KMS UMN 20250220 version

Reviewed-by: Rogal, Marcel <mrogal@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: qiaoli <qiaoli@huawei.com>
Co-committed-by: qiaoli <qiaoli@huawei.com>

docs/kms/umn/dew_01_0007.html

@@ -0,0 +1,21 @@
+<a name="dew_01_0007"></a><a name="dew_01_0007"></a>
+
+<h1 class="topictitle1">Encrypting Data in OBS</h1>
+<div id="body8662426"><ul id="dew_01_0007__en-us_topic_0112947554_ul12677105311212"><li id="dew_01_0007__en-us_topic_0112947554_li5146105118114">When using Object Storage Service (OBS) to upload data with server-side encryption, you can select <span class="parmname" id="dew_01_0007__en-us_topic_0112947554_parmname147834433345"><b>SEE-KMS encryption</b></span> and use the key provided by KMS to encrypt the files to be uploaded. For details, see <a href="#dew_01_0007__en-us_topic_0112947554_fig1096125520374">Figure 1</a>. For details, see <i><cite id="dew_01_0007__en-us_topic_0112947554_cite16391161013811">Object Storage Service Console Operation Guide</cite></i>.<div class="fignone" id="dew_01_0007__en-us_topic_0112947554_fig1096125520374"><a name="dew_01_0007__en-us_topic_0112947554_fig1096125520374"></a><a name="en-us_topic_0112947554_fig1096125520374"></a><span class="figcap"><b>Figure 1 </b>Encrypting Data in OBS</span><br><span><img id="dew_01_0007__en-us_topic_0112947554_image9429037162115" src="en-us_image_0000002207465277.png" title="Click to enlarge" class="imgResize"></span></div>
+<p id="dew_01_0007__en-us_topic_0112947554_p86061313182911">There are two types of CMKs that can be used:</p>
+<ul id="dew_01_0007__en-us_topic_0112947554_ul1160681317292"><li id="dew_01_0007__en-us_topic_0112947554_li15606101342920">The default key <strong id="dew_01_0007__en-us_topic_0112947554_b842352706151922_1">obs/default</strong> created by KMS</li><li id="dew_01_0007__en-us_topic_0112947554_li136061613112914">Custom keys that you created on the KMS console</li></ul>
+</li><li id="dew_01_0007__en-us_topic_0112947554_li5684145313124">Alternatively, you can call OBS APIs to upload a file with server-side encryption using KMS-managed keys (SSE-KMS). For details, see .</li></ul>
+</div>
+<div>
+<div class="familylinks">
+<div class="parentlink"><strong>Parent topic:</strong> <a href="dew_01_0106.html">Cloud Services with KMS Integrated</a></div>
+</div>
+</div>
+
+
+<script language="JavaScript">
+<!--
+image_size('.imgResize');
+var msg_imageMax = "view original image";
+var msg_imageClose = "close";
+//--></script>

