Operation Guide
Restrictions
- Dedicated HSM instances must be used together with VPC. After a Dedicated HSM instance is purchased, you need to configure its VPC, security group, and NIC on the management console before using it.
- For security purposes, Dedicated HSM instances do not provide services for the public network. To manage the instances, deploy their management tool in their VPC.
Operation Guide
To use Dedicated HSM on the cloud, you can purchase Dedicated HSM instances through the management console. After a Dedicated HSM instance is purchased, you will receive the UKey sent by Dedicated HSM. You need to use the UKey to initialize and control the instance. You can use the management tool to authorize service applications the permission to access Dedicated HSM instances. Figure 1 illustrates the operation flow.
Table 1 describes the operation guide.
No. |
Procedure |
Description |
Operated By |
---|---|---|---|
1 |
Create a Dedicated HSM instance. |
Create an instance on the Dedicated HSM management console. Huawei Cloud security team will evaluate your use scenarios to ensure that the instance meets your service requirements. Then you can pay for the ordered instance. |
User |
2 |
Activate a Dedicated HSM instance. |
After an instance is purchased, you need to configure the instance on the management console. You need to select the VPC where the instance belongs and the function type of the instance. For details, see Activating a Dedicated HSM Instance. |
User |
3 |
Allocate a Dedicated HSM instance. |
A purchased instance will be allocated to the user. A security expert will contact you through the contact information you provided and determine whether the instance ordered meets your service requirements. The instance will be allocated after the expert reviews and confirms your order. |
Dedicated HSM security expert |
4 |
Provide the UKey, initialization guide, and software. |
Dedicated HSM security expert |
|
5 |
Initialize and manage instances (involving UKey authentication). |
For details, see Initializing a Dedicated HSM Instance. |
User |
6 |
Install the security agent and granting access permissions. |
Install and initialize the security agent on service application nodes. For details, see Installing the Security Agent and Granting Access Permissions. |
User |
7 |
Access the instance. |
Service applications access the Dedicated HSM instances through APIs or SDK. |
User |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot