default keys are hosted for free, and are charged based on the number of the API requests for them. If API requests exceed the free limit, the excess part will be charged.
Table 1 lists the default keys provided by KMS for cloud services. The following keys can be directly selected on the cloud service console: obs/default, evs/default, ims/default, kps/default, csms/default, and coc/default.
For details about how to use KMS to encrypt and decrypt cloud services, see Which Cloud Services Can Use KMS for Encryption?.
| Alias | Cloud Service | Remarks |
|---|---|---|
| obs/default | Object Storage Service (OBS) | Select this key on the corresponding service console for encryption configuration. |
| evs/default | Elastic Volume Service (EVS) | Select this key on the corresponding service console for encryption configuration. |
| ims/default | Image Management Service (IMS) | Select this key on the corresponding service console for encryption configuration. |
| vbs/default | Volume Backup Service (VBS) | The corresponding cloud service automatically creates and uses the key. You may not be able to view the key on the KMS console. |
| sfs/default | Scalable File Service (SFS) | The corresponding cloud service automatically creates and uses the key. You may not be able to view the key on the KMS console. |
| kps/default | Key Pair Service (KPS) | Select this key on the corresponding service console for encryption configuration. |
| csms/default | Cloud Secret Management Service (CSMS) | Select this key on the corresponding service console for encryption configuration. |
| dlf/default | DataArts Studio | The corresponding cloud service automatically creates and uses the key. You may not be able to view the key on the KMS console. |
| dds/default | Document Database Service (DDS) | The corresponding cloud service automatically creates and uses the key. You may not be able to view the key on the KMS console. |
| elb/default | Elastic Load Balance (ELB) | The corresponding cloud service automatically creates and uses the key. You may not be able to view the key on the KMS console. |
| mkp/default | KooGallery | The corresponding cloud service automatically creates and uses the key. You may not be able to view the key on the KMS console. |
| coc/default | Cloud Operations Center (COC) | Select this key on the corresponding service console for encryption configuration. |
| cce/default | Cloud Container Engine (CCE) | The corresponding cloud service automatically creates and uses the key. You may not be able to view the key on the KMS console. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
