Updated on 2023-11-03 GMT+08:00

Access Keys

Access Key ID (AK) and Secret Access Key (SK) are your long-term identity credentials. JavaAgents report data with an AK. AK is used together with SK to sign requests cryptographically, ensuring that the requests are secret, complete, and correct.

Precautions

Each access key consists of a pair of AK/SK and has unlimited validity. Each user can create up to two access keys. They have the same permissions but are independent from each other. Periodically change your access keys and keep them secure to prevent data leakage. To change an access key, delete the old one and add a new one.

By default, the SK is stored in plaintext in the apm.config file. APM also provides an encryption and decryption mechanism to meet higher security requirements.

The encryption and decryption process is as follows:

  1. Compile a Java class, for example, com.demo.DecryptDemo, and add a decryption method, for example, decrypt both the input and output to character strings.
  2. Compile the decryption method to decrypt the SK and return the decrypted value.
  3. Pack the com.demo.DecryptDemo class into a JAR package and place this JAR package and its dependent packages in the apm-javaagent/ext folder of JavaAgent.
  4. Add the following content to the apm.config file:

    decrypt.className=com.demo.DecryptDemo

    decrypt.methodName=decrypt

    secret.key={Character string encrypted by users}

Adding an Access Key

  1. Log in to the management console.
  2. Click on the left and choose Application > Application Performance Management.
  3. In the navigation pane, choose System Management > Access Keys.
  4. On the page that is displayed, click Add Access Key.

    Figure 1 Adding an AK/SK

  5. Add an access key description and click OK to generate an access key.

    To modify the description, click Modify in the Operation column in the row that contains the target access key.

Deleting an Access Key

  1. In the navigation pane, choose System Management > Access Keys.
  2. On the Access Keys page, locate the row that contains the target access key and click Delete in the Operation column.
  3. On the page that is displayed, click Yes to delete the access key.

Enabling or Disabling an Access Key

Each access key is enabled by default. To disable it, do as follows:

  1. In the navigation pane, choose System Management > Access Keys.
  2. On the Access Keys page, locate the row that contains the target access key and click Disable in the Operation column.
  3. On the page that is displayed, click Yes to disable the access key.

    To enable the access key, click Enable in the row that contains the access key. On the page that is displayed, click Yes.