Help Center/ Data Encryption Workshop/ FAQs/ KMS Related/ How Are Default Keys Generated?
Updated on 2024-06-12 GMT+08:00

How Are Default Keys Generated?

Default keys are automatically generated.

When a user uses KMS for encryption in a cloud service for the first time, the cloud service automatically creates a key with the alias suffix /default.

You can use the management console to query but cannot disable or schedule the deletion of Default Master Keys.

Default keys are hosted for free, and are charged based on the number of the API requests for them. If API requests exceed the free limit, the excess part will be charged.

Table 1 Default Master Keys

Alias

Cloud Service

obs/default

Object Storage Service (OBS)

evs/default

Elastic Volume Service (EVS)

ims/default

Image Management Service (IMS)

kps/default

Key Pair Service (KPS)

csms/default

Cloud Secret Management Service (CSMS)