Halaman ini belum tersedia dalam bahasa lokal Anda. Kami berusaha keras untuk menambahkan lebih banyak versi bahasa. Terima kasih atas dukungan Anda.

Elastic Cloud Server
Huawei Cloud Flexus
Bare Metal Server
Auto Scaling
Image Management Service
Dedicated Host
Cloud Phone Host
Huawei Cloud EulerOS
Virtual Private Cloud
Elastic IP
Elastic Load Balance
NAT Gateway
Direct Connect
Virtual Private Network
VPC Endpoint
Cloud Connect
Enterprise Router
Enterprise Switch
Global Accelerator
Management & Governance
Cloud Eye
Identity and Access Management
Cloud Trace Service
Resource Formation Service
Tag Management Service
Log Tank Service
Resource Access Manager
Simple Message Notification
Application Performance Management
Application Operations Management
Optimization Advisor
IAM Identity Center
Cloud Operations Center
Resource Governance Center
Server Migration Service
Object Storage Migration Service
Cloud Data Migration
Migration Center
Cloud Ecosystem
Partner Center
User Support
My Account
Billing Center
Cost Center
Resource Center
Enterprise Management
Service Tickets
HUAWEI CLOUD (International) FAQs
ICP Filing
Support Plans
My Credentials
Customer Operation Capabilities
Partner Support Plans
Professional Services
MapReduce Service
Data Lake Insight
CloudTable Service
Cloud Search Service
Data Lake Visualization
Data Ingestion Service
DataArts Studio
Data Lake Factory
DataArts Lake Formation
IoT Device Access
Product Pricing Details
System Permissions
Console Quick Start
Common FAQs
Instructions for Associating with a HUAWEI CLOUD Partner
Message Center
Security & Compliance
Security Technologies and Applications
Web Application Firewall
Host Security Service
Cloud Firewall
Anti-DDoS Service
Data Encryption Workshop
Database Security Service
Cloud Bastion Host
Data Security Center
Cloud Certificate Manager
Edge Security
Managed Threat Detection
Blockchain Service
Web3 Node Engine Service
Media Services
Media Processing Center
Video On Demand
Object Storage Service
Elastic Volume Service
Cloud Backup and Recovery
Storage Disaster Recovery Service
Scalable File Service Turbo
Scalable File Service
Volume Backup Service
Cloud Server Backup Service
Data Express Service
Dedicated Distributed Storage Service
Cloud Container Engine
SoftWare Repository for Container
Application Service Mesh
Ubiquitous Cloud Native Service
Cloud Container Instance
Relational Database Service
Document Database Service
Data Admin Service
Data Replication Service
Distributed Database Middleware
Database and Application Migration UGO
Distributed Cache Service
API Gateway
Distributed Message Service for Kafka
Distributed Message Service for RabbitMQ
Distributed Message Service for RocketMQ
Cloud Service Engine
Multi-Site High Availability Service
Dedicated Cloud
Dedicated Computing Cluster
Business Applications
ROMA Connect
Message & SMS
Domain Name Service
Edge Data Center Management
Face Recognition Service
Graph Engine Service
Content Moderation
Image Recognition
Optical Character Recognition
Conversational Bot Service
Speech Interaction Service
Huawei HiLens
Video Intelligent Analysis Service
Developer Tools
SDK Developer Guide
API Request Signing Guide
Koo Command Line Interface
Content Delivery & Edge Computing
Content Delivery Network
Intelligent EdgeFabric
Intelligent EdgeCloud
SAP Cloud
High Performance Computing
Developer Services
CodeArts PerfTest
CodeArts Req
CodeArts Pipeline
CodeArts Build
CodeArts Deploy
CodeArts Artifact
CodeArts TestPlan
CodeArts Check
CodeArts Repo
Cloud Application Engine
MacroVerse aPaaS

API Overview

Updated on 2024-08-06 GMT+08:00

You can use all functions of DEW by using the APIs provided by DEW and the performance parameters corresponding to the APIs.

Performance parameter types include shared traffic control and basic traffic control.

  • Shared traffic control: APIs share the traffic.
  • Basic traffic control: Only the current APIs can use the traffic.

Generally, APIs share the traffic unless labeled as basic traffic control. For example, secret version creation APIs share the traffic.



Key Management APIs

Create, query, modify, and delete keys.

Secret management APIs

Create, query, modify, and delete secrets.

Key Pair Management APIs

(Latest API version) Create, query, modify, and delete key pairs.

Historical Global

(V2.1 and V2 API versions) Create, query, modify, and delete key pairs.

Key Management APIs





Global API version query

Query version list

Obtain the API version list.


Query a version

Query a specified API version.

Lifecycle management

Create a key

Create a CMK, which can be symmetric or asymmetric.