docs/kms/umn/dew_01_0008.html

@@ -0,0 +1,23 @@
+<a name="dew_01_0008"></a><a name="dew_01_0008"></a>
+
+<h1 class="topictitle1">Encrypting Data in EVS</h1>
+<div id="body8662426"><ul id="dew_01_0008__en-us_topic_0112947603_ul292114191134"><li id="dew_01_0008__en-us_topic_0112947603_li014885111115">When purchasing a disk, you can choose <strong id="dew_01_0008__en-us_topic_0112947603_b34906822211">Advanced Settings</strong> &gt; <strong id="dew_01_0008__en-us_topic_0112947603_b1949110842211">Encryption</strong> to encrypt the disk using the key provided by KMS. For details, see <a href="#dew_01_0008__en-us_topic_0112947603_fig1372118163416">Figure 1</a>. For more information about EVS, see the <i><cite id="dew_01_0008__en-us_topic_0112947603_cite1614894043314">Elastic Volume Service User Guide</cite></i>.<div class="note" id="dew_01_0008__en-us_topic_0112947603_note11471051201111"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="dew_01_0008__en-us_topic_0112947603_p1514735111113">Before you use the encryption function, EVS must be granted the permission to access KMS. If you have the right to grant the permission, you can grant the permission directly. If you do not have the permission, contact a user with the security administrator permissions to add the security administrator permission for you. Then, you can grant the permission. For more information about EVS, see the <i><cite id="dew_01_0008__en-us_topic_0112947603_cite1079810500332">Elastic Volume Service User Guide</cite></i>.</p>
+</div></div>
+<div class="fignone" id="dew_01_0008__en-us_topic_0112947603_fig1372118163416"><a name="dew_01_0008__en-us_topic_0112947603_fig1372118163416"></a><a name="en-us_topic_0112947603_fig1372118163416"></a><span class="figcap"><b>Figure 1 </b>Encrypting data in EVS</span><br><span><img id="dew_01_0008__en-us_topic_0112947603_image19824105814162" src="en-us_image_0000001677397941.png" title="Click to enlarge" class="imgResize"></span></div>
+<p id="dew_01_0008__en-us_topic_0112947603_p12147125171117">There are two types of CMKs that can be used:</p>
+<ul id="dew_01_0008__en-us_topic_0112947603_ul51471451181110"><li id="dew_01_0008__en-us_topic_0112947603_li314745151117">The default key <strong id="dew_01_0008__en-us_topic_0112947603_b842352706151922_3">evs/default</strong> created by KMS</li><li id="dew_01_0008__en-us_topic_0112947603_li191471851171115">Custom keys that you create on the KMS console using KMS-generated key materials</li></ul>
+</li><li id="dew_01_0008__en-us_topic_0112947603_li8934161920130">You can also call EVS APIs to create encrypted EVS disks. For details, see the <i><cite id="dew_01_0008__en-us_topic_0112947603_cite11509822112010">Elastic Volume Service API Reference</cite></i>.</li></ul>
+</div>
+<div>
+<div class="familylinks">
+<div class="parentlink"><strong>Parent topic:</strong> <a href="dew_01_0106.html">Cloud Services with KMS Integrated</a></div>
+</div>
+</div>
+
+
+<script language="JavaScript">
+<!--
+image_size('.imgResize');
+var msg_imageMax = "view original image";
+var msg_imageClose = "close";
+//--></script>

docs/kms/umn/dew_01_0009.html

@@ -0,0 +1,21 @@
+<a name="dew_01_0009"></a><a name="dew_01_0009"></a>
+
+<h1 class="topictitle1">Encrypting Data in IMS</h1>
+<div id="body8662426"><ul id="dew_01_0009__en-us_topic_0112947622_ul569985051312"><li id="dew_01_0009__en-us_topic_0112947622_li1714975110115">When uploading an image file to Image Management Service (IMS), you can choose to encrypt the image file using a key provided by KMS to protect the file. <a href="#dew_01_0009__en-us_topic_0112947622_fig144761027111615">Figure 1</a> describes details. For details, see the <i><cite id="dew_01_0009__en-us_topic_0112947622_cite1629483683413">Image Management Service User Guide</cite></i>.<div class="fignone" id="dew_01_0009__en-us_topic_0112947622_fig144761027111615"><a name="dew_01_0009__en-us_topic_0112947622_fig144761027111615"></a><a name="en-us_topic_0112947622_fig144761027111615"></a><span class="figcap"><b>Figure 1 </b>Encrypting data in IMS</span><br><span><img id="dew_01_0009__en-us_topic_0112947622_image17114220207" src="en-us_image_0000001628879300.png" title="Click to enlarge" class="imgResize"></span></div>
+<p id="dew_01_0009__en-us_topic_0112947622_p1411316243717">There are two types of CMKs that can be used:</p>
+<ul id="dew_01_0009__en-us_topic_0112947622_ul14114724778"><li id="dew_01_0009__en-us_topic_0112947622_li1111316241711">The default key <strong id="dew_01_0009__en-us_topic_0112947622_b1150188133010">ims/default</strong> created by KMS</li><li id="dew_01_0009__en-us_topic_0112947622_li911492415713">Custom keys that you create on the KMS console using KMS-generated key materials</li></ul>
+</li><li id="dew_01_0009__en-us_topic_0112947622_li6707550161319">You can also call IMS APIs to create encrypted image files. For details, see <i><cite id="dew_01_0009__en-us_topic_0112947622_cite27821158152019">Image Management Service API Reference</cite></i>.</li></ul>
+</div>
+<div>
+<div class="familylinks">
+<div class="parentlink"><strong>Parent topic:</strong> <a href="dew_01_0106.html">Cloud Services with KMS Integrated</a></div>
+</div>
+</div>
+
+
+<script language="JavaScript">
+<!--
+image_size('.imgResize');
+var msg_imageMax = "view original image";
+var msg_imageClose = "close";
+//--></script>

