加密密钥管理
权限 | 对应API接口 | 授权项(Action) | 依赖的授权项 | IAM项目 (Project) | 企业项目 (Enterprise Project) |
|---|---|---|---|---|---|
创建密钥 | POST /v1.0/{project_id}/kms/create-key | kms:cmk:create | - | √ | √ |
启用密钥 | POST /v1.0/{project_id}/kms/enable-key | kms:cmk:enable | - | √ | √ |
禁用密钥 | POST /v1.0/{project_id}/kms/disable-key | kms:cmk:disable | - | √ | √ |
计划删除密钥 | POST /v1.0/{project_id}/kms/schedule-key-deletion | kms:cmk:update | - | √ | √ |
取消计划删除密钥 | POST /v1.0/{project_id}/kms/cancel-key-deletion | kms:cmk:update | - | √ | √ |
查询密钥列表 | POST /v1.0/{project_id}/kms/list-keys | kms:cmk:list | - | √ | √ |
查询密钥信息 | POST /v1.0/{project_id}/kms/describe-key | kms:cmk:get | - | √ | √ |
创建随机数 | POST /v1.0/{project_id}/kms/gen-random | kms:cmk:generate | - | √ | √ |
创建数据密钥 | POST /v1.0/{project_id}/kms/create-datakey | kms:dek:create | - | √ | √ |
创建不含明文数据密钥 | POST /v1.0/{project_id}/kms/create-datakey-without-plaintext | kms:dek:create | - | √ | √ |
加密数据密钥 | POST /v1.0/{project_id}/kms/encrypt-datakey | kms:dek:crypto | - | √ | √ |
解密数据密钥 | POST /v1.0/{project_id}/kms/decrypt-datakey | kms:dek:crypto | - | √ | √ |
查询实例数 | GET /v1.0/{project_id}/kms/user-instances | kms:cmk:getInstance | - | √ | √ |
查询配额 | GET /v1.0/{project_id}/kms/user-quotas | kms:cmk:getQuota | - | √ | √ |
修改密钥别名 | POST /v1.0/{project_id}/kms/update-key-alias | kms:cmk:update | - | √ | √ |
修改密钥描述 | POST /v1.0/{project_id}/kms/update-key-description | kms:cmk:update | - | √ | √ |
加密数据 | POST /v1.0/{project_id}/kms/encrypt-data | kms:cmk:crypto | - | √ | √ |
解密数据 | POST /v1.0/{project_id}/kms/decrypt-data | kms:cmk:crypto | - | √ | √ |
获取密钥导入参数 | POST /v1.0/{project_id}/kms/get-parameters-for-import | kms:cmk:getMaterial | - | √ | √ |
导入密钥材料 | POST /v1.0/{project_id}/kms/import-key-material | kms:cmk:importMaterial | - | √ | √ |
删除密钥材料 | POST /v1.0/{project_id}/kms/delete-imported-key-material | kms:cmk:deleteMaterial | - | √ | √ |
查询密钥实例 | POST /v1.0/{project_id}/kms/resource_instances/action | kms:cmkTag:listInstance | - | √ | √ |
查询密钥标签 | GET /v1.0/{project_id}/kms/{key_id}/tags | kms:cmkTag:list | - | √ | √ |
查询项目标签 | GET /v1.0/{project_id}/kms/tags | kms:cmkTag:list | - | √ | √ |
批量添加删除密钥标签 | POST /v1.0/{project_id}/kms/{key_id}/tags/action | kms:cmkTag:batch | - | √ | √ |
添加密钥标签 | POST /v1.0/{project_id}/kms/{key_id}/tags | kms:cmkTag:create | - | √ | √ |
删除密钥标签 | POST /v1.0/{project_id}/kms/{ key_id }/tags/{key} | kms:cmkTag:delete | - | √ | √ |