20 times per second for a single user

100 times per second globally

Enable a key

Enable a key, which can only be used after being enabled.

Disable a key

Disable a CMK. A disabled CMK cannot be used.

Schedule the deletion of a key

Schedule a deletion task for a specified key. The deletion can be scheduled 7 to 1,096 days in advance. After a key is deleted, the data encrypted using the key cannot be decrypted.

Cancel the scheduled deletion of a key

Cancel a scheduled deletion of a key. Once the deletion is cancelled, the key can be used.

Modify a key alias

Change the alias of a CMK.

Modify CMK description

Change the description of a CMK.

Data encryption key (DEK) management

Generate a random number

Generate a random number that is 8 bits to 8,192 bits long.

800 times per second for a single user

10,00 times per second globally

Create a DEK

Create a DEK. The returned result includes the plaintext and the ciphertext of a DEK.

Create a plaintext-free DEK

Create a plaintext-free DEK. The returned result includes only the plaintext of a DEK.

Encrypt a DEK

Use a specified CMK to encrypt a DEK.

Decrypt a DEK

Use a specified CMK to decrypt a DEK.

Key import management

Obtain parameters for importing a key

Obtain necessary parameters to import a key, including an import token and a public key.

20 times per second for a single user

100 times per second globally

Import key materials

Import the material of a key.

Delete key materials

Delete the material of a key.

Authorization management

Create a grant

Grant a user with key operation permissions.

20 times per second for a single user

100 times per second globally

Revoke a grant

Revoke the key operation permissions granted to a user.

Retire a grant

Retire the granted key operation permissions.

Query the grant list

Query grants on a CMK.

Query grants that can be retired

Query grants that can be retired.

Small-size data encryption and decryption

Encrypt data

Use a specified CMK to encrypt data.

20 times per second for a single user

100 times per second globally

Decrypt data

Decrypt data.

Signature and verification

Signing Data

Digitally sign a message or message digest using the private key of an asymmetric key.

300 times per second for a single user

500 times per second globally

Verifying a Signature

Verify the signature of a message or message digest using the public key of an asymmetric key.

Rotation management

Enable key rotation

Enable the rotation of a CMK. Default master keys and imported keys cannot be rotated.

20 times per second for a single user

100 times per second globally

Disable key rotation

Disable the rotation of a CMK.

Modify key rotation interval

Change the rotation interval for a CMK.

Query key rotation status

Query the rotation status of a CMK.

Tag management

Query key instances

Use tag filtering to query the detailed information of a CMK.

20 times per second for a single user

100 times per second globally

Query key tags

Query tags of a CMK.

Add tags to a key

Query all tag sets of a project.

Query project tags

Add or delete CMK tags in batches.

Batch add or delete key tags

Add a tag to a CMK.

Delete key tags

Delete a tag from a CMK.


Query the key list

Obtain the list of all CMKs.

160 times per second for a single user

200 times per second globally

Query key details

Query details of a specified key.

Query instance quantity

Obtain the number of created CMKs, excluding the default master keys.

80 times per second for a single user

200 times per second globally

Query quotas

Query the total quota of CMKs available and the usage information, excluding the default master keys.






Lifecycle management

Creating a Secret

Create a secret and stores the secret value in the initial secret version.

300 times per minute for a single user

4,800 times per minute globally

Querying the Secret List

Query all the secrets created by the current user in the current project.

100 times per second for a single user

200 times per second globally

Querying a Secret

Query a specified secret.

1,200 times per minute for a single user

4,800 times per minute globally

Updating a Secret

Update the metadata of a specified secret.

300 times per minute for a single user

4,800 times per minute globally

Deleting a Secret Immediately

Delete a specified secret. The deleted secret cannot be restored.

Restoring a Secret Object

Restore a secret by uploading the secret backup file.

Downloading Secret Backup

Download the backup file of a specified secret.

Creating a Scheduled Secret Deletion Task

Create a scheduled task to delete a secret after 7 to 30 days.

Canceling a Scheduled Secret Deletion Task

Cancel the scheduled deletion task of a secret. The secret will be changed to the available state.

Rotating a Secret

Execute rotation for a secret immediately. Create a new version of a secret to encrypt to encrypt and keep the generated random secret value. The created secret version is in SYSCURRENT state.

Secret version management

Creating a Secret Version

Create a new version of a secret to encrypt and keep the new value of the secret. By default, the created secret version in SYSCURRENT state. The previous version is in SYSPREVIOUS state. You can configure VersionStage to overwrite the default settings.

Basic traffic control:

80 times per second for a single user

200 times per second globally

80 times per second for applications

80 times per second for IP addresses

Querying the Secret Version List

Query the version list of a specific secret.

300 times per minute for a single user

4,800 times per minute globally

Updating the Secret Version

Currently, only the version validity period of a secret whose status is ENABLED can be updated. If the associated subscription events include version expired events, only one notification is triggered each time the version validity period is updated.

