- What's New
- Function Overview
- Service Overview
-
Billing
- Billing Overview
- Billing Modes
- Billed Items
- Billing Examples
- Billing Mode Changes
- Renewing Subscriptions
- Bills
- Arrears
- Billing Termination
- Cost Management
-
Billing FAQ
- How Do I Purchase SFS?
- How Do I Renew the Service?
- How Do I Check Whether the Subscriber Is in Arrears?
- Can I Purchase SFS Capacity-Oriented Resource Packages When I Still Have Valid Ones in Use?
- How Do I Check the Usage of an SFS Capacity-Oriented Resource Package?
- How Do I Adjust the Size of an SFS Capacity-Oriented Resource Package?
- Do SFS Capacity-Oriented and SFS Turbo Share One Resource Package?
- Getting Started
- User Guide
- Best Practices
-
API Reference
- Before You Start
- API Overview
- Calling APIs
- Calling General Purpose File System APIs
- Getting Started (SFS Capacity-Oriented)
- Getting Started with SFS Turbo
- Getting Started with General Purpose File System
-
SFS Capacity-Oriented APIs
- API Version Queries
- File Systems
- File System Access Rules
- Quota Management
- Expansion and Shrinking
-
Tag Management
- Adding a Tag to a Shared File System
- Deleting a Tag from a Shared File System
- Querying Tags of a Shared File System
- Querying Tags of All File Systems of a Tenant
- Batch Adding Tags to a Shared File System
- Batch Deleting Tags from a Shared File System
- Querying Shared File Systems by Tag
- Querying the Number of Shared File Systems by Tag
- AZ
-
SFS Turbo APIs
- Lifecycle Management
- Connection Management
- Tag Management
- Name Management
- File System Management
-
Storage Interworking Management
- Adding a Backend Target
- Querying Backend Targets
- Obtaining Details About a Backend Target
- Deleting a Backend Target
- Updating the Properties of a Storage Backend
- Updating the Auto Synchronization Policy of a Storage Backend
- Creating an Import or Export Task
- Querying Details About an Import or Export Task
- Listing Import and Export Tasks
- Deleting an Import or Export Task
- Updating a File System
- Directory Management
-
Permissions Management
- Creating a Permission Rule
- Querying Permission Rules of a File System
- Querying a Permission Rule of a File System
- Modifying a Permission Rule
- Deleting a Permissions Rule
- Creating and Binding the LDAP Configuration
- Querying the LDAP Configuration
- Modifying the LDAP Configuration
- Deleting the LDAP Configuration
- Task Management
- General Purpose File System APIs
- Permissions Policies and Supported Actions
- Common Parameters
- Appendix
- SDK Reference
-
Troubleshooting
- Mounting a File System Times Out
- Mounting a File System Fails
- File System Performance Is Poor
- Failed to Create an SFS Turbo File System
- A File System Is Automatically Disconnected from the Server
- A Server Fails to Access a File System
- The File System Is Abnormal
- Data Fails to Be Written into a File System Mounted to ECSs Running Different Types of Operating Systems
- Failed to Mount an NFS File System to a Windows IIS Server
- Writing to a File System Fails
- Error Message "wrong fs type, bad option" Is Displayed During File System Mounting
- Failed to Access the Shared Folder in Windows
-
FAQs
- Concepts
- Specifications
- Restrictions
- Networks
-
Billing
- How Do I Purchase SFS?
- How Do I Renew the Service?
- How Do I Check Whether the Subscriber Is in Arrears?
- Can I Purchase SFS Capacity-Oriented Resource Packages When I Still Have Valid Ones in Use?
- How Do I Check the Usage of an SFS Capacity-Oriented Resource Package?
- How Do I Adjust the Size of an SFS Capacity-Oriented Resource Package?
- Do SFS Capacity-Oriented and SFS Turbo Share One Resource Package?
-
Others
- How Do I Access a File System from a Server?
- How Do I Check Whether a File System on a Linux Server Is Available?
- What Resources Does SFS Occupy?
- Why Is the Capacity Displayed as 10P After I Mount My SFS Capacity-Oriented File System?
- Why the Capacity Is Displayed as 250TB After I Mount My General Purpose File System?
- How Can I Migrate Data Between SFS and OBS?
