Advantages
Secret encryption
Secrets are encrypted by KMS before storage. Encryption keys are generated and protected by authenticated third-party HSM. When you retrieve secrets, they are transferred to local servers via TLS.
Secure secret retrieval
CSMS calls secret APIs instead of hard-coded secrets in applications. Secrets can be dynamically retrieved and managed. CSMS manages application secrets in a centralized manner to reduce breach risks.
Centralized secret management and control
IAM identity and permission management ensure only authorized users can retrieve and modify secrets. CTS monitors access to secrets. These services prevent unauthorized access to and breach of sensitive information.
Secret change notification
SMN notifies users of basic secret event changes in a timely manner. FunctionGraph is used to configure functions to automatically update or rotate secrets.
Secure secret calling
CCE allows users to mount secrets to pods. In this way, sensitive information can be decoupled from the cluster environment, which prevents information leakage caused by program hardcoding or plaintext configuration.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