Querying the Secret Version and Value

Query the information about a specified secret version and the plaintext secret value in the version. Only secrets in Enabled state can be queried.

The value of the latest secret version can be obtained via /v1/{project_id}/secrets/{secret_name}/versions/latest. (Set the {version_id} in the URL of the current API to latest).

Basic traffic control:

160 times per second for a single user

200 times per second globally

160 times per second for applications

160 times per second for IP addresses

Secret version status management

Updating the Version Status of a Secret

Update the version status of a secret.

300 times per minute for a single user

4,800 times per minute globally

Querying the Version Status of a Secret

Query the version of a specified secret version status tag.

Deleting the Version Status of a Secret

Delete the status of a specified secret version.

Secret tag management

Querying a Secret Instance

Query a secret instance. Filter user secrets by tag and returns the secret list.

300 times per minute for a single user

4,800 times per minute globally

Adding or Deleting Secret Tags in Batches

Add or delete secret tags in batches.

Querying Secret Tags

Query secret tags.

Querying Secret Tags

Add a secret tag.

Deleting a Secret Tag

Delete a secret tag.

Querying Project Tags

Query all secret tags of a user in a specified project.


Creating an Event

Create an event that can be configured on one or more secrets. When an event is enabled and the basic event type contained in the event is triggered on the secret, the cloud service sends the corresponding event notification to the notification topic specified by the event.

300 times per minute for a single user

4,800 times per minute globally

Querying Events

Query information about a specified event.

Querying the Event List

Query all events created by the current user in the project.

Update an Event

Update the metadata of a specified event. The following metadata can be updated: event enabling status, basic type list, and notification topic.

Deleting an Event Immediately

Delete a specified event. The deleted event cannot be restored. An event cannot be deleted if it is referenced by a secret. Disassociate the event from the secret.

Querying Triggered Event Notification Records

Query all event notification records triggered in the last three months.

SSH Key Pair Management APIs





Key pair management

Creating and Importing an SSH Key Pair

Create and import an SSH key pair.

300 times per minute for a single user

4,800 times per minute globally

Accessing the page for clearing private keys

Delete the private key of an SSH key pair.

Querying the SSH Key Pair List

Query the list of SSH key pairs.

Basic traffic control:

160 times per second for a single user

200 times per second globally

160 times per second for applications

160 times per second for IP addresses

Querying SSH Key Pair Details

Query details about an SSH key pair.

Deleting an SSH Key Pair

Delete an SSH key pair.

300 times per minute for a single user

4,800 times per minute globally

Updating SSH Key Pair Description

Update the description about an SSH key pair.

Accessing the page for importing private keys

Import a private key to a specified key pair.

Exporting a private key

Export the private key of a specified key pair.

Key pair task management

Binding an SSH Key Pair

Bind an SSH key pair to a specified VM. The private key of the SSH key pair for the VM is required if you want to replace the key pair, but not required if you want to reset the key pair.

300 times per minute for a single user

4,800 times per minute globally

Unbind an SSH Key Pair

Unbind an SSH key pair from a specified VM and restores SSH password login.

Binding SSH Key Pairs in Batches

Bind SSH key pairs in batches to a specified VM.

Basic traffic control:

10 times per minute for a single user

20 times per minute globally

10 times per minute for applications

10 times per minute for IP addresses

Querying Task Information

Query the execution status of the current task based on the task ID returned by the SSH key pair API.

300 times per minute for a single user

4,800 times per minute globally

Querying Running Tasks

Query running tasks.

Querying Task Failure Information

Query information about failed tasks, such as binding and unbinding tasks.

Delete all failed tasks

Delete information about failed tasks.

Delete a failed task

Delete failed tasks.

Global History

Global Type


Key pair management APIs (V2.1)

Query the list of key pairs.

Query details of a key pair.

Create and import a key pair. You can manage the private keys on the cloud.

Delete an SSH key pair based on the key pair name.

Modify description of a key pair of a specified name.

Key pair management APIs (V2.0)

Query the list of key pairs.

Query a key pair by its name.

Create a key pair or import a public key to the cloud to generate a key pair.

After an SSH key pair is created, you need to download the private key to a local directory. Then, you can use the private key to log in to an ECS. For ECS security purposes, the private key can be downloaded only once. Keep it secure.

Delete an SSH key pair based on the key pair name.

A tenant may contain multiple users. This API is used to copy the key pair from the target user to the current user under the same tenant account.

Kami menggunakan cookie untuk meningkatkan kualitas situs kami dan pengalaman Anda. Dengan melanjutkan penelusuran di situs kami berarti Anda menerima kebijakan cookie kami. Cari tahu selengkapnya





Selected Content

Submit selected content with the feedback