Help Center/ Data Encryption Workshop/ FAQs/ KMS Related/ How Do I Use union-sdk to Enhance Code Flexibility and Compatibility?

Updated on 2026-01-09 GMT+08:00

View PDF

How Do I Use union-sdk to Enhance Code Flexibility and Compatibility?

To use union-sdk to enhance code flexibility and compatibility, perform the operations below. For details about how to use SDKs, see SDK Overview.

// 1. Prepare the authentication information for accessing Huawei Cloud.
// Manually import the project ID. If the project ID is not imported, the SDK requests IAM to dynamically obtain the project ID, which increases the network latency and may cause an exception caused by the failure to access IAM.
final BasicCredentials auth = new BasicCredentials()
        .withIamEndpoint(IAM_ENDPOINT).withAk(ACCESS_KEY).withSk(SECRET_ACCESS_KEY).withProjectId(PROJECT_ID);
// Configure httpConfig. If no certificate is issued by an authoritative CA, ignore the verification.
// Register a listener for httpConfig. The listener can be used to print the request ID of the response. When an exception occurs, the request ID can be provided for the backend to search for logs.
HttpConfig httpConfig = new HttpConfig().withIgnoreSSLVerification(true);
HttpListener responseListener = HttpListener.forResponseListener(listener -> {
    if (listener.statusCode() >= 400) {
        System.out.println("X-Request-ID: " +
            listener.headers().entrySet().stream()
                .filter(entry -> entry.getKey().equalsIgnoreCase("X-Request-ID"))
                .map(entry -> entry.getValue().get(0)).collect(Collectors.joining("")));
    }
});
httpConfig.addHttpListener(responseListener);
// 2. Initialize the SDK, and transfer the authentication information and the address for the KMS to access the client.
// Manually configure the region ID and the corresponding KMS address. If the values are imported through enumeration, for example, KmsRegion.CN_NORTH_4, the SDK needs to be updated at the backend, which is inflexible.
// Initialize the client only once and use the object repeatedly.
final KmsClient kmsClient = KmsClient.newBuilder()
        .withRegion(new Region(KMS_REGION_ID, KMS_ENDPOINT)).withHttpConfig(httpConfig).withCredential(auth).build();
// 3. Assemble the request message for creating a DEK.
final CreateDatakeyRequest createDatakeyRequest = new CreateDatakeyRequest()
                .withBody(new CreateDatakeyRequestBody().withKeyId(keyId).withDatakeyLength(AES_KEY_BIT_LENGTH));
// 4. Create a DEK.
// Retry. If the response code is 429 or greater than 500, retry for three to five times.
final CreateDatakeyResponse createDatakeyResponse = kmsClient.createDatakeyInvoker(createDatakeyRequest)
            .retryTimes(3).retryCondition((resp, ex) -> Objects.nonNull(ex) && ServiceResponseException.class.isAssignableFrom(ex.getClass())
                && (((ServiceResponseException) ex).getHttpStatusCode() == 429
                || ((ServiceResponseException) ex).getHttpStatusCode() >= 500)).invoke();

Parent topic: KMS Related

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot