What Is a Customer Master Key?
A Customer Master Key (CMK) is a Key Encryption Key (KEK) created by a user using KMS. It is used to encrypt and protect Data Encryption Keys (DEKs). One CMK can be used to encrypt one or multiple DEKs.
- Custom keys
- Default keys
When a user uses KMS for encryption in a cloud service for the first time, the cloud service automatically creates a key whose alias ends with /default.
On the KMS console, you can query Default Master Keys, but can neither disable them nor schedule their deletion.
Table 1 Default Master Keys Key Alias
Cloud Service
obs/default
Object Storage Service (OBS)
evs/default
Elastic Volume Service (EVS)
ims/default
Image Management Service (IMS)
sfs/default
Scalable File Service (SFS)
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