docs/kms/umn/dew_01_0101.html

@@ -0,0 +1,20 @@
+<a name="dew_01_0101"></a><a name="dew_01_0101"></a>
+
+<h1 class="topictitle1">Encrypting Data in RDS</h1>
+<div id="body8662426"><ul id="dew_01_0101__en-us_topic_0113544733_ul569985051312"><li id="dew_01_0101__en-us_topic_0113544733_li1714975110115">When a user creates a database instance from Relational Database Service (RDS), the user can select <strong id="dew_01_0101__en-us_topic_0113544733_b207781583250">Disk encryption</strong> and use the key provided by KMS to encrypt the disk of the database instance. For more information, see the <em id="dew_01_0101__en-us_topic_0113544733_i97781989251">Relational Database Service User Guide</em>.<div class="fignone" id="dew_01_0101__en-us_topic_0113544733_fig73511236193618"><span class="figcap"><b>Figure 1 </b>Encrypting Data in RDS</span><br><span><img id="dew_01_0101__en-us_topic_0113544733_image8909931143511" src="en-us_image_0000002207563973.png" title="Click to enlarge" class="imgResize"></span></div>
+<p id="dew_01_0101__en-us_topic_0113544733_p85308818163">You can use a custom key created on the KMS console for encryption.</p>
+</li><li id="dew_01_0101__en-us_topic_0113544733_li6707550161319">You can also call the RDS APIs to purchase encrypted database instances. For details, see the <em id="dew_01_0101__en-us_topic_0113544733_i12470976364">Relational Database Service User Guide</em>.</li></ul>
+</div>
+<div>
+<div class="familylinks">
+<div class="parentlink"><strong>Parent topic:</strong> <a href="dew_01_0106.html">Cloud Services with KMS Integrated</a></div>
+</div>
+</div>
+
+
+<script language="JavaScript">
+<!--
+image_size('.imgResize');
+var msg_imageMax = "view original image";
+var msg_imageClose = "close";
+//--></script>

docs/kms/umn/dew_01_0106.html

@@ -0,0 +1,25 @@
+<a name="dew_01_0106"></a><a name="dew_01_0106"></a>
+
+<h1 class="topictitle1">Cloud Services with KMS Integrated</h1>
+<div id="body8662426"></div>
+<div>
+<ul class="ullinks">
+<li class="ulchildlink"><strong><a href="dew_01_0007.html">Encrypting Data in OBS</a></strong><br>
+</li>
+<li class="ulchildlink"><strong><a href="dew_01_0008.html">Encrypting Data in EVS</a></strong><br>
+</li>
+<li class="ulchildlink"><strong><a href="dew_01_0009.html">Encrypting Data in IMS</a></strong><br>
+</li>
+<li class="ulchildlink"><strong><a href="dew_01_0116.html">Encrypting Data in SFS</a></strong><br>
+</li>
+<li class="ulchildlink"><strong><a href="dew_01_0101.html">Encrypting Data in RDS</a></strong><br>
+</li>
+<li class="ulchildlink"><strong><a href="dew_01_0199.html">Encrypting Data in DDS</a></strong><br>
+</li>
+</ul>
+
+<div class="familylinks">
+<div class="parentlink"><strong>Parent topic:</strong> <a href="kms_01_0109.html">Service Overview</a></div>
+</div>
+</div>
+