- Can a File System Be Accessed Across Multiple AZs?
- Can I Upgrade an SFS Capacity-Oriented File System to an SFS Turbo File System?
- Can I Upgrade an SFS Turbo File System from Standard to Standard-Enhanced?
- How Can I Migrate Data Between SFS and EVS?
- Can I Directly Access SFS from On-premises Devices?
- How Do I Delete .nfs Files?
- Why My File System Used Space Increases After I Migrate from SFS Capacity-Oriented to SFS Turbo?
- How Can I Improve the Copy and Delete Efficiency with an SFS Turbo File System?
- How Do Second- and Third-level Directory Permissions of an SFS Turbo File System Be Inherited?
- How Do I Deploy SFS Turbo on CCE?
- Videos
-
More Documents
- User Guide (ME-Abu Dhabi Region)
- API Reference (ME-Abu Dhabi Region)
-
User Guide (Paris Region)
- Introduction
- Getting Started
- Management
- Typical Applications
-
Troubleshooting
- Mounting a File System Times Out
- Mounting a File System Fails
- Failed to Create an SFS Turbo File System
- A File System Is Automatically Disconnected from the Server
- A Server Fails to Access a File System
- The File System Is Abnormal
- Data Fails to Be Written into a File System Mounted to ECSs Running Different Types of Operating Systems
- Failed to Mount an NFS File System to a Windows IIS Server
- Writing to a File System Fails
- Error Message "wrong fs type, bad option" Is Displayed During File System Mounting
- Failed to Access the Shared Folder in Windows
-
FAQs
- Concepts
- Specifications
- Restrictions
- Networks
-
Others
- How Do I Access a File System from a Server?
- How Do I Check Whether a File System on a Linux Server Is Available?
- What Resources Does SFS Occupy?
- Why Is the Capacity Displayed as 10P After I Mount My SFS Capacity-Oriented File System?
- Can a File System Be Accessed Across Multiple AZs?
- How Can I Migrate Data Between SFS and EVS?
- Can I Directly Access SFS from On-premises Devices?
- How Do I Delete .nfs Files?
- Why My File System Used Space Increases After I Migrate from SFS Capacity-Oriented to SFS Turbo?
- How Can I Improve the Copy and Delete Efficiency with an SFS Turbo File System?
- How Do Second- and Third-level Directory Permissions of an SFS Turbo File System Be Inherited?
- Other Operations
- Change History
- API Reference (Paris Region)
- User Guide (Kuala Lumpur Region)
- API Reference (Kuala Lumpur Region)
- Glossary
- General Reference
Copied.
File System Encryption
SFS provides you with the encryption function. You can encrypt data on the new file systems if needed.
Keys for encrypting file systems are provided by Key Management Service (KMS), which is secure and convenient. You do not need to establish and maintain key management infrastructure. If you want to use your own key material, use the key import function on the KMS console to create a custom key whose key material is empty and import the key material to the custom key. For details, see section "Importing Key Materials" in Key Management Service User Guide.
To use the file system encryption function, you need to authorize SFS Capacity-Oriented to access KMS when creating an SFS Capacity-Oriented file system. For SFS Turbo file systems, no authorization is required.
Encryption Key
Keys provided by KMS for encrypting SFS Capacity-Oriented file systems include a default key and custom keys.
- Default key: SFS automatically creates a default key and names it sfs/default.
The default key cannot be disabled and does not support scheduled deletion.
- Custom keys: Existing or newly created custom keys. For details, see Creating a Custom Key in the Key Management Service User Guide.
If the custom key used by the encrypted file system is disabled or scheduled for deletion, the file system can only be used within a certain period of time (30s by default). Exercise caution in this case.
An SFS Turbo file system does not have a default key. You can use your existing key or create a new key. For details, see section "Creating a Custom Key" in the Key Management Service User Guide.
Who Has the Rights to Encrypt File Systems?
- The security administrator who has the "Security Administrator" permission can grant the KMS access rights for encryption.
- A common user who does not have the "Security Administrator" permission needs to contact the system administrator to obtain the "Security Administrator" permission.
As long as the KMS access rights have been granted to SFS Capacity-Oriented, all common users in the same region can directly use the encryption function.
If there are multiple projects in the current region, the KMS access rights need to be granted to each project in this region.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot