Help Center/ Data Encryption Workshop/ User Guide (Kuala Lumpur Region)/ FAQs/ KMS Related/ What Are the Differences Between a Custom Key and a Default Key?
Updated on 2024-03-27 GMT+08:00

What Are the Differences Between a Custom Key and a Default Key?

The following table describes the differences between a custom key and a default key.

Table 1 Differences between a custom key and a default key

Item

Definition

Difference

Custom key

A Key Encryption Key (KEK) created using KMS. The key is used to encrypt and protect DEKs.

A custom key can be used to encrypt multiple DEKs.

  • It can be disabled and scheduled for deletion.
  • It is billed per use after the being created or imported.

Default key

Automatically generated by the system when you use KMS to encrypt data in another cloud service for the first time. The suffix of the key is /default.

Example: evs/default

  • It cannot be disabled or scheduled for deletion.