docs/kms/umn/dew_01_0116.html

@@ -0,0 +1,20 @@
+<a name="dew_01_0116"></a><a name="dew_01_0116"></a>
+
+<h1 class="topictitle1">Encrypting Data in SFS </h1>
+<div id="body8662426"><ul id="dew_01_0116__en-us_topic_0139165811_ul569985051312"><li id="dew_01_0116__en-us_topic_0139165811_li1957924155117">When creating a file system using the Scalable File Service (SFS), you can select <strong id="dew_01_0116__en-us_topic_0139165811_b450584312417">KMS encryption</strong> and use the key provided by the KMS to encrypt the file system. For details, see <a href="#dew_01_0116__en-us_topic_0139165811_fig1357418312618">Figure 1</a>. For more information, see the <em id="dew_01_0116__en-us_topic_0139165811_i1291604167">Scalable File Service User Guide</em>.<div class="fignone" id="dew_01_0116__en-us_topic_0139165811_fig1357418312618"><a name="dew_01_0116__en-us_topic_0139165811_fig1357418312618"></a><a name="en-us_topic_0139165811_fig1357418312618"></a><span class="figcap"><b>Figure 1 </b>Encrypting Data in SFS </span><br><span><img id="dew_01_0116__en-us_topic_0139165811_image852511462411" src="en-us_image_0000001628721656.png" title="Click to enlarge" class="imgResize"></span></div>
+<p id="dew_01_0116__en-us_topic_0139165811_p1040425114556">You can use a custom key created on the KMS console for encryption.</p>
+</li><li id="dew_01_0116__en-us_topic_0139165811_li6707550161319">You can use the SFS API to create an encrypted file system. For details, see the <em id="dew_01_0116__en-us_topic_0139165811_i29966575175">Scalable File Service API Reference</em>.</li></ul>
+</div>
+<div>
+<div class="familylinks">
+<div class="parentlink"><strong>Parent topic:</strong> <a href="dew_01_0106.html">Cloud Services with KMS Integrated</a></div>
+</div>
+</div>
+
+
+<script language="JavaScript">
+<!--
+image_size('.imgResize');
+var msg_imageMax = "view original image";
+var msg_imageClose = "close";
+//--></script>

docs/kms/umn/dew_01_0199.html

@@ -0,0 +1,21 @@
+<a name="dew_01_0199"></a><a name="dew_01_0199"></a>
+
+<h1 class="topictitle1">Encrypting Data in DDS</h1>
+<div id="body8662426"><ul id="dew_01_0199__en-us_topic_0000001104811182_ul12878154316125"><li id="dew_01_0199__en-us_topic_0000001104811182_li08783434121">When a user creates a database instance from DDS, the user can select <strong id="dew_01_0199__en-us_topic_0000001104811182_b36701913365">Disk encryption</strong> and use the key provided by KMS to encrypt the disk of the database instance. For more information, see the <em id="dew_01_0199__en-us_topic_0000001104811182_i12670201173618">Document Database Service User Guide</em>.<div class="fignone" id="dew_01_0199__en-us_topic_0000001104811182_fig1622525916820"><span class="figcap"><b>Figure 1 </b>Encrypting data in DDS</span><br><span><img id="dew_01_0199__en-us_topic_0000001104811182_image3412133110288" src="en-us_image_0000001677562441.png" title="Click to enlarge" class="imgResize"></span></div>
+<p id="dew_01_0199__en-us_topic_0000001104811182_p146292023797">You can use a custom key created on the KMS console for encryption.</p>
+</li></ul>
+<ul id="dew_01_0199__en-us_topic_0000001104811182_ul63809334284"><li id="dew_01_0199__en-us_topic_0000001104811182_li938033314289">You can also call the required API of DDS to purchase encrypted DB instances. For details, see <em id="dew_01_0199__en-us_topic_0000001104811182_i482814125504">Document Database Service API Reference</em>.</li></ul>
+</div>
+<div>
+<div class="familylinks">
+<div class="parentlink"><strong>Parent topic:</strong> <a href="dew_01_0106.html">Cloud Services with KMS Integrated</a></div>
+</div>
+</div>
+
+
+<script language="JavaScript">
+<!--
+image_size('.imgResize');
+var msg_imageMax = "view original image";
+var msg_imageClose = "close";
+//--></script